summaryrefslogtreecommitdiff
path: root/Linux-PAM
diff options
context:
space:
mode:
Diffstat (limited to 'Linux-PAM')
-rw-r--r--Linux-PAM/ABOUT-NLS1111
-rw-r--r--Linux-PAM/AUTHORS7
-rw-r--r--Linux-PAM/CHANGELOG107
-rw-r--r--Linux-PAM/COPYING41
-rw-r--r--Linux-PAM/ChangeLog2119
-rw-r--r--Linux-PAM/INSTALL236
-rw-r--r--Linux-PAM/Make.Rules.in124
-rw-r--r--Linux-PAM/Make.xml.rules25
-rw-r--r--Linux-PAM/Makefile76
-rw-r--r--Linux-PAM/Makefile.am48
-rw-r--r--Linux-PAM/Makefile.in733
-rw-r--r--Linux-PAM/NEWS125
-rw-r--r--Linux-PAM/README33
-rw-r--r--Linux-PAM/_pam_aconf.h.in104
-rw-r--r--Linux-PAM/acinclude.m448
-rw-r--r--Linux-PAM/aclocal.m47319
-rw-r--r--Linux-PAM/bin/README30
-rwxr-xr-xLinux-PAM/compile142
-rw-r--r--Linux-PAM/conf/Makefile34
-rw-r--r--Linux-PAM/conf/Makefile.am6
-rw-r--r--Linux-PAM/conf/Makefile.in541
-rwxr-xr-xLinux-PAM/conf/install178
-rwxr-xr-xLinux-PAM/conf/mkdirp50
-rw-r--r--Linux-PAM/conf/pam_conv1/Makefile46
-rw-r--r--Linux-PAM/conf/pam_conv1/Makefile.am17
-rw-r--r--Linux-PAM/conf/pam_conv1/Makefile.in525
-rw-r--r--Linux-PAM/conf/pam_conv1/README1
-rw-r--r--Linux-PAM/conf/pam_conv1/pam_conv_l.c1691
-rw-r--r--Linux-PAM/conf/pam_conv1/pam_conv_l.l (renamed from Linux-PAM/conf/pam_conv1/pam_conv.lex)14
-rw-r--r--Linux-PAM/conf/pam_conv1/pam_conv_y.c1575
-rw-r--r--Linux-PAM/conf/pam_conv1/pam_conv_y.h61
-rw-r--r--Linux-PAM/conf/pam_conv1/pam_conv_y.y (renamed from Linux-PAM/conf/pam_conv1/pam_conv.y)20
-rwxr-xr-xLinux-PAM/config.guess1510
-rw-r--r--Linux-PAM/config.h.in323
-rwxr-xr-xLinux-PAM/config.rpath614
-rwxr-xr-xLinux-PAM/config.sub1616
-rwxr-xr-xLinux-PAM/configure28178
-rw-r--r--Linux-PAM/configure.in761
-rw-r--r--Linux-PAM/defs/debian.defs40
-rw-r--r--Linux-PAM/defs/hpux.defs36
-rw-r--r--Linux-PAM/defs/linux.defs32
-rw-r--r--Linux-PAM/defs/morgan.defs36
-rw-r--r--Linux-PAM/defs/redhat.defs36
-rw-r--r--Linux-PAM/defs/redhat4.defs35
-rw-r--r--Linux-PAM/defs/solaris-2.1.5.defs45
-rw-r--r--Linux-PAM/defs/solaris.defs48
-rw-r--r--Linux-PAM/defs/sunos.defs37
-rw-r--r--Linux-PAM/defs/suse.defs36
-rwxr-xr-xLinux-PAM/depcomp530
-rw-r--r--Linux-PAM/doc/CREDITS49
-rw-r--r--Linux-PAM/doc/Makefile169
-rw-r--r--Linux-PAM/doc/Makefile.am22
-rw-r--r--Linux-PAM/doc/Makefile.in589
-rw-r--r--Linux-PAM/doc/NOTES16
-rw-r--r--Linux-PAM/doc/adg/Linux-PAM_ADG.xml779
-rw-r--r--Linux-PAM/doc/adg/Makefile.am97
-rw-r--r--Linux-PAM/doc/adg/Makefile.in470
-rw-r--r--Linux-PAM/doc/adg/pam_acct_mgmt.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_authenticate.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_chauthtok.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_close_session.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_conv.xml35
-rw-r--r--Linux-PAM/doc/adg/pam_end.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_fail_delay.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_get_item.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_getenv.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_getenvlist.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_misc_conv.xml14
-rw-r--r--Linux-PAM/doc/adg/pam_misc_drop_env.xml14
-rw-r--r--Linux-PAM/doc/adg/pam_misc_paste_env.xml14
-rw-r--r--Linux-PAM/doc/adg/pam_misc_setenv.xml14
-rw-r--r--Linux-PAM/doc/adg/pam_open_session.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_putenv.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_set_item.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_setcred.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_start.xml18
-rw-r--r--Linux-PAM/doc/adg/pam_strerror.xml18
-rw-r--r--Linux-PAM/doc/figs/pam_orient.txt23
-rw-r--r--Linux-PAM/doc/html/index.html21
-rw-r--r--Linux-PAM/doc/index.html21
-rw-r--r--Linux-PAM/doc/man/Makefile.am51
-rw-r--r--Linux-PAM/doc/man/Makefile.in577
-rw-r--r--Linux-PAM/doc/man/PAM.8103
-rw-r--r--Linux-PAM/doc/man/misc_conv.397
-rw-r--r--Linux-PAM/doc/man/misc_conv.3.xml188
-rw-r--r--Linux-PAM/doc/man/pam.3282
-rw-r--r--Linux-PAM/doc/man/pam.3.xml433
-rw-r--r--Linux-PAM/doc/man/pam.8376
-rw-r--r--Linux-PAM/doc/man/pam.8.xml186
-rw-r--r--Linux-PAM/doc/man/pam.conf-desc.xml21
-rw-r--r--Linux-PAM/doc/man/pam.conf-dir.xml30
-rw-r--r--Linux-PAM/doc/man/pam.conf-syntax.xml374
-rw-r--r--Linux-PAM/doc/man/pam.conf.5303
-rw-r--r--Linux-PAM/doc/man/pam.conf.81
-rw-r--r--Linux-PAM/doc/man/pam.d.51
-rw-r--r--Linux-PAM/doc/man/pam.d.81
-rw-r--r--Linux-PAM/doc/man/pam_acct_mgmt.368
-rw-r--r--Linux-PAM/doc/man/pam_acct_mgmt.3.xml145
-rw-r--r--Linux-PAM/doc/man/pam_authenticate.3161
-rw-r--r--Linux-PAM/doc/man/pam_authenticate.3.xml169
-rw-r--r--Linux-PAM/doc/man/pam_chauthtok.3166
-rw-r--r--Linux-PAM/doc/man/pam_chauthtok.3.xml164
-rw-r--r--Linux-PAM/doc/man/pam_close_session.356
-rw-r--r--Linux-PAM/doc/man/pam_close_session.3.xml115
-rw-r--r--Linux-PAM/doc/man/pam_conv.3129
-rw-r--r--Linux-PAM/doc/man/pam_conv.3.xml228
-rw-r--r--Linux-PAM/doc/man/pam_end.370
-rw-r--r--Linux-PAM/doc/man/pam_end.3.xml122
-rw-r--r--Linux-PAM/doc/man/pam_error.366
-rw-r--r--Linux-PAM/doc/man/pam_error.3.xml121
-rw-r--r--Linux-PAM/doc/man/pam_fail_delay.3238
-rw-r--r--Linux-PAM/doc/man/pam_fail_delay.3.xml202
-rw-r--r--Linux-PAM/doc/man/pam_get_data.360
-rw-r--r--Linux-PAM/doc/man/pam_get_data.3.xml108
-rw-r--r--Linux-PAM/doc/man/pam_get_item.3126
-rw-r--r--Linux-PAM/doc/man/pam_get_item.3.xml134
-rw-r--r--Linux-PAM/doc/man/pam_get_user.379
-rw-r--r--Linux-PAM/doc/man/pam_get_user.3.xml139
-rw-r--r--Linux-PAM/doc/man/pam_getenv.343
-rw-r--r--Linux-PAM/doc/man/pam_getenv.3.xml66
-rw-r--r--Linux-PAM/doc/man/pam_getenvlist.350
-rw-r--r--Linux-PAM/doc/man/pam_getenvlist.3.xml85
-rw-r--r--Linux-PAM/doc/man/pam_info.362
-rw-r--r--Linux-PAM/doc/man/pam_info.3.xml109
-rw-r--r--Linux-PAM/doc/man/pam_item_types.inc.xml151
-rw-r--r--Linux-PAM/doc/man/pam_misc_drop_env.346
-rw-r--r--Linux-PAM/doc/man/pam_misc_drop_env.3.xml63
-rw-r--r--Linux-PAM/doc/man/pam_misc_paste_env.341
-rw-r--r--Linux-PAM/doc/man/pam_misc_paste_env.3.xml61
-rw-r--r--Linux-PAM/doc/man/pam_misc_setenv.346
-rw-r--r--Linux-PAM/doc/man/pam_misc_setenv.3.xml68
-rw-r--r--Linux-PAM/doc/man/pam_open_session.3148
-rw-r--r--Linux-PAM/doc/man/pam_open_session.3.xml115
-rw-r--r--Linux-PAM/doc/man/pam_prompt.355
-rw-r--r--Linux-PAM/doc/man/pam_prompt.3.xml110
-rw-r--r--Linux-PAM/doc/man/pam_putenv.374
-rw-r--r--Linux-PAM/doc/man/pam_putenv.3.xml144
-rw-r--r--Linux-PAM/doc/man/pam_set_data.393
-rw-r--r--Linux-PAM/doc/man/pam_set_data.3.xml172
-rw-r--r--Linux-PAM/doc/man/pam_set_item.3167
-rw-r--r--Linux-PAM/doc/man/pam_set_item.3.xml127
-rw-r--r--Linux-PAM/doc/man/pam_setcred.3153
-rw-r--r--Linux-PAM/doc/man/pam_setcred.3.xml173
-rw-r--r--Linux-PAM/doc/man/pam_sm_acct_mgmt.379
-rw-r--r--Linux-PAM/doc/man/pam_sm_acct_mgmt.3.xml155
-rw-r--r--Linux-PAM/doc/man/pam_sm_authenticate.380
-rw-r--r--Linux-PAM/doc/man/pam_sm_authenticate.3.xml152
-rw-r--r--Linux-PAM/doc/man/pam_sm_chauthtok.397
-rw-r--r--Linux-PAM/doc/man/pam_sm_chauthtok.3.xml200
-rw-r--r--Linux-PAM/doc/man/pam_sm_close_session.358
-rw-r--r--Linux-PAM/doc/man/pam_sm_close_session.3.xml100
-rw-r--r--Linux-PAM/doc/man/pam_sm_open_session.358
-rw-r--r--Linux-PAM/doc/man/pam_sm_open_session.3.xml100
-rw-r--r--Linux-PAM/doc/man/pam_sm_setcred.395
-rw-r--r--Linux-PAM/doc/man/pam_sm_setcred.3.xml179
-rw-r--r--Linux-PAM/doc/man/pam_start.3172
-rw-r--r--Linux-PAM/doc/man/pam_start.3.xml147
-rw-r--r--Linux-PAM/doc/man/pam_strerror.381
-rw-r--r--Linux-PAM/doc/man/pam_strerror.3.xml58
-rw-r--r--Linux-PAM/doc/man/pam_syslog.361
-rw-r--r--Linux-PAM/doc/man/pam_syslog.3.xml82
-rw-r--r--Linux-PAM/doc/man/pam_verror.31
-rw-r--r--Linux-PAM/doc/man/pam_vinfo.31
-rw-r--r--Linux-PAM/doc/man/pam_vprompt.31
-rw-r--r--Linux-PAM/doc/man/pam_vsyslog.31
-rw-r--r--Linux-PAM/doc/man/template-man52
-rw-r--r--Linux-PAM/doc/modules/README13
-rw-r--r--Linux-PAM/doc/modules/module.sgml-template170
-rw-r--r--Linux-PAM/doc/modules/pam_access.sgml117
-rw-r--r--Linux-PAM/doc/modules/pam_chroot.sgml86
-rw-r--r--Linux-PAM/doc/modules/pam_cracklib.sgml304
-rw-r--r--Linux-PAM/doc/modules/pam_deny.sgml177
-rw-r--r--Linux-PAM/doc/modules/pam_env.sgml141
-rw-r--r--Linux-PAM/doc/modules/pam_filter.sgml150
-rw-r--r--Linux-PAM/doc/modules/pam_ftp.sgml93
-rw-r--r--Linux-PAM/doc/modules/pam_group.sgml108
-rw-r--r--Linux-PAM/doc/modules/pam_issue.sgml120
-rw-r--r--Linux-PAM/doc/modules/pam_krb4.sgml126
-rw-r--r--Linux-PAM/doc/modules/pam_lastlog.sgml119
-rw-r--r--Linux-PAM/doc/modules/pam_limits.sgml247
-rw-r--r--Linux-PAM/doc/modules/pam_listfile.sgml138
-rw-r--r--Linux-PAM/doc/modules/pam_mail.sgml142
-rw-r--r--Linux-PAM/doc/modules/pam_mkhomedir.sgml83
-rw-r--r--Linux-PAM/doc/modules/pam_motd.sgml77
-rw-r--r--Linux-PAM/doc/modules/pam_nologin.sgml81
-rw-r--r--Linux-PAM/doc/modules/pam_permit.sgml83
-rw-r--r--Linux-PAM/doc/modules/pam_pwdb.sgml257
-rw-r--r--Linux-PAM/doc/modules/pam_radius.sgml117
-rw-r--r--Linux-PAM/doc/modules/pam_rhosts.sgml164
-rw-r--r--Linux-PAM/doc/modules/pam_rootok.sgml85
-rw-r--r--Linux-PAM/doc/modules/pam_securetty.sgml72
-rw-r--r--Linux-PAM/doc/modules/pam_tally.sgml203
-rw-r--r--Linux-PAM/doc/modules/pam_time.sgml166
-rw-r--r--Linux-PAM/doc/modules/pam_unix.sgml296
-rw-r--r--Linux-PAM/doc/modules/pam_userdb.sgml126
-rw-r--r--Linux-PAM/doc/modules/pam_warn.sgml67
-rw-r--r--Linux-PAM/doc/modules/pam_wheel.sgml131
-rw-r--r--Linux-PAM/doc/mwg/Linux-PAM_MWG.xml656
-rw-r--r--Linux-PAM/doc/mwg/Makefile.am97
-rw-r--r--Linux-PAM/doc/mwg/Makefile.in470
-rw-r--r--Linux-PAM/doc/mwg/pam_conv.xml35
-rw-r--r--Linux-PAM/doc/mwg/pam_fail_delay.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_get_data.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_get_item.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_get_user.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_getenv.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_getenvlist.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_putenv.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_set_data.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_set_item.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_sm_acct_mgmt.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_sm_authenticate.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_sm_chauthtok.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_sm_close_session.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_sm_open_session.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_sm_setcred.xml18
-rw-r--r--Linux-PAM/doc/mwg/pam_strerror.xml18
-rw-r--r--Linux-PAM/doc/pam_appl.sgml1777
-rw-r--r--Linux-PAM/doc/pam_modules.sgml1505
-rw-r--r--Linux-PAM/doc/pam_source.sgml1166
-rw-r--r--Linux-PAM/doc/pdf/README3
-rw-r--r--Linux-PAM/doc/ps/README3
-rw-r--r--Linux-PAM/doc/sag/Linux-PAM_SAG.xml570
-rw-r--r--Linux-PAM/doc/sag/Makefile.am97
-rw-r--r--Linux-PAM/doc/sag/Makefile.in470
-rw-r--r--Linux-PAM/doc/sag/pam_access.xml42
-rw-r--r--Linux-PAM/doc/sag/pam_cracklib.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_debug.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_deny.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_echo.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_env.xml42
-rw-r--r--Linux-PAM/doc/sag/pam_exec.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_faildelay.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_filter.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_ftp.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_group.xml42
-rw-r--r--Linux-PAM/doc/sag/pam_issue.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_keyinit.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_lastlog.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_limits.xml42
-rw-r--r--Linux-PAM/doc/sag/pam_listfile.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_localuser.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_loginuid.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_mail.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_mkhomedir.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_motd.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_namespace.xml42
-rw-r--r--Linux-PAM/doc/sag/pam_nologin.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_permit.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_rhosts.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_rootok.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_securetty.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_selinux.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_shells.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_succeed_if.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_tally.xml38
-rw-r--r--Linux-PAM/doc/sag/pam_time.xml42
-rw-r--r--Linux-PAM/doc/sag/pam_umask.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_unix.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_userdb.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_warn.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_wheel.xml34
-rw-r--r--Linux-PAM/doc/sag/pam_xauth.xml34
-rw-r--r--Linux-PAM/doc/specs/Makefile.am22
-rw-r--r--Linux-PAM/doc/specs/Makefile.in560
-rw-r--r--Linux-PAM/doc/specs/formatter/Makefile16
-rw-r--r--Linux-PAM/doc/specs/parse_l.c1675
-rw-r--r--Linux-PAM/doc/specs/parse_l.l (renamed from Linux-PAM/doc/specs/formatter/parse.lex)10
-rw-r--r--Linux-PAM/doc/specs/parse_y.c1706
-rw-r--r--Linux-PAM/doc/specs/parse_y.h69
-rw-r--r--Linux-PAM/doc/specs/parse_y.y (renamed from Linux-PAM/doc/specs/formatter/parse.y)18
-rw-r--r--Linux-PAM/doc/txts/README3
-rw-r--r--Linux-PAM/dynamic/Makefile70
-rw-r--r--Linux-PAM/dynamic/pam.c180
-rw-r--r--Linux-PAM/dynamic/test.c27
-rw-r--r--Linux-PAM/examples/Makefile54
-rw-r--r--Linux-PAM/examples/Makefile.am14
-rw-r--r--Linux-PAM/examples/Makefile.in522
-rw-r--r--Linux-PAM/examples/README13
-rw-r--r--Linux-PAM/examples/vpass.c10
-rwxr-xr-xLinux-PAM/examples/wrap_xsh.sh5
-rw-r--r--Linux-PAM/examples/xsh.c16
-rwxr-xr-xLinux-PAM/install-sh19
-rw-r--r--Linux-PAM/libpam/Makefile170
-rw-r--r--Linux-PAM/libpam/Makefile.am42
-rw-r--r--Linux-PAM/libpam/Makefile.in614
-rw-r--r--Linux-PAM/libpam/include/security/_pam_compat.h72
-rw-r--r--Linux-PAM/libpam/include/security/_pam_macros.h6
-rw-r--r--Linux-PAM/libpam/include/security/_pam_types.h112
-rw-r--r--Linux-PAM/libpam/include/security/pam_appl.h51
-rw-r--r--Linux-PAM/libpam/include/security/pam_ext.h81
-rw-r--r--Linux-PAM/libpam/include/security/pam_malloc.h71
-rw-r--r--Linux-PAM/libpam/include/security/pam_modules.h46
-rw-r--r--Linux-PAM/libpam/include/security/pam_modutil.h104
-rw-r--r--Linux-PAM/libpam/libpam.map47
-rw-r--r--Linux-PAM/libpam/pam_account.c4
-rw-r--r--Linux-PAM/libpam/pam_audit.c134
-rw-r--r--Linux-PAM/libpam/pam_auth.c10
-rw-r--r--Linux-PAM/libpam/pam_data.c57
-rw-r--r--Linux-PAM/libpam/pam_dispatch.c29
-rw-r--r--Linux-PAM/libpam/pam_dynamic.c142
-rw-r--r--Linux-PAM/libpam/pam_end.c6
-rw-r--r--Linux-PAM/libpam/pam_env.c34
-rw-r--r--Linux-PAM/libpam/pam_handlers.c304
-rw-r--r--Linux-PAM/libpam/pam_item.c62
-rw-r--r--Linux-PAM/libpam/pam_log.c375
-rw-r--r--Linux-PAM/libpam/pam_malloc.c418
-rw-r--r--Linux-PAM/libpam/pam_map.c78
-rw-r--r--Linux-PAM/libpam/pam_misc.c82
-rw-r--r--Linux-PAM/libpam/pam_modutil_cleanup.c19
-rw-r--r--Linux-PAM/libpam/pam_modutil_getgrgid.c (renamed from Linux-PAM/modules/pammodutil/modutil_getgrgid.c)9
-rw-r--r--Linux-PAM/libpam/pam_modutil_getgrnam.c (renamed from Linux-PAM/modules/pammodutil/modutil_getgrnam.c)9
-rw-r--r--Linux-PAM/libpam/pam_modutil_getlogin.c (renamed from Linux-PAM/modules/pammodutil/modutil_getlogin.c)36
-rw-r--r--Linux-PAM/libpam/pam_modutil_getpwnam.c (renamed from Linux-PAM/modules/pammodutil/modutil_getpwnam.c)9
-rw-r--r--Linux-PAM/libpam/pam_modutil_getpwuid.c (renamed from Linux-PAM/modules/pammodutil/modutil_getpwuid.c)9
-rw-r--r--Linux-PAM/libpam/pam_modutil_getspnam.c (renamed from Linux-PAM/modules/pammodutil/modutil_getspnam.c)9
-rw-r--r--Linux-PAM/libpam/pam_modutil_ingroup.c (renamed from Linux-PAM/modules/pammodutil/modutil_ingroup.c)58
-rw-r--r--Linux-PAM/libpam/pam_modutil_ioloop.c (renamed from Linux-PAM/modules/pammodutil/modutil_ioloop.c)13
-rw-r--r--Linux-PAM/libpam/pam_modutil_private.h23
-rw-r--r--Linux-PAM/libpam/pam_password.c6
-rw-r--r--Linux-PAM/libpam/pam_prelude.c303
-rw-r--r--Linux-PAM/libpam/pam_private.h53
-rw-r--r--Linux-PAM/libpam/pam_second.c50
-rw-r--r--Linux-PAM/libpam/pam_session.c21
-rw-r--r--Linux-PAM/libpam/pam_start.c55
-rw-r--r--Linux-PAM/libpam/pam_static.c44
-rw-r--r--Linux-PAM/libpam/pam_static_modules.h136
-rw-r--r--Linux-PAM/libpam/pam_strerror.c117
-rw-r--r--Linux-PAM/libpam/pam_syslog.c115
-rw-r--r--Linux-PAM/libpam/pam_tokens.h10
-rw-r--r--Linux-PAM/libpam/pam_vprompt.c115
-rw-r--r--Linux-PAM/libpam_misc/Makefile120
-rw-r--r--Linux-PAM/libpam_misc/Makefile.am23
-rw-r--r--Linux-PAM/libpam_misc/Makefile.in560
-rw-r--r--Linux-PAM/libpam_misc/help_env.c25
-rw-r--r--Linux-PAM/libpam_misc/include/security/pam_misc.h12
-rw-r--r--Linux-PAM/libpam_misc/libpam_misc.map17
-rw-r--r--Linux-PAM/libpam_misc/misc_conv.c50
-rw-r--r--Linux-PAM/libpam_misc/xstrdup.c31
-rw-r--r--Linux-PAM/libpamc/Makefile119
-rw-r--r--Linux-PAM/libpamc/Makefile.am24
-rw-r--r--Linux-PAM/libpamc/Makefile.in674
-rw-r--r--Linux-PAM/libpamc/include/security/pam_client.h29
-rw-r--r--Linux-PAM/libpamc/libpamc.map12
-rw-r--r--Linux-PAM/libpamc/pamc_converse.c22
-rw-r--r--Linux-PAM/libpamc/test/Makefile.am11
-rw-r--r--Linux-PAM/libpamc/test/Makefile.in389
-rw-r--r--Linux-PAM/ltmain.sh6863
-rw-r--r--Linux-PAM/m4/codeset.m421
-rw-r--r--Linux-PAM/m4/gettext.m4631
-rw-r--r--Linux-PAM/m4/glibc2.m430
-rw-r--r--Linux-PAM/m4/glibc21.m430
-rw-r--r--Linux-PAM/m4/iconv.m4101
-rw-r--r--Linux-PAM/m4/intdiv0.m470
-rw-r--r--Linux-PAM/m4/intmax.m430
-rw-r--r--Linux-PAM/m4/inttypes-h.m425
-rw-r--r--Linux-PAM/m4/inttypes-pri.m430
-rw-r--r--Linux-PAM/m4/inttypes.m425
-rw-r--r--Linux-PAM/m4/inttypes_h.m426
-rw-r--r--Linux-PAM/m4/isc-posix.m424
-rw-r--r--Linux-PAM/m4/jh_path_xml_catalog.m454
-rw-r--r--Linux-PAM/m4/lcmessage.m430
-rw-r--r--Linux-PAM/m4/ld-O1.m424
-rw-r--r--Linux-PAM/m4/ld-as-needed.m424
-rw-r--r--Linux-PAM/m4/lib-ld.m4110
-rw-r--r--Linux-PAM/m4/lib-link.m4630
-rw-r--r--Linux-PAM/m4/lib-prefix.m4185
-rw-r--r--Linux-PAM/m4/libprelude.m4176
-rw-r--r--Linux-PAM/m4/lock.m4289
-rw-r--r--Linux-PAM/m4/longdouble.m431
-rw-r--r--Linux-PAM/m4/longlong.m423
-rw-r--r--Linux-PAM/m4/nls.m431
-rw-r--r--Linux-PAM/m4/po.m4428
-rw-r--r--Linux-PAM/m4/printf-posix.m444
-rw-r--r--Linux-PAM/m4/progtest.m492
-rw-r--r--Linux-PAM/m4/signed.m417
-rw-r--r--Linux-PAM/m4/size_max.m460
-rw-r--r--Linux-PAM/m4/stdint_h.m426
-rw-r--r--Linux-PAM/m4/uintmax_t.m430
-rw-r--r--Linux-PAM/m4/ulonglong.m423
-rw-r--r--Linux-PAM/m4/visibility.m452
-rw-r--r--Linux-PAM/m4/wchar_t.m420
-rw-r--r--Linux-PAM/m4/wint_t.m420
-rw-r--r--Linux-PAM/m4/xsize.m413
-rwxr-xr-xLinux-PAM/missing360
-rwxr-xr-xLinux-PAM/mkinstalldirs158
-rw-r--r--Linux-PAM/modules/Makefile58
-rw-r--r--Linux-PAM/modules/Makefile.am16
-rw-r--r--Linux-PAM/modules/Makefile.in553
-rw-r--r--Linux-PAM/modules/README55
-rw-r--r--Linux-PAM/modules/Simple.Rules109
-rw-r--r--Linux-PAM/modules/dont_makefile21
-rwxr-xr-xLinux-PAM/modules/download-all30
-rwxr-xr-xLinux-PAM/modules/install_conf49
-rw-r--r--Linux-PAM/modules/modules.map11
-rw-r--r--Linux-PAM/modules/pam_access/Makefile24
-rw-r--r--Linux-PAM/modules/pam_access/Makefile.am37
-rw-r--r--Linux-PAM/modules/pam_access/Makefile.in738
-rw-r--r--Linux-PAM/modules/pam_access/README147
-rw-r--r--Linux-PAM/modules/pam_access/README.xml39
-rw-r--r--Linux-PAM/modules/pam_access/access.conf57
-rw-r--r--Linux-PAM/modules/pam_access/access.conf.5163
-rw-r--r--Linux-PAM/modules/pam_access/access.conf.5.xml194
-rw-r--r--Linux-PAM/modules/pam_access/pam_access.880
-rw-r--r--Linux-PAM/modules/pam_access/pam_access.8.xml220
-rw-r--r--Linux-PAM/modules/pam_access/pam_access.c638
-rwxr-xr-xLinux-PAM/modules/pam_access/tst-pam_access2
-rw-r--r--Linux-PAM/modules/pam_cracklib/Makefile32
-rw-r--r--Linux-PAM/modules/pam_cracklib/Makefile.am38
-rw-r--r--Linux-PAM/modules/pam_cracklib/Makefile.in669
-rw-r--r--Linux-PAM/modules/pam_cracklib/README227
-rw-r--r--Linux-PAM/modules/pam_cracklib/README.xml41
-rw-r--r--Linux-PAM/modules/pam_cracklib/pam_cracklib.8258
-rw-r--r--Linux-PAM/modules/pam_cracklib/pam_cracklib.8.xml495
-rw-r--r--Linux-PAM/modules/pam_cracklib/pam_cracklib.c316
-rwxr-xr-xLinux-PAM/modules/pam_cracklib/tst-pam_cracklib2
-rw-r--r--Linux-PAM/modules/pam_debug/Makefile15
-rw-r--r--Linux-PAM/modules/pam_debug/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_debug/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_debug/README61
-rw-r--r--Linux-PAM/modules/pam_debug/README.xml41
-rw-r--r--Linux-PAM/modules/pam_debug/pam_debug.8110
-rw-r--r--Linux-PAM/modules/pam_debug/pam_debug.8.xml231
-rw-r--r--Linux-PAM/modules/pam_debug/pam_debug.c48
-rwxr-xr-xLinux-PAM/modules/pam_debug/tst-pam_debug2
-rw-r--r--Linux-PAM/modules/pam_deny/Makefile15
-rw-r--r--Linux-PAM/modules/pam_deny/Makefile.am34
-rw-r--r--Linux-PAM/modules/pam_deny/Makefile.in667
-rw-r--r--Linux-PAM/modules/pam_deny/README31
-rw-r--r--Linux-PAM/modules/pam_deny/README.xml36
-rw-r--r--Linux-PAM/modules/pam_deny/pam_deny.874
-rw-r--r--Linux-PAM/modules/pam_deny/pam_deny.8.xml135
-rw-r--r--Linux-PAM/modules/pam_deny/pam_deny.c44
-rwxr-xr-xLinux-PAM/modules/pam_deny/tst-pam_deny2
-rw-r--r--Linux-PAM/modules/pam_echo/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_echo/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_echo/README50
-rw-r--r--Linux-PAM/modules/pam_echo/README.xml36
-rw-r--r--Linux-PAM/modules/pam_echo/pam_echo.888
-rw-r--r--Linux-PAM/modules/pam_echo/pam_echo.8.xml168
-rw-r--r--Linux-PAM/modules/pam_echo/pam_echo.c269
-rwxr-xr-xLinux-PAM/modules/pam_echo/tst-pam_echo2
-rw-r--r--Linux-PAM/modules/pam_env/Makefile22
-rw-r--r--Linux-PAM/modules/pam_env/Makefile.am35
-rw-r--r--Linux-PAM/modules/pam_env/Makefile.in757
-rw-r--r--Linux-PAM/modules/pam_env/README146
-rw-r--r--Linux-PAM/modules/pam_env/README.xml39
-rw-r--r--Linux-PAM/modules/pam_env/environment5
-rw-r--r--Linux-PAM/modules/pam_env/pam_env.889
-rw-r--r--Linux-PAM/modules/pam_env/pam_env.8.xml206
-rw-r--r--Linux-PAM/modules/pam_env/pam_env.c347
-rw-r--r--Linux-PAM/modules/pam_env/pam_env.conf (renamed from Linux-PAM/modules/pam_env/pam_env.conf-example)3
-rw-r--r--Linux-PAM/modules/pam_env/pam_env.conf.587
-rw-r--r--Linux-PAM/modules/pam_env/pam_env.conf.5.xml123
-rwxr-xr-xLinux-PAM/modules/pam_env/tst-pam_env2
-rw-r--r--Linux-PAM/modules/pam_exec/Makefile.am34
-rw-r--r--Linux-PAM/modules/pam_exec/Makefile.in667
-rw-r--r--Linux-PAM/modules/pam_exec/README42
-rw-r--r--Linux-PAM/modules/pam_exec/README.xml41
-rw-r--r--Linux-PAM/modules/pam_exec/pam_exec.888
-rw-r--r--Linux-PAM/modules/pam_exec/pam_exec.8.xml189
-rw-r--r--Linux-PAM/modules/pam_exec/pam_exec.c285
-rwxr-xr-xLinux-PAM/modules/pam_exec/tst-pam_exec2
-rw-r--r--Linux-PAM/modules/pam_faildelay/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_faildelay/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_faildelay/README33
-rw-r--r--Linux-PAM/modules/pam_faildelay/README.xml41
-rw-r--r--Linux-PAM/modules/pam_faildelay/pam_faildelay.865
-rw-r--r--Linux-PAM/modules/pam_faildelay/pam_faildelay.8.xml136
-rw-r--r--Linux-PAM/modules/pam_faildelay/pam_faildelay.c231
-rwxr-xr-xLinux-PAM/modules/pam_faildelay/tst-pam_faildelay2
-rw-r--r--Linux-PAM/modules/pam_filter/.upperLOWER1
-rw-r--r--Linux-PAM/modules/pam_filter/Makefile126
-rw-r--r--Linux-PAM/modules/pam_filter/Makefile.am34
-rw-r--r--Linux-PAM/modules/pam_filter/Makefile.in805
-rw-r--r--Linux-PAM/modules/pam_filter/README120
-rw-r--r--Linux-PAM/modules/pam_filter/README.xml41
-rw-r--r--Linux-PAM/modules/pam_filter/pam_filter.8140
-rw-r--r--Linux-PAM/modules/pam_filter/pam_filter.8.xml261
-rw-r--r--Linux-PAM/modules/pam_filter/pam_filter.c164
-rw-r--r--Linux-PAM/modules/pam_filter/pam_filter.h (renamed from Linux-PAM/modules/pam_filter/include/pam_filter.h)2
-rwxr-xr-xLinux-PAM/modules/pam_filter/tst-pam_filter2
-rw-r--r--Linux-PAM/modules/pam_filter/upperLOWER/Makefile42
-rw-r--r--Linux-PAM/modules/pam_filter/upperLOWER/Makefile.am14
-rw-r--r--Linux-PAM/modules/pam_filter/upperLOWER/Makefile.in525
-rw-r--r--Linux-PAM/modules/pam_filter/upperLOWER/upperLOWER.c61
-rw-r--r--Linux-PAM/modules/pam_ftp/Makefile15
-rw-r--r--Linux-PAM/modules/pam_ftp/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_ftp/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_ftp/README60
-rw-r--r--Linux-PAM/modules/pam_ftp/README.xml41
-rw-r--r--Linux-PAM/modules/pam_ftp/pam_ftp.895
-rw-r--r--Linux-PAM/modules/pam_ftp/pam_ftp.8.xml183
-rw-r--r--Linux-PAM/modules/pam_ftp/pam_ftp.c142
-rwxr-xr-xLinux-PAM/modules/pam_ftp/tst-pam_ftp2
-rw-r--r--Linux-PAM/modules/pam_group/Makefile21
-rw-r--r--Linux-PAM/modules/pam_group/Makefile.am34
-rw-r--r--Linux-PAM/modules/pam_group/Makefile.in736
-rw-r--r--Linux-PAM/modules/pam_group/README45
-rw-r--r--Linux-PAM/modules/pam_group/README.xml34
-rw-r--r--Linux-PAM/modules/pam_group/group.conf69
-rw-r--r--Linux-PAM/modules/pam_group/group.conf.583
-rw-r--r--Linux-PAM/modules/pam_group/group.conf.5.xml131
-rw-r--r--Linux-PAM/modules/pam_group/pam_group.880
-rw-r--r--Linux-PAM/modules/pam_group/pam_group.8.xml162
-rw-r--r--Linux-PAM/modules/pam_group/pam_group.c258
-rwxr-xr-xLinux-PAM/modules/pam_group/tst-pam_group2
-rw-r--r--Linux-PAM/modules/pam_issue/Makefile15
-rw-r--r--Linux-PAM/modules/pam_issue/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_issue/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_issue/README79
-rw-r--r--Linux-PAM/modules/pam_issue/README.xml41
-rw-r--r--Linux-PAM/modules/pam_issue/pam_issue.8104
-rw-r--r--Linux-PAM/modules/pam_issue/pam_issue.8.xml234
-rw-r--r--Linux-PAM/modules/pam_issue/pam_issue.c305
-rwxr-xr-xLinux-PAM/modules/pam_issue/tst-pam_issue2
-rw-r--r--Linux-PAM/modules/pam_keyinit/Makefile.am33
-rw-r--r--Linux-PAM/modules/pam_keyinit/Makefile.in667
-rw-r--r--Linux-PAM/modules/pam_keyinit/README24
-rw-r--r--Linux-PAM/modules/pam_keyinit/README.xml41
-rw-r--r--Linux-PAM/modules/pam_keyinit/pam_keyinit.8133
-rw-r--r--Linux-PAM/modules/pam_keyinit/pam_keyinit.8.xml241
-rw-r--r--Linux-PAM/modules/pam_keyinit/pam_keyinit.c269
-rwxr-xr-xLinux-PAM/modules/pam_keyinit/tst-pam_keyinit2
-rw-r--r--Linux-PAM/modules/pam_lastlog/Makefile19
-rw-r--r--Linux-PAM/modules/pam_lastlog/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_lastlog/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_lastlog/README57
-rw-r--r--Linux-PAM/modules/pam_lastlog/README.xml41
-rw-r--r--Linux-PAM/modules/pam_lastlog/pam_lastlog.891
-rw-r--r--Linux-PAM/modules/pam_lastlog/pam_lastlog.8.xml231
-rw-r--r--Linux-PAM/modules/pam_lastlog/pam_lastlog.c510
-rwxr-xr-xLinux-PAM/modules/pam_lastlog/tst-pam_lastlog2
-rw-r--r--Linux-PAM/modules/pam_limits/Makefile37
-rw-r--r--Linux-PAM/modules/pam_limits/Makefile.am34
-rw-r--r--Linux-PAM/modules/pam_limits/Makefile.in736
-rw-r--r--Linux-PAM/modules/pam_limits/README138
-rw-r--r--Linux-PAM/modules/pam_limits/README.xml39
-rw-r--r--Linux-PAM/modules/pam_limits/limits.conf (renamed from Linux-PAM/modules/pam_limits/limits.skel)3
-rw-r--r--Linux-PAM/modules/pam_limits/limits.conf.5172
-rw-r--r--Linux-PAM/modules/pam_limits/limits.conf.5.xml286
-rw-r--r--Linux-PAM/modules/pam_limits/pam_limits.897
-rw-r--r--Linux-PAM/modules/pam_limits/pam_limits.8.xml230
-rw-r--r--Linux-PAM/modules/pam_limits/pam_limits.c271
-rwxr-xr-xLinux-PAM/modules/pam_limits/tst-pam_limits2
-rw-r--r--Linux-PAM/modules/pam_listfile/Makefile15
-rw-r--r--Linux-PAM/modules/pam_listfile/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_listfile/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_listfile/README121
-rw-r--r--Linux-PAM/modules/pam_listfile/README.xml41
-rw-r--r--Linux-PAM/modules/pam_listfile/pam_listfile.8164
-rw-r--r--Linux-PAM/modules/pam_listfile/pam_listfile.8.xml282
-rw-r--r--Linux-PAM/modules/pam_listfile/pam_listfile.c198
-rwxr-xr-xLinux-PAM/modules/pam_listfile/tst-pam_listfile2
-rw-r--r--Linux-PAM/modules/pam_localuser/Makefile14
-rw-r--r--Linux-PAM/modules/pam_localuser/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_localuser/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_localuser/README55
-rw-r--r--Linux-PAM/modules/pam_localuser/README.xml41
-rw-r--r--Linux-PAM/modules/pam_localuser/pam_localuser.8120
-rw-r--r--Linux-PAM/modules/pam_localuser/pam_localuser.8.xml173
-rw-r--r--Linux-PAM/modules/pam_localuser/pam_localuser.c75
-rwxr-xr-xLinux-PAM/modules/pam_localuser/tst-pam_localuser2
-rw-r--r--Linux-PAM/modules/pam_loginuid/Makefile.am34
-rw-r--r--Linux-PAM/modules/pam_loginuid/Makefile.in667
-rw-r--r--Linux-PAM/modules/pam_loginuid/README29
-rw-r--r--Linux-PAM/modules/pam_loginuid/README.xml36
-rw-r--r--Linux-PAM/modules/pam_loginuid/pam_loginuid.859
-rw-r--r--Linux-PAM/modules/pam_loginuid/pam_loginuid.8.xml125
-rw-r--r--Linux-PAM/modules/pam_loginuid/pam_loginuid.c240
-rwxr-xr-xLinux-PAM/modules/pam_loginuid/tst-pam_loginuid2
-rw-r--r--Linux-PAM/modules/pam_mail/Makefile15
-rw-r--r--Linux-PAM/modules/pam_mail/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_mail/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_mail/README86
-rw-r--r--Linux-PAM/modules/pam_mail/README.xml41
-rw-r--r--Linux-PAM/modules/pam_mail/pam_mail.8113
-rw-r--r--Linux-PAM/modules/pam_mail/pam_mail.8.xml279
-rw-r--r--Linux-PAM/modules/pam_mail/pam_mail.c442
-rwxr-xr-xLinux-PAM/modules/pam_mail/tst-pam_mail2
-rw-r--r--Linux-PAM/modules/pam_mkhomedir/Makefile15
-rw-r--r--Linux-PAM/modules/pam_mkhomedir/Makefile.am33
-rw-r--r--Linux-PAM/modules/pam_mkhomedir/Makefile.in666
-rw-r--r--Linux-PAM/modules/pam_mkhomedir/README59
-rw-r--r--Linux-PAM/modules/pam_mkhomedir/README.xml36
-rw-r--r--Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.891
-rw-r--r--Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.8.xml203
-rw-r--r--Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.c284
-rwxr-xr-xLinux-PAM/modules/pam_mkhomedir/tst-pam_mkhomedir2
-rw-r--r--Linux-PAM/modules/pam_motd/Makefile15
-rw-r--r--Linux-PAM/modules/pam_motd/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_motd/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_motd/README27
-rw-r--r--Linux-PAM/modules/pam_motd/README.xml41
-rw-r--r--Linux-PAM/modules/pam_motd/pam_motd.864
-rw-r--r--Linux-PAM/modules/pam_motd/pam_motd.8.xml114
-rw-r--r--Linux-PAM/modules/pam_motd/pam_motd.c125
-rwxr-xr-xLinux-PAM/modules/pam_motd/tst-pam_motd2
-rw-r--r--Linux-PAM/modules/pam_namespace/Makefile.am39
-rw-r--r--Linux-PAM/modules/pam_namespace/Makefile.in772
-rw-r--r--Linux-PAM/modules/pam_namespace/README129
-rw-r--r--Linux-PAM/modules/pam_namespace/README.xml139
-rw-r--r--Linux-PAM/modules/pam_namespace/md5.c260
-rw-r--r--Linux-PAM/modules/pam_namespace/md5.h28
-rw-r--r--Linux-PAM/modules/pam_namespace/namespace.conf30
-rw-r--r--Linux-PAM/modules/pam_namespace/namespace.conf.596
-rw-r--r--Linux-PAM/modules/pam_namespace/namespace.conf.5.xml151
-rwxr-xr-xLinux-PAM/modules/pam_namespace/namespace.init24
-rw-r--r--Linux-PAM/modules/pam_namespace/pam_namespace.8110
-rw-r--r--Linux-PAM/modules/pam_namespace/pam_namespace.8.xml317
-rw-r--r--Linux-PAM/modules/pam_namespace/pam_namespace.c1337
-rw-r--r--Linux-PAM/modules/pam_namespace/pam_namespace.h135
-rwxr-xr-xLinux-PAM/modules/pam_namespace/tst-pam_namespace2
-rw-r--r--Linux-PAM/modules/pam_nologin/Makefile15
-rw-r--r--Linux-PAM/modules/pam_nologin/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_nologin/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_nologin/README46
-rw-r--r--Linux-PAM/modules/pam_nologin/README.xml46
-rw-r--r--Linux-PAM/modules/pam_nologin/pam_nologin.896
-rw-r--r--Linux-PAM/modules/pam_nologin/pam_nologin.8.xml174
-rw-r--r--Linux-PAM/modules/pam_nologin/pam_nologin.c88
-rwxr-xr-xLinux-PAM/modules/pam_nologin/tst-pam_nologin2
-rw-r--r--Linux-PAM/modules/pam_permit/Makefile15
-rw-r--r--Linux-PAM/modules/pam_permit/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_permit/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_permit/README32
-rw-r--r--Linux-PAM/modules/pam_permit/README.xml41
-rw-r--r--Linux-PAM/modules/pam_permit/pam_permit.862
-rw-r--r--Linux-PAM/modules/pam_permit/pam_permit.8.xml105
-rw-r--r--Linux-PAM/modules/pam_permit/pam_permit.c40
-rwxr-xr-xLinux-PAM/modules/pam_permit/tst-pam_permit2
-rw-r--r--Linux-PAM/modules/pam_pwdb/BUGS3
-rw-r--r--Linux-PAM/modules/pam_pwdb/CHANGELOG10
-rw-r--r--Linux-PAM/modules/pam_pwdb/Makefile127
-rw-r--r--Linux-PAM/modules/pam_pwdb/README41
-rw-r--r--Linux-PAM/modules/pam_pwdb/TODO34
-rw-r--r--Linux-PAM/modules/pam_pwdb/bigcrypt.-c114
-rw-r--r--Linux-PAM/modules/pam_pwdb/md5.c255
-rw-r--r--Linux-PAM/modules/pam_pwdb/md5.h30
-rw-r--r--Linux-PAM/modules/pam_pwdb/md5_crypt.c138
-rw-r--r--Linux-PAM/modules/pam_pwdb/pam_pwdb.c248
-rw-r--r--Linux-PAM/modules/pam_pwdb/pam_unix_acct.-c272
-rw-r--r--Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c131
-rw-r--r--Linux-PAM/modules/pam_pwdb/pam_unix_md.-c73
-rw-r--r--Linux-PAM/modules/pam_pwdb/pam_unix_passwd.-c373
-rw-r--r--Linux-PAM/modules/pam_pwdb/pam_unix_pwupd.-c260
-rw-r--r--Linux-PAM/modules/pam_pwdb/pam_unix_sess.-c98
-rw-r--r--Linux-PAM/modules/pam_pwdb/pwdb_chkpwd.c221
-rw-r--r--Linux-PAM/modules/pam_pwdb/support.-c963
-rw-r--r--Linux-PAM/modules/pam_radius/Makefile95
-rw-r--r--Linux-PAM/modules/pam_radius/README58
-rw-r--r--Linux-PAM/modules/pam_radius/pam_radius.c193
-rw-r--r--Linux-PAM/modules/pam_radius/pam_radius.h40
-rw-r--r--Linux-PAM/modules/pam_rhosts/Makefile15
-rw-r--r--Linux-PAM/modules/pam_rhosts/Makefile.am32
-rw-r--r--Linux-PAM/modules/pam_rhosts/Makefile.in671
-rw-r--r--Linux-PAM/modules/pam_rhosts/README81
-rw-r--r--Linux-PAM/modules/pam_rhosts/README.xml41
-rw-r--r--Linux-PAM/modules/pam_rhosts/pam_rhosts.898
-rw-r--r--Linux-PAM/modules/pam_rhosts/pam_rhosts.8.xml171
-rw-r--r--Linux-PAM/modules/pam_rhosts/pam_rhosts.c155
-rw-r--r--Linux-PAM/modules/pam_rhosts/pam_rhosts_auth.c213
-rwxr-xr-xLinux-PAM/modules/pam_rhosts/tst-pam_rhosts2
-rwxr-xr-xLinux-PAM/modules/pam_rhosts/tst-pam_rhosts_auth2
-rw-r--r--Linux-PAM/modules/pam_rootok/Makefile15
-rw-r--r--Linux-PAM/modules/pam_rootok/Makefile.am33
-rw-r--r--Linux-PAM/modules/pam_rootok/Makefile.in667
-rw-r--r--Linux-PAM/modules/pam_rootok/README39
-rw-r--r--Linux-PAM/modules/pam_rootok/README.xml41
-rw-r--r--Linux-PAM/modules/pam_rootok/pam_rootok.877
-rw-r--r--Linux-PAM/modules/pam_rootok/pam_rootok.8.xml130
-rw-r--r--Linux-PAM/modules/pam_rootok/pam_rootok.c48
-rwxr-xr-xLinux-PAM/modules/pam_rootok/tst-pam_rootok2
-rw-r--r--Linux-PAM/modules/pam_securetty/Makefile15
-rw-r--r--Linux-PAM/modules/pam_securetty/Makefile.am30
-rw-r--r--Linux-PAM/modules/pam_securetty/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_securetty/README38
-rw-r--r--Linux-PAM/modules/pam_securetty/README.xml41
-rw-r--r--Linux-PAM/modules/pam_securetty/pam_securetty.885
-rw-r--r--Linux-PAM/modules/pam_securetty/pam_securetty.8.xml167
-rw-r--r--Linux-PAM/modules/pam_securetty/pam_securetty.c87
-rwxr-xr-xLinux-PAM/modules/pam_securetty/tst-pam_securetty2
-rw-r--r--Linux-PAM/modules/pam_selinux/Makefile.am42
-rw-r--r--Linux-PAM/modules/pam_selinux/Makefile.in698
-rw-r--r--Linux-PAM/modules/pam_selinux/README61
-rw-r--r--Linux-PAM/modules/pam_selinux/README.xml41
-rw-r--r--Linux-PAM/modules/pam_selinux/pam_selinux.878
-rw-r--r--Linux-PAM/modules/pam_selinux/pam_selinux.8.xml207
-rw-r--r--Linux-PAM/modules/pam_selinux/pam_selinux.c482
-rw-r--r--Linux-PAM/modules/pam_selinux/pam_selinux_check.835
-rw-r--r--Linux-PAM/modules/pam_selinux/pam_selinux_check.c161
-rwxr-xr-xLinux-PAM/modules/pam_selinux/tst-pam_selinux2
-rw-r--r--Linux-PAM/modules/pam_shells/Makefile15
-rw-r--r--Linux-PAM/modules/pam_shells/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_shells/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_shells/README29
-rw-r--r--Linux-PAM/modules/pam_shells/README.xml41
-rw-r--r--Linux-PAM/modules/pam_shells/pam_shells.859
-rw-r--r--Linux-PAM/modules/pam_shells/pam_shells.8.xml117
-rw-r--r--Linux-PAM/modules/pam_shells/pam_shells.c48
-rwxr-xr-xLinux-PAM/modules/pam_shells/tst-pam_shells2
-rw-r--r--Linux-PAM/modules/pam_stress/Makefile15
-rw-r--r--Linux-PAM/modules/pam_stress/Makefile.am20
-rw-r--r--Linux-PAM/modules/pam_stress/Makefile.in607
-rw-r--r--Linux-PAM/modules/pam_stress/pam_stress.c217
-rwxr-xr-xLinux-PAM/modules/pam_stress/tst-pam_stress2
-rw-r--r--Linux-PAM/modules/pam_succeed_if/Makefile16
-rw-r--r--Linux-PAM/modules/pam_succeed_if/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_succeed_if/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_succeed_if/README192
-rw-r--r--Linux-PAM/modules/pam_succeed_if/README.xml41
-rw-r--r--Linux-PAM/modules/pam_succeed_if/pam_succeed_if.8166
-rw-r--r--Linux-PAM/modules/pam_succeed_if/pam_succeed_if.8.xml297
-rw-r--r--Linux-PAM/modules/pam_succeed_if/pam_succeed_if.c256
-rwxr-xr-xLinux-PAM/modules/pam_succeed_if/tst-pam_succeed_if2
-rw-r--r--Linux-PAM/modules/pam_tally/Makefile109
-rw-r--r--Linux-PAM/modules/pam_tally/Makefile.am38
-rw-r--r--Linux-PAM/modules/pam_tally/Makefile.in719
-rw-r--r--Linux-PAM/modules/pam_tally/README252
-rw-r--r--Linux-PAM/modules/pam_tally/README.xml41
-rw-r--r--Linux-PAM/modules/pam_tally/pam_tally.8188
-rw-r--r--Linux-PAM/modules/pam_tally/pam_tally.8.xml437
-rw-r--r--Linux-PAM/modules/pam_tally/pam_tally.c460
-rwxr-xr-xLinux-PAM/modules/pam_tally/tst-pam_tally2
-rw-r--r--Linux-PAM/modules/pam_time/Makefile21
-rw-r--r--Linux-PAM/modules/pam_time/Makefile.am32
-rw-r--r--Linux-PAM/modules/pam_time/Makefile.in736
-rw-r--r--Linux-PAM/modules/pam_time/README45
-rw-r--r--Linux-PAM/modules/pam_time/README.xml34
-rw-r--r--Linux-PAM/modules/pam_time/pam_time.872
-rw-r--r--Linux-PAM/modules/pam_time/pam_time.8.xml148
-rw-r--r--Linux-PAM/modules/pam_time/pam_time.c193
-rw-r--r--Linux-PAM/modules/pam_time/time.conf5
-rw-r--r--Linux-PAM/modules/pam_time/time.conf.592
-rw-r--r--Linux-PAM/modules/pam_time/time.conf.5.xml143
-rwxr-xr-xLinux-PAM/modules/pam_time/tst-pam_time2
-rw-r--r--Linux-PAM/modules/pam_umask/Makefile.am32
-rw-r--r--Linux-PAM/modules/pam_umask/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_umask/README58
-rw-r--r--Linux-PAM/modules/pam_umask/README.xml41
-rw-r--r--Linux-PAM/modules/pam_umask/pam_umask.896
-rw-r--r--Linux-PAM/modules/pam_umask/pam_umask.8.xml220
-rw-r--r--Linux-PAM/modules/pam_umask/pam_umask.c319
-rwxr-xr-xLinux-PAM/modules/pam_umask/tst-pam_umask2
-rw-r--r--Linux-PAM/modules/pam_unix/Makefile191
-rw-r--r--Linux-PAM/modules/pam_unix/Makefile.am61
-rw-r--r--Linux-PAM/modules/pam_unix/Makefile.in859
-rw-r--r--Linux-PAM/modules/pam_unix/README179
-rw-r--r--Linux-PAM/modules/pam_unix/README.xml41
-rw-r--r--Linux-PAM/modules/pam_unix/bigcrypt.c8
-rw-r--r--Linux-PAM/modules/pam_unix/bigcrypt.h1
-rw-r--r--Linux-PAM/modules/pam_unix/bigcrypt_main.c2
-rw-r--r--Linux-PAM/modules/pam_unix/lckpwdf.-c25
-rw-r--r--Linux-PAM/modules/pam_unix/md5_broken.c4
-rw-r--r--Linux-PAM/modules/pam_unix/md5_good.c5
-rw-r--r--Linux-PAM/modules/pam_unix/pam_unix.8143
-rw-r--r--Linux-PAM/modules/pam_unix/pam_unix.8.xml342
-rw-r--r--Linux-PAM/modules/pam_unix/pam_unix_acct.c234
-rw-r--r--Linux-PAM/modules/pam_unix/pam_unix_auth.c42
-rw-r--r--Linux-PAM/modules/pam_unix/pam_unix_passwd.c635
-rw-r--r--Linux-PAM/modules/pam_unix/pam_unix_sess.c29
-rw-r--r--Linux-PAM/modules/pam_unix/support.c377
-rw-r--r--Linux-PAM/modules/pam_unix/support.h8
-rwxr-xr-xLinux-PAM/modules/pam_unix/tst-pam_unix2
-rw-r--r--Linux-PAM/modules/pam_unix/unix_chkpwd.880
-rw-r--r--Linux-PAM/modules/pam_unix/unix_chkpwd.c320
-rw-r--r--Linux-PAM/modules/pam_unix/yppasswd_xdr.c2
-rw-r--r--Linux-PAM/modules/pam_userdb/Makefile41
-rw-r--r--Linux-PAM/modules/pam_userdb/Makefile.am34
-rw-r--r--Linux-PAM/modules/pam_userdb/Makefile.in671
-rw-r--r--Linux-PAM/modules/pam_userdb/README135
-rw-r--r--Linux-PAM/modules/pam_userdb/README.xml41
-rw-r--r--Linux-PAM/modules/pam_userdb/conv.c123
-rw-r--r--Linux-PAM/modules/pam_userdb/pam_userdb.8104
-rw-r--r--Linux-PAM/modules/pam_userdb/pam_userdb.8.xml292
-rw-r--r--Linux-PAM/modules/pam_userdb/pam_userdb.c247
-rw-r--r--Linux-PAM/modules/pam_userdb/pam_userdb.h8
-rwxr-xr-xLinux-PAM/modules/pam_userdb/tst-pam_userdb2
-rw-r--r--Linux-PAM/modules/pam_warn/Makefile15
-rw-r--r--Linux-PAM/modules/pam_warn/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_warn/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_warn/README46
-rw-r--r--Linux-PAM/modules/pam_warn/README.xml41
-rw-r--r--Linux-PAM/modules/pam_warn/pam_warn.867
-rw-r--r--Linux-PAM/modules/pam_warn/pam_warn.8.xml104
-rw-r--r--Linux-PAM/modules/pam_warn/pam_warn.c50
-rwxr-xr-xLinux-PAM/modules/pam_warn/tst-pam_warn2
-rw-r--r--Linux-PAM/modules/pam_wheel/Makefile15
-rw-r--r--Linux-PAM/modules/pam_wheel/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_wheel/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_wheel/README96
-rw-r--r--Linux-PAM/modules/pam_wheel/README.xml41
-rw-r--r--Linux-PAM/modules/pam_wheel/pam_wheel.8101
-rw-r--r--Linux-PAM/modules/pam_wheel/pam_wheel.8.xml242
-rw-r--r--Linux-PAM/modules/pam_wheel/pam_wheel.c100
-rwxr-xr-xLinux-PAM/modules/pam_wheel/tst-pam_wheel2
-rw-r--r--Linux-PAM/modules/pam_xauth/Makefile12
-rw-r--r--Linux-PAM/modules/pam_xauth/Makefile.am31
-rw-r--r--Linux-PAM/modules/pam_xauth/Makefile.in665
-rw-r--r--Linux-PAM/modules/pam_xauth/README131
-rw-r--r--Linux-PAM/modules/pam_xauth/README.xml46
-rw-r--r--Linux-PAM/modules/pam_xauth/pam_xauth.8215
-rw-r--r--Linux-PAM/modules/pam_xauth/pam_xauth.8.xml293
-rw-r--r--Linux-PAM/modules/pam_xauth/pam_xauth.c329
-rwxr-xr-xLinux-PAM/modules/pam_xauth/tst-pam_xauth2
-rw-r--r--Linux-PAM/modules/pammodutil/Makefile55
-rw-r--r--Linux-PAM/modules/pammodutil/README15
-rw-r--r--Linux-PAM/modules/pammodutil/include/security/_pam_modutil.h66
-rw-r--r--Linux-PAM/modules/pammodutil/modutil_cleanup.c16
-rw-r--r--Linux-PAM/modules/pammodutil/pammodutil.h22
-rwxr-xr-xLinux-PAM/modules/register_static49
-rw-r--r--Linux-PAM/po/LINGUAS19
-rw-r--r--Linux-PAM/po/Linux-PAM.pot488
-rw-r--r--Linux-PAM/po/Makefile.in.in393
-rw-r--r--Linux-PAM/po/Makevars41
-rw-r--r--Linux-PAM/po/POTFILES.in92
-rw-r--r--Linux-PAM/po/Rules-quot47
-rw-r--r--Linux-PAM/po/boldquot.sed10
-rw-r--r--Linux-PAM/po/cs.gmobin0 -> 9501 bytes
-rw-r--r--Linux-PAM/po/cs.po491
-rw-r--r--Linux-PAM/po/de.gmobin0 -> 9944 bytes
-rw-r--r--Linux-PAM/po/de.po493
-rw-r--r--Linux-PAM/po/en@boldquot.header25
-rw-r--r--Linux-PAM/po/en@quot.header22
-rw-r--r--Linux-PAM/po/es.gmobin0 -> 9018 bytes
-rw-r--r--Linux-PAM/po/es.po505
-rw-r--r--Linux-PAM/po/fi.gmobin0 -> 8595 bytes
-rw-r--r--Linux-PAM/po/fi.po499
-rw-r--r--Linux-PAM/po/fr.gmobin0 -> 9008 bytes
-rw-r--r--Linux-PAM/po/fr.po506
-rw-r--r--Linux-PAM/po/hu.gmobin0 -> 9509 bytes
-rw-r--r--Linux-PAM/po/hu.po494
-rw-r--r--Linux-PAM/po/insert-header.sin23
-rw-r--r--Linux-PAM/po/it.gmobin0 -> 8734 bytes
-rw-r--r--Linux-PAM/po/it.po506
-rw-r--r--Linux-PAM/po/ja.gmobin0 -> 9734 bytes
-rw-r--r--Linux-PAM/po/ja.po499
-rw-r--r--Linux-PAM/po/km.gmobin0 -> 14477 bytes
-rw-r--r--Linux-PAM/po/km.po499
-rw-r--r--Linux-PAM/po/nb.gmobin0 -> 8234 bytes
-rw-r--r--Linux-PAM/po/nb.po494
-rw-r--r--Linux-PAM/po/nl.gmobin0 -> 8569 bytes
-rw-r--r--Linux-PAM/po/nl.po496
-rw-r--r--Linux-PAM/po/pa.gmobin0 -> 4515 bytes
-rw-r--r--Linux-PAM/po/pa.po507
-rw-r--r--Linux-PAM/po/pl.gmobin0 -> 8599 bytes
-rw-r--r--Linux-PAM/po/pl.po500
-rw-r--r--Linux-PAM/po/pt.gmobin0 -> 9112 bytes
-rw-r--r--Linux-PAM/po/pt.po500
-rw-r--r--Linux-PAM/po/pt_BR.gmobin0 -> 8498 bytes
-rw-r--r--Linux-PAM/po/pt_BR.po497
-rw-r--r--Linux-PAM/po/quot.sed6
-rw-r--r--Linux-PAM/po/remove-potcdate.sin19
-rw-r--r--Linux-PAM/po/stamp-po1
-rw-r--r--Linux-PAM/po/tr.gmobin0 -> 8158 bytes
-rw-r--r--Linux-PAM/po/tr.po495
-rw-r--r--Linux-PAM/po/uk.gmobin0 -> 10747 bytes
-rw-r--r--Linux-PAM/po/uk.po501
-rw-r--r--Linux-PAM/po/zh_CN.gmobin0 -> 7986 bytes
-rw-r--r--Linux-PAM/po/zh_CN.po492
-rw-r--r--Linux-PAM/po/zh_TW.gmobin0 -> 8067 bytes
-rw-r--r--Linux-PAM/po/zh_TW.po497
-rw-r--r--Linux-PAM/tests/Makefile.am19
-rw-r--r--Linux-PAM/tests/Makefile.in692
-rw-r--r--Linux-PAM/tests/tst-dlopen.c44
-rw-r--r--Linux-PAM/tests/tst-pam_acct_mgmt.c58
-rw-r--r--Linux-PAM/tests/tst-pam_authenticate.c58
-rw-r--r--Linux-PAM/tests/tst-pam_chauthtok.c58
-rw-r--r--Linux-PAM/tests/tst-pam_close_session.c58
-rw-r--r--Linux-PAM/tests/tst-pam_end.c79
-rw-r--r--Linux-PAM/tests/tst-pam_fail_delay.c79
-rw-r--r--Linux-PAM/tests/tst-pam_get_item.c133
-rw-r--r--Linux-PAM/tests/tst-pam_get_user.c176
-rw-r--r--Linux-PAM/tests/tst-pam_getenvlist.c134
-rw-r--r--Linux-PAM/tests/tst-pam_open_session.c58
-rw-r--r--Linux-PAM/tests/tst-pam_set_data.c488
-rw-r--r--Linux-PAM/tests/tst-pam_set_item.c149
-rw-r--r--Linux-PAM/tests/tst-pam_setcred.c58
-rw-r--r--Linux-PAM/tests/tst-pam_start.c107
-rw-r--r--Linux-PAM/xtests/Makefile.am22
-rw-r--r--Linux-PAM/xtests/Makefile.in542
-rwxr-xr-xLinux-PAM/xtests/run-xtests.sh38
-rw-r--r--Linux-PAM/xtests/tst-pam_cracklib1.c135
-rw-r--r--Linux-PAM/xtests/tst-pam_cracklib1.pamd2
-rw-r--r--Linux-PAM/xtests/tst-pam_dispatch1.c99
-rw-r--r--Linux-PAM/xtests/tst-pam_dispatch1.pamd3
-rw-r--r--Linux-PAM/xtests/tst-pam_dispatch2.c98
-rw-r--r--Linux-PAM/xtests/tst-pam_dispatch2.pamd3
-rw-r--r--Linux-PAM/xtests/tst-pam_dispatch3.c87
-rw-r--r--Linux-PAM/xtests/tst-pam_dispatch3.pamd6
-rw-r--r--Linux-PAM/xtests/tst-pam_dispatch4.c95
-rw-r--r--Linux-PAM/xtests/tst-pam_dispatch4.pamd8
-rwxr-xr-xLinux-PAM/ylwrap223
893 files changed, 151607 insertions, 28370 deletions
diff --git a/Linux-PAM/ABOUT-NLS b/Linux-PAM/ABOUT-NLS
new file mode 100644
index 00000000..3575535a
--- /dev/null
+++ b/Linux-PAM/ABOUT-NLS
@@ -0,0 +1,1111 @@
+1 Notes on the Free Translation Project
+***************************************
+
+Free software is going international! The Free Translation Project is
+a way to get maintainers of free software, translators, and users all
+together, so that free software will gradually become able to speak many
+languages. A few packages already provide translations for their
+messages.
+
+ If you found this `ABOUT-NLS' file inside a distribution, you may
+assume that the distributed package does use GNU `gettext' internally,
+itself available at your nearest GNU archive site. But you do _not_
+need to install GNU `gettext' prior to configuring, installing or using
+this package with messages translated.
+
+ Installers will find here some useful hints. These notes also
+explain how users should proceed for getting the programs to use the
+available translations. They tell how people wanting to contribute and
+work on translations can contact the appropriate team.
+
+ When reporting bugs in the `intl/' directory or bugs which may be
+related to internationalization, you should tell about the version of
+`gettext' which is used. The information can be found in the
+`intl/VERSION' file, in internationalized packages.
+
+1.1 Quick configuration advice
+==============================
+
+If you want to exploit the full power of internationalization, you
+should configure it using
+
+ ./configure --with-included-gettext
+
+to force usage of internationalizing routines provided within this
+package, despite the existence of internationalizing capabilities in the
+operating system where this package is being installed. So far, only
+the `gettext' implementation in the GNU C library version 2 provides as
+many features (such as locale alias, message inheritance, automatic
+charset conversion or plural form handling) as the implementation here.
+It is also not possible to offer this additional functionality on top
+of a `catgets' implementation. Future versions of GNU `gettext' will
+very likely convey even more functionality. So it might be a good idea
+to change to GNU `gettext' as soon as possible.
+
+ So you need _not_ provide this option if you are using GNU libc 2 or
+you have installed a recent copy of the GNU gettext package with the
+included `libintl'.
+
+1.2 INSTALL Matters
+===================
+
+Some packages are "localizable" when properly installed; the programs
+they contain can be made to speak your own native language. Most such
+packages use GNU `gettext'. Other packages have their own ways to
+internationalization, predating GNU `gettext'.
+
+ By default, this package will be installed to allow translation of
+messages. It will automatically detect whether the system already
+provides the GNU `gettext' functions. If not, the included GNU
+`gettext' library will be used. This library is wholly contained
+within this package, usually in the `intl/' subdirectory, so prior
+installation of the GNU `gettext' package is _not_ required.
+Installers may use special options at configuration time for changing
+the default behaviour. The commands:
+
+ ./configure --with-included-gettext
+ ./configure --disable-nls
+
+will, respectively, bypass any pre-existing `gettext' to use the
+internationalizing routines provided within this package, or else,
+_totally_ disable translation of messages.
+
+ When you already have GNU `gettext' installed on your system and run
+configure without an option for your new package, `configure' will
+probably detect the previously built and installed `libintl.a' file and
+will decide to use this. This might not be desirable. You should use
+the more recent version of the GNU `gettext' library. I.e. if the file
+`intl/VERSION' shows that the library which comes with this package is
+more recent, you should use
+
+ ./configure --with-included-gettext
+
+to prevent auto-detection.
+
+ The configuration process will not test for the `catgets' function
+and therefore it will not be used. The reason is that even an
+emulation of `gettext' on top of `catgets' could not provide all the
+extensions of the GNU `gettext' library.
+
+ Internationalized packages usually have many `po/LL.po' files, where
+LL gives an ISO 639 two-letter code identifying the language. Unless
+translations have been forbidden at `configure' time by using the
+`--disable-nls' switch, all available translations are installed
+together with the package. However, the environment variable `LINGUAS'
+may be set, prior to configuration, to limit the installed set.
+`LINGUAS' should then contain a space separated list of two-letter
+codes, stating which languages are allowed.
+
+1.3 Using This Package
+======================
+
+As a user, if your language has been installed for this package, you
+only have to set the `LANG' environment variable to the appropriate
+`LL_CC' combination. Here `LL' is an ISO 639 two-letter language code,
+and `CC' is an ISO 3166 two-letter country code. For example, let's
+suppose that you speak German and live in Germany. At the shell
+prompt, merely execute `setenv LANG de_DE' (in `csh'),
+`export LANG; LANG=de_DE' (in `sh') or `export LANG=de_DE' (in `bash').
+This can be done from your `.login' or `.profile' file, once and for
+all.
+
+ You might think that the country code specification is redundant.
+But in fact, some languages have dialects in different countries. For
+example, `de_AT' is used for Austria, and `pt_BR' for Brazil. The
+country code serves to distinguish the dialects.
+
+ The locale naming convention of `LL_CC', with `LL' denoting the
+language and `CC' denoting the country, is the one use on systems based
+on GNU libc. On other systems, some variations of this scheme are
+used, such as `LL' or `LL_CC.ENCODING'. You can get the list of
+locales supported by your system for your language by running the
+command `locale -a | grep '^LL''.
+
+ Not all programs have translations for all languages. By default, an
+English message is shown in place of a nonexistent translation. If you
+understand other languages, you can set up a priority list of languages.
+This is done through a different environment variable, called
+`LANGUAGE'. GNU `gettext' gives preference to `LANGUAGE' over `LANG'
+for the purpose of message handling, but you still need to have `LANG'
+set to the primary language; this is required by other parts of the
+system libraries. For example, some Swedish users who would rather
+read translations in German than English for when Swedish is not
+available, set `LANGUAGE' to `sv:de' while leaving `LANG' to `sv_SE'.
+
+ Special advice for Norwegian users: The language code for Norwegian
+bokma*l changed from `no' to `nb' recently (in 2003). During the
+transition period, while some message catalogs for this language are
+installed under `nb' and some older ones under `no', it's recommended
+for Norwegian users to set `LANGUAGE' to `nb:no' so that both newer and
+older translations are used.
+
+ In the `LANGUAGE' environment variable, but not in the `LANG'
+environment variable, `LL_CC' combinations can be abbreviated as `LL'
+to denote the language's main dialect. For example, `de' is equivalent
+to `de_DE' (German as spoken in Germany), and `pt' to `pt_PT'
+(Portuguese as spoken in Portugal) in this context.
+
+1.4 Translating Teams
+=====================
+
+For the Free Translation Project to be a success, we need interested
+people who like their own language and write it well, and who are also
+able to synergize with other translators speaking the same language.
+Each translation team has its own mailing list. The up-to-date list of
+teams can be found at the Free Translation Project's homepage,
+`http://www.iro.umontreal.ca/contrib/po/HTML/', in the "National teams"
+area.
+
+ If you'd like to volunteer to _work_ at translating messages, you
+should become a member of the translating team for your own language.
+The subscribing address is _not_ the same as the list itself, it has
+`-request' appended. For example, speakers of Swedish can send a
+message to `sv-request@li.org', having this message body:
+
+ subscribe
+
+ Keep in mind that team members are expected to participate
+_actively_ in translations, or at solving translational difficulties,
+rather than merely lurking around. If your team does not exist yet and
+you want to start one, or if you are unsure about what to do or how to
+get started, please write to `translation@iro.umontreal.ca' to reach the
+coordinator for all translator teams.
+
+ The English team is special. It works at improving and uniformizing
+the terminology in use. Proven linguistic skill are praised more than
+programming skill, here.
+
+1.5 Available Packages
+======================
+
+Languages are not equally supported in all packages. The following
+matrix shows the current state of internationalization, as of July
+2006. The matrix shows, in regard of each package, for which languages
+PO files have been submitted to translation coordination, with a
+translation percentage of at least 50%.
+
+ Ready PO files af am ar az be bg bs ca cs cy da de el en en_GB eo
+ +----------------------------------------------------+
+ GNUnet | [] |
+ a2ps | [] [] [] [] [] |
+ aegis | () |
+ ant-phone | () |
+ anubis | [] |
+ ap-utils | |
+ aspell | [] [] [] [] |
+ bash | [] [] [] |
+ batchelor | [] |
+ bfd | |
+ bibshelf | [] |
+ binutils | [] |
+ bison | [] [] |
+ bison-runtime | [] |
+ bluez-pin | [] [] [] [] [] |
+ cflow | [] |
+ clisp | [] [] |
+ console-tools | [] [] |
+ coreutils | [] [] [] [] |
+ cpio | |
+ cpplib | [] [] [] |
+ cryptonit | [] |
+ darkstat | [] () [] |
+ dialog | [] [] [] [] [] [] |
+ diffutils | [] [] [] [] [] [] |
+ doodle | [] |
+ e2fsprogs | [] [] |
+ enscript | [] [] [] [] |
+ error | [] [] [] [] |
+ fetchmail | [] [] () [] |
+ fileutils | [] [] |
+ findutils | [] [] [] |
+ flex | [] [] [] |
+ fslint | [] |
+ gas | |
+ gawk | [] [] [] |
+ gbiff | [] |
+ gcal | [] |
+ gcc | [] |
+ gettext-examples | [] [] [] [] [] |
+ gettext-runtime | [] [] [] [] [] |
+ gettext-tools | [] [] |
+ gimp-print | [] [] [] [] |
+ gip | [] |
+ gliv | [] |
+ glunarclock | [] |
+ gmult | [] [] |
+ gnubiff | () |
+ gnucash | () () [] |
+ gnucash-glossary | [] () |
+ gnuedu | |
+ gnulib | [] [] [] [] [] [] |
+ gnunet-gtk | |
+ gnutls | |
+ gpe-aerial | [] [] |
+ gpe-beam | [] [] |
+ gpe-calendar | [] [] |
+ gpe-clock | [] [] |
+ gpe-conf | [] [] |
+ gpe-contacts | |
+ gpe-edit | [] |
+ gpe-filemanager | |
+ gpe-go | [] |
+ gpe-login | [] [] |
+ gpe-ownerinfo | [] [] |
+ gpe-package | |
+ gpe-sketchbook | [] [] |
+ gpe-su | [] [] |
+ gpe-taskmanager | [] [] |
+ gpe-timesheet | [] |
+ gpe-today | [] [] |
+ gpe-todo | |
+ gphoto2 | [] [] [] [] |
+ gprof | [] [] |
+ gpsdrive | () () |
+ gramadoir | [] [] |
+ grep | [] [] [] [] [] [] |
+ gretl | |
+ gsasl | |
+ gss | |
+ gst-plugins | [] [] [] [] |
+ gst-plugins-base | [] [] [] |
+ gst-plugins-good | [] [] [] [] [] [] [] |
+ gstreamer | [] [] [] [] [] [] [] |
+ gtick | [] () |
+ gtkam | [] [] [] |
+ gtkorphan | [] [] |
+ gtkspell | [] [] [] [] |
+ gutenprint | [] |
+ hello | [] [] [] [] [] |
+ id-utils | [] [] |
+ impost | |
+ indent | [] [] [] |
+ iso_3166 | [] [] |
+ iso_3166_1 | [] [] [] [] [] |
+ iso_3166_2 | |
+ iso_3166_3 | [] |
+ iso_4217 | [] |
+ iso_639 | [] [] |
+ jpilot | [] |
+ jtag | |
+ jwhois | |
+ kbd | [] [] [] [] |
+ keytouch | |
+ keytouch-editor | |
+ keytouch-keyboa... | |
+ latrine | () |
+ ld | [] |
+ leafpad | [] [] [] [] [] |
+ libc | [] [] [] [] [] |
+ libexif | [] |
+ libextractor | [] |
+ libgpewidget | [] [] [] |
+ libgpg-error | [] |
+ libgphoto2 | [] [] |
+ libgphoto2_port | [] [] |
+ libgsasl | |
+ libiconv | [] [] |
+ libidn | [] [] |
+ lifelines | [] () |
+ lilypond | [] |
+ lingoteach | |
+ lynx | [] [] [] [] |
+ m4 | [] [] [] [] |
+ mailutils | [] |
+ make | [] [] |
+ man-db | [] () [] [] |
+ minicom | [] [] [] |
+ mysecretdiary | [] [] |
+ nano | [] [] () [] |
+ nano_1_0 | [] () [] [] |
+ opcodes | [] |
+ parted | |
+ pilot-qof | [] |
+ psmisc | [] |
+ pwdutils | |
+ python | |
+ qof | |
+ radius | [] |
+ recode | [] [] [] [] [] [] |
+ rpm | [] [] |
+ screem | |
+ scrollkeeper | [] [] [] [] [] [] [] [] |
+ sed | [] [] [] |
+ sh-utils | [] [] |
+ shared-mime-info | [] [] [] |
+ sharutils | [] [] [] [] [] [] |
+ shishi | |
+ silky | |
+ skencil | [] () |
+ sketch | [] () |
+ solfege | |
+ soundtracker | [] [] |
+ sp | [] |
+ stardict | [] |
+ system-tools-ba... | [] [] [] [] [] [] [] [] [] |
+ tar | [] |
+ texinfo | [] [] [] |
+ textutils | [] [] [] |
+ tin | () () |
+ tp-robot | [] |
+ tuxpaint | [] [] [] [] [] |
+ unicode-han-tra... | |
+ unicode-transla... | |
+ util-linux | [] [] [] [] |
+ vorbis-tools | [] [] [] [] |
+ wastesedge | () |
+ wdiff | [] [] [] [] |
+ wget | [] [] |
+ xchat | [] [] [] [] [] |
+ xkeyboard-config | |
+ xpad | [] [] |
+ +----------------------------------------------------+
+ af am ar az be bg bs ca cs cy da de el en en_GB eo
+ 11 0 1 2 8 21 1 42 43 2 62 99 18 1 16 16
+
+ es et eu fa fi fr ga gl gu he hi hr hu id is it
+ +--------------------------------------------------+
+ GNUnet | |
+ a2ps | [] [] [] () |
+ aegis | |
+ ant-phone | [] |
+ anubis | [] |
+ ap-utils | [] [] |
+ aspell | [] [] [] |
+ bash | [] [] [] |
+ batchelor | [] [] |
+ bfd | [] |
+ bibshelf | [] [] [] |
+ binutils | [] [] [] |
+ bison | [] [] [] [] [] [] |
+ bison-runtime | [] [] [] [] [] |
+ bluez-pin | [] [] [] [] [] |
+ cflow | |
+ clisp | [] [] |
+ console-tools | |
+ coreutils | [] [] [] [] [] [] |
+ cpio | [] [] [] |
+ cpplib | [] [] |
+ cryptonit | [] |
+ darkstat | [] () [] [] [] |
+ dialog | [] [] [] [] [] [] [] [] |
+ diffutils | [] [] [] [] [] [] [] [] [] |
+ doodle | [] [] |
+ e2fsprogs | [] [] [] |
+ enscript | [] [] [] |
+ error | [] [] [] [] [] |
+ fetchmail | [] |
+ fileutils | [] [] [] [] [] [] |
+ findutils | [] [] [] [] |
+ flex | [] [] [] |
+ fslint | [] |
+ gas | [] [] |
+ gawk | [] [] [] [] |
+ gbiff | [] |
+ gcal | [] [] |
+ gcc | [] |
+ gettext-examples | [] [] [] [] [] |
+ gettext-runtime | [] [] [] [] [] [] |
+ gettext-tools | [] [] [] |
+ gimp-print | [] [] |
+ gip | [] [] [] |
+ gliv | () |
+ glunarclock | [] [] [] |
+ gmult | [] [] [] |
+ gnubiff | () () |
+ gnucash | () () () |
+ gnucash-glossary | [] [] |
+ gnuedu | [] |
+ gnulib | [] [] [] [] [] [] [] [] |
+ gnunet-gtk | |
+ gnutls | |
+ gpe-aerial | [] [] |
+ gpe-beam | [] [] |
+ gpe-calendar | [] [] [] [] |
+ gpe-clock | [] [] [] [] |
+ gpe-conf | [] |
+ gpe-contacts | [] [] |
+ gpe-edit | [] [] [] [] |
+ gpe-filemanager | [] |
+ gpe-go | [] [] [] |
+ gpe-login | [] [] [] |
+ gpe-ownerinfo | [] [] [] [] [] |
+ gpe-package | [] |
+ gpe-sketchbook | [] [] |
+ gpe-su | [] [] [] [] |
+ gpe-taskmanager | [] [] [] |
+ gpe-timesheet | [] [] [] [] |
+ gpe-today | [] [] [] [] |
+ gpe-todo | [] |
+ gphoto2 | [] [] [] [] [] |
+ gprof | [] [] [] [] |
+ gpsdrive | () () [] () |
+ gramadoir | [] [] |
+ grep | [] [] [] [] [] [] [] [] [] [] [] [] |
+ gretl | [] [] [] |
+ gsasl | [] |
+ gss | [] |
+ gst-plugins | [] [] [] |
+ gst-plugins-base | [] [] |
+ gst-plugins-good | [] [] [] |
+ gstreamer | [] [] [] |
+ gtick | [] [] [] [] [] |
+ gtkam | [] [] [] [] |
+ gtkorphan | [] [] |
+ gtkspell | [] [] [] [] [] [] |
+ gutenprint | [] |
+ hello | [] [] [] [] [] [] [] [] [] [] [] [] [] |
+ id-utils | [] [] [] [] [] |
+ impost | [] [] |
+ indent | [] [] [] [] [] [] [] [] [] [] |
+ iso_3166 | [] [] [] |
+ iso_3166_1 | [] [] [] [] [] [] [] |
+ iso_3166_2 | [] |
+ iso_3166_3 | [] |
+ iso_4217 | [] [] [] [] |
+ iso_639 | [] [] [] [] [] |
+ jpilot | [] [] |
+ jtag | [] |
+ jwhois | [] [] [] [] [] |
+ kbd | [] [] |
+ keytouch | [] |
+ keytouch-editor | [] |
+ keytouch-keyboa... | [] |
+ latrine | [] [] [] |
+ ld | [] [] |
+ leafpad | [] [] [] [] [] [] |
+ libc | [] [] [] [] [] |
+ libexif | [] |
+ libextractor | [] |
+ libgpewidget | [] [] [] [] [] |
+ libgpg-error | |
+ libgphoto2 | [] [] [] |
+ libgphoto2_port | [] [] |
+ libgsasl | [] [] |
+ libiconv | [] |
+ libidn | [] [] |
+ lifelines | () |
+ lilypond | [] |
+ lingoteach | [] [] [] |
+ lynx | [] [] [] |
+ m4 | [] [] [] [] |
+ mailutils | [] [] |
+ make | [] [] [] [] [] [] [] [] |
+ man-db | () |
+ minicom | [] [] [] [] |
+ mysecretdiary | [] [] [] |
+ nano | [] () [] [] [] [] |
+ nano_1_0 | [] [] [] [] [] |
+ opcodes | [] [] [] [] |
+ parted | [] [] [] [] |
+ pilot-qof | |
+ psmisc | [] [] [] |
+ pwdutils | |
+ python | |
+ qof | |
+ radius | [] [] |
+ recode | [] [] [] [] [] [] [] [] |
+ rpm | [] [] |
+ screem | |
+ scrollkeeper | [] [] [] |
+ sed | [] [] [] [] [] |
+ sh-utils | [] [] [] [] [] [] [] |
+ shared-mime-info | [] [] [] [] [] [] |
+ sharutils | [] [] [] [] [] [] [] [] |
+ shishi | |
+ silky | [] |
+ skencil | [] [] |
+ sketch | [] [] |
+ solfege | [] |
+ soundtracker | [] [] [] |
+ sp | [] |
+ stardict | [] |
+ system-tools-ba... | [] [] [] [] [] [] [] [] |
+ tar | [] [] [] [] [] [] |
+ texinfo | [] [] |
+ textutils | [] [] [] [] [] |
+ tin | [] () |
+ tp-robot | [] [] [] [] |
+ tuxpaint | [] [] |
+ unicode-han-tra... | |
+ unicode-transla... | [] [] |
+ util-linux | [] [] [] [] [] [] [] |
+ vorbis-tools | [] [] |
+ wastesedge | () |
+ wdiff | [] [] [] [] [] [] [] [] |
+ wget | [] [] [] [] [] [] [] [] |
+ xchat | [] [] [] [] [] [] [] [] |
+ xkeyboard-config | [] [] [] [] |
+ xpad | [] [] [] |
+ +--------------------------------------------------+
+ es et eu fa fi fr ga gl gu he hi hr hu id is it
+ 89 21 16 2 41 119 61 14 1 8 1 6 61 30 0 53
+
+ ja ko ku ky lg lt lv mk mn ms mt nb ne nl nn no
+ +--------------------------------------------------+
+ GNUnet | |
+ a2ps | () [] [] () |
+ aegis | () |
+ ant-phone | [] |
+ anubis | [] [] [] |
+ ap-utils | [] |
+ aspell | [] [] |
+ bash | [] |
+ batchelor | [] [] |
+ bfd | |
+ bibshelf | [] |
+ binutils | |
+ bison | [] [] [] |
+ bison-runtime | [] [] [] |
+ bluez-pin | [] [] [] |
+ cflow | |
+ clisp | [] |
+ console-tools | |
+ coreutils | [] |
+ cpio | |
+ cpplib | [] |
+ cryptonit | [] |
+ darkstat | [] [] |
+ dialog | [] [] |
+ diffutils | [] [] [] |
+ doodle | |
+ e2fsprogs | [] |
+ enscript | [] |
+ error | [] |
+ fetchmail | [] [] |
+ fileutils | [] [] |
+ findutils | [] |
+ flex | [] [] |
+ fslint | [] [] |
+ gas | |
+ gawk | [] [] |
+ gbiff | [] |
+ gcal | |
+ gcc | |
+ gettext-examples | [] [] |
+ gettext-runtime | [] [] [] |
+ gettext-tools | [] [] |
+ gimp-print | [] [] |
+ gip | [] [] |
+ gliv | [] |
+ glunarclock | [] [] |
+ gmult | [] [] |
+ gnubiff | |
+ gnucash | () () |
+ gnucash-glossary | [] |
+ gnuedu | |
+ gnulib | [] [] [] [] |
+ gnunet-gtk | |
+ gnutls | |
+ gpe-aerial | [] |
+ gpe-beam | [] |
+ gpe-calendar | [] |
+ gpe-clock | [] [] |
+ gpe-conf | [] [] |
+ gpe-contacts | [] |
+ gpe-edit | [] [] |
+ gpe-filemanager | [] |
+ gpe-go | [] [] |
+ gpe-login | [] [] |
+ gpe-ownerinfo | [] |
+ gpe-package | [] |
+ gpe-sketchbook | [] [] |
+ gpe-su | [] [] |
+ gpe-taskmanager | [] [] [] |
+ gpe-timesheet | [] |
+ gpe-today | [] |
+ gpe-todo | |
+ gphoto2 | [] [] |
+ gprof | |
+ gpsdrive | () () () |
+ gramadoir | () |
+ grep | [] [] [] |
+ gretl | |
+ gsasl | [] |
+ gss | |
+ gst-plugins | [] |
+ gst-plugins-base | |
+ gst-plugins-good | [] |
+ gstreamer | [] |
+ gtick | [] |
+ gtkam | [] |
+ gtkorphan | [] |
+ gtkspell | [] [] |
+ gutenprint | |
+ hello | [] [] [] [] [] [] [] [] |
+ id-utils | [] |
+ impost | |
+ indent | [] [] |
+ iso_3166 | [] |
+ iso_3166_1 | [] [] |
+ iso_3166_2 | [] |
+ iso_3166_3 | [] |
+ iso_4217 | [] [] [] |
+ iso_639 | [] [] |
+ jpilot | () () () |
+ jtag | |
+ jwhois | [] |
+ kbd | [] |
+ keytouch | [] |
+ keytouch-editor | |
+ keytouch-keyboa... | |
+ latrine | [] |
+ ld | |
+ leafpad | [] [] |
+ libc | [] [] [] [] [] |
+ libexif | |
+ libextractor | |
+ libgpewidget | [] |
+ libgpg-error | |
+ libgphoto2 | [] |
+ libgphoto2_port | [] |
+ libgsasl | [] |
+ libiconv | |
+ libidn | [] [] |
+ lifelines | [] |
+ lilypond | |
+ lingoteach | [] |
+ lynx | [] [] |
+ m4 | [] [] |
+ mailutils | |
+ make | [] [] [] |
+ man-db | () |
+ minicom | [] |
+ mysecretdiary | [] |
+ nano | [] [] [] |
+ nano_1_0 | [] [] [] |
+ opcodes | [] |
+ parted | [] [] |
+ pilot-qof | |
+ psmisc | [] [] [] |
+ pwdutils | |
+ python | |
+ qof | |
+ radius | |
+ recode | [] |
+ rpm | [] [] |
+ screem | [] |
+ scrollkeeper | [] [] [] [] |
+ sed | [] [] |
+ sh-utils | [] [] |
+ shared-mime-info | [] [] [] [] [] |
+ sharutils | [] [] |
+ shishi | |
+ silky | [] |
+ skencil | |
+ sketch | |
+ solfege | |
+ soundtracker | |
+ sp | () |
+ stardict | [] [] |
+ system-tools-ba... | [] [] [] [] |
+ tar | [] [] [] |
+ texinfo | [] [] [] |
+ textutils | [] [] [] |
+ tin | |
+ tp-robot | [] |
+ tuxpaint | [] |
+ unicode-han-tra... | |
+ unicode-transla... | |
+ util-linux | [] [] |
+ vorbis-tools | [] |
+ wastesedge | [] |
+ wdiff | [] [] |
+ wget | [] [] |
+ xchat | [] [] [] [] |
+ xkeyboard-config | [] |
+ xpad | [] [] [] |
+ +--------------------------------------------------+
+ ja ko ku ky lg lt lv mk mn ms mt nb ne nl nn no
+ 40 24 2 1 1 3 1 2 3 21 0 15 1 101 5 3
+
+ nso or pa pl pt pt_BR rm ro ru rw sk sl sq sr sv ta
+ +------------------------------------------------------+
+ GNUnet | |
+ a2ps | () [] [] [] [] [] [] |
+ aegis | () () |
+ ant-phone | [] [] |
+ anubis | [] [] [] |
+ ap-utils | () |
+ aspell | [] [] |
+ bash | [] [] [] |
+ batchelor | [] [] |
+ bfd | |
+ bibshelf | [] |
+ binutils | [] [] |
+ bison | [] [] [] [] [] |
+ bison-runtime | [] [] [] [] |
+ bluez-pin | [] [] [] [] [] [] [] [] [] |
+ cflow | [] |
+ clisp | [] |
+ console-tools | [] |
+ coreutils | [] [] [] [] |
+ cpio | [] [] [] |
+ cpplib | [] |
+ cryptonit | [] [] |
+ darkstat | [] [] [] [] [] [] |
+ dialog | [] [] [] [] [] [] [] [] [] |
+ diffutils | [] [] [] [] [] [] |
+ doodle | [] [] |
+ e2fsprogs | [] [] |
+ enscript | [] [] [] [] [] |
+ error | [] [] [] [] |
+ fetchmail | [] [] [] |
+ fileutils | [] [] [] [] [] |
+ findutils | [] [] [] [] [] [] |
+ flex | [] [] [] [] [] |
+ fslint | [] [] [] [] |
+ gas | |
+ gawk | [] [] [] [] |
+ gbiff | [] |
+ gcal | [] |
+ gcc | [] |
+ gettext-examples | [] [] [] [] [] [] [] [] |
+ gettext-runtime | [] [] [] [] [] [] [] [] |
+ gettext-tools | [] [] [] [] [] [] [] |
+ gimp-print | [] [] |
+ gip | [] [] [] [] |
+ gliv | [] [] [] [] |
+ glunarclock | [] [] [] [] [] [] |
+ gmult | [] [] [] [] |
+ gnubiff | () |
+ gnucash | () [] |
+ gnucash-glossary | [] [] [] |
+ gnuedu | |
+ gnulib | [] [] [] [] [] |
+ gnunet-gtk | [] |
+ gnutls | [] [] |
+ gpe-aerial | [] [] [] [] [] [] [] |
+ gpe-beam | [] [] [] [] [] [] [] |
+ gpe-calendar | [] [] [] [] [] [] [] [] |
+ gpe-clock | [] [] [] [] [] [] [] [] |
+ gpe-conf | [] [] [] [] [] [] [] |
+ gpe-contacts | [] [] [] [] [] |
+ gpe-edit | [] [] [] [] [] [] [] [] |
+ gpe-filemanager | [] [] |
+ gpe-go | [] [] [] [] [] [] |
+ gpe-login | [] [] [] [] [] [] [] [] |
+ gpe-ownerinfo | [] [] [] [] [] [] [] [] |
+ gpe-package | [] [] |
+ gpe-sketchbook | [] [] [] [] [] [] [] [] |
+ gpe-su | [] [] [] [] [] [] [] [] |
+ gpe-taskmanager | [] [] [] [] [] [] [] [] |
+ gpe-timesheet | [] [] [] [] [] [] [] [] |
+ gpe-today | [] [] [] [] [] [] [] [] |
+ gpe-todo | [] [] [] [] |
+ gphoto2 | [] [] [] [] [] |
+ gprof | [] [] [] |
+ gpsdrive | [] [] [] |
+ gramadoir | [] [] |
+ grep | [] [] [] [] [] [] [] [] |
+ gretl | [] |
+ gsasl | [] [] |
+ gss | [] [] [] |
+ gst-plugins | [] [] [] [] |
+ gst-plugins-base | [] |
+ gst-plugins-good | [] [] [] [] |
+ gstreamer | [] [] [] |
+ gtick | [] [] [] |
+ gtkam | [] [] [] [] |
+ gtkorphan | [] |
+ gtkspell | [] [] [] [] [] [] [] [] |
+ gutenprint | [] |
+ hello | [] [] [] [] [] [] [] [] |
+ id-utils | [] [] [] [] |
+ impost | [] |
+ indent | [] [] [] [] [] [] |
+ iso_3166 | [] [] [] [] [] [] |
+ iso_3166_1 | [] [] [] [] |
+ iso_3166_2 | |
+ iso_3166_3 | [] [] [] [] |
+ iso_4217 | [] [] [] [] |
+ iso_639 | [] [] [] [] |
+ jpilot | |
+ jtag | [] |
+ jwhois | [] [] [] [] |
+ kbd | [] [] [] |
+ keytouch | [] |
+ keytouch-editor | [] |
+ keytouch-keyboa... | [] |
+ latrine | [] [] |
+ ld | [] |
+ leafpad | [] [] [] [] [] [] |
+ libc | [] [] [] [] [] |
+ libexif | [] |
+ libextractor | [] [] |
+ libgpewidget | [] [] [] [] [] [] [] |
+ libgpg-error | [] [] |
+ libgphoto2 | [] |
+ libgphoto2_port | [] [] [] |
+ libgsasl | [] [] [] [] |
+ libiconv | |
+ libidn | [] [] () |
+ lifelines | [] [] |
+ lilypond | |
+ lingoteach | [] |
+ lynx | [] [] [] |
+ m4 | [] [] [] [] [] |
+ mailutils | [] [] [] [] |
+ make | [] [] [] [] |
+ man-db | [] [] |
+ minicom | [] [] [] [] [] |
+ mysecretdiary | [] [] [] [] |
+ nano | [] [] |
+ nano_1_0 | [] [] [] [] |
+ opcodes | [] [] |
+ parted | [] |
+ pilot-qof | [] |
+ psmisc | [] [] |
+ pwdutils | [] [] |
+ python | |
+ qof | [] |
+ radius | [] [] |
+ recode | [] [] [] [] [] [] [] |
+ rpm | [] [] [] [] |
+ screem | |
+ scrollkeeper | [] [] [] [] [] [] [] |
+ sed | [] [] [] [] [] [] [] [] [] |
+ sh-utils | [] [] [] |
+ shared-mime-info | [] [] [] [] [] |
+ sharutils | [] [] [] [] |
+ shishi | [] |
+ silky | [] |
+ skencil | [] [] [] |
+ sketch | [] [] [] |
+ solfege | [] |
+ soundtracker | [] [] |
+ sp | |
+ stardict | [] [] [] |
+ system-tools-ba... | [] [] [] [] [] [] [] [] [] |
+ tar | [] [] [] [] [] |
+ texinfo | [] [] [] [] |
+ textutils | [] [] [] |
+ tin | () |
+ tp-robot | [] |
+ tuxpaint | [] [] [] [] [] |
+ unicode-han-tra... | |
+ unicode-transla... | |
+ util-linux | [] [] [] [] |
+ vorbis-tools | [] [] |
+ wastesedge | |
+ wdiff | [] [] [] [] [] [] |
+ wget | [] [] [] [] |
+ xchat | [] [] [] [] [] [] [] |
+ xkeyboard-config | [] [] |
+ xpad | [] [] [] |
+ +------------------------------------------------------+
+ nso or pa pl pt pt_BR rm ro ru rw sk sl sq sr sv ta
+ 0 2 3 58 31 53 5 76 72 5 42 48 12 51 130 2
+
+ tg th tk tr uk ven vi wa xh zh_CN zh_HK zh_TW zu
+ +---------------------------------------------------+
+ GNUnet | [] | 2
+ a2ps | [] [] [] | 19
+ aegis | | 0
+ ant-phone | [] [] | 6
+ anubis | [] [] [] | 11
+ ap-utils | () [] | 4
+ aspell | [] [] [] | 14
+ bash | [] | 11
+ batchelor | [] [] | 9
+ bfd | | 1
+ bibshelf | [] | 7
+ binutils | [] [] [] | 9
+ bison | [] [] [] | 19
+ bison-runtime | [] [] [] | 16
+ bluez-pin | [] [] [] [] [] [] | 28
+ cflow | [] [] | 4
+ clisp | | 6
+ console-tools | [] [] | 5
+ coreutils | [] [] | 17
+ cpio | [] [] [] | 9
+ cpplib | [] [] [] [] | 11
+ cryptonit | | 5
+ darkstat | [] () () | 15
+ dialog | [] [] [] [] [] | 30
+ diffutils | [] [] [] [] | 28
+ doodle | [] | 6
+ e2fsprogs | [] [] | 10
+ enscript | [] [] [] | 16
+ error | [] [] [] [] | 18
+ fetchmail | [] [] | 12
+ fileutils | [] [] [] | 18
+ findutils | [] [] [] | 17
+ flex | [] [] | 15
+ fslint | [] | 9
+ gas | [] | 3
+ gawk | [] [] | 15
+ gbiff | [] | 5
+ gcal | [] | 5
+ gcc | [] [] [] | 6
+ gettext-examples | [] [] [] [] [] [] | 26
+ gettext-runtime | [] [] [] [] [] [] | 28
+ gettext-tools | [] [] [] [] [] | 19
+ gimp-print | [] [] | 12
+ gip | [] [] | 12
+ gliv | [] [] | 8
+ glunarclock | [] [] [] | 15
+ gmult | [] [] [] [] | 15
+ gnubiff | [] | 1
+ gnucash | () | 2
+ gnucash-glossary | [] [] | 9
+ gnuedu | [] | 2
+ gnulib | [] [] [] [] [] | 28
+ gnunet-gtk | | 1
+ gnutls | | 2
+ gpe-aerial | [] [] | 14
+ gpe-beam | [] [] | 14
+ gpe-calendar | [] [] [] [] | 19
+ gpe-clock | [] [] [] [] | 20
+ gpe-conf | [] [] | 14
+ gpe-contacts | [] [] | 10
+ gpe-edit | [] [] [] [] | 19
+ gpe-filemanager | [] | 5
+ gpe-go | [] [] | 14
+ gpe-login | [] [] [] [] [] | 20
+ gpe-ownerinfo | [] [] [] [] | 20
+ gpe-package | [] | 5
+ gpe-sketchbook | [] [] | 16
+ gpe-su | [] [] [] | 19
+ gpe-taskmanager | [] [] [] | 19
+ gpe-timesheet | [] [] [] [] | 18
+ gpe-today | [] [] [] [] [] | 20
+ gpe-todo | [] | 6
+ gphoto2 | [] [] [] [] | 20
+ gprof | [] [] | 11
+ gpsdrive | | 4
+ gramadoir | [] | 7
+ grep | [] [] [] [] | 33
+ gretl | | 4
+ gsasl | [] [] | 6
+ gss | [] | 5
+ gst-plugins | [] [] [] | 15
+ gst-plugins-base | [] [] [] | 9
+ gst-plugins-good | [] [] [] | 18
+ gstreamer | [] [] [] | 17
+ gtick | [] | 11
+ gtkam | [] | 13
+ gtkorphan | [] | 7
+ gtkspell | [] [] [] [] [] [] | 26
+ gutenprint | | 3
+ hello | [] [] [] [] [] | 39
+ id-utils | [] [] | 14
+ impost | [] | 4
+ indent | [] [] [] [] | 25
+ iso_3166 | [] [] [] | 15
+ iso_3166_1 | [] [] | 20
+ iso_3166_2 | | 2
+ iso_3166_3 | [] [] | 9
+ iso_4217 | [] [] | 14
+ iso_639 | [] | 14
+ jpilot | [] [] [] [] | 7
+ jtag | [] | 3
+ jwhois | [] [] [] | 13
+ kbd | [] [] | 12
+ keytouch | [] | 4
+ keytouch-editor | | 2
+ keytouch-keyboa... | | 2
+ latrine | [] [] | 8
+ ld | [] [] [] [] | 8
+ leafpad | [] [] [] [] | 23
+ libc | [] [] [] | 23
+ libexif | [] | 4
+ libextractor | [] | 5
+ libgpewidget | [] [] [] | 19
+ libgpg-error | [] | 4
+ libgphoto2 | [] | 8
+ libgphoto2_port | [] [] [] | 11
+ libgsasl | [] | 8
+ libiconv | [] | 4
+ libidn | [] [] | 10
+ lifelines | | 4
+ lilypond | | 2
+ lingoteach | [] | 6
+ lynx | [] [] [] | 15
+ m4 | [] [] [] | 18
+ mailutils | [] | 8
+ make | [] [] [] | 20
+ man-db | [] | 6
+ minicom | [] | 14
+ mysecretdiary | [] [] | 12
+ nano | [] [] | 15
+ nano_1_0 | [] [] [] | 18
+ opcodes | [] [] | 10
+ parted | [] [] [] | 10
+ pilot-qof | [] | 3
+ psmisc | [] | 10
+ pwdutils | [] | 3
+ python | | 0
+ qof | [] | 2
+ radius | [] | 6
+ recode | [] [] [] | 25
+ rpm | [] [] [] [] | 14
+ screem | [] | 2
+ scrollkeeper | [] [] [] [] | 26
+ sed | [] [] [] | 22
+ sh-utils | [] | 15
+ shared-mime-info | [] [] [] [] | 23
+ sharutils | [] [] [] | 23
+ shishi | | 1
+ silky | [] | 4
+ skencil | [] | 7
+ sketch | | 6
+ solfege | | 2
+ soundtracker | [] [] | 9
+ sp | [] | 3
+ stardict | [] [] [] [] | 11
+ system-tools-ba... | [] [] [] [] [] [] [] | 37
+ tar | [] [] [] [] | 19
+ texinfo | [] [] [] | 15
+ textutils | [] [] [] | 17
+ tin | | 1
+ tp-robot | [] [] [] | 10
+ tuxpaint | [] [] [] | 16
+ unicode-han-tra... | | 0
+ unicode-transla... | | 2
+ util-linux | [] [] [] | 20
+ vorbis-tools | [] [] | 11
+ wastesedge | | 1
+ wdiff | [] [] | 22
+ wget | [] [] [] | 19
+ xchat | [] [] [] [] | 28
+ xkeyboard-config | [] [] [] [] | 11
+ xpad | [] [] [] | 14
+ +---------------------------------------------------+
+ 77 teams tg th tk tr uk ven vi wa xh zh_CN zh_HK zh_TW zu
+ 172 domains 0 1 1 78 39 0 135 13 1 50 3 54 0 2054
+
+ Some counters in the preceding matrix are higher than the number of
+visible blocks let us expect. This is because a few extra PO files are
+used for implementing regional variants of languages, or language
+dialects.
+
+ For a PO file in the matrix above to be effective, the package to
+which it applies should also have been internationalized and
+distributed as such by its maintainer. There might be an observable
+lag between the mere existence a PO file and its wide availability in a
+distribution.
+
+ If July 2006 seems to be old, you may fetch a more recent copy of
+this `ABOUT-NLS' file on most GNU archive sites. The most up-to-date
+matrix with full percentage details can be found at
+`http://www.iro.umontreal.ca/contrib/po/HTML/matrix.html'.
+
+1.6 Using `gettext' in new packages
+===================================
+
+If you are writing a freely available program and want to
+internationalize it you are welcome to use GNU `gettext' in your
+package. Of course you have to respect the GNU Library General Public
+License which covers the use of the GNU `gettext' library. This means
+in particular that even non-free programs can use `libintl' as a shared
+library, whereas only free software can use `libintl' as a static
+library or use modified versions of `libintl'.
+
+ Once the sources are changed appropriately and the setup can handle
+the use of `gettext' the only thing missing are the translations. The
+Free Translation Project is also available for packages which are not
+developed inside the GNU project. Therefore the information given above
+applies also for every other Free Software Project. Contact
+`translation@iro.umontreal.ca' to make the `.pot' files available to
+the translation teams.
+
diff --git a/Linux-PAM/AUTHORS b/Linux-PAM/AUTHORS
new file mode 100644
index 00000000..58862a6b
--- /dev/null
+++ b/Linux-PAM/AUTHORS
@@ -0,0 +1,7 @@
+Original authors and current maintainers of Linux-PAM:
+
+Andrew G. Morgan <morgan@kernel.org>
+Dmitry V. Levin <ldv@altlinux.org>
+Thorsten Kukuk <kukuk@thkukuk.de>
+Sebastien Tricaud <toady@gscore.org>
+Tomas Mraz <t8m@centrum.cz>
diff --git a/Linux-PAM/CHANGELOG b/Linux-PAM/CHANGELOG
index 3a886546..02d081a8 100644
--- a/Linux-PAM/CHANGELOG
+++ b/Linux-PAM/CHANGELOG
@@ -1,5 +1,13 @@
-$Id: CHANGELOG,v 1.184 2005/03/31 14:50:39 kukuk Exp $
+=======================================================================
+=======================================================================
+
+ This file is no longer used for tracking changes for Linux-PAM. For
+ user visible changes, please look at the NEWS file. A more verbose
+ list of changes can be found in ChangeLog.
+
+=======================================================================
+=======================================================================
-----------------------------
@@ -9,7 +17,6 @@ TODO:
library for helping to develop modules that contains it and other
stuff. Also add sha-1 and ripemd-160 digest algorithms.
- once above is done. remove hacks from the secret@here module etc..
- - remove prototype for gethostname in pam_access.c (Derrick)
- document PAM_INCOMPLETE changes
- verify that the PAM_INCOMPLETE interface is sensible. Can we
catch errors? should we permit item changing etc., between
@@ -17,30 +24,10 @@ TODO:
- verify that the PAM_INCOMPLETE interface works (auth seems ok..)
- add PAM_INCOMPLETE support to modules (partially added to pam_pwdb)
- work on RFC.
- - do we still need to remove openlog/closelog from modules..?
- auth and acct support in pam_cracklib, "yes, I know the password
you just typed was valid, I just don't think it was very strong..."
- - add in the pam_cap and pam_netid modules
====================================================================
-Note, as of release 0.73, all checkins should be accompanied with a
-Bug ID. The bug IDs relate to sourceforge IDs.. (Of course, nothing is
-ever that simple. It turns out that at some point in Sourceforge's
-history all of the bug ids got bumped by 100000, so pretty much if you
-see a bug ID below that begins with a '1' and your attempted query
-fails, try adding 100000 to the number and trying again. I believe
-this only affects bugs before release 0.76.)
-
-You can query the related bug description with the following URL:
-
- http://sourceforge.net/tracker/index.php?func=detail&aid=XXXXXX&group_id=6663&atid=106663
-
-Where you should replace XXXXXX with a bug-id.
-
-For general documentation completion work, I'm doing it all with
-respect to specific tasks. Open tasks are listed here:
-
- http://sourceforge.net/pm/task.php?group_id=6663&group_project_id=2741&func=browse&set=open
If you have found a bug in Linux-PAM (including a documentation bug,
or a new feature request and/or patch), please consider filing such a
@@ -50,16 +37,75 @@ bug report - outstanding bugs are listed here:
(to file another bug see the 'submit bug' button on that page).
-
-There is now a second bug tracking system for Linux-PAM on BerliOS.
-You can find the list of outstanding bugs on BerliOS here:
-
-http://developer.berlios.de/bugs/?func=browse&group_id=2134&set=open
-
-BerliOS Bugs are marked with (BerliOS #XXXX).
-
====================================================================
+0.81: please submit patches for this section with actual code/doc
+ patches!
+* pam_umask: New module for setting umask from GECOS field, /etc/login.defs
+ or /etc/default/login (kukuk)
+* configure/pam_strerror: Remove old ugly-hack option for pam_strerror
+ interface change (kukuk)
+* configure.in: Fix AC_DEFINE usage for autoheader (kukuk)
+* configure.in/_pam_aconf.h.in: Remove feature.h inclusion (kukuk)
+* defs: Remove obsolete directory/content (kukuk)
+* Rename _pam_aconf.h.in to config.h (kukuk)
+* pam_unix: Don't ignore pam_get_item return value (kukuk)
+* pam_userdb: Fix regression - crash when crypt param not specified (t8m)
+* libpam: Remove pam_authenticate_secondary stub (kukuk)
+* Use autoconf/automake/libtool (kukuk)
+* pam_securetty: Be fail-close on user lookups, always log failures,
+ not just with "debug" (Solar Designer)
+* Add gettext support
+* Add translations for cs, de, es, fr, hu, it, ja, nb, pa, pt_BR,
+ pt, zh_CN and zh_TW
+* pam_limits: Apply ALT Linux/Owl patch
+* pam_motd: Apply ALT Linux/Owl patch
+* libpam: Cache pam_get_user() failures
+* libpam: Add pam_prompt,pam_vprompt,pam_error,pam_verror,pam_info
+ and pam_vinfo functions for use by modules as extension (kukuk).
+* pam_cracklib: Make path to cracklib dicts an option (kukuk).
+* libpam: Add pam_syslog function for unified syslog messages from
+ PAM modules (kukuk).
+* pam_tally, pam_time, pam_userdb: use pam_syslog and pam_prompt (ldv)
+* pam_issue: major cleanup (ldv)
+* pam_echo: New PAM module for message output (kukuk)
+* pam_limits: Fix regression from RLIMIT_NICE support (wrong limit
+ values for other limits are applied) patch by Anton Guda
+* pam_unix: Always honor nis flag on password change (by Aaron Hope)
+* libpam: Moved functions from pammodutil to libpam (t8m)
+* pam_lastlog: Cleanup, fix broken logic in pam_parse,
+ modify wtmp by default, nowtmp option switches that off (ldv)
+
+0.80: Wed Jul 13 13:23:20 CEST 2005
+* pam_tally: test for NULL data before dereferencing them (t8m)
+* pam_unix: fix regression introduced in 0.78 - both NIS and local password
+ should be changed if possible (t8m)
+* misc_conv: flush input first then print the prompt - fixes problem
+ with expect scripts (t8m)
+* pam_unix: nis option shouldn't clear the shadow option (t8m)
+* cleanups and minor bugfixes by Steve Grubb (t8m)
+* pam_private.h: set PAM_DEFAULT_PROMPT to "login: " (kukuk)
+* pam_mkhomedir: Create parent directories if they do not already
+ exist (Bug 600351 - kukuk)
+* pam_mkhomedir: Set owner/permissions of home directory after we
+ created all files (Bug 1032922 - kukuk)
+* pam_rhosts: Get rid of static buffer for path (kukuk)
+* pam_selinux/pam_unix/pam_rootok: Add SELinux support based on
+ patch from Red Hat (kukuk)
+* pam_limits: Correct support of unlimited limits, use correct type
+ for rlimit value (Bug 945449 - kukuk, t8m)
+* pam_xauth: Unset the XAUTHORITY variable when requesting user is
+ root and target user is not (t8m)
+* pam_access: Add listsep option to set list element separator by
+ Richard Shaffer (t8m)
+* pam_limits: Don't reset process priority if none is specified in
+ the config file (Novell #81690 - kukuk)
+* Fix all occurrence of dereferencing type-punned pointer will break
+ strict-aliasing rules warnings (kukuk)
+* pam_limits: Support new limits in linux 2.6.12 (t8m)
+* pam_mkhomedir: change mode datatype (toady)
+* pam_limits: Don't lowercase login names (kukuk)
+
0.79: Thu Mar 31 16:48:45 CEST 2005
* pam_tally: added audit option (toady)
* pam_unix: don't log user unknown failure when he can be properly
@@ -87,6 +133,7 @@ BerliOS Bugs are marked with (BerliOS #XXXX).
as experimental. (toady)
* configure: Add the directory where new versions of cracklib is
installed (from Jim Gifford - toady)
+* libpamc: Use standard u_intX_t types instead of __uX (kukuk)
0.78: Do Nov 18 14:48:36 CET 2004
diff --git a/Linux-PAM/COPYING b/Linux-PAM/COPYING
new file mode 100644
index 00000000..2f27a2ee
--- /dev/null
+++ b/Linux-PAM/COPYING
@@ -0,0 +1,41 @@
+Unless otherwise *explicitly* stated the following text describes the
+licensed conditions under which the contents of this Linux-PAM release
+may be distributed:
+
+-------------------------------------------------------------------------
+Redistribution and use in source and binary forms of Linux-PAM, with
+or without modification, are permitted provided that the following
+conditions are met:
+
+1. Redistributions of source code must retain any existing copyright
+ notice, and this entire permission notice in its entirety,
+ including the disclaimer of warranties.
+
+2. Redistributions in binary form must reproduce all prior and current
+ copyright notices, this list of conditions, and the following
+ disclaimer in the documentation and/or other materials provided
+ with the distribution.
+
+3. The name of any author may not be used to endorse or promote
+ products derived from this software without their specific prior
+ written permission.
+
+ALTERNATIVELY, this product may be distributed under the terms of the
+GNU General Public License, in which case the provisions of the GNU
+GPL are required INSTEAD OF the above restrictions. (This clause is
+necessary due to a potential conflict between the GNU GPL and the
+restrictions contained in a BSD-style copyright.)
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+DAMAGE.
+-------------------------------------------------------------------------
+
diff --git a/Linux-PAM/ChangeLog b/Linux-PAM/ChangeLog
new file mode 100644
index 00000000..f65e67f8
--- /dev/null
+++ b/Linux-PAM/ChangeLog
@@ -0,0 +1,2119 @@
+2007-01-23 Thorsten Kukuk <kukuk@suse.de>
+
+ * release 0.99.7.1
+
+ * configure.in: Set version number to 0.99.7.1
+
+2007-01-23 Thorsten Kukuk <kukuk@thukuk.de>
+ Tomas Mraz <t2m@centrum.cz>
+
+ * modules/pam_unix/support.c (_unix_verify_password): Always
+ compare full encrypted passwords (CVE-2007-0003).
+
+2007-01-23 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_loginuid/Makefile.am (AM_LDFLAGS): Add LIBAUDIT.
+
+ * modules/pam_selinux/Makefile.am (pam_selinux_check_LDFLAGS): Add
+ AM_LDFLAGS.
+ (pam_selinux_la_LDFLAGS): Likewise.
+
+2007-01-17 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release 0.99.7.0
+
+ * configure.in: Set version number to 0.99.7.0
+
+ * Makefile.am (M4_FILES): Replace GNU make extension by listing
+ all m4 files.
+
+2007-07-17 Tomas Mraz <t8m@centrum.cz>
+
+ * po/*.po: Updated strings to translate.
+ * po/Linux-PAM.pot: Likewise.
+
+2007-07-16 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/man/pam.conf-syntax.xml: Improve documentation about
+ sufficient keyword (Patch by Petteri Räty <betelgeuse@gentoo.org>)
+
+2006-12-20 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Forbid
+ only '+' and '-' as first characters for account names.
+ * modules/pam_unix/pam_unix_auth.c (pam_sm_authenticate): Likewise.
+
+2006-12-18 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Fix ENOKEY check (specify errno.h as header
+ file to search in).
+
+ * configure.in: Add AM_PROG_CC_C_O.
+ * libpam/Makefile.am: Add content of AM_LDFLAGS to *_LDFLAGS.
+ * modules/pam_tally/Makefile.am: Likewise.
+ * modules/pam_unix/Makefile.am: Likewise.
+
+ * modules/pam_stress/pam_stress.c (pam_sm_chauthtok): Fix
+ localisation of message printed to user.
+ * po/de.po: Adjust translation.
+
+2006-12-18 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Localize
+ message printed to user.
+
+ * modules/pam_unix/support.c (_unix_verify_password): Use strncmp
+ only for bigcrypt result.
+
+ * modules/pam_keyinit/pam_keyinit.c (kill_keyrings): Switch to new
+ egid first, euid next. Revert euid/egid to old euid/egid and not
+ ruid/rgid.
+ (pam_sm_open_session): Switch to new rgid first, ruid next.
+
+2006-12-13 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_localuser/pam_localuser.c: Add support for session
+ and chauthtok [SF#1606180].
+ * modules/pam_localuser/pam_localuser.8.xml: Document last change.
+
+ * libpam/pam_audit.c (_pam_audit_writelog): Print error message
+ only once.
+
+2006-12-12 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * libpam/pam_audit.c (_pam_audit_writelog): Print error
+ message on failure to syslog.
+
+2006-12-09 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_umask/pam_umask.c: Use strtoul instead of strtol,
+ fix overflow detection.
+
+2006-12-06 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_mkhomedir/pam_mkhomedir.c (rec_mkdir): Fix
+ handling of left-most path component [SF#1591598].
+ (create_homedir): Mark user visible messages for translation.
+ * po/de.po: Adjust german translation for pam_mkhomedir.
+
+ * modules/pam_faildelay/pam_faildelay.c: If no argument is
+ given, try to read FAIL_DELAY from /etc/login.defs.
+ * modules/pam_faildelay/pam_faildelay.8.xml: Document usage
+ of /etc/login.defs.
+
+2006-12-04 Tomas Mraz <t8m@centrun.cz>
+
+ * po/jp.po: Fixed mistake in Password: message (from
+ Peng Huang <phuang@redhat.com>).
+
+2006-11-28 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * po/hu.po: Update hungarian translation (from
+ Kalman Kemenczy <kkemenczy@novell.com>).
+
+ * configure.in: Allow disabling support for cracklib, audit, libdb.
+
+ * modules/pam_faildelay/pam_faildelay.8.xml: Correct name of Author.
+
+ * configure.in: Remove --enable-docdir (obsolete by --docdir).
+ * doc/Makefile.am: Don't overwrite htmldir.
+ * doc/adg/Makefile.am: Use docdir, htmldir and pdfdir.
+ * doc/mwg/Makefile.am: Likewise.
+ * doc/sag/Makefile.am: Likewise.
+ * doc/specs/Makefile.am: Use docdir.
+
+ * tests/tst-pam_set_data.c: New test cases for pam_set_data().
+ * tests/Makefile.am: Add pam_set_data test case.
+
+ * libpam/pam_data.c: Add NULL pointer check for module_data_name.
+ * libpam/Makefile.am: Bump revision of shared library.
+
+2006-11-08 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Add modules/pam_faildelay/Makefile.
+ * doc/sag/Linux-PAM_SAG.xml: Include pam_faildelay.xml.
+ * doc/sag/pam_faildelay.xml: New.
+ * libpam/pam_static_modules.h: Include static pam_faildelay data.
+ * modules/Makefile.am: Add pam_faildelay directory.
+ * modules/pam_faildelay/Makefile.am: New.
+ * modules/pam_faildelay/README: New, generated from XML file.
+ * modules/pam_faildelay/README.xml: New.
+ * modules/pam_faildelay/pam_faildelay.8: New, generated from xml.
+ * modules/pam_faildelay/pam_faildelay.8.xml: New.
+ * modules/pam_faildelay/pam_faildelay.c: New.
+ * modules/pam_faildelay/tst-pam_faildelay: New.
+
+ * po/POTFILES.in: Add pam_faildelay.c and pam_loginuid.c.
+
+2006-11-07 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_cracklib/pam_cracklib.c: PAM_DEBUG_ARG
+ is a bit mask and not a boolean value (Reported by
+ Jochen Voss <voss@seehuhn.de>).
+
+2006-10-26 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/man/pam.3.xml: Add pam_get_user function.
+
+ * modules/pam_motd/pam_motd.8.xml: Fix typo.
+
+2006-10-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_namespace/pam_namespace.c: Reserve space for
+ trailing zero.
+
+2006-10-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_unix/support.c (_unix_verify_password): Try system
+ crypt() if we don't know the hash alogorithm.
+ * modules/pam_unix/unix_chkpwd.c (_unix_verify_password): Likewise.
+
+2006-10-13 Tomas Mraz <t8m@centrum.cz>
+
+ * doc/mwg/Linux-PAM_MWG.xml: Add id[s] to section[s].
+ * doc/sag/pam_access.xml: Likewise.
+ * doc/sag/pam_echo.xml: Likewise.
+ * doc/sag/pam_env.xml: Likewise.
+ * doc/sag/pam_exec.xml: Likewise.
+ * doc/sag/pam_group.xml: Likewise.
+ * doc/sag/pam_limits.xml: Likewise.
+ * doc/sag/pam_namespace.xml: Likewise.
+ * doc/sag/pam_time.xml: Likewise.
+ * doc/sag/Linux-PAM_SAG.xml: Add id to book.
+ * doc/adg/Linux-PAM_ADG.xml: Add id to book.
+ * doc/mwg/Linux-PAM_MWG.xml: Add id to book.
+
+
+2006-10-07 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * po/hu.po: Updated hungarian translation (from
+ Kalman Kemenczy <kkemenczy@novell.com>)
+
+2006-09-20 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/adg/Makefile.am: Add manual pages as dependency.
+ * doc/mwg/Makefile.am: Likewise.
+ * doc/sag/Makefile.am: Likewise.
+ * doc/sag/Linux-PAM_SAG.xml: Include pam_unix.xml.
+ * doc/sag/pam_unix.xml: New.
+ * modules/pam_unix/Makefile.am: Generate pam_unix.8 manual page.
+ * modules/pam_unix/README.xml: New.
+ * modules/pam_unix/pam_unix.8.xml: New.
+ * modules/pam_unix/README: Regenerate from XML.
+ * modules/pam_unix/pam_unix.8: Generated from XML.
+
+2006-09-09 Dmitry V. Levin <ldv@altlinux.org>
+
+ * modules/pam_wheel/pam_wheel.8.xml: Fix typo.
+ * modules/pam_wheel/pam_wheel.8: Likewise.
+ * modules/pam_wheel/README: Likewise.
+
+2006-09-08 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * po/de.po: Fix typo.
+
+2006-09-06 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release version 0.99.6.3
+
+2006-09-01 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_loginuid/pam_loginuid.8.xml: Fix typo in
+ config name.
+
+2006-08-31 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_env/environment: New, dummy environment example
+ config file.
+
+ * modules/pam_namespace/Makefile.am: Don't install
+ manual page if we don't build module.
+
+ * m4/ld-as-needed.m4: Don't set LDFLAGS if check failed.
+ * m4/ld-O1: Likewise.
+
+2006-08-30 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_access/pam_access.8.xml: All services supported.
+ * modules/pam_access/pam_access.c (pam_sm_open_session): New.
+ (pam_sm_close_session): New.
+ (pam_sm_chauthtok): New.
+
+ * modules/pam_access/pam_succeed_if.8.xml: All services supported.
+ * modules/pam_access/pam_succeed_if.c (pam_sm_setcred): Return
+ PAM_IGNORE rather than success.
+ (pam_sm_open_session): New.
+ (pam_sm_close_session): New.
+ (pam_sm_chauthtok): New.
+
+2006-08-30 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * xtests/Makefile.am: Move shell code to execute tests from here ...
+ * xtests/run-xtests.sh: ... to here.
+ * xtests/*.c: Include config.h.
+ * tests/*.c: Likewise.
+
+ * modules/pam_namespace/pam_namespace.c: Use pam_modutil_getpwnam()
+ instead of getpwnam().
+
+2006-08-29 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/sag/pam_loginuid.xml: New.
+ * doc/sag/Linux-PAM_SAG.xml: Include pam_loginuid.xml.
+
+ * configure.in: Add modules/pam_loginuid/Makefile.
+ * modules/Makefile.am: Add pam_loginuid sub directory.
+
+ * libpam/pam_static_modules.h: Add pam_loginuid.
+
+ * modules/pam_loginuid/Makefile.am: New.
+ * modules/pam_loginuid/tst-pam_loginuid: New.
+ * modules/pam_loginuid/pam_loginuid.8.xml: New.
+ * modules/pam_loginuid/pam_loginuid.8: New, generated from XML source.
+ * modules/pam_loginuid/pam_loginuid.c: New.
+ * modules/pam_loginuid/README.xml: New.
+ * modules/pam_loginuid/README: New, generated from XML source.
+
+2006-08-29 Dmitry V. Levin <ldv@altlinux.org>
+
+ * modules/pam_exec/pam_exec.c (call_exec): Add required third
+ argument to open() call with O_CREAT flag set.
+
+2006-08-28 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_cracklib/pam_cracklib.c (pam_sm_chauthtok): Remove
+ duplicate code.
+
+2006-08-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release version 0.99.6.2
+
+ * modules/pam_lastlog/pam_lastlog.c (last_login_date): Create
+ lastlog file if it does not exist.
+
+ * modules/pam_cracklib/pam_cracklib.c (pam_sm_chauthtok): Check
+ for error from getting second token.
+ * xtests/Makefile.am: Add tst-pam_cracklib1
+ * xtests/tst-pam_cracklib1.c: New, check for pam_cracklib seg.fault.
+ * xtests/tst-pam_cracklib1.pamd: New, config for cracklib test.
+
+2006-08-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * xtests/tst-pam_dispatch4.c: New test.
+ * xtests/tst-pam_dispatch4.pamd: PAM config for new test.
+
+2006-08-09 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release version 0.99.6.1
+
+2006-08-09 David Howells <dhowells@redhat.com>
+
+ * modules/pam_keyinit/pam_keyinit.c (kill_keyrings): Set real uid
+ to user's before revoking.
+ (pam_sm_open_session): Remember the uid.
+
+2006-08-06 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_umask/pam_umask.c (setup_limits_from_gecos):
+ Add error handling.
+ * modules/pam_umask/pam_umask.8.xml: Document silent option.
+
+ * xtests/Makefile.am: Fix includes for bootstrapping.
+ Reported by Greg Schafer <gschafer@zip.com.au>.
+
+2006-08-05 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release version 0.99.6.0
+
+ * modules/pam_limits/pam_limits.c (pam_sm_open_session): Use
+ pam_modutil_getpwnam instead of getpwnam.
+
+ * modules/pam_succeed_if/pam_succeed_if.c (evaluate): Cast
+ svc variable to char pointer for snprintf.
+
+ * configure.in: Generate xtests/Makefile.
+ * Makefile.am (SUBDIRS): Add xtests.
+ * README: Document make check and make xtests.
+ * xtests/Makefile.am: New.
+ * xtests/tst-pam_dispatch1.pamd: New.
+ * xtests/tst-pam_dispatch2.pamd: New.
+ * xtests/tst-pam_dispatch3.pamd: New.
+ * xtests/tst-pam_dispatch1.c: New.
+ * xtests/tst-pam_dispatch2.c: New.
+ * xtests/tst-pam_dispatch3.c: New.
+
+2006-08-04 Ray Strode <rstrode@redhat.com>
+
+ * modules/pam_succeed_if/pam_succeed_if.c (pam_sm_authenticate):
+ Return PAM_USER_UNKNOWN instead of PAM_SERVICE_ERR where appropriate.
+
+2006-08-03 David Howells <dhowells@redhat.com>
+
+ * modules/pam_keyinit/pam_keyinit.c: Debug should be off by default.
+ (init_keyrings): Properly handle multiple invocations of the module.
+ (kill_keyrings, pam_sm_open_session, pam_sm_close_session): Likewise.
+
+2006-08-03 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_succeed_if/pam_succeed_if.c (evaluate_inlist):
+ New function for list matching.
+ (evaluate_notinlist): Likewise.
+ (evaluate): Add service value match, list matching.
+ * modules/pam_succeed_if/pam_succeed_if.8.xml: Document the
+ features.
+
+ * modules/pam_selinux/pam_selinux.c (security_label_tty): Don't log
+ relabelling error when the tty device doesn't exist (ENOENT).
+
+2006-08-01 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/man/pam_fail_delay.3.xml: Fix some Bugs and enhance
+ rationale about when this function should be used and when not.
+
+ * doc/index.html: Cleanup to look prettier.
+
+2006-08-01 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * libpam/Makefile.am: Bump patchlevel of libpam.
+ * libpam/pam_dispatch.c (_pam_dispatch_aux): If [return=die]
+ or [return=bad] is used, don't return PAM_IGNORE. Based on
+ patch by Tomas Mraz <t8m@centrum.cz>, [BRC#196859].
+
+2006-07-28 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * ABOUT-NLS: Upgrade to gettext-0.15.
+ * config.rpath: Likewise.
+ * m4/gettext.m4: Upgrade to gettext-0.15.
+ * m4/inttypes-h.m4: New file, from gettext-0.15.
+ * m4/inttypes-pri.m4: Upgrade to gettext-0.15.
+ * m4/lib-link.m4: Upgrade to gettext-0.15.
+ * m4/lib-prefix.m4: Upgrade to gettext-0.15.
+ * m4/lock.m4: New file, from gettext-0.15.
+ * m4/longdouble.m4: Upgrade to gettext-0.15.
+ * m4/nls.m4: Upgrade to gettext-0.15.
+ * m4/po.m4: Upgrade to gettext-0.15.
+ * m4/size_max.m4: Upgrade to gettext-0.15.
+ * m4/visibility.m4: New file, from gettext-0.15.
+ * po/Makefile.in.in: Upgrade to gettext-0.15.
+
+2006-07-24 David Quigley <dpquigl@tycho.nsa.gov>
+
+ * modules/pam_namespace/Makefile.am: Add pam_namespace.h.
+ * modules/pam_namespace/pam_namespace.c: Move includes and
+ data structure definitions from here ...
+ * modules/pam_namespace/pam_namespace.h: ... here. New file.
+
+ * modules/pam_namespace/pam_namespace.c: Move large sections
+ of code into new functions.
+
+2006-07-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/adg/Makefile.am: Add uninstall and distclean rules.
+ * doc/mwg/Makefile.am: Likewise.
+ * doc/sag/Makefile.am: Likewise.
+
+2006-07-08 Daniel Richard G. <skunk@iskunk.org>
+
+ * conf/pam_conv1/Makefile.am: Fix rules for lex and yacc files.
+ * conf/pam_conv1/pam_conv.lex: Rename to ...
+ * conf/pam_conv1/pam_conv_l.l: ... this.
+ * conf/pam_conv1/pam_conv.y: Rename to ...
+ * conf/pam_conv1/pam_conv_y.y: ... this.
+ * configure.in: Add AC_HELP_STRING()s to various AC_ARG_ENABLE()
+ calls.
+ * doc/Makefile.am: Fix rule to install index.html.
+ * doc/adg/Makefile.am: Fix test usage.
+ * doc/mwg/Makefile.am: Likewise.
+ * doc/sag/Makefile.am: Likewise.
+ * doc/specs/Makefile.am: Fix rules for lex and yacc files.
+ * specs/parse.lex: Rename to ...
+ * doc/specs/parse_l.l: ... this.
+ * doc/specs/parse.y: Rename to ...
+ * doc/specs/parse_y.y: ... this.
+ * libpam/pam_account.c: Fix #if vs. #ifdef.
+ * libpam/pam_audit.c: Likewise.
+ * libpam/pam_auth.c: Likewise.
+ * libpam/pam_password.c: Likewise.
+ * libpam/pam_private.h: Likewise.
+ * libpam/pam_session.c: Likewise.
+ * libpam/pam_start.c: Likewise.
+ * libpam/pam_static.c: Fix "empty sourcefile" warning.
+ * modules/pam_limits/pam_limits.c: Check for __linux, too.
+ * modules/pam_userdb/Makefile.am: Don't run test if no
+ libdb available.
+ * tests/tst-dlopen.c: Include config.h.
+
+2006-07-03 Dan Yefimov <dan@D00M.lightwave.net.ru>
+
+ * configure.in: Fixed have_key_syscalls test.
+
+ * modules/pam_access/pam_access.c (from_match): Fixed IPv4 network
+ match, removed AI_ADDRCONFIG flag.
+
+2006-06-30 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_namespace/Makefile.am(EXTRA_DIST): Add namespace.init.
+
+2006-06-29 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/Makefile.am (releasedocs): Fix directory layout.
+ * doc/adg/Makefile.am: Likewise.
+ * doc/mwg/Makefile.am: Likewise.
+ * doc/sag/Makefile.am: Likewise.
+
+2006-06-28 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/sag: System Administrator Guide as XML source.
+ * doc/sag/Makefile.am: New.
+ * doc/sag/Linux-PAM_SAG.xml: New, main XML document.
+ * doc/sag/pam_*.xml: New, wrapper to include module documentation.
+
+ * doc/adg: Application Developers Guide as XML source.
+ * doc/adg/Makefile.am: New.
+ * doc/adg/Linux-PAM_ADG.xml: New, main XML document.
+ * doc/adg/pam_*.xml: New, wrappers to include manual pages.
+
+ * doc/mwg: Application Developers Guide as XML source.
+ * doc/mwg/Makefile.am: New.
+ * doc/mwg/Linux-PAM_MWG.xml: New, main XML document.
+ * doc/mwg/pam_*.xml: New, wrappers to include manual pages.
+
+ * doc/CREDITS: Removed.
+ * doc/NOTES: Removed.
+ * doc/pam_appl.sgml: Removed.
+ * doc/pam_modules.sgml: Removed.
+ * doc/pam_source.sgml: Removed.
+ * doc/figs/pam_orient.txt: Removed.
+ * doc/figs: Removed.
+
+ * configure.in: Remove checks for sgml2* progrs, add sag, adg
+ and mwg Makefiles.
+
+ * doc/Makefile.am: Remove references to sgml, add sag, adg and mwg
+ directories.
+ * doc/modules: Remove directory.
+ * doc/html: Remove directory.
+ * doc/ps: Remove directory.
+ * doc/pdf: Remove directory.
+ * doc/txts: Remove directory.
+ * doc/index.html: Moved from html directory to here.
+
+2006-06-28 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release version 0.99.5.0
+
+ * bump version number to 0.99.5.0
+
+ * modules/pam_rhosts/pam_rhosts.c: New module, replaces
+ pam_rhosts_auth.so.
+ * modules/pam_rhosts/pam_rhosts.8.xml: New.
+ * modules/pam_rhosts/pam_rhosts.8: New, generated from XML source.
+ * modules/pam_rhosts/tst-pam_rhosts: New.
+ * modules/pam_rhosts/Makefile.am: Add pam_rhosts, generate
+ manual page and README.
+ * modules/pam_rhosts/README.xml: New.
+ * modules/pam_rhosts/reADME: Regenerated from XML source.
+
+ * doc/man/pam_sm_acct_mgmt.3.xml: Adjust syntax for module
+ writers guide.
+ * doc/man/pam_sm_authenticate.3.xml: Likewise.
+ * doc/man/pam_sm_chauthtok.3.xml: Likewise.
+ * doc/man/pam_sm_close_session.3.xml: Likewise.
+ * doc/man/pam_sm_open_session.3.xml: Likewise.
+ * doc/man/pam_sm_setcred.3.xml: Likewise.
+
+ * po/POTFILES.in: Add new source files.
+
+ * libpam/pam_static_modules.h: Add new modules.
+
+ * modules/pam_keyinit.c: Add _pam_keyinit_modstruct.
+
+ * modules/pam_keyinit/Makefile.am (EXTRA_DIST): Add XML
+ files and manual page.
+
+2006-06-27 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Allow disabling of SELinux support, check for
+ rootok_af.
+
+2006-06-27 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_namespace/pam_namespace.c: New module
+ originally written by Janak Desai.
+ * modules/pam_namespace/Makefile.am: New.
+ * modules/pam_namespace/README: New.
+ * modules/pam_namespace/md5.c: New.
+ * modules/pam_namespace/md5.h: New.
+ * modules/pam_namespace/namespace.conf: New.
+ * modules/pam_namespace/namespace.conf.5: New.
+ * modules/pam_namespace/namespace.conf.5.xml: New.
+ * modules/pam_namespace/namespace.init: New.
+ * modules/pam_namespace/pam_namespace.8: New.
+ * modules/pam_namespace/pam_namespace.8.xml: New.
+ * modules/pam_namespace/tst-pam_namespace: New.
+ * modules/Makefile.am: Added pam_namespace.
+ * configure.in: Added pam_namespace, test for unshare
+ library call.
+
+2006-06-27 David Howells <dhowells@redhat.com>
+
+ * modules/pam_keyinit/pam_keyinit.c: New module.
+ * modules/pam_keyinit/pam_keyinit.8: New.
+ * modules/pam_keyinit/pam_keyinit.8.xml: New.
+ * modules/pam_keyinit/README: New.
+ * modules/pam_keyinit/README.xml: New.
+ * modules/pam_keyinit/Makefile.am: New.
+ * modules/pam_keyinit/tst-pam_keyinit: New.
+ * modules/Makefile.am: Added pam_keyinit.
+ * configure.in: Added test for the key mgmt syscall.
+
+2006-06-27 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * m4/libprelude.m4: Sync with upstream.
+
+2006-06-27 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary):
+ signal() fails with SIG_ERR return
+ * modules/pam_unix/pam_unix_passwd.c(_unix_run_shadow_binary):
+ Likewise.
+ * modules/pam_unix/support.c(_unix_run_helper_binary):
+ Likewise.
+
+2006-06-25 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/man/misc_conv.3.xml: New.
+ * doc/man/misc_conv.3: New.
+ * doc/man/pam_misc_paste_env.3.xml: New.
+ * doc/man/pam_misc_paste_env.3: New.
+ * doc/man/pam_misc_drop_env.3.xml: New.
+ * doc/man/pam_misc_drop_env.3: New.
+ * doc/man/pam_misc_setenv.3.xml: New.
+ * doc/man/pam_misc_setenv.3: New.
+ * doc/man/Makefile.am: Add new manual pages.
+
+ * doc/man/pam_acct_mgmt.3.xml: Fix syntax for inclusion
+ in Applicatoin Developer Guide.
+ * doc/man/pam_authenticate.3.xml: Likewise
+ * doc/man/pam_chauthtok.3.xml: Likewise
+ * doc/man/pam_close_session.3.xml: Likewise
+ * doc/man/pam_conv.3.xml: Likewise
+ * doc/man/pam_end.3.xml: Likewise
+ * doc/man/pam_fail_delay.3.xml: Likewise
+ * doc/man/pam_getenv.3.xml: Likewise
+ * doc/man/pam_getenvlist.3.xml: Likewise
+ * doc/man/pam_open_session.3.xml: Likewise
+ * doc/man/pam_putenv.3.xml: Likewise
+ * doc/man/pam_setcred.3.xml: Likewise
+ * doc/man/pam_start.3.xml: Likewise
+ * doc/man/pam_strerror.3.xml: Likewise
+
+ * doc/man/pam_acct_mgmt.3: Regenerate from XML source.
+ * doc/man/pam_authenticate.3: Likewise
+ * doc/man/pam_chauthtok.3: Likewise
+ * doc/man/pam_close_session.3: Likewise
+ * doc/man/pam_conv.3: Likewise
+ * doc/man/pam_end.3: Likewise
+ * doc/man/pam_fail_delay.3: Likewise
+ * doc/man/pam_getenv.3: Likewise
+ * doc/man/pam_getenvlist.3: Likewise
+ * doc/man/pam_open_session.3: Likewise
+ * doc/man/pam_putenv.3: Likewise
+ * doc/man/pam_setcred.3: Likewise
+ * doc/man/pam_sm_close_session.3: Likewise
+ * doc/man/pam_start.3: Likewise
+ * doc/man/pam_strerror.3: Likewise
+ * doc/man/pam_syslog.3: Likewise
+ * doc/man/PAM.8: Likewise
+
+2006-06-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_limits/pam_limits.c (setup_limits): Don't
+ reset priority for root.
+
+2006-06-23 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_access/access.conf.5.xml: Fix syntax for SAG.
+ * modules/pam_access/pam_access.8.xml: Likewise.
+ * modules/pam_deny/pam_deny.8.xml: Likewise.
+ * modules/pam_echo/pam_echo.8.xml: Likewise.
+ * modules/pam_env/pam_env.8.xml: Likewise.
+ * modules/pam_env/pam_env.conf.5.xml: Likewise.
+ * modules/pam_group/group.conf.5.xml: Likewise.
+ * modules/pam_group/pam_group.8.xml: Likewise.
+ * modules/pam_limits/limits.conf.5.xml: Likewise.
+ * modules/pam_listfile/pam_listfile.8.xml: Likewise.
+ * modules/pam_succeed_if/pam_succeed_if.8.xml: Likewise.
+ * modules/pam_time/pam_time.8.xml: Likewise.
+ * modules/pam_time/time.conf.5.xml: Likewise.
+
+ * modules/pam_access/access.conf.5: Regenerate.
+ * modules/pam_access/pam_access.8: Likewise.
+ * modules/pam_deny/pam_deny.8: Likewise.
+ * modules/pam_echo/README: Likewise.
+ * modules/pam_echo/pam_echo.8: Likewise.
+ * modules/pam_env/pam_env.8: Likewise.
+ * modules/pam_env/pam_env.conf.5: Likewise.
+ * modules/pam_group/README: Likewise.
+ * modules/pam_group/group.conf.5: Likewise.
+ * modules/pam_group/pam_group.8: Likewise.
+ * modules/pam_limits/limits.conf.5: Likewise.
+ * modules/pam_listfile/README: Likewise.
+ * modules/pam_listfile/pam_listfile.8: Likewise.
+ * modules/pam_succeed_if/pam_succeed_if.8: Likewise.
+ * modules/pam_time/pam_time.8: Likewise.
+ * modules/pam_time/time.conf.5: Likewise.
+
+ * doc/man/Makefile.am: Add pam.conf-desc.xml, pam.conf-dir.xml
+ and pam.conf-syntax.xml.
+ * doc/man/pam.conf.5.xml: Split into different pieces for SAG.
+ * doc/man/pam.conf.5: Regenerated.
+ * doc/man/pam.conf-desc.xml: New.
+ * doc/man/pam.conf-dir.xml: New.
+ * doc/man/pam.conf-syntax.xml: New.
+
+2006-06-21 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_selinux/Makefile.am: Fix "make dist" if libselinux
+ is not installed.
+
+ * modules/pam_issue/pam_issue.8.xml: Fix listing of escapes.
+ * modules/pam_issue/pam_issue.8: Regenerate.
+
+2006-06-20 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Remove unused check for libcap.
+
+ * m4/ld-as-needed.m4: New.
+ * m4/ld-O1.m4: New.
+ * configure.in: Call PAM_LD_AS_NEEDED and PAM_LD_O1,
+ require docbook version 4.4.
+
+2006-06-19 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/man/pam.8.xml: Syntax cleanup.
+ * doc/pam/PAM.8: Regenerated from xml source.
+ * man/pam_sm_chauthtok.3: New.
+ * man/pam_sm_chauthtok.3.xml: New.
+ * man/pam_sm_close_session.3: New.
+ * man/pam_sm_close_session.3.xml: New.
+ * man/pam_sm_open_session.3: New.
+ * man/pam_sm_open_session.3.xml: New.
+ * man/pam_sm_authenticate.3: New.
+ * man/pam_sm_authenticate.3.xml: New.
+ * man/pam_sm_setcred.3: New.
+ * man/pam_sm_setcred.3.xml: New.
+ * man/Makefile.am: Add new pam_sm_* manual pages.
+
+ * specs/Makefile.am: Fix rule to generate draft.
+
+2006-06-18 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_tally/Makefile.am: Include Make.xml.rules.
+ * modules/pam_tally/pam_tally.8.xml: New.
+ * modules/pam_tally/pam_tally.8: New, generated from xml file.
+ * modules/pam_tally/README.xml: New.
+ * modules/pam_tally/README: Regenerated from xml file.
+
+ * modules/pam_selinux/Makefile.am: Include Make.xml.rules.
+ * modules/pam_selinux/pam_selinux.8.xml: New.
+ * modules/pam_selinux/pam_selinux.8: Regenerated from xml file.
+ * modules/pam_selinux/README.xml: New.
+ * modules/pam_selinux/README: Regenerated from xml file.
+
+2006-06-17 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_debug/Makefile.am: Include Make.xml.rules.
+ * modules/pam_debug/pam_debug.8.xml: New.
+ * modules/pam_debug/pam_debug.8: New, generated from xml file.
+ * modules/pam_debug/README.xml: New.
+ * modules/pam_debug/README: Regenerated from xml file.
+
+ * examples/vpass.c: UID is unsigned on Linux.
+ * modules/pam_exec/pam_exec.c: Likewise.
+ * modules/pam_unix/pam_unix_acct.c: Likewise.
+ * modules/pam_unix/pam_unix_sess.c: Likewise.
+
+ * modules/pam_succeed_if/pam_succeed_if.8.xml: Fix syntax error.
+ * modules/pam_succeed_if/pam_succeed_if.8: Regenerated.
+ * modules/pam_succeed_if/README: Regenerated.
+
+ * modules/pam_limits/Makefile.am: Include Make.xml.rules.
+ * modules/pam_limits/limits.conf.5: New, generated from xml file.
+ * modules/pam_limits/limits.conf.5.xml: New.
+ * modules/pam_limits/pam_limits.8: New, generated from xml file.
+ * modules/pam_limits/pam_limits.8.xml: New.
+ * modules/pam_limits/README.xml: New.
+ * modules/pam_limits/README: Regenerated from README.xml.
+
+2006-06-16 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_unix/pam_unix_passwd.c (save_old_password): UIDs
+ are unsigned on Linux, don't truncate them.
+ (_do_setpass): err is of type clnt_stat, not int.
+
+ * modules/pam_lastlog/pam_lastlog.c (last_login_read): Don't
+ truncate UID for syslog output.
+
+ * modules/pam_time/pam_time.c: Replace type boolean with int.
+ * modules/pam_group/pam_group.c: Likewise.
+
+2006-06-15 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_unix/bigcrypt.h: New.
+ * modules/pam_unix/Makefile.am: Add bigcrypt.h.
+ * modules/pam_unix/bigcrypt.c: Include bigcrypt.h.
+ * modules/pam_unix/support.c: Include bigcrypt.h, remove
+ own prototype.
+ * modules/pam_unix/bigcrypt_main.c: Include bigcrypt.h, remove
+ own prototype.
+ * modules/pam_unix/pam_unix_passwd.c: Include bigcrypt.h, remove
+ own prototype.
+
+ * modules/pam_time/pam_time.c (logic_member): Remove unused
+ variable len.
+
+ * modules/pam_group/pam_group.c (logic_field): Accept
+ colon in tty name. [#1428276].
+ (logic_member): Remove unused variable len.
+ (check_account): Fix usage of err variable in debug code.
+
+ * modules/pam_time/pam_time.c (logic_field): Likewise.
+
+ * configure.in: Add special exceptions for icc: different
+ compiler warnings, no PIE support.
+
+2006-06-14 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * libpam/pam_misc.c (_pam_strdup): Use strlen and strcpy.
+
+ * configure.in: Remove --enable-memory-debug, add option
+ to disable prelude if installed.
+
+ * modules/pam_tally/pam_tally.c: Remove MEMORY_DEBUG
+ * modules/pam_filter/upperLOWER/upperLOWER.c: Likewise.
+ * modules/pam_unix/unix_chkpwd.c: Likewise.
+ * libpam/include/security/_pam_types.h: Likewise.
+ * libpam/libpam.map: Remove LIBPAM_MALLOC_DEBUG export.
+ * libpam/pam_malloc.c: Remove file.
+ * libpam/Makefile.am: Remove pam_malloc.c and pam_malloc.h.
+
+ * libpam/pam_handlers.c (extract_modulename): Use _pam_strdup
+ instead of strdup.
+
+ * libpam/pam_private.h: Remove _pam_strCMP.
+ * libpam/pam_misc.c: Likewise.
+ * libpam/pam_handlers.c: Replaced _pam_strCMP with strcasecmp.
+
+2006-06-12 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_tally/Makefile.am (AM_LDFLAGS): Remove flags
+ for modules from main application.
+
+2006-06-09 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_time/Makefile.am: Include Make.xml.rules.
+ * modules/pam_time/time.conf.5: New, generated from xml file.
+ * modules/pam_time/time.conf.5.xml: New.
+ * modules/pam_time/pam_time.8: New, generated from xml file.
+ * modules/pam_time/pam_time.8.xml: New.
+ * modules/pam_time/README.xml: New.
+ * modules/pam_time/README: Regenerated from README.xml.
+
+ * modules/pam_wheel/Makefile.am: Include Make.xml.rules.
+ * modules/pam_wheel/pam_wheel.8.xml: New.
+ * modules/pam_wheel/pam_wheel.8: New, generated from xml file.
+ * modules/pam_wheel/README.xml: New.
+ * modules/pam_wheel/README: Regenerated from xml file.
+
+ * modules/pam_xauth/Makefile.am: Include Make.xml.rules.
+ * modules/pam_xauth/pam_xauth.8.xml: New.
+ * modules/pam_xauth/pam_xauth.8: Regenerated from xml file.
+ * modules/pam_xauth/README.xml: New.
+ * modules/pam_xauth/README: Regenerated from xml file.
+
+ * modules/pam_deny/pam_deny.8.xml: Fix syntax errors.
+ * modules/pam_deny/pam_deny.8: Regenerate from xml file.
+ * modules/pam_deny/README: Likewise.
+
+ * modules/pam_warn/Makefile.am: Include Make.xml.rules.
+ * modules/pam_warn/pam_warn.8.xml: New.
+ * modules/pam_warn/pam_warn.8: New, generated from xml file.
+ * modules/pam_warn/README.xml: New.
+ * modules/pam_warn/README: Regenerated from xml file.
+
+ * modules/pam_userdb/Makefile.am: Include Make.xml.rules.
+ * modules/pam_userdb/pam_userdb.8.xml: New.
+ * modules/pam_userdb/pam_userdb.8: New, generated from xml file.
+ * modules/pam_userdb/README.xml: New.
+ * modules/pam_userdb/README: Regenerated from xml file.
+
+2006-06-06 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_shells/Makefile.am: Include Make.xml.rules.
+ * modules/pam_shells/pam_shells.8.xml: New.
+ * modules/pam_shells/pam_shells.8: New, generated from xml file.
+ * modules/pam_shells/README.xml: New.
+ * modules/pam_shells/README: Regenerated from xml file.
+
+ * libpam/include/security/pam_malloc.h: Add missing license
+ informations.
+
+ * libpam/include/security/pam_ext.h: Add brackets for C++.
+ * libpam/include/security/pam_modutil.h: Likewise.
+
+ * libpam/include/security/pam_modules.h: Document where to
+ find the copyright/license informations.
+
+ * libpam/include/security/pam_appl.h: Move _pam_compat.h
+ include inside of brackets.
+
+2006-06-04 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_securetty/Makefile.am: Include Make.xml.rules.
+ * modules/pam_securetty/pam_securetty.8.xml: New.
+ * modules/pam_securetty/pam_securetty.8: Regenerated from xml file.
+ * modules/pam_securetty/README.xml: New.
+ * modules/pam_securetty/README: Regenerated from xml file.
+
+ * modules/pam_rootok/Makefile.am: Include Make.xml.rules.
+ * modules/pam_rootok/pam_rootok.8.xml: New.
+ * modules/pam_rootok/pam_rootok.8: New, generated from xml file.
+ * modules/pam_rootok/README.xml: New.
+ * modules/pam_rootok/README: Regenerated from xml file.
+
+ * modules/pam_permit/Makefile.am: Include Make.xml.rules.
+ * modules/pam_permit/pam_permit.8.xml: New.
+ * modules/pam_permit/pam_permit.8: New, generated from xml file.
+ * modules/pam_permit/README.xml: New.
+ * modules/pam_permit/README: Regenerated from xml file.
+
+ * modules/pam_nologin/Makefile.am: Include Make.xml.rules.
+ * modules/pam_nologin/pam_nologin.8.xml: New.
+ * modules/pam_nologin/pam_nologin.8: Regenerated from xml file.
+ * modules/pam_nologin/README.xml: New.
+ * modules/pam_nologin/README: Regenerated from xml file.
+
+2006-06-03 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_motd/Makefile.am: Include Make.xml.rules.
+ * modules/pam_motd/pam_motd.8.xml: New.
+ * modules/pam_motd/pam_motd.8: New, generated from xml file.
+ * modules/pam_motd/README.xml: New.
+ * modules/pam_motd/README: New, generated from xml file.
+
+2006-06-02 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_mail/Makefile.am: Include Make.xml.rules.
+ * modules/pam_mail/pam_mail.8.xml: New.
+ * modules/pam_mail/pam_mail.8: New, generated from xml file.
+ * modules/pam_mail/README.xml: New.
+ * modules/pam_mail/README: Regenerated from xml file.
+
+ * modules/pam_localuser/Makefile.am: Include Make.xml.rules.
+ * modules/pam_localuser/pam_localuser.8.xml: New.
+ * modules/pam_localuser/pam_localuser.8: New, generated from xml file.
+ * modules/pam_localuser/README.xml: New.
+ * modules/pam_localuser/README: Regenerated from xml file.
+
+ * doc/man/PAM.8: Regenerate with DocBook XSL Stylesheets v1.70.1.
+ * doc/man/pam.3: Likewise.
+ * doc/man/pam.conf.5: Likewise.
+ * doc/man/pam_acct_mgmt.3: Likewise.
+ * doc/man/pam_authenticate.3: Likewise.
+ * doc/man/pam_chauthtok.3: Likewise.
+ * doc/man/pam_close_session.3: Likewise.
+ * doc/man/pam_conv.3: Likewise.
+ * doc/man/pam_end.3: Likewise.
+ * doc/man/pam_error.3: Likewise.
+ * doc/man/pam_fail_delay.3: Likewise.
+ * doc/man/pam_get_data.3: Likewise.
+ * doc/man/pam_get_item.3: Likewise.
+ * doc/man/pam_get_user.3: Likewise.
+ * doc/man/pam_getenv.3: Likewise.
+ * doc/man/pam_getenvlist.3: Likewise.
+ * doc/man/pam_info.3: Likewise.
+ * doc/man/pam_open_session.3: Likewise.
+ * doc/man/pam_prompt.3: Likewise.
+ * doc/man/pam_putenv.3: Likewise.
+ * doc/man/pam_set_data.3: Likewise.
+ * doc/man/pam_set_item.3: Likewise.
+ * doc/man/pam_setcred.3: Likewise.
+ * doc/man/pam_sm_acct_mgmt.3: Likewise.
+ * doc/man/pam_start.3: Likewise.
+ * doc/man/pam_strerror.3: Likewise.
+ * doc/man/pam_syslog.3: Likewise.
+ * modules/pam_access/access.conf.5: Likewise.
+ * modules/pam_access/pam_access.8: Likewise.
+ * modules/pam_cracklib/pam_cracklib.8: Likewise.
+ * modules/pam_deny/pam_deny.8: Likewise.
+ * modules/pam_echo/pam_echo.8: Likewise.
+ * modules/pam_env/pam_env.8: Likewise.
+ * modules/pam_env/pam_env.conf.5: Likewise.
+ * modules/pam_exec/pam_exec.8: Likewise.
+ * modules/pam_filter/pam_filter.8: Likewise.
+ * modules/pam_ftp/pam_ftp.8: Likewise.
+ * modules/pam_group/group.conf.5: Likewise.
+ * modules/pam_group/pam_group.8: Likewise.
+ * modules/pam_issue/pam_issue.8: Likewise.
+ * modules/pam_lastlog/pam_lastlog.8: Likewise.
+ * modules/pam_mkhomedir/pam_mkhomedir.8: Likewise.
+ * modules/pam_succeed_if/pam_succeed_if.8: Likewise.
+ * modules/pam_umask/pam_umask.8: Likewise.
+
+ * modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): Use
+ dngettext if available [#1427738].
+ * configure.in: Check for dngettext [#1427738].
+ * po/*.po: Update to dngettext usage.
+
+ * modules/pam_listfile/Makefile.am: Include Make.xml.rules.
+ * modules/pam_listfile/pam_listfile.8.xml: New.
+ * modules/pam_listfile/pam_listfile.8: New, generated from xml file.
+ * modules/pam_listfile/README.xml: New.
+ * modules/pam_listfile/README: Regenerated from xml file.
+
+2006-06-01 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_lastlog/Makefile.am: Include Make.xml.rules.
+ * modules/pam_lastlog/pam_lastlog.8.xml: New.
+ * modules/pam_lastlog/pam_lastlog.8: New, generated from xml file.
+ * modules/pam_lastlog/README.xml: New.
+ * modules/pam_lastlog/README: Regenerated from xml file.
+
+ * modules/pam_group/Makefile.am: Include Make.xml.rules.
+ * modules/pam_group/group.conf.5.xml: New.
+ * modules/pam_group/group.conf.5: New, generated from xml file.
+ * modules/pam_group/pam_group.8.xml: New.
+ * modules/pam_group/pam_group.8: New, generated from xml file.
+ * modules/pam_group/README.xml: New.
+ * modules/pam_group/README: Regenerated from xml file.
+
+ * modules/pam_ftp/Makefile.am: Include Make.xml.rules.
+ * modules/pam_ftp/pam_ftp.8.xml: New.
+ * modules/pam_ftp/pam_ftp.8: New, generated from xml file.
+ * modules/pam_ftp/README.xml: New.
+ * modules/pam_ftp/README: Regenerated from xml file.
+
+ * modules/pam_issue/Makefile.am: Include Make.xml.rules.
+ * modules/pam_issue/pam_issue.8.xml: New.
+ * modules/pam_issue/pam_issue.8: New, generated from xml file.
+ * modules/pam_issue/README.xml: New.
+ * modules/pam_issue/README: Regenerated from xml file.
+
+ * modules/pam_filter/Makefile.am: Include Make.xml.rules.
+ * modules/pam_filter/pam_filter.8.xml: New.
+ * modules/pam_filter/pam_filter.8: New, generated from xml file.
+ * modules/pam_filter/README.xml: New.
+ * modules/pam_filter/README: Regenerated from xml file.
+
+2006-05-30 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_mkhomedir/pam_mkhomedir.8.xml: Fix umask and skel
+ directory documentation.
+
+ * modules/pam_umask/Makefile.am: Include Make.xml.rules.
+ * modules/pam_umask/pam_umask.8.xml: New.
+ * modules/pam_umask/pam_umask.8: New, generated from xml file.
+ * modules/pam_umask/README.xml: New.
+ * modules/pam_umask/README: Regenerated from xml file.
+
+2006-05-29 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_mkhomedir/Makefile.am: Include Make.xml.rules.
+ * modules/pam_mkhomedir/pam_mkhomedir.8.xml: New.
+ * modules/pam_mkhomedir/pam_mkhomedir.8: New, generated from xml file.
+ * modules/pam_mkhomedir/README.xml: New.
+ * modules/pam_mkhomedir/README: Regenerated from xml file.
+
+2006-05-23 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_echo/pam_echo.c (pam_echo): Use pam_modutil_read()
+ instead of read().
+
+2006-05-22 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_listfile/pam_listfile.c (pam_sm_authenticate):
+ Fix memory leaks, [#1490956] found by Coverity.
+
+ * modules/pam_tally/pam_tally.c (pam_get_uid): Check return
+ value of pam_get_user().
+ (tally_get_data): Check if oldtime is not NULL.
+ [#1489818] found by Coverity.
+
+ * modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Don't
+ ignore return value of stat(). [#1489808] found by Coverity.
+
+ * modules/pam_mail/pam_mail.c (get_folder): Fix a potential
+ NULL pointer dereference. [#1489792] found by Coverity.
+
+ * libpam/Makefile.am: bump release number of libpam.so.
+ * libpam/pam_misc.c (_pam_mkargv): Fix memory leak,
+ [#1489804] found by Coverity.
+
+ * modules/pam_echo/pam_echo.c (replace_and_print): Initialize
+ str, [#1489658] found by Coverity.
+
+ * modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Fix
+ a potential NULL pointer dereference.
+ (pam_sm_chauthtok): Remove dead code.
+ [#1489634] found by Coverity.
+
+2006-05-04 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Check for fseeko.
+ * modules/pam_tally/pam_tally.c: Use fseeko if available
+ (Based on patch by IBM).
+
+2006-05-04 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release version 0.99.4.0
+
+ * libpam/pam_strerror.c: Unify error messages.
+
+ * po/zh_TW.po: Adjust for last pam_strerror changes.
+ * po/zh_CN.po: Likewise.
+ * po/uk.po: Likewise.
+ * po/tr.po: Likewise.
+ * po/pt.po: Likewise.
+ * po/pt_BR.po: Likewise.
+ * po/pl.po: Likewise.
+ * po/ja.po: Likewise.
+ * po/nl.po: Likewise.
+ * po/nb.po: Likewise.
+ * po/it.po: Likewise.
+ * po/hu.po: Likewise.
+ * po/fr.po: Likewise.
+ * po/fi.po: Likewise.
+ * po/es.po: Likewise.
+ * po/de.po: Likewise.
+ * po/cs.po: Likewise.
+
+ * doc/man/pam.3.xml: New.
+ * doc/man/pam.3. New, generated from XML file.
+
+ * doc/man/pam_sm_acct_mgmt.3.xml: New.
+ * doc/man/pam_sm_acct_mgmt.3: New, generated from XML file.
+
+ * doc/man/*.xml: Fix encoding and use always UTF-8, regenerate
+ all manual pages.
+
+ * doc/pam_modules.sgml (PAM_NEW_AUTHTOKEN_REQD): Fix typo.
+
+2006-05-02 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): Use
+ different strings for plural or not [#1427738]
+
+ * po/*.po: Adjust for pam_unix.so translation fix.
+
+ * modules/pam_tally/pam_tally.c: Always close file handle
+ in error case, don't close it depending on *TALLY value [#1478180]
+
+2006-04-21 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * po/fr.po: Updated.
+
+2006-04-11 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * po/km.po: Updated.
+
+2006-03-27 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * po/LINGUAS: Add uk.
+
+ * po/uk.po: New.
+ * po/cs.po: Updated.
+ * po/po/es.po: Updated.
+ * po/fi.po: Updated.
+ * po/fr.po: Updated.
+ * po/hu.po: Updated.
+ * po/it.po: Updated.
+ * po/ja.po: Updated.
+ * po/nb.po: Updated.
+ * po/pl.po: Updated.
+ * po/pt.po: Updated.
+ * po/pt_BR.po: Updated.
+ * po/zh_CN.po: Updated.
+ * po/zh_TW.po: Updated.
+
+2006-03-21 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Remove ALL_LINGUAS.
+ * po/LINGUAS: New.
+ * po/tr.po: New (from Ismail Donmez <ismail@pardus.org.tr>).
+
+2006-03-13 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/man/pam_error.3.xml: New.
+ * doc/man/pam_error.3: New, generated from XML file.
+ * doc/man/pam_verror.3: New, generated from XML file.
+ * doc/man/Makefile.am: Add pam_error.3 and pam_verror.3.
+
+ * modules/pam_lastlog/Makefile.am: Fix typo.
+
+ * modules/pam_lastlog/pam_lastlog.c: Move comment for
+ translators in right line.
+ * po/*.po: Update po files with comment for translator.
+
+2006-03-12 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/man/Makefile.am: Add new manual pages.
+
+ * doc/man/pam.conf.5.xml: Replace link with content
+ of PAM admin guide.
+ * doc/man/pam.conf.5: Regenerated from XML file.
+
+ * doc/man/pam_info.3.xml: New.
+ * doc/man/pam_info.3: New, generated from XML file.
+ * doc/man/pam_vinfo.3: New, generated from XML file.
+
+ * doc/man/pam_conv.3.xml: New.
+ * doc/man/pam_conv.3: New, generated from XML file.
+
+ * doc/man/pam_putenv.3.xml: New.
+ * doc/man/pam_putenv.3: New, generated from XML file.
+
+ * doc/man/pam_getenv.3.xml: New.
+ * doc/man/pam_getenv.3: New, generated from XML file.
+
+ * doc/man/pam_getenvlist.3.xml: New.
+ * doc/man/pam_getenvlist.3: New, generated from XML file.
+
+ * libpam/pam_item.c (pam_get_user): Check for valid pamh before
+ using it.
+
+ * configure.in: create tests/Makefile
+ * Makefile.am (SUBDIRS): Add tests
+ * tests/Makefile.am: New.
+ * tests/tst-dlopen.c: New.
+ * tests/tst-pam_acct_mgmt.c: New.
+ * tests/tst-pam_authenticate.c: New.
+ * tests/tst-pam_chauthtok.c: New.
+ * tests/tst-pam_close_session.c: New.
+ * tests/tst-pam_end.c: New.
+ * tests/tst-pam_fail_delay.c: New.
+ * tests/tst-pam_getenvlist.c: New.
+ * tests/tst-pam_get_item.c: New.
+ * tests/tst-pam_open_session.c: New.
+ * tests/tst-pam_setcred.c: New.
+ * tests/tst-pam_set_item.c: New.
+ * tests/tst-pam_start.c: New.
+ * tests/tst-pam_get_user.c: New.
+
+ * modules/pam_access/Makefile.am: Add rules for make check
+ * modules/pam_access/tst-pam_access: New
+ * modules/pam_cracklib/Makefile.am: Add rules for make check
+ * modules/pam_cracklib/tst-pam_cracklib: New
+ * modules/pam_debug/Makefile.am: Add rules for make check
+ * modules/pam_debug/tst-pam_debug: New
+ * modules/pam_deny/Makefile.am: Add rules for make check
+ * modules/pam_deny/tst-pam_deny: New
+ * modules/pam_echo/Makefile.am: Add rules for make check
+ * modules/pam_echo/tst-pam_echo: New
+ * modules/pam_env/Makefile.am: Add rules for make check
+ * modules/pam_env/tst-pam_env: New
+ * modules/pam_exec/Makefile.am: Add rules for make check
+ * modules/pam_exec/tst-pam_exec: New
+ * modules/pam_filter/Makefile.am: Add rules for make check
+ * modules/pam_filter/tst-pam_filter: New
+ * modules/pam_ftp/Makefile.am: Add rules for make check
+ * modules/pam_ftp/tst-pam_ftp: New
+ * modules/pam_group/Makefile.am: Add rules for make check
+ * modules/pam_group/tst-pam_group: New
+ * modules/pam_issue/Makefile.am: Add rules for make check
+ * modules/pam_issue/tst-pam_issue: New
+ * modules/pam_lastlog/Makefile.am: Add rules for make check
+ * modules/pam_lastlog/tst-pam_lastlog: New
+ * modules/pam_limits/Makefile.am: Add rules for make check
+ * modules/pam_limits/tst-pam_limits: New
+ * modules/pam_listfile/Makefile.am: Add rules for make check
+ * modules/pam_listfile/tst-pam_listfile: New
+ * modules/pam_localuser/Makefile.am: Add rules for make check
+ * modules/pam_localuser/tst-pam_localuser: New
+ * modules/pam_mail/Makefile.am: Add rules for make check
+ * modules/pam_mail/tst-pam_mail: New
+ * modules/pam_mkhomedir/Makefile.am: Add rules for make check
+ * modules/pam_mkhomedir/tst-pam_mkhomedir: New
+ * modules/pam_motd/Makefile.am: Add rules for make check
+ * modules/pam_motd/tst-pam_motd: New
+ * modules/pam_nologin/Makefile.am: Add rules for make check
+ * modules/pam_nologin/tst-pam_nologin: New
+ * modules/pam_permit/Makefile.am: Add rules for make check
+ * modules/pam_permit/tst-pam_permit: New
+ * modules/pam_rhosts/Makefile.am: Add rules for make check
+ * modules/pam_rhosts/tst-pam_rhosts: New
+ * modules/pam_rootok/Makefile.am: Add rules for make check
+ * modules/pam_rootok/tst-pam_rootok: New
+ * modules/pam_securetty/Makefile.am: Add rules for make check
+ * modules/pam_securetty/tst-pam_securetty: New
+ * modules/pam_selinux/Makefile.am: Add rules for make check
+ * modules/pam_selinux/tst-pam_selinux: New
+ * modules/pam_shells/Makefile.am: Add rules for make check
+ * modules/pam_shells/tst-pam_shells: New
+ * modules/pam_stress/Makefile.am: Add rules for make check
+ * modules/pam_stress/tst-pam_stress: New
+ * modules/pam_succeed_if/Makefile.am: Add rules for make check
+ * modules/pam_succeed_if/tst-pam_succeed_if: New
+ * modules/pam_tally/Makefile.am: Add rules for make check
+ * modules/pam_tally/tst-pam_tally: New
+ * modules/pam_time/Makefile.am: Add rules for make check
+ * modules/pam_time/tst-pam_time: New
+ * modules/pam_umask/Makefile.am: Add rules for make check
+ * modules/pam_umask/tst-pam_umask: New
+ * modules/pam_unix/Makefile.am: Add rules for make check
+ * modules/pam_unix/tst-pam_unix: New
+ * modules/pam_userdb/Makefile.am: Add rules for make check
+ * modules/pam_userdb/tst-pam_userdb: New
+ * modules/pam_warn/Makefile.am: Add rules for make check
+ * modules/pam_warn/tst-pam_warn: New
+ * modules/pam_wheel/Makefile.am: Add rules for make check
+ * modules/pam_wheel/tst-pam_wheel: New
+ * modules/pam_xauth/Makefile.am: Add rules for make check
+ * modules/pam_xauth/tst-pam_xauth: New
+
+2006-03-11 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/man/pam_fail_delay.3.xml: New.
+ * doc/man/pam_fail_delay.3: New, generated from xml.
+ * doc/man/pam_prompt.3.xml: New.
+ * doc/man/pam_prompt.3: New, generated from xml.
+ * doc/man/pam_syslog.3.xml: New.
+ * doc/man/pam_syslog.3: New, generated from xml.
+ * doc/man/pam_vprompt.3: New, generated from xml.
+ * doc/man/pam_vsyslog.3: New, generated from xml.
+
+2006-02-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * po/km.po: Update Khmer translation.
+
+2006-02-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_succeed_if/pam_succeed_if.8.xml: New, based on
+ version from #1425487.
+ * modules/pam_succeed_if/pam_succeed_if.8: Regenerated from xml.
+ * modules/pam_succeed_if/Makefile.am: Include XML rules.
+ * modules/pam_succeed_if/README.xml: New.
+ * modules/pam_succeed_if/README: Regenerated from xml.
+ * modules/pam_succeed_if/pam_succeed_if.c: Fix comment about
+ return values.
+
+2006-02-22 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Fix check for incomplete libaudit installations
+ (Patch from Ruediger Oertel <ro@suse.de>).
+
+ * modules/pam_lastlog/pam_lastlog.c (last_login_write): Initialize
+ correct last_login field [#1427401].
+
+ * modules/pam_lastlog/pam_lastlog.c (last_login_read): Mark strftime
+ format string for translation to allow reorder [#1428269].
+ * po/*.po: Update with last pam_lastlog change.
+
+
+2006-02-17 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/man/Makefile.am: Add new manual pages.
+ * doc/man/pam_end.3: Regenerated from xml file.
+ * doc/man/pam_end.3.xml: Document freeing of item data.
+ * doc/man/pam_get_user.3: New.
+ * doc/man/pam_get_user.3.xml: New.
+ * modules/pam_access/access.conf.5.xml: Fix typos.
+ * modules/pam_env/Makefile.am: Add new manual pages.
+ * modules/pam_env/README: Regenerate from xml file.
+ * modules/pam_env/README.xml: New.
+ * modules/pam_env/pam_env.8: New.
+ * modules/pam_env/pam_env.8.xml: New.
+ * modules/pam_env/pam_env.conf.5: New.
+ * modules/pam_env/pam_env.conf.5.xml New.
+
+2006-02-14 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * po/fi.po: Updated translations.
+ * po/pl.po: Likewise.
+ * po/km.po: New translation.
+ * configure.in: Add km as new language.
+
+2006-02-13 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_echo/pam_echo.8.xml: New.
+ * modules/pam_echo/pam_echo.8: Regenerated from xml file.
+ * modules/pam_echo/Makefile.am: Include Make.xml.rules.
+ * modules/pam_echo/pam_echo.c: Fix return value.
+
+ * doc/modules/pam_chroot.sgml: Remove obsolete sgml file.
+
+2006-02-12 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Add doc/man/Makefile.
+ * Make.xml.rules: Enable xincludes for manual pages.
+ * doc/Makefile.am (EXRA_DIST): Remove manual pages.
+ (SUBDIR): Add man subdirectory.
+ * doc/man/Makefile.am: New.
+ * doc/man/pam_acct_mgmt.3: New.
+ * doc/man/pam_acct_mgmt.3.xml: New.
+ * doc/man/pam_get_data.3: New.
+ * doc/man/pam_get_data.3.xml: New.
+ * doc/man/pam_set_data.3: New.
+ * doc/man/pam_set_data.3.xml: New.
+ * doc/man/pam.8.xml: New.
+ * doc/man/pam.8: Regenerated from xml file.
+ * doc/man/pam_authenticate.3.xml: New.
+ * doc/man/pam_authenticate.3: Regenerated from xml file.
+ * doc/man/pam_chauthtok.3.xml: New.
+ * doc/man/pam_chauthtok.3: Regenerated from xml file.
+ * doc/man/pam_close_session.3.xml: New.
+ * doc/man/pam_close_session.3: Regenerated from xml file.
+ * doc/man/pam_end.3.xml: New.
+ * doc/man/pam_end.3: Regenerated from xml file.
+ * doc/man/pam_fail_delay.3.xml: New.
+ * doc/man/pam_fail_delay.3: Regenerated from xml file.
+ * doc/man/pam_get_item.3.xml: New.
+ * doc/man/pam_get_item.3: Regenerated from xml file.
+ * doc/man/pam_item_types.inc.xml: New.
+ * doc/man/pam_open_session.3.xml: New.
+ * doc/man/pam_open_session.3: Regenerated from xml file.
+ * doc/man/pam_set_item.3.xml: New.
+ * doc/man/pam_set_item.3: Regenerated from xml file.
+ * doc/man/pam_setcred.3.xml: New.
+ * doc/man/pam_setcred.3: Regenerated from xml file.
+ * doc/man/pam_start.3.xml: New.
+ * doc/man/pam_start.3: Regenerated from xml file.
+ * doc/man/pam_strerror.3.xml: New.
+ * doc/man/pam_strerror.3: Regenerated from xml file.
+ * doc/man/template-man: Removed.
+
+2006-02-10 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Remove pam_pwdb support.
+ * modules/Makefile.am: remove pam_pwdb.
+ * modules/pam_pwdb: Remove complete directory.
+ * libpam/Makefile.am: Remove LIBPWDB references.
+ * libpam/pam_static_modules.h: Remove pam_pwdb references.
+ * doc/modules/pam_pwdb.sgml: Removed.
+ * po/POTFILES.in: Remove modules/pam_pwdb/*.c entries.
+ * doc/pam_source.sgml: Remove references to libpwdb.
+ * doc/modules/pam_limits.sgml: Remove wrong reference to libpwdb.
+ * doc/modules/pam_group.sgml: Likewise.
+ * doc/modules/pam_cracklib.sgml: Replace pam_pwdb with pam_unix.
+ * doc/modules/pam_userdb.sgml: Likewise.
+ * modules/pam_cracklib/pam_cracklib.8.xml: Replace pam_pwdb
+ with pam_unix.
+ * modules/pam_mkhomedir/pam_mkhomedir.c: Likewise.
+ * modules/pam_group/pam_group.c: Remove dead code for libpwdb.
+
+ * modules/pam_access/Makefile.am: Fix EXTRA_DIST.
+ * modules/pam_cracklib/Makefile.am: Likewise.
+ * modules/pam_deny/Makefile.am: Likewise.
+ * modules/pam_exec/Makefile.am: Likewise.
+
+2006-02-07 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Check for text browser.
+ * Make.xml.rules: Add rule to generate README from README.xml.
+
+ * modules/pam_access/Makefile.am: Include Make.xml.rules.
+ * modules/pam_access/README: Regenerated from README.xml.
+ * modules/pam_access/README.xml: New.
+ * modules/pam_access/access.conf: Extended by new examples.
+ * modules/pam_access/access.conf.5: New, generated from xml file.
+ * modules/pam_access/access.conf.5.xml: New.
+ * modules/pam_access/pam_access.8: New, generated from xml file.
+ * modules/pam_access/pam_access.8.xml: New.
+ * modules/pam_access/pam_access.c: Add rules for IPv6 and
+ netmasks.
+ Based on patch from Mike Becher <Mike.Becher@lrz-muenchen.de>.
+
+ * modules/pam_deny/Makefile.am: Include Make.xml.rules.
+ * modules/pam_deny/pam_deny.8.xml: New.
+ * modules/pam_deny/pam_deny.8: New, generated from xml file.
+ * modules/pam_deny/README.xml: New.
+ * modules/pam_deny/README: Regenerated from xml file.
+
+ * modules/pam_cracklib/Makefile.am: Include Make.xml.rules.
+ * modules/pam_cracklib/pam_cracklib.8.xml: New.
+ * modules/pam_cracklib/pam_cracklib.8: New, generated from xml file.
+ * modules/pam_cracklib/README.xml: New.
+ * modules/pam_cracklib/README: Regenerated from xml file.
+
+ * modules/pam_exec/Makefile.am: Add rule to generate README.
+ * modules/pam_exec/README: Regenerated from xml file.
+ * modules/pam_exec/pam_exec.8: Regenerated from xml file.
+ * modules/pam_exec/pam_exec.8.xml: Syntax files.
+
+2006-02-06 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * po/nl.po: New.
+ * po/pt.po: Update translations.
+ * configure.in: Add nl as new language.
+
+2006-01-30 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_exec/pam_exec.8.xml: Fix syntax of Return Value section.
+ * modules/pam_exec/Makefile.am: Include Make.xml.rules.
+
+ * Make.xml.rules: New.
+
+ * Makefile.am (EXTRA_DIST): Add Make.xml.rules.
+
+2006-01-27 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Prefer libdb over libndbm, fix check for
+ libcrack and remove not needed BACKUP_LIBS.
+
+2006-01-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_debug/pam_debug.c: Fix name of pam_module struct.
+
+ * po/de.po: Fix one translation.
+
+ * configure.in: Add modules/pam_exec.
+ * modules/Makefile.am: Add pam_exec subdirectory.
+ * modules/pam_exec/README: New.
+ * modules/pam_exec/Makefile.am: New.
+ * modules/pam_exec/pam_exec.8: New.
+ * modules/pam_exec/pam_exec.c: New.
+ * modules/pam_exec/pam_exec.8.xml: New.
+ * po/POTFILES.in: Add modules/pam_exec/pam_exec.c.
+ * po/*.po: Merge new pam_exec strings.
+
+ * libpam/pam_static_modules.h: New.
+ * Makefile.am: Reorder subdirectories for static modules.
+ * configure.in: Add --enable-static-modules option.
+ * libpam/Makefile.am: Define WITH_SELINUX and WITH_PWDB if
+ necessary, add pam_static_modules.h, link against all PAM
+ module object files if STATIC_MODULES is defined.
+ * libpam/pam_static.c: Remove old _static_module* includes,
+ include pam_static_modules.h.
+
+ * configure.in: Add checks for xsltproc, xmllint and docbook
+ xsl stylesheet.
+ * m4/jh_path_xml_catalog.m4: New.
+
+2006-01-22 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_succeed_if/pam_succeed_if.c: Add support for
+ static modules.
+ * modules/pam_xauth/pam_xauth.c: Likewise.
+
+ * libpam/pam_static.c (_pam_open_static_handler): Add pamh
+ as argument.
+ * libpam/pam_private.h: Adjust prototype.
+ * libpam/pam_handlers.c (_pam_add_handler): Add pamh to
+ _pam_open_static_handler call.
+
+ * configure.in: Don't define PAM_DYNAMIC.
+ * libpam/pam_handlers.c: Get ride of PAM_DYNAMIC, don't
+ include pam_dynamic.h
+ * libpam/pam_dynamic.c: Don't include pam_dynamic.h,
+ exclude functions if we compile with PAM_STATIC.
+ * libpam/pam_dynamic.h: Remove.
+ * libpam/pam_private.h: Add function prototypes from pam_dynamic.h.
+ * libpam/Makefile.am: Bump version number of libpam, remove
+ pam_dynamic.h.
+
+2006-01-21 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_listfile/pam_listfile.c: Add support for session
+ and password management.
+
+2006-01-19 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/specs/Makefile.am (spec): Add padout to fix parallel
+ build (Reported by Andreas Haumer <andreas@xss.co.at>).
+
+2006-01-15 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_echo/pam_echo.c: Define HOST_NAME_MAX if not
+ already defined.
+
+2006-01-13 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release version 0.99.3.0
+
+ * libpam_misc/misc_conv.c (misc_conv): Fix strict aliasing
+ error.
+
+ * modules/pam_umask/pam_umask.c (search_key): Don't ignore
+ EOF/error return value from fgets().
+
+ * configure.in: Check for getline and getdelim
+
+ * po/fi.po: Add new translations.
+ * po/de.po: Likewise.
+ * po/es.po: Likewise.
+ * po/fr.po: Likewise.
+ * po/it.po: Likewise.
+ * po/ja.po: Likewise.
+ * po/pt_BR.po: Likewise.
+ * po/zh_CH.po: Likewise.
+ * po/zh_TW.po: Likewise.
+
+2006-01-13 Dmitry V. Levin <ldv@altlinux.org>
+
+ * libpam/pam_audit.c (_pam_auditlog): Replace strerror(errno)
+ call with %m specifier.
+
+2006-01-12 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Add check for -fpie/-pie
+ * modules/pam_filter/upperLOWER/Makefile.am: Compile/link
+ upperLOWER with -fpie/-pie if supported.
+ * modules/pam_unix/Makefile.am: Compile/link unix_chkpwd
+ with -fpie/-pie if supported.
+
+2006-01-12 Steve Grubb <sgrubb@redhat.com>
+
+ * configure.in: Add check for audit library.
+ * libpam/Makefile.am (libpam_la_LDFLAGS): Add LIBAUDIT.
+ (libpam_la_SOURCES): Add pam_audit.c.
+ * libpam/pam_account.c (pam_acct_mgmt): Add _pam_auditlog() call.
+ * libpam/pam_auth.c (pam_authenticate), (pam_setcred): Likewise.
+ * libpam/pam_password.c (pam_chauthtok): Likewise.
+ * libpam/pam_session.c (pam_open_session),
+ (pam_close_session): Likewise.
+ * libpam/pam_private.h: Add audit_state member to pam_handle,
+ declare _pam_auditlog and _pam_audit_end.
+ * libpam/pam_start.c (pam_start): Initialize audit_state.
+ * libpam/pam_audit.c: New file with _pam_auditlog and _pam_audit_end
+ implementation.
+ * libpam/pam_end.c (pam_end): Add _pam_audit_end() call.
+ * NEWS: Note about added auditing.
+
+2006-01-11 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * libpam/Makefile.am (AM_CFLAGS): Define LIBPAM_COMPILE.
+
+ * libpam/include/security/_pam_types.h: Don't define PAM_NONNULL
+ if we compile libpam itself.
+
+ * po/hu.po: Update with new translations.
+
+2006-01-08 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_cracklib/pam_cracklib.c: Use PAM_AUTHTOK_RECOVERY_ERR
+ instead of PAM_AUTHTOK_RECOVER_ERR.
+ * modules/pam_pwdb/support.-c: Likewise.
+ * modules/pam_unix/support.c: Likewise.
+ * modules/pam_userdb/pam_userdb.c (pam_sm_authenticate): Likewise.
+ * libpam/pam_strerror.c (pam_strerror): Likewise.
+
+ * libpam/include/security/_pam_compat.h: Define
+ PAM_AUTHTOK_RECOVER_ERR for backward compatibility.
+
+ * libpam/include/security/_pam_types.h: Rename
+ PAM_AUTHTOK_RECOVER_ERR to PAM_AUTHTOK_RECOVERY_ERR.
+
+2006-01-05 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * libpam/include/security/_pam_types.h: Remove nonnull attribute
+ from third paramter (item) of pam_get_item.
+ * libpam/Makefile.am: Bump version number of shared library.
+
+2005-12-21 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_succeed_if/pam_succeed_if.c (evaluate_ingroup),
+ (evaluate_notingroup): Simplified.
+ (evaluate_innetgr), (evaluate_notinnetgr): New functions.
+ (evaluate): Added calls to evaluate_(not)innetgr().
+ * modules/pam_succeed_if/README: Documented netgroup matching.
+ * NEWS: Mentioned the added netgroup matching support.
+
+2005-12-20 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_lastlog/pam_lastlog.c (last_login_read): Use
+ strftime instead of ctime.
+
+ * po/de.po: Fix typo.
+
+2005-12-19 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * libpam/pam_syslog.c: Define LOG_AUTHPRIV as LOG_AUTH on Solaris.
+ Reported by Charles_H_Bedford@nbc.gov.
+
+ * modules/pam_time/pam_time.c (check_account): Implement
+ support for netgroups.
+
+ * modules/pam_time/time.conf: Document usage of netgroups.
+
+2005-12-16 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_group/pam_group.c (check_account): Implement
+ support for netgroups.
+
+ * modules/pam_group/group.conf: Add all documentation to this
+ example config file and don't reference to outdated configs.
+
+ * modules/pam_group/README: New.
+
+ * modules/pam_group/Makefile.am: Add README to EXTRADIST.
+
+2005-12-15 Thorsten Kukuk <kukuk@suse.de>
+
+ * modules/pam_lastlog/pam_lastlog.c (last_login_read): Don't report an
+ error if user logins the first time.
+
+ * modules/pam_lastlog/README: New.
+
+ * modules/pam_lastlog/Makefile.am: Add README to EXTRADIST.
+
+2005-12-14 Thorsten Kukuk <kukuk@suse.de>
+
+ * modules/pam_deny/pam_deny.c: Fix comment.
+
+ * doc/pam_appl.sgml: Fix typo.
+
+ Reported by Russell Bateman <russ@windofkeltia.com>
+
+2005-12-12 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release version 0.99.2.1
+
+ * po/de.po: Remove new fuzzy entry
+
+ * NEWS: Add 0.99.2.1 changes
+
+ * configure.in: bump version number to 0.99.2.1
+
+2005-12-12 Dmitry V. Levin <ldv@altlinux.org>
+
+ Cleanup pam_syslog messages.
+
+ * modules/pam_env/pam_env.c (_expand_arg): Fix compiler warning.
+ * modules/pam_filter/pam_filter.c (set_filter): Append %m
+ specifier to pam_syslog messages where appropriate.
+ * modules/pam_group/pam_group.c (read_field): Likewise.
+ * modules/pam_mkhomedir/pam_mkhomedir.c (make_remark): Remove.
+ (create_homedir): Do not use make_remark() wrapper, call
+ pam_info() directly. Call pam_syslog() right after failed
+ operation and append %m specifier to pam_syslog messages where
+ appropriate.
+ * modules/pam_rhosts/pam_rhosts_auth.c (pam_iruserok): Replace
+ sequence of malloc(), strcpy() and strcat() calls with asprintf().
+ Append %m specifier to pam_syslog messages where appropriate.
+ * modules/pam_securetty/pam_securetty.c (securetty_perform_check):
+ Append %m specifier to pam_syslog messages where appropriate.
+ * modules/pam_shells/pam_shells.c (perform_check): Likewise.
+
+2005-12-12 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_mail/pam_mail.c (report_mail): Fixed typo in string.
+ * po/Linux-PAM.pot: Likewise.
+ * po/de.po: Likewise.
+ * po/es.po: Likewise.
+ * po/fi.po: Likewise.
+ * po/fr.po: Likewise.
+ * po/hu.po: Likewise.
+ * po/it.po: Likewise.
+ * po/ja.po: Likewise.
+ * po/nb.po: Likewise.
+ * po/pa.po: Likewise.
+ * po/pl.po: Likewise.
+ * po/pt.po: Likewise.
+ * po/pt_BR.po: Likewise.
+ * po/zh_CN.po: Likewise.
+ * po/zh_TW.po: Likewise.
+ * po/de.po: Add new translation, fixed typo in string.
+
+2005-12-12 Mike Becher <Mike.Becher@lrz-muenchen.de>
+
+ * doc/Makefile.am: Fixed install of PS, PDF, TXT and HTML files.
+
+2005-12-12 Thorsten Kukuk <kukuk@suse.de>
+
+ * modules/pam_mail/README: Document "quiet" and "standard"
+ options.
+
+2005-12-07 Thorsten Kukuk <kukuk@suse.de>
+
+ * modules/pam_mail/pam_mail.c: Modify assembling of output
+ for easier translation.
+
+ * po/de.po: Translate new pam_mail messages.
+
+
+2005-11-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * po/de.po: Add new translation, fix wrong format specifier.
+ * po/cs.po: Fix wrong format specifier.
+ * po/es.po: Likewise.
+ * po/fi.po: Likewise.
+ * po/fr.po: Likewise.
+ * po/hu.po: Likewise.
+ * po/it.po: Likewise.
+ * po/ja.po: Likewise.
+ * po/nb.po: Likewise.
+ * po/pa.po: Likewise.
+ * po/pl.po: Likewise.
+ * po/pt.po: Likewise.
+ * po/pt_BR.po: Likewise.
+ * po/zh_CN.po: Likewise.
+ * po/zh_TW.po: Likewise.
+
+2005-11-24 Dmitry V. Levin <ldv@altlinux.org>
+
+ * config.h.in: Remove generated file.
+ * .cvsignore: Add config.h.in.
+
+ * configure.in: Do not check for strerror.
+ * libpam_misc/misc_conv.c (read_string): Replace strerror()
+ call with %m specifier.
+ * libpamc/pamc_converse.c (pamc_converse): Likewise.
+ * modules/pam_echo/pam_echo.c (pam_echo): Likewise.
+ * modules/pam_localuser/pam_localuser.c (pam_sm_authenticate):
+ Likewise.
+ * modules/pam_selinux/pam_selinux.c (security_label_tty):
+ Likewise.
+ (security_restorelabel_tty, security_label_tty): Append %m
+ specifier where appropriate.
+ * modules/pam_selinux/pam_selinux_check.c (main): Replace
+ strerror() call with %m specifier.
+ * modules/pam_unix/pam_unix_passwd.c (save_old_password,
+ _update_passwd, _update_shadow): Likewise.
+ * modules/pam_unix/support.c (_unix_run_helper_binary): Likewise.
+ * modules/pam_unix/unix_chkpwd.c (_update_shadow): Likewise.
+ * po/Linux-PAM.pot: Update strings from pam_selinux.
+ * po/cs.po: Likewise.
+ * po/de.po: Likewise.
+ * po/es.po: Likewise.
+ * po/fi.po: Likewise.
+ * po/fr.po: Likewise.
+ * po/hu.po: Likewise.
+ * po/it.po: Likewise.
+ * po/ja.po: Likewise.
+ * po/nb.po: Likewise.
+ * po/pa.po: Likewise.
+ * po/pl.po: Likewise.
+ * po/pt.po: Likewise.
+ * po/pt_BR.po: Likewise.
+ * po/zh_CN.po: Likewise.
+ * po/zh_TW.po: Likewise.
+
+2005-11-23 Thorsten Kukuk <kukuk@suse.de>
+
+ * modules/pam_xauth/pam_xauth.c (pam_sm_open_session): Introduce
+ new variable to fix compiler warning.
+
+ * libpam/pam_modutil_getlogin.c (pam_modutil_getlogin): PAM_TTY
+ don't need to start with /dev/.
+
+2005-11-21 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release version 0.99.2.0
+
+ * libpam_misc/Makefile.am: Increase release number (for change
+ from 2005-11-09)
+
+ * NEWS: Adjust for 0.99.2.0
+
+2005-11-17 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * libpam/include/security/_pam_compat.h: Fix wrong #ifdef nesting.
+ Redefine PAM_CHANGE_EXPIRED_AUTHTOK [#604380]
+
+2005-11-16 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * libpam/pam_handlers.c: Replace code for all dlopen variants with
+ a generic wrapper.
+ * libpam/pam_dynamic.c: Implement generic wrapper for dlopen.
+ * libpam/pam_dynamic.h: Provide prototypes.
+ For Mac OS X support [#534205]
+
+2005-11-09 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_access/pam_access.c (pam_sm_acct_mgmt): Parse correctly
+ full path tty name.
+ * modules/pam_time/pam_time.c (pam_sm_acct_mgmt): Parse correctly
+ full path tty name. Allow unset tty.
+ (logic_member): Allow matching ':' in tty name.
+ * modules/pam_group/pam_group.c (pam_sm_acct_mgmt): Parse correctly
+ full path tty name. Allow unset tty.
+ (logic_member): Allow matching ':' in tty name.
+
+ * libpam_misc/misc_conv.c (read_string): Read only up to EOL if stdin
+ is not terminal.
+
+2005-11-07 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_unix/pam_unix_passwd.c (_unix_verify_shadow): Use
+ correct variable names.
+
+2005-11-06 Steve Langasek <vorlon@debian.org>
+
+ * modules/pam_env/pam_env.c: don't treat a missing
+ /etc/environment as a fatal error when attempting to read it,
+ and try to read this file by default; this restores the behavior
+ from Linux-PAM 0.76.
+
+2005-11-02 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_unix/support.c (_unix_getpwnam): Fix typo [#1224807]
+ by ohyajapn.
+
+ * modules/pam_unix/pam_unix_passwd.c (_unix_verify_shadow): Change the
+ logic when comparing dates to handle corner cases better [#1245888].
+
+2005-10-31 Thorsten Kukuk <kukuk@suse.de>
+
+ * modules/pam_filter/pam_filter.c: Use XCASE only if defined
+ [#624214]
+
+2005-10-27 Thorsten Kukuk <kukuk@suse.de>
+
+ * doc/man/pam.8: Fix wording for authentication chapter [#1197444]
+
+2005-10-26 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary),
+ modules/pam_unix/pam_unix_passwd.c (_unix_run_shadow_binary),
+ modules/pam_unix/support.c (_unix_run_shadow_binary_): Set real
+ uid to 0 before executing the helper if SELinux is enabled.
+ * modules/pam_unix/unix_chkpwd.c (main): Disable user check only
+ if real uid is 0 (CVE-2005-2977). Log failed password check attempt.
+
+
+2005-10-20 Tomas Mraz <t8m@centrum.cz>
+
+ * configure.in: Added check for xauth binary and --with-xauth option.
+ * config.h.in: Added configurable PAM_PATH_XAUTH.
+ * modules/pam_xauth/README,
+ modules/pam_xauth/pam_xauth.8: Document where xauth is looked for.
+ * modules/pam_xauth/pam_xauth.c (pam_sm_open_session): Implement
+ searching xauth binary on multiple places.
+ (run_coprocess): Don't use execvp as it can be a security risk.
+
+2005-10-04 Steve Langasek <vorlon@debian.org>
+
+ * libpam/include/security/pam_malloc.h,
+ libpam/include/security/pam_modules.h: Declare public header
+ files extern "C" so that they are C++-safe.
+
+2005-10-02 Dmitry V. Levin <ldv@altlinux.org>
+ Steve Langasek <vorlon@debian.org>
+
+ Cleanup gratuitous use of strdup().
+ Fix "missing argument" checks.
+
+ * modules/pam_env/pam_env.c (_pam_parse): Add const qualifier
+ to conffile and envfile arguments. Do not use x_strdup() for
+ conffile and envfile initialization. Fix "missing argument"
+ checks.
+ (_parse_config_file): Take conffile argument of type "const char *"
+ instead of "char **". Do not free conffile.
+ (_parse_env_file): Take env_file argument of type "const char *"
+ instead of "char **". Do not free env_file.
+ (pam_sm_setcred): Add const qualifier to conf_file and env_file.
+ Pass conf_file and env_file to _parse_config_file() and
+ _parse_env_file() by value.
+ (pam_sm_open_session): Likewise.
+
+ * modules/pam_ftp/pam_ftp.c (_pam_parse): Add const qualifier to
+ users argument. Do not use x_strdup() for users initialization.
+ (lookup): Add const qualifier to list argument.
+ (pam_sm_authenticate): Add const qualifier to users argument.
+
+ * modules/pam_mail/pam_mail.c (_pam_parse): Add const qualifier
+ to maildir argument. Do not use x_strdup() for maildir
+ initialization. Fix "missing argument" check.
+ (get_folder): Take path_mail argument of type "const char *"
+ instead of "char **". Do not free path_mail.
+ (_do_mail): Add const qualifier to path_mail argument.
+ Pass path_mail to get_folder() by value.
+
+ * modules/pam_motd/pam_motd.c: Include <syslog.h>.
+ (pam_sm_open_session): Add const qualifier to motd_path.
+ Do not use x_strdup() for motd_path initialization. Do not
+ free motd_path. Fix "missing argument" check. Add "unknown
+ option" warning.
+
+ * modules/pam_userdb/pam_userdb.c (_pam_parse): Add const
+ qualifier to database and cryptmode arguments. Fix "missing
+ argument" checks.
+ (pam_sm_authenticate): Add const qualifier to database and cryptmode.
+ (pam_sm_acct_mgmt): Likewise.
+
+2005-10-01 Steve Langasek <vorlon@debian.org>
+
+ * modules/pam_userdb/pam_userdb.c: spelling fix in log message.
+
+2005-09-30 Steve Langasek <vorlon@debian.org>
+
+ * modules/pam_userdb/pam_userdb.c: Fix memory leak due to
+ gratuitous use of strdup().
+
+2005-09-27 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * release 0.99.1.0
+
+ * doc/specs/Makefile.am (install-data-local): Install
+ rfc and draft.
+ (all): Copy rfc if we build outside of source directory.
+
+2005-09-27 Thorsten Kukuk <kukuk@suse.de>
+
+ * NEWS: Document removal of pam_radius.
+ * autogen.sh: Make configure script executeable.
+
+ * conv/pam_conv1/Makefile (EXTRA_DIST): Removed lex.yy.c
+ (lex.yy.c): Fixed out of tree build.
+
+ * conv/pam_conv1/pam_conv.y: Fix main prototype.
+
+ * README: Adjust.
+
+ * po/POTFILES.in: Remove files not distributed by tar archive
+ and not containing strings for translation.
+
+2005-09-26 Tomas Mraz <t8m@centrum.cz>
+
+ * NEWS: Add a few missing entries from CHANGELOG.
+
+ * AUTHORS: Fixed entries for Toady and me.
+
+ * Makefile.am (M4_FILES): Fixed out of tree build.
+ * doc/specs/Makefile.am (EXTRA_DIST): Removed lex.yy.c
+ (spec, lex.yy.c): Fixed out of tree build.
+
+ * modules/pam_userdb/README: Document try_first_pass and
+ use_first_pass options, remove use_authtok option.
+
+
+2005-09-26 Dmitry V. Levin <ldv@altlinux.org>
+
+ * NEWS: Mention changes in pam_lastlog.
+
+2005-09-26 Thorsten Kukuk <kukuk@suse.de>
+
+ * NEWS: New file.
+ * autogen.sh: Don't generate NEWS file.
+ * CHANGELOG: Document it as obsolete.
+
+2005-09-26 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary):
+ _log_err() -> pam_syslog()
+ (pam_sm_acct_mgmt): _log_err() -> pam_syslog(), fix warning.
+ * modules/pam_unix/pam_unix_auth.c (pam_sm_authenticate):
+ _log_err() -> pam_syslog()
+ * modules/pam_unix/pam_unix_passwd.c: removed obsolete ifdef
+ (getNISserver, _unix_run_shadow_binary, _update_passwd,
+ _update_shadow, _do_setpass, _pam_unix_approve_pass,
+ pam_sm_chauthtok): _log_err() -> pam_syslog()
+ * modules/pam_unix/pam_unix_sess.c: removed obsolete ifdef
+ (pam_sm_open_session, pam_sm_close_session):
+ _log_err() -> pam_syslog()
+ * modules/pam_unix/support.c (_log_err, converse): removed
+ (_make_remark): use pam_prompt() instead of converse()
+ (_set_ctrl, _cleanup_failures, _unix_run_helper_binary,
+ _unix_verify_password, _unix_read_password):
+ _log_err() -> pam_syslog()
+ _cleanup(), _unix_cleanup(): Silence unused param warnings.
+ (_cleanup_failures, _unix_verify_password, _unix_getpwnam,
+ _unix_run_helper_binary): Silence incorrect type warnings.
+ (_unix_read_password): Use multiple pam_prompt() and pam_info() calls
+ instead of converse().
+ * modules/pam_unix/support.h (_log_err): removed
+ * modules/pam_unix/unix_chkpwd.c (_log_err): LOG_AUTH -> LOG_AUTHPRIV
+
+2005-09-26 Thorsten Kukuk <kukuk@suse.de>
+
+ * configure.in: Add doc/specs/Makefile.
+ * Makefile.am: Add releasedocs rule.
+ * doc/Makefile.am: Add specs subdir, remove files from specs
+ directory, add rfc86.0.txt to releasedocs.
+ * doc/specs/Makefile.am: New file.
+ * doc/specs/formatter/parse.y: move from here ...
+ * doc/specs/parse.y: ... here.
+ * doc/specs/formatter/parse.lex: move from here ...
+ * doc/specs/parse.lex: ... here.
+
+ * modules/pam_mail/pam_mail.c: Mark missing strings for translation
+ * po/Linux-PAM.pot: Add new strings from pam_mail
+ * po/cs.po: Likewise.
+ * po/de.po: Likewise.
+ * po/es.po: Likewise.
+ * po/fi.po: Likewise.
+ * po/fr.po: Likewise.
+ * po/hu.po: Likewise.
+ * po/it.po: Likewise.
+ * po/ja.po: Likewise.
+ * po/nb.po: Likewise.
+ * po/pa.po: Likewise.
+ * po/pl.po: Likewise.
+ * po/pt.po: Likewise.
+ * po/pt_BR.po: Likewise.
+ * po/zh_CN.po: Likewise.
+ * po/zh_TW.po: Likewise.
+
+2005-09-23 Tomas Mraz <t8m@centrum.cz>
+
+ * modules/pam_access/pam_access.c (from_match): Support NULL from.
+ (string_match): Support NULL string, add NONE keyword matching it.
+ (pam_sm_acct_mgmt): Don't fail when ttyname returns NULL.
+ * modules/pam_access/access.conf: NONE keyword description
+ * modules/pam_access/README: NONE keyword description
+
+2005-09-22 Dmitry V. Levin <ldv@altlinux.org>
+
+ * modules/pam_xauth/pam_xauth.c: (check_acl, pam_sm_open_session,
+ pam_sm_close_session): Strip redundant "pam_xauth: " prefix from
+ text of log messages.
+ (pam_sm_open_session): Replace sequence of malloc(), strcpy()
+ and strcat() calls with asprintf(). Replace syslog() calls
+ with pam_syslog().
+
+ * modules/pam_nologin/pam_nologin.c (parse_args): Use strncmp()
+ instead of memcmp() for string comparison.
+
+2005-09-21 Dmitry V. Levin <ldv@altlinux.org>
+
+ * modules/pam_nologin/pam_nologin.c: Include <syslog.h>.
+ (parse_args): Add pam_handle_t* argument. Log unrecognized
+ options.
+ (perform_check): Log pam_get_user() and malloc() failures.
+ (pam_sm_authenticate, pam_sm_setcred, pam_sm_acct_mgmt):
+ Pass pam_handle_t* to parse_args().
+
+ * modules/pam_mail/pam_mail.c: Include <errno.h>.
+ Remove YOUR_MAIL_VERBOSE_FORMAT, YOUR_MAIL_STANDARD_FORMAT and
+ NO_MAIL_STANDARD_FORMAT macros.
+ (parse_args, get_folder): Cleanup error messages.
+ (get_folder): Fix leak of the path_mail variable in case of
+ pam_get_user() failure. Cleanup memory management.
+ (get_mail_status): Add pam_handle_t* argument. Fix leaks of
+ namelist variable. Cleanup memory management. Log memory
+ allocation failures. Remove 250-byte limit on Maildir pathname.
+ (report_mail): Mark text messages for translation.
+ (_do_mail): Cleanup memory management. Pass pam_handle_t*
+ to get_mail_status().
+
+ * po/Linux-PAM.pot: Update with new strings from pam_mail for
+ translation.
+ * po/cs.po: Likewise.
+ * po/de.po: Likewise.
+ * po/es.po: Likewise.
+ * po/fi.po: Likewise.
+ * po/fr.po: Likewise.
+ * po/hu.po: Likewise.
+ * po/it.po: Likewise.
+ * po/ja.po: Likewise.
+ * po/nb.po: Likewise.
+ * po/pa.po: Likewise.
+ * po/pl.po: Likewise.
+ * po/pt.po: Likewise.
+ * po/pt_BR.po: Likewise.
+ * po/zh_CN.po: Likewise.
+ * po/zh_TW.po: Likewise.
+
+2005-09-20 Thorsten Kukuk <kukuk@suse.de>
+
+ * configure.in: Add finish translation.
+ * po/fi.po: New.
+
+ * acinclude.m4: remove libprelude macros.
+ * m4/libprelude.m4: New.
+
+ * Makefile.am (EXTRA_DIST): make sure we include all m4 macros.
+
+ * libpamc/Makefile.am (EXTRA_DIST): Add License.
+
+See CHANGELOG for earlier changes.
diff --git a/Linux-PAM/INSTALL b/Linux-PAM/INSTALL
new file mode 100644
index 00000000..56b077d6
--- /dev/null
+++ b/Linux-PAM/INSTALL
@@ -0,0 +1,236 @@
+Installation Instructions
+*************************
+
+Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005 Free
+Software Foundation, Inc.
+
+This file is free documentation; the Free Software Foundation gives
+unlimited permission to copy, distribute and modify it.
+
+Basic Installation
+==================
+
+These are generic installation instructions.
+
+ The `configure' shell script attempts to guess correct values for
+various system-dependent variables used during compilation. It uses
+those values to create a `Makefile' in each directory of the package.
+It may also create one or more `.h' files containing system-dependent
+definitions. Finally, it creates a shell script `config.status' that
+you can run in the future to recreate the current configuration, and a
+file `config.log' containing compiler output (useful mainly for
+debugging `configure').
+
+ It can also use an optional file (typically called `config.cache'
+and enabled with `--cache-file=config.cache' or simply `-C') that saves
+the results of its tests to speed up reconfiguring. (Caching is
+disabled by default to prevent problems with accidental use of stale
+cache files.)
+
+ If you need to do unusual things to compile the package, please try
+to figure out how `configure' could check whether to do them, and mail
+diffs or instructions to the address given in the `README' so they can
+be considered for the next release. If you are using the cache, and at
+some point `config.cache' contains results you don't want to keep, you
+may remove or edit it.
+
+ The file `configure.ac' (or `configure.in') is used to create
+`configure' by a program called `autoconf'. You only need
+`configure.ac' if you want to change it or regenerate `configure' using
+a newer version of `autoconf'.
+
+The simplest way to compile this package is:
+
+ 1. `cd' to the directory containing the package's source code and type
+ `./configure' to configure the package for your system. If you're
+ using `csh' on an old version of System V, you might need to type
+ `sh ./configure' instead to prevent `csh' from trying to execute
+ `configure' itself.
+
+ Running `configure' takes awhile. While running, it prints some
+ messages telling which features it is checking for.
+
+ 2. Type `make' to compile the package.
+
+ 3. Optionally, type `make check' to run any self-tests that come with
+ the package.
+
+ 4. Type `make install' to install the programs and any data files and
+ documentation.
+
+ 5. You can remove the program binaries and object files from the
+ source code directory by typing `make clean'. To also remove the
+ files that `configure' created (so you can compile the package for
+ a different kind of computer), type `make distclean'. There is
+ also a `make maintainer-clean' target, but that is intended mainly
+ for the package's developers. If you use it, you may have to get
+ all sorts of other programs in order to regenerate files that came
+ with the distribution.
+
+Compilers and Options
+=====================
+
+Some systems require unusual options for compilation or linking that the
+`configure' script does not know about. Run `./configure --help' for
+details on some of the pertinent environment variables.
+
+ You can give `configure' initial values for configuration parameters
+by setting variables in the command line or in the environment. Here
+is an example:
+
+ ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix
+
+ *Note Defining Variables::, for more details.
+
+Compiling For Multiple Architectures
+====================================
+
+You can compile the package for more than one kind of computer at the
+same time, by placing the object files for each architecture in their
+own directory. To do this, you must use a version of `make' that
+supports the `VPATH' variable, such as GNU `make'. `cd' to the
+directory where you want the object files and executables to go and run
+the `configure' script. `configure' automatically checks for the
+source code in the directory that `configure' is in and in `..'.
+
+ If you have to use a `make' that does not support the `VPATH'
+variable, you have to compile the package for one architecture at a
+time in the source code directory. After you have installed the
+package for one architecture, use `make distclean' before reconfiguring
+for another architecture.
+
+Installation Names
+==================
+
+By default, `make install' will install the package's files in
+`/usr/local/bin', `/usr/local/man', etc. You can specify an
+installation prefix other than `/usr/local' by giving `configure' the
+option `--prefix=PREFIX'.
+
+ You can specify separate installation prefixes for
+architecture-specific files and architecture-independent files. If you
+give `configure' the option `--exec-prefix=PREFIX', the package will
+use PREFIX as the prefix for installing programs and libraries.
+Documentation and other data files will still use the regular prefix.
+
+ In addition, if you use an unusual directory layout you can give
+options like `--bindir=DIR' to specify different values for particular
+kinds of files. Run `configure --help' for a list of the directories
+you can set and what kinds of files go in them.
+
+ If the package supports it, you can cause programs to be installed
+with an extra prefix or suffix on their names by giving `configure' the
+option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
+
+Optional Features
+=================
+
+Some packages pay attention to `--enable-FEATURE' options to
+`configure', where FEATURE indicates an optional part of the package.
+They may also pay attention to `--with-PACKAGE' options, where PACKAGE
+is something like `gnu-as' or `x' (for the X Window System). The
+`README' should mention any `--enable-' and `--with-' options that the
+package recognizes.
+
+ For packages that use the X Window System, `configure' can usually
+find the X include and library files automatically, but if it doesn't,
+you can use the `configure' options `--x-includes=DIR' and
+`--x-libraries=DIR' to specify their locations.
+
+Specifying the System Type
+==========================
+
+There may be some features `configure' cannot figure out automatically,
+but needs to determine by the type of machine the package will run on.
+Usually, assuming the package is built to be run on the _same_
+architectures, `configure' can figure that out, but if it prints a
+message saying it cannot guess the machine type, give it the
+`--build=TYPE' option. TYPE can either be a short name for the system
+type, such as `sun4', or a canonical name which has the form:
+
+ CPU-COMPANY-SYSTEM
+
+where SYSTEM can have one of these forms:
+
+ OS KERNEL-OS
+
+ See the file `config.sub' for the possible values of each field. If
+`config.sub' isn't included in this package, then this package doesn't
+need to know the machine type.
+
+ If you are _building_ compiler tools for cross-compiling, you should
+use the `--target=TYPE' option to select the type of system they will
+produce code for.
+
+ If you want to _use_ a cross compiler, that generates code for a
+platform different from the build platform, you should specify the
+"host" platform (i.e., that on which the generated programs will
+eventually be run) with `--host=TYPE'.
+
+Sharing Defaults
+================
+
+If you want to set default values for `configure' scripts to share, you
+can create a site shell script called `config.site' that gives default
+values for variables like `CC', `cache_file', and `prefix'.
+`configure' looks for `PREFIX/share/config.site' if it exists, then
+`PREFIX/etc/config.site' if it exists. Or, you can set the
+`CONFIG_SITE' environment variable to the location of the site script.
+A warning: not all `configure' scripts look for a site script.
+
+Defining Variables
+==================
+
+Variables not defined in a site shell script can be set in the
+environment passed to `configure'. However, some packages may run
+configure again during the build, and the customized values of these
+variables may be lost. In order to avoid this problem, you should set
+them in the `configure' command line, using `VAR=value'. For example:
+
+ ./configure CC=/usr/local2/bin/gcc
+
+causes the specified `gcc' to be used as the C compiler (unless it is
+overridden in the site shell script). Here is a another example:
+
+ /bin/bash ./configure CONFIG_SHELL=/bin/bash
+
+Here the `CONFIG_SHELL=/bin/bash' operand causes subsequent
+configuration-related scripts to be executed by `/bin/bash'.
+
+`configure' Invocation
+======================
+
+`configure' recognizes the following options to control how it operates.
+
+`--help'
+`-h'
+ Print a summary of the options to `configure', and exit.
+
+`--version'
+`-V'
+ Print the version of Autoconf used to generate the `configure'
+ script, and exit.
+
+`--cache-file=FILE'
+ Enable the cache: use and save the results of the tests in FILE,
+ traditionally `config.cache'. FILE defaults to `/dev/null' to
+ disable caching.
+
+`--config-cache'
+`-C'
+ Alias for `--cache-file=config.cache'.
+
+`--quiet'
+`--silent'
+`-q'
+ Do not print messages saying which checks are being made. To
+ suppress all normal output, redirect it to `/dev/null' (any error
+ messages will still be shown).
+
+`--srcdir=DIR'
+ Look for the package's source code in directory DIR. Usually
+ `configure' can determine that directory automatically.
+
+`configure' also accepts some other, not widely useful, options. Run
+`configure --help' for more details.
+
diff --git a/Linux-PAM/Make.Rules.in b/Linux-PAM/Make.Rules.in
deleted file mode 100644
index 86a80524..00000000
--- a/Linux-PAM/Make.Rules.in
+++ /dev/null
@@ -1,124 +0,0 @@
-##
-## $Id: Make.Rules.in,v 1.18 2005/03/29 20:41:19 toady Exp $
-##
-## @configure_input@
-##
-
-srcdir = @srcdir@
-top_srcdir = @top_srcdir@
-VPATH = @srcdir@
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-
-bindir = @bindir@
-sbindir = @sbindir@
-libexecdir = @libexecdir@
-datadir = @datadir@
-sysconfdir = @sysconfdir@
-sharedstatedir = @sharedstatedir@
-localstatedir = @localstatedir@
-libdir = @libdir@
-infodir = @infodir@
-includedir = @includedir@
-mandir = @mandir@
-
-absolute_srcdir = @LOCALSRCDIR@
-absolute_objdir = @LOCALOBJDIR@
-
-# major and minor numbers of this release
-MAJOR_REL=@LIBPAM_VERSION_MAJOR@
-MINOR_REL=@LIBPAM_VERSION_MINOR@
-
-# The following is the generic set of compiler options for compiling
-# Linux-PAM. True, they are a little anal. Pay attention to the comments
-# they generate.
-
-HEADER_DIRS=-I./include -I$(absolute_srcdir)/libpam/include \
- -I$(absolute_objdir) -I$(absolute_srcdir)/libpamc/include
-WARNINGS=@WARNINGS@
-OS_CFLAGS=@OS_CFLAGS@
-PIC=@PIC@
-
-# Mode to install shared libraries with
-SHLIBMODE=@SHLIBMODE@
-# Mode to install man pages with
-MANMODE=@MANMODE@
-
-NEED_LINK_LIB_C=@PAM_NEEDS_LIBC@
-HAVE_LCKPWDF=@HAVE_LCKPWDF@
-HAVE_LIBCRACK=@HAVE_LIBCRACK@
-HAVE_LIBCAP=@HAVE_LIBCAP@
-HAVE_LIBCRYPT=@HAVE_LIBCRYPT@
-HAVE_LIBUTIL=@HAVE_LIBUTIL@
-HAVE_NDBM_H=@HAVE_NDBM_H@
-HAVE_LIBNDBM=@HAVE_LIBNDBM@
-HAVE_LIBDB=@HAVE_LIBDB@
-HAVE_LIBFL=@HAVE_LIBFL@
-HAVE_LIBNSL=@HAVE_LIBNSL@
-HAVE_LIBPWDB=@HAVE_LIBPWDB@
-
-ifeq (@HAVE_LIBFLEX@,yes)
-LINK_LIBLEX=-lfl
-else
-ifeq (@HAVE_LIBLEX@,yes)
-LINK_LIBLEX=-ll
-endif
-endif
-
-# documentation support
-HAVE_SGML2TXT=@HAVE_SGML2TXT@
-HAVE_SGML2HTML=@HAVE_SGML2HTML@
-HAVE_PS2PDF=@HAVE_PS2PDF@
-PSER=@PSER@
-DOCDIR=@DOCDIR@
-MANDIR=@MANDIR@
-
-# configuration settings
-WITH_DEBUG=@WITH_DEBUG@
-WITH_MEMORY_DEBUG=@WITH_MEMORY_DEBUG@
-WITH_LIBDEBUG=@WITH_LIBDEBUG@
-WITH_PRELUDE=@WITH_PRELUDE@
-WITH_PAMLOCKING=@WITH_PAMLOCKING@
-WITH_LCKPWDF=@WITH_LCKPWDF@
-STATIC_LIBPAM=@STATIC_LIBPAM@
-DYNAMIC_LIBPAM=@DYNAMIC_LIBPAM@
-STATIC=@STATIC@
-DYNAMIC=@DYNAMIC@
-
-# Location of libraries when installed on the system
-FAKEROOT=@FAKEROOT@
-SECUREDIR=@SECUREDIR@
-SCONFIGD=@SCONFIGDIR@
-SUPLEMENTED=@SUPLEMENTED@
-INCLUDED=@INCLUDEDIR@/security
-CRACKLIB_DICTPATH=@CRACKLIB_DICTPATH@
-
-# generic build setup
-OS=@OS@
-CC=@CC@
-CFLAGS=$(WARNINGS) -D$(OS) @CFLAGS@ @CPPFLAGS@ $(OS_CFLAGS) $(HEADER_DIRS) @CONF_CFLAGS@
-LDFLAGS=@LDFLAGS@
-LD=@LD@
-LD_D=@LD_D@
-LD_L=@LD_L@
-MV=@MV@
-LDCONFIG=@LDCONFIG@
-DYNTYPE=@DYNTYPE@
-USESONAME=@USESONAME@
-NEEDSONAME=@NEEDSONAME@
-SOSWITCH=@SOSWITCH@
-LIBDL=@LIBDL@
-MKDIR=@MKDIR@
-INSTALL=@INSTALL@
-RANLIB=@RANLIB@
-STRIP=@STRIP@
-CC_STATIC=@CC_STATIC@
-
-LINKLIBS = $(NEED_LINK_LIB_C) $(LIBDL)
-
-USESONAME=@USESONAME@
-SOSWITCH=@SOSWITCH@
-
-ifdef DYNAMIC
-CFLAGS += $(PIC)
-endif
diff --git a/Linux-PAM/Make.xml.rules b/Linux-PAM/Make.xml.rules
new file mode 100644
index 00000000..6e9dccc9
--- /dev/null
+++ b/Linux-PAM/Make.xml.rules
@@ -0,0 +1,25 @@
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+README: README.xml
+ $(XSLTPROC) --path $(srcdir) --xinclude --stringparam generate.toc "none" --nonet http://docbook.sourceforge.net/release/xsl/current/html/docbook.xsl $< | $(BROWSER) > $(srcdir)/$@
+
+%.1: %.1.xml
+ $(XMLLINT) --nonet --xinclude --postvalid --noout $<
+ $(XSLTPROC) -o $(srcdir)/$@ --path $(srcdir) --xinclude --nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+
+%.3: %.3.xml
+ $(XMLLINT) --nonet --xinclude --postvalid --noout $<
+ $(XSLTPROC) -o $(srcdir)/$@ --path $(srcdir) --xinclude --nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+
+%.5: %.5.xml
+ $(XMLLINT) --nonet --xinclude --postvalid --noout $<
+ $(XSLTPROC) -o $(srcdir)/$@ --path $(srcdir) --xinclude --nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+
+%.8: %.8.xml
+ $(XMLLINT) --nonet --xinclude --postvalid --noout $<
+ $(XSLTPROC) -o $(srcdir)/$@ --path $(srcdir) --xinclude --nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+
+#CLEANFILES += $(man_MANS) README
+
diff --git a/Linux-PAM/Makefile b/Linux-PAM/Makefile
deleted file mode 100644
index 398ae2df..00000000
--- a/Linux-PAM/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-##
-## $Id: Makefile,v 1.12 2004/10/14 14:47:53 kukuk Exp $
-##
-
-## Note, ideally I would prefer it if this top level makefile did
-## not get created by autoconf. As I find typing 'make' and relying
-## on it to take care of all dependencies much more friendly than
-## the multi-stage autoconf+make and also worry about updates to
-## configure.in not getting propagated down the tree. (AGM) [I realise
-## that this may not prove possible, but at least I tried.. Sigh.]
-
-DISTNAME=Linux-PAM
-
--include Make.Rules
-
-THINGSTOMAKE = libpam libpamc libpam_misc modules doc examples
-
-all: $(THINGSTOMAKE)
-
- # Let's get a dynamic libpam.so first
- bootstrap-libpam: _pam_aconf.h prep
- $(MAKE) -C libpam bootstrap-libpam
-
-prep:
- rm -f security
- ln -sf . security
-
-clean:
- if [ ! -f Make.Rules ]; then touch Make.Rules ; fi
- for i in $(THINGSTOMAKE) ; do $(MAKE) -C $$i clean ; done
- rm -f security *~ *.orig *.rej #*#
-
-distclean: clean
- rm -f Make.Rules _pam_aconf.h
- rm -f config.status config.cache config.log core
- rm -rf autom4te.cache/
-
-maintainer-clean: distclean
- @echo files should be ok for packaging now.
-
-# NB _pam_aconf.h.in changes will remake this too
-Make.Rules: configure Make.Rules.in _pam_aconf.h.in
- ./config.status --recheck
- ./config.status
-
-_pam_aconf.h: Make.Rules
-
-configure: configure.in
- @echo
- @echo You do not appear to have an up-to-date ./configure file.
- @echo Please run autoconf, and then ./configure [..options..]
- @echo
- @rm -f configure
- @exit 1
-
-$(THINGSTOMAKE): _pam_aconf.h prep bootstrap-libpam
- $(MAKE) -C $@ all
-
-install: _pam_aconf.h prep
- for x in $(THINGSTOMAKE) ; do $(MAKE) -C $$x install ; done
-
-remove:
- rm -f $(FAKEROOT)$(INCLUDED)/_pam_aconf.h
- for x in $(THINGSTOMAKE) ; do $(MAKE) -C $$x remove ; done
-
-release:
- @if [ ! -f Make.Rules ]; then echo $(MAKE) Make.Rules first ;exit 1 ;fi
- @if [ ! -L ../$(DISTNAME)-$(MAJOR_REL).$(MINOR_REL) ]; then \
- echo generating ../$(DISTNAME)-$(MAJOR_REL).$(MINOR_REL) link ; \
- ln -sf $(DISTNAME) ../$(DISTNAME)-$(MAJOR_REL).$(MINOR_REL) ; \
- echo to ../$(DISTNAME) . ; fi
- @diff ../$(DISTNAME)-$(MAJOR_REL).$(MINOR_REL)/Make.Rules Make.Rules
- $(MAKE) distclean
- cd .. ; tar zvfc $(DISTNAME)-$(MAJOR_REL).$(MINOR_REL).tar.gz \
- --exclude CVS --exclude .cvsignore --exclude '.#*' \
- $(DISTNAME)-$(MAJOR_REL).$(MINOR_REL)/*
diff --git a/Linux-PAM/Makefile.am b/Linux-PAM/Makefile.am
new file mode 100644
index 00000000..b0fd70fa
--- /dev/null
+++ b/Linux-PAM/Makefile.am
@@ -0,0 +1,48 @@
+#
+# Copyright (c) 2005, 2006, 2007 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+AUTOMAKE_OPTIONS = 1.9 gnu dist-bzip2 check-news
+
+if STATIC_MODULES
+SUBDIRS = modules libpam libpamc libpam_misc tests po conf doc examples xtests
+else
+SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc examples xtests
+endif
+
+CLEANFILES = *~
+
+M4_FILES = m4/codeset.m4 m4/gettext.m4 m4/glibc21.m4 m4/glibc2.m4 \
+ m4/iconv.m4 m4/intdiv0.m4 m4/intmax.m4 m4/inttypes_h.m4 \
+ m4/inttypes-h.m4 m4/inttypes.m4 m4/inttypes-pri.m4 \
+ m4/isc-posix.m4 m4/jh_path_xml_catalog.m4 m4/lcmessage.m4 \
+ m4/ld-as-needed.m4 m4/ld-O1.m4 m4/lib-ld.m4 m4/lib-link.m4 \
+ m4/lib-prefix.m4 m4/libprelude.m4 m4/lock.m4 m4/longdouble.m4 \
+ m4/longlong.m4 m4/nls.m4 m4/po.m4 m4/printf-posix.m4 \
+ m4/progtest.m4 m4/signed.m4 m4/size_max.m4 m4/stdint_h.m4 \
+ m4/uintmax_t.m4 m4/ulonglong.m4 m4/visibility.m4 \
+ m4/wchar_t.m4 m4/wint_t.m4 m4/xsize.m4
+
+EXTRA_DIST = config.rpath mkinstalldirs pgp.keys.asc CHANGELOG \
+ Copyright $(M4_FILES) Make.xml.rules
+
+ACLOCAL_AMFLAGS = -I m4
+
+release: dist releasedocs
+
+release-docs: releasedocs
+
+releasedocs:
+ rm -rf Linux-PAM-$(VERSION)
+ mkdir -p Linux-PAM-$(VERSION)/doc
+ make -C doc releasedocs
+ tar zfc Linux-PAM-$(VERSION)-docs.tar.gz \
+ Linux-PAM-$(VERSION)/doc
+ tar jfc Linux-PAM-$(VERSION)-docs.tar.bz2 \
+ Linux-PAM-$(VERSION)/doc
+ rm -rf Linux-PAM-$(VERSION)
+
+xtests:
+ make -C xtests xtests
+
+.PHONY: xtests
diff --git a/Linux-PAM/Makefile.in b/Linux-PAM/Makefile.in
new file mode 100644
index 00000000..e61dff14
--- /dev/null
+++ b/Linux-PAM/Makefile.in
@@ -0,0 +1,733 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006, 2007 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = .
+DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in $(srcdir)/config.h.in \
+ $(top_srcdir)/configure ABOUT-NLS AUTHORS COPYING ChangeLog \
+ INSTALL NEWS compile config.guess config.rpath config.sub \
+ depcomp install-sh ltmain.sh missing mkinstalldirs ylwrap
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
+ configure.lineno config.status.lineno
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = config.h
+CONFIG_CLEAN_FILES =
+SOURCES =
+DIST_SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
+ html-recursive info-recursive install-data-recursive \
+ install-dvi-recursive install-exec-recursive \
+ install-html-recursive install-info-recursive \
+ install-pdf-recursive install-ps-recursive install-recursive \
+ installcheck-recursive installdirs-recursive pdf-recursive \
+ ps-recursive uninstall-recursive
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+ETAGS = etags
+CTAGS = ctags
+DIST_SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc \
+ examples xtests
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+distdir = $(PACKAGE)-$(VERSION)
+top_distdir = $(distdir)
+am__remove_distdir = \
+ { test ! -d $(distdir) \
+ || { find $(distdir) -type d ! -perm -200 -exec chmod u+w {} ';' \
+ && rm -fr $(distdir); }; }
+DIST_ARCHIVES = $(distdir).tar.gz $(distdir).tar.bz2
+GZIP_ENV = --best
+distuninstallcheck_listfiles = find . -type f -print
+distcleancheck_listfiles = find . -type f -print
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+AUTOMAKE_OPTIONS = 1.9 gnu dist-bzip2 check-news
+@STATIC_MODULES_FALSE@SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc examples xtests
+@STATIC_MODULES_TRUE@SUBDIRS = modules libpam libpamc libpam_misc tests po conf doc examples xtests
+CLEANFILES = *~
+M4_FILES = m4/codeset.m4 m4/gettext.m4 m4/glibc21.m4 m4/glibc2.m4 \
+ m4/iconv.m4 m4/intdiv0.m4 m4/intmax.m4 m4/inttypes_h.m4 \
+ m4/inttypes-h.m4 m4/inttypes.m4 m4/inttypes-pri.m4 \
+ m4/isc-posix.m4 m4/jh_path_xml_catalog.m4 m4/lcmessage.m4 \
+ m4/ld-as-needed.m4 m4/ld-O1.m4 m4/lib-ld.m4 m4/lib-link.m4 \
+ m4/lib-prefix.m4 m4/libprelude.m4 m4/lock.m4 m4/longdouble.m4 \
+ m4/longlong.m4 m4/nls.m4 m4/po.m4 m4/printf-posix.m4 \
+ m4/progtest.m4 m4/signed.m4 m4/size_max.m4 m4/stdint_h.m4 \
+ m4/uintmax_t.m4 m4/ulonglong.m4 m4/visibility.m4 \
+ m4/wchar_t.m4 m4/wint_t.m4 m4/xsize.m4
+
+EXTRA_DIST = config.rpath mkinstalldirs pgp.keys.asc CHANGELOG \
+ Copyright $(M4_FILES) Make.xml.rules
+
+ACLOCAL_AMFLAGS = -I m4
+all: config.h
+ $(MAKE) $(AM_MAKEFLAGS) all-recursive
+
+.SUFFIXES:
+am--refresh:
+ @:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ echo ' cd $(srcdir) && $(AUTOMAKE) --gnu '; \
+ cd $(srcdir) && $(AUTOMAKE) --gnu \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ echo ' $(SHELL) ./config.status'; \
+ $(SHELL) ./config.status;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ $(SHELL) ./config.status --recheck
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(srcdir) && $(AUTOCONF)
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS)
+
+config.h: stamp-h1
+ @if test ! -f $@; then \
+ rm -f stamp-h1; \
+ $(MAKE) $(AM_MAKEFLAGS) stamp-h1; \
+ else :; fi
+
+stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
+ @rm -f stamp-h1
+ cd $(top_builddir) && $(SHELL) ./config.status config.h
+$(srcdir)/config.h.in: $(am__configure_deps)
+ cd $(top_srcdir) && $(AUTOHEADER)
+ rm -f stamp-h1
+ touch $@
+
+distclean-hdr:
+ -rm -f config.h stamp-h1
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+distclean-libtool:
+ -rm -f libtool
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run `make' without going through this Makefile.
+# To change the values of `make' variables: instead of editing Makefiles,
+# (1) if the variable is set in `config.status', edit `config.status'
+# (which will cause the Makefiles to be regenerated when you run `make');
+# (2) otherwise, pass the desired values on the `make' command line.
+$(RECURSIVE_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+$(RECURSIVE_CLEAN_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ rev=''; for subdir in $$list; do \
+ if test "$$subdir" = "."; then :; else \
+ rev="$$subdir $$rev"; \
+ fi; \
+ done; \
+ rev="$$rev ."; \
+ target=`echo $@ | sed s/-recursive//`; \
+ for subdir in $$rev; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done && test -z "$$fail"
+tags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
+ done
+ctags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: ctags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @case `sed 15q $(srcdir)/NEWS` in \
+ *"$(VERSION)"*) : ;; \
+ *) \
+ echo "NEWS not updated; not releasing" 1>&2; \
+ exit 1;; \
+ esac
+ $(am__remove_distdir)
+ test -d $(distdir) || mkdir $(distdir)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+ list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ distdir=`$(am__cd) $(distdir) && pwd`; \
+ top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
+ (cd $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$top_distdir" \
+ distdir="$$distdir/$$subdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+ -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \
+ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \
+ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \
+ ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
+ || chmod -R a+r $(distdir)
+dist-gzip: distdir
+ tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
+ $(am__remove_distdir)
+dist-bzip2: distdir
+ tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2
+ $(am__remove_distdir)
+
+dist-tarZ: distdir
+ tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z
+ $(am__remove_distdir)
+
+dist-shar: distdir
+ shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz
+ $(am__remove_distdir)
+
+dist-zip: distdir
+ -rm -f $(distdir).zip
+ zip -rq $(distdir).zip $(distdir)
+ $(am__remove_distdir)
+
+dist dist-all: distdir
+ tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
+ tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2
+ $(am__remove_distdir)
+
+# This target untars the dist file and tries a VPATH configuration. Then
+# it guarantees that the distribution is self-contained by making another
+# tarfile.
+distcheck: dist
+ case '$(DIST_ARCHIVES)' in \
+ *.tar.gz*) \
+ GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\
+ *.tar.bz2*) \
+ bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\
+ *.tar.Z*) \
+ uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
+ *.shar.gz*) \
+ GZIP=$(GZIP_ENV) gunzip -c $(distdir).shar.gz | unshar ;;\
+ *.zip*) \
+ unzip $(distdir).zip ;;\
+ esac
+ chmod -R a-w $(distdir); chmod a+w $(distdir)
+ mkdir $(distdir)/_build
+ mkdir $(distdir)/_inst
+ chmod a-w $(distdir)
+ dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \
+ && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \
+ && cd $(distdir)/_build \
+ && ../configure --srcdir=.. --prefix="$$dc_install_base" \
+ $(DISTCHECK_CONFIGURE_FLAGS) \
+ && $(MAKE) $(AM_MAKEFLAGS) \
+ && $(MAKE) $(AM_MAKEFLAGS) dvi \
+ && $(MAKE) $(AM_MAKEFLAGS) check \
+ && $(MAKE) $(AM_MAKEFLAGS) install \
+ && $(MAKE) $(AM_MAKEFLAGS) installcheck \
+ && $(MAKE) $(AM_MAKEFLAGS) uninstall \
+ && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \
+ distuninstallcheck \
+ && chmod -R a-w "$$dc_install_base" \
+ && ({ \
+ (cd ../.. && umask 077 && mkdir "$$dc_destdir") \
+ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \
+ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \
+ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \
+ distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \
+ } || { rm -rf "$$dc_destdir"; exit 1; }) \
+ && rm -rf "$$dc_destdir" \
+ && $(MAKE) $(AM_MAKEFLAGS) dist \
+ && rm -rf $(DIST_ARCHIVES) \
+ && $(MAKE) $(AM_MAKEFLAGS) distcleancheck
+ $(am__remove_distdir)
+ @(echo "$(distdir) archives ready for distribution: "; \
+ list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \
+ sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x'
+distuninstallcheck:
+ @cd $(distuninstallcheck_dir) \
+ && test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \
+ || { echo "ERROR: files left after uninstall:" ; \
+ if test -n "$(DESTDIR)"; then \
+ echo " (check DESTDIR support)"; \
+ fi ; \
+ $(distuninstallcheck_listfiles) ; \
+ exit 1; } >&2
+distcleancheck: distclean
+ @if test '$(srcdir)' = . ; then \
+ echo "ERROR: distcleancheck can only run from a VPATH build" ; \
+ exit 1 ; \
+ fi
+ @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \
+ || { echo "ERROR: files left in build directory after distclean:" ; \
+ $(distcleancheck_listfiles) ; \
+ exit 1; } >&2
+check-am: all-am
+check: check-recursive
+all-am: Makefile config.h
+installdirs: installdirs-recursive
+installdirs-am:
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -f $(am__CONFIG_DISTCLEAN_FILES)
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-hdr \
+ distclean-libtool distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+info: info-recursive
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-recursive
+
+install-exec-am:
+
+install-html: install-html-recursive
+
+install-info: install-info-recursive
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-ps: install-ps-recursive
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -f $(am__CONFIG_DISTCLEAN_FILES)
+ -rm -rf $(top_srcdir)/autom4te.cache
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \
+ install-strip
+
+.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
+ all all-am am--refresh check check-am clean clean-generic \
+ clean-libtool ctags ctags-recursive dist dist-all dist-bzip2 \
+ dist-gzip dist-shar dist-tarZ dist-zip distcheck distclean \
+ distclean-generic distclean-hdr distclean-libtool \
+ distclean-tags distcleancheck distdir distuninstallcheck dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-html install-html-am \
+ install-info install-info-am install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs installdirs-am \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-recursive uninstall uninstall-am
+
+
+release: dist releasedocs
+
+release-docs: releasedocs
+
+releasedocs:
+ rm -rf Linux-PAM-$(VERSION)
+ mkdir -p Linux-PAM-$(VERSION)/doc
+ make -C doc releasedocs
+ tar zfc Linux-PAM-$(VERSION)-docs.tar.gz \
+ Linux-PAM-$(VERSION)/doc
+ tar jfc Linux-PAM-$(VERSION)-docs.tar.bz2 \
+ Linux-PAM-$(VERSION)/doc
+ rm -rf Linux-PAM-$(VERSION)
+
+xtests:
+ make -C xtests xtests
+
+.PHONY: xtests
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/NEWS b/Linux-PAM/NEWS
new file mode 100644
index 00000000..810660fc
--- /dev/null
+++ b/Linux-PAM/NEWS
@@ -0,0 +1,125 @@
+Linux-PAM NEWS -- history of user-visible changes.
+
+
+Release 0.99.7.1
+
+* Security fix for pam_unix.so (CVE-2007-0003).
+
+
+Release 0.99.7.0
+
+* Add manual page for pam_unix.so.
+* Add pam_faildelay module to set pam_fail_delay() value.
+* Fix possible seg.fault in libpam/pam_set_data().
+* Cleanup of configure options.
+* Update hungarian translation, fix german translation.
+
+
+Release 0.99.6.3
+
+* pam_loginuid: New PAM module.
+* pam_access, pam_succeed_if: Support passwd and session services.
+
+
+Release 0.99.6.2
+
+* pam_lastlog: Don't refuse login if lastlog file got lost.
+* pam_cracklib: Fix a user triggerable crash.
+* documentation: Regenerate with fixed docbook stylesheet.
+
+
+Release 0.99.6.1
+
+* Fix bootstrapping problems.
+* Bug fixes: pam_keyinit, pam_umask
+
+
+Release 0.99.6.0
+
+* pam_namespace: Code cleanup, add init script to tar archive.
+* pam_succeed_if: Add support for service match.
+* Add xtests (to run after installation).
+* Documentation: Convert sgml guides to XML, unify documentation
+ for PAM functions and modules.
+
+
+Release 0.99.5.0
+
+* pam_tally: Fix support for large UIDs
+* Fixed all problems found by Coverity
+* Add support for Intel C Compiler
+* Add manual page for pam_mkhomedir, pam_umask, pam_filter,
+ pam_issue, pam_ftp, pam_group, pam_lastlog, pam_listfile,
+ pam_localuser, pam_mail, pam_motd, pam_nologin, pam_permit,
+ pam_rootok, pam_securetty, pam_shells, pam_userdb, pam_warn,
+ pam_time, pam_limits, pam_debug, pam_tally
+* The libpam memory debug code was removed
+* pam_keyinit: New module to initialise kernel session keyring.
+* pam_namespace: New module to configure private namespace for a session.
+* pam_rhosts: New module which replaces pam_rhosts_auth, now IPv6 capable.
+* pam_rhosts_auth: This module is now deprecated.
+
+
+Release 0.99.4.0
+
+* Add test suite
+* Fix building of static variants of libpam, libpamc and libpam_misc
+* pam_listfile: Add support for password and session management
+* pam_exec: New PAM module to execute arbitary commands
+* Fix building of a static libpam including all PAM modules
+* New/updated translations for: nl, pt, pl, fi, km, tr, uk, fr
+* pam_access: Add network(address) / netmask and IPv6 support
+* Add manual pages for pam_cracklib, pam_deny and pam_access
+* pam_pwdb: This deprecated module was removed
+* Manual pages: Major rewrite/cleanup
+
+
+Release 0.99.3.0
+
+* Fix NULL pointer checks in libpam.so
+* pam_succeed_if, pam_group, pam_time: Support netgroup matching
+* New translations for: nb, hu, fi, de, es, fr, it, ja, pt_BR, zh_CN, zh_TW
+* Audit PAM calls if Linux Audit is available
+* Compile upperLOWER and unix_chkpwd as PIE binaries
+
+
+Release 0.99.2.1
+
+* Fix install of PS, PDF, TXT and HTML files
+* pam_mail: Update README
+* Use %m consistent
+* pam_modutil_getlogin: Fix parsing of PAM_TTY variable
+
+
+Release 0.99.2.0
+
+* Fix parsing of full path tty name in various modules
+* pam_xauth: Look for xauth executable in multiple places
+* pam_unix: Disable user check in unix_chkpwd only if real uid
+ is 0 (CVE-2005-2977). Log failed password check attempt.
+* pam_env: Support /etc/environment again, but don't treat it as
+ error if it is missing.
+* pam_userdb: Fix memory leak.
+
+
+Release 0.99.1.0
+
+* Use autoconf/automake/libtool
+* Add gettext support
+* Add translations for cs, de, es, fr, hu, it, ja, nb, pa, pt_BR,
+ pt, zh_CN and zh_TW
+* libpam: Remove pam_authenticate_secondary stub
+* libpam: Add pam_prompt,pam_vprompt,pam_error,pam_verror,pam_info
+ and pam_vinfo functions for use by modules as extension
+* libpam: Add pam_syslog function for unified syslog messages from
+ PAM modules
+* libpam: Moved functions from pammodutil to libpam
+* pam_umask: New module for setting umask from GECOS field, /etc/login.defs
+ or /etc/default/login
+* pam_echo: New PAM module for message output
+* pam_userdb: Fix regression (crash when crypt param not specified)
+* pam_limits: Fix regression from RLIMIT_NICE support (wrong limit
+ values for other limits are applied)
+* pam_access: Support for NULL tty - matches ALL and NONE keywords
+* pam_lastlog: Enable log to wtmp by default. Add "nowtmp" option
+* pam_radius: This module was removed
diff --git a/Linux-PAM/README b/Linux-PAM/README
index 1e769a5d..bd804b17 100644
--- a/Linux-PAM/README
+++ b/Linux-PAM/README
@@ -1,6 +1,3 @@
-#
-# $Id: README,v 1.3 2000/11/20 00:01:49 agmorgan Exp $
-#
Hello!
@@ -14,6 +11,12 @@ How to use it is as follows:
./configure <your-options>
make
+To make sure everything was compiled correct, run:
+
+ make check
+
+If a test failes, you should not continue to install this build.
+
Note, if you are worried - don't even think about doing the next line
(most Linux distributions already support PAM out of the box, so if
something goes wrong with installing the code from this version your
@@ -21,8 +24,24 @@ box may stop working..)
make install
-That said, please report problems to me.
+That said, please report problems to the bug reporting database
+on sourceforge.net.
+
+You can run additional checks after installing by executing
+
+ make xtests
+
+as root.
+
+If you do not wish to make the modules dynamically loadable, but
+build a static libpam including all PAM modules, you have to call:
+
+ ./configure --enable-static-modules
+
+In this case you cannot use pam_unix in the PAM config files instead you
+have to use pam_unix_acct, pam_unix_auth, pam_unix_passwd and
+pam_unix_session.
-Andrew Morgan
-<morgan@kernel.org>
-<agmorgan@users.sourceforge.net>
+To regenerate manual pages from the XML source files you need the
+docbook-xsl stylesheets in version 1.69.1 or newer, older versions had
+a bug which generates a broken layout.
diff --git a/Linux-PAM/_pam_aconf.h.in b/Linux-PAM/_pam_aconf.h.in
deleted file mode 100644
index 17adbb34..00000000
--- a/Linux-PAM/_pam_aconf.h.in
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * $Id: _pam_aconf.h.in,v 1.11 2004/10/06 13:42:36 kukuk Exp $
- *
- *
- */
-
-#ifndef PAM_ACONF_H
-#define PAM_ACONF_H
-
-/* lots of stuff gets written to /tmp/pam-debug.log */
-#undef DEBUG
-
-/* build libraries with different names (suffixed with 'd') */
-#undef WITH_LIBDEBUG
-
-/* provide a global locking facility within libpam */
-#undef PAM_LOCKING
-
-/* GNU systems as a class, all have the feature.h file */
-#undef HAVE_FEATURES_H
-#ifdef HAVE_FEATURES_H
-# define _SVID_SOURCE
-# define _BSD_SOURCE
-# define _GNU_SOURCE
-# include <features.h>
-#endif /* HAVE_FEATURES_H */
-
-/* we have libcrack available */
-#undef HAVE_LIBCRACK
-
-/* we have libcrypt - its not part of libc (do we need both definitions?) */
-#undef HAVE_LIBCRYPT
-#undef HAVE_CRYPT_H
-
-/* we have libndbm and/or libdb */
-#undef HAVE_DB_H
-#undef HAVE_NDBM_H
-
-/* have libfl (Flex) */
-#undef HAVE_LIBFL
-
-/* have libnsl - instead of libc support */
-#undef HAVE_LIBNSL
-
-/* have libpwdb - don't expect this to be important for much longer */
-#undef HAVE_LIBPWDB
-
-/* have gethostname() declared */
-#undef HAVE_GETHOSTNAME
-
-#undef HAVE_GETTIMEOFDAY
-#undef HAVE_MKDIR
-#undef HAVE_SELECT
-#undef HAVE_STRCSPN
-#undef HAVE_STRDUP
-#undef HAVE_STRERROR
-#undef HAVE_STRSPN
-#undef HAVE_STRSTR
-#undef HAVE_STRTOL
-#undef HAVE_UNAME
-
-/* Define if reentrant declarations of standard nss functions are available */
-#undef HAVE_GETPWNAM_R
-#undef HAVE_GETPWUID_R
-#undef HAVE_GETSPNAM_R
-#undef HAVE_GETGRNAM_R
-#undef HAVE_GETGRGID_R
-#undef HAVE_GETGROUPLIST
-
-/* ugly hack to partially support old pam_strerror syntax */
-#undef UGLY_HACK_FOR_PRIOR_BEHAVIOR_SUPPORT
-
-/* read both confs - read /etc/pam.d and /etc/pam.conf in serial */
-#undef PAM_READ_BOTH_CONFS
-
-#undef HAVE_PATHS_H
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif
-/* location of the mail spool directory */
-#undef PAM_PATH_MAILDIR
-
-/* where should we include setfsuid's prototype from? If this is not
- defined, we get it from unistd.h */
-#undef HAVE_SYS_FSUID_H
-
-/* track all memory allocations and liberations */
-#undef MEMORY_DEBUG
-#ifdef MEMORY_DEBUG
-/*
- * this is basically a hack - we need to include a semiarbitrary
- * number of headers to ensure that we don't get silly prototype/macro
- * confusion.
- */
-# include <string.h>
-# include <stdlib.h>
-# include <security/pam_malloc.h>
-#endif /* MEMORY_DEBUG */
-
-/* the path, relative to SECUREDIR, where PAMs specific to this architecture
- * can be found */
-#undef _PAM_ISA
-
-#endif /* PAM_ACONF_H */
diff --git a/Linux-PAM/acinclude.m4 b/Linux-PAM/acinclude.m4
new file mode 100644
index 00000000..5318a140
--- /dev/null
+++ b/Linux-PAM/acinclude.m4
@@ -0,0 +1,48 @@
+dnl
+dnl JAPHAR_GREP_CFLAGS(flag, cmd_if_missing, cmd_if_present)
+dnl
+dnl From Japhar. Report changes to japhar@hungry.com
+dnl
+AC_DEFUN([JAPHAR_GREP_CFLAGS],
+[case "$CFLAGS" in
+"$1" | "$1 "* | *" $1" | *" $1 "* )
+ ifelse($#, 3, [$3], [:])
+ ;;
+*)
+ $2
+ ;;
+esac
+])
+
+dnl
+dnl Test for __attribute__ ((unused))
+dnl Based on code from the tcpdump version 3.7.2 source.
+dnl
+
+AC_DEFUN([AC_C___ATTRIBUTE__], [
+AC_MSG_CHECKING(for __attribute__)
+AC_CACHE_VAL(ac_cv___attribute__, [
+AC_TRY_COMPILE([
+#include <stdlib.h>
+static void foo (void) __attribute__ ((unused));
+
+static void
+foo (void)
+{
+ exit(1);
+}
+],
+[
+ exit (0);
+],
+ac_cv___attribute__=yes,
+ac_cv___attribute__=no)])
+if test "$ac_cv___attribute__" = "yes"; then
+ AC_DEFINE(UNUSED, __attribute__ ((unused)), [define if your compiler has __att
+ribute__ ((unused))])
+else
+ AC_DEFINE(UNUSED,,)
+fi
+AC_MSG_RESULT($ac_cv___attribute__)
+])
+
diff --git a/Linux-PAM/aclocal.m4 b/Linux-PAM/aclocal.m4
new file mode 100644
index 00000000..4cecc778
--- /dev/null
+++ b/Linux-PAM/aclocal.m4
@@ -0,0 +1,7319 @@
+# generated automatically by aclocal 1.10 -*- Autoconf -*-
+
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
+# 2005, 2006 Free Software Foundation, Inc.
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+m4_if(m4_PACKAGE_VERSION, [2.61],,
+[m4_fatal([this file was generated for autoconf 2.61.
+You have another version of autoconf. If you want to use that,
+you should regenerate the build system entirely.], [63])])
+
+# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
+
+# serial 48 AC_PROG_LIBTOOL
+
+
+# AC_PROVIDE_IFELSE(MACRO-NAME, IF-PROVIDED, IF-NOT-PROVIDED)
+# -----------------------------------------------------------
+# If this macro is not defined by Autoconf, define it here.
+m4_ifdef([AC_PROVIDE_IFELSE],
+ [],
+ [m4_define([AC_PROVIDE_IFELSE],
+ [m4_ifdef([AC_PROVIDE_$1],
+ [$2], [$3])])])
+
+
+# AC_PROG_LIBTOOL
+# ---------------
+AC_DEFUN([AC_PROG_LIBTOOL],
+[AC_REQUIRE([_AC_PROG_LIBTOOL])dnl
+dnl If AC_PROG_CXX has already been expanded, run AC_LIBTOOL_CXX
+dnl immediately, otherwise, hook it in at the end of AC_PROG_CXX.
+ AC_PROVIDE_IFELSE([AC_PROG_CXX],
+ [AC_LIBTOOL_CXX],
+ [define([AC_PROG_CXX], defn([AC_PROG_CXX])[AC_LIBTOOL_CXX
+ ])])
+dnl And a similar setup for Fortran 77 support
+ AC_PROVIDE_IFELSE([AC_PROG_F77],
+ [AC_LIBTOOL_F77],
+ [define([AC_PROG_F77], defn([AC_PROG_F77])[AC_LIBTOOL_F77
+])])
+
+dnl Quote A][M_PROG_GCJ so that aclocal doesn't bring it in needlessly.
+dnl If either AC_PROG_GCJ or A][M_PROG_GCJ have already been expanded, run
+dnl AC_LIBTOOL_GCJ immediately, otherwise, hook it in at the end of both.
+ AC_PROVIDE_IFELSE([AC_PROG_GCJ],
+ [AC_LIBTOOL_GCJ],
+ [AC_PROVIDE_IFELSE([A][M_PROG_GCJ],
+ [AC_LIBTOOL_GCJ],
+ [AC_PROVIDE_IFELSE([LT_AC_PROG_GCJ],
+ [AC_LIBTOOL_GCJ],
+ [ifdef([AC_PROG_GCJ],
+ [define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[AC_LIBTOOL_GCJ])])
+ ifdef([A][M_PROG_GCJ],
+ [define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[AC_LIBTOOL_GCJ])])
+ ifdef([LT_AC_PROG_GCJ],
+ [define([LT_AC_PROG_GCJ],
+ defn([LT_AC_PROG_GCJ])[AC_LIBTOOL_GCJ])])])])
+])])# AC_PROG_LIBTOOL
+
+
+# _AC_PROG_LIBTOOL
+# ----------------
+AC_DEFUN([_AC_PROG_LIBTOOL],
+[AC_REQUIRE([AC_LIBTOOL_SETUP])dnl
+AC_BEFORE([$0],[AC_LIBTOOL_CXX])dnl
+AC_BEFORE([$0],[AC_LIBTOOL_F77])dnl
+AC_BEFORE([$0],[AC_LIBTOOL_GCJ])dnl
+
+# This can be used to rebuild libtool when needed
+LIBTOOL_DEPS="$ac_aux_dir/ltmain.sh"
+
+# Always use our own libtool.
+LIBTOOL='$(SHELL) $(top_builddir)/libtool'
+AC_SUBST(LIBTOOL)dnl
+
+# Prevent multiple expansion
+define([AC_PROG_LIBTOOL], [])
+])# _AC_PROG_LIBTOOL
+
+
+# AC_LIBTOOL_SETUP
+# ----------------
+AC_DEFUN([AC_LIBTOOL_SETUP],
+[AC_PREREQ(2.50)dnl
+AC_REQUIRE([AC_ENABLE_SHARED])dnl
+AC_REQUIRE([AC_ENABLE_STATIC])dnl
+AC_REQUIRE([AC_ENABLE_FAST_INSTALL])dnl
+AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AC_PROG_LD])dnl
+AC_REQUIRE([AC_PROG_LD_RELOAD_FLAG])dnl
+AC_REQUIRE([AC_PROG_NM])dnl
+
+AC_REQUIRE([AC_PROG_LN_S])dnl
+AC_REQUIRE([AC_DEPLIBS_CHECK_METHOD])dnl
+# Autoconf 2.13's AC_OBJEXT and AC_EXEEXT macros only works for C compilers!
+AC_REQUIRE([AC_OBJEXT])dnl
+AC_REQUIRE([AC_EXEEXT])dnl
+dnl
+
+AC_LIBTOOL_SYS_MAX_CMD_LEN
+AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE
+AC_LIBTOOL_OBJDIR
+
+AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl
+_LT_AC_PROG_ECHO_BACKSLASH
+
+case $host_os in
+aix3*)
+ # AIX sometimes has problems with the GCC collect2 program. For some
+ # reason, if we set the COLLECT_NAMES environment variable, the problems
+ # vanish in a puff of smoke.
+ if test "X${COLLECT_NAMES+set}" != Xset; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+ fi
+ ;;
+esac
+
+# Sed substitution that helps us do robust quoting. It backslashifies
+# metacharacters that are still active within double-quoted strings.
+Xsed='sed -e 1s/^X//'
+[sed_quote_subst='s/\([\\"\\`$\\\\]\)/\\\1/g']
+
+# Same as above, but do not quote variable references.
+[double_quote_subst='s/\([\\"\\`\\\\]\)/\\\1/g']
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+
+# Constants:
+rm="rm -f"
+
+# Global variables:
+default_ofile=libtool
+can_build_shared=yes
+
+# All known linkers require a `.a' archive for static linking (except MSVC,
+# which needs '.lib').
+libext=a
+ltmain="$ac_aux_dir/ltmain.sh"
+ofile="$default_ofile"
+with_gnu_ld="$lt_cv_prog_gnu_ld"
+
+AC_CHECK_TOOL(AR, ar, false)
+AC_CHECK_TOOL(RANLIB, ranlib, :)
+AC_CHECK_TOOL(STRIP, strip, :)
+
+old_CC="$CC"
+old_CFLAGS="$CFLAGS"
+
+# Set sane defaults for various variables
+test -z "$AR" && AR=ar
+test -z "$AR_FLAGS" && AR_FLAGS=cru
+test -z "$AS" && AS=as
+test -z "$CC" && CC=cc
+test -z "$LTCC" && LTCC=$CC
+test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+test -z "$LD" && LD=ld
+test -z "$LN_S" && LN_S="ln -s"
+test -z "$MAGIC_CMD" && MAGIC_CMD=file
+test -z "$NM" && NM=nm
+test -z "$SED" && SED=sed
+test -z "$OBJDUMP" && OBJDUMP=objdump
+test -z "$RANLIB" && RANLIB=:
+test -z "$STRIP" && STRIP=:
+test -z "$ac_objext" && ac_objext=o
+
+# Determine commands to create old-style static archives.
+old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs'
+old_postinstall_cmds='chmod 644 $oldlib'
+old_postuninstall_cmds=
+
+if test -n "$RANLIB"; then
+ case $host_os in
+ openbsd*)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib"
+ ;;
+ *)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib"
+ ;;
+ esac
+ old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib"
+fi
+
+_LT_CC_BASENAME([$compiler])
+
+# Only perform the check for file, if the check method requires it
+case $deplibs_check_method in
+file_magic*)
+ if test "$file_magic_cmd" = '$MAGIC_CMD'; then
+ AC_PATH_MAGIC
+ fi
+ ;;
+esac
+
+AC_PROVIDE_IFELSE([AC_LIBTOOL_DLOPEN], enable_dlopen=yes, enable_dlopen=no)
+AC_PROVIDE_IFELSE([AC_LIBTOOL_WIN32_DLL],
+enable_win32_dll=yes, enable_win32_dll=no)
+
+AC_ARG_ENABLE([libtool-lock],
+ [AC_HELP_STRING([--disable-libtool-lock],
+ [avoid locking (might break parallel builds)])])
+test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
+
+AC_ARG_WITH([pic],
+ [AC_HELP_STRING([--with-pic],
+ [try to use only PIC/non-PIC objects @<:@default=use both@:>@])],
+ [pic_mode="$withval"],
+ [pic_mode=default])
+test -z "$pic_mode" && pic_mode=default
+
+# Use C for the default configuration in the libtool script
+tagname=
+AC_LIBTOOL_LANG_C_CONFIG
+_LT_AC_TAGCONFIG
+])# AC_LIBTOOL_SETUP
+
+
+# _LT_AC_SYS_COMPILER
+# -------------------
+AC_DEFUN([_LT_AC_SYS_COMPILER],
+[AC_REQUIRE([AC_PROG_CC])dnl
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+])# _LT_AC_SYS_COMPILER
+
+
+# _LT_CC_BASENAME(CC)
+# -------------------
+# Calculate cc_basename. Skip known compiler wrappers and cross-prefix.
+AC_DEFUN([_LT_CC_BASENAME],
+[for cc_temp in $1""; do
+ case $cc_temp in
+ compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;;
+ distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+])
+
+
+# _LT_COMPILER_BOILERPLATE
+# ------------------------
+# Check for compiler boilerplate output or warnings with
+# the simple compiler test code.
+AC_DEFUN([_LT_COMPILER_BOILERPLATE],
+[ac_outfile=conftest.$ac_objext
+printf "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$rm conftest*
+])# _LT_COMPILER_BOILERPLATE
+
+
+# _LT_LINKER_BOILERPLATE
+# ----------------------
+# Check for linker boilerplate output or warnings with
+# the simple link test code.
+AC_DEFUN([_LT_LINKER_BOILERPLATE],
+[ac_outfile=conftest.$ac_objext
+printf "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$rm conftest*
+])# _LT_LINKER_BOILERPLATE
+
+
+# _LT_AC_SYS_LIBPATH_AIX
+# ----------------------
+# Links a minimal program and checks the executable
+# for the system default hardcoded library path. In most cases,
+# this is /usr/lib:/lib, but when the MPI compilers are used
+# the location of the communication and MPI libs are included too.
+# If we don't find anything, use the default library path according
+# to the aix ld manual.
+AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX],
+[AC_LINK_IFELSE(AC_LANG_PROGRAM,[
+aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+# Check for a 64-bit object if we didn't find anything.
+if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`; fi],[])
+if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+])# _LT_AC_SYS_LIBPATH_AIX
+
+
+# _LT_AC_SHELL_INIT(ARG)
+# ----------------------
+AC_DEFUN([_LT_AC_SHELL_INIT],
+[ifdef([AC_DIVERSION_NOTICE],
+ [AC_DIVERT_PUSH(AC_DIVERSION_NOTICE)],
+ [AC_DIVERT_PUSH(NOTICE)])
+$1
+AC_DIVERT_POP
+])# _LT_AC_SHELL_INIT
+
+
+# _LT_AC_PROG_ECHO_BACKSLASH
+# --------------------------
+# Add some code to the start of the generated configure script which
+# will find an echo command which doesn't interpret backslashes.
+AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH],
+[_LT_AC_SHELL_INIT([
+# Check that we are running under the correct shell.
+SHELL=${CONFIG_SHELL-/bin/sh}
+
+case X$ECHO in
+X*--fallback-echo)
+ # Remove one level of quotation (which was required for Make).
+ ECHO=`echo "$ECHO" | sed 's,\\\\\[$]\\[$]0,'[$]0','`
+ ;;
+esac
+
+echo=${ECHO-echo}
+if test "X[$]1" = X--no-reexec; then
+ # Discard the --no-reexec flag, and continue.
+ shift
+elif test "X[$]1" = X--fallback-echo; then
+ # Avoid inline document here, it may be left over
+ :
+elif test "X`($echo '\t') 2>/dev/null`" = 'X\t' ; then
+ # Yippee, $echo works!
+ :
+else
+ # Restart under the correct shell.
+ exec $SHELL "[$]0" --no-reexec ${1+"[$]@"}
+fi
+
+if test "X[$]1" = X--fallback-echo; then
+ # used as fallback echo
+ shift
+ cat <<EOF
+[$]*
+EOF
+ exit 0
+fi
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+if test -z "$ECHO"; then
+if test "X${echo_test_string+set}" != Xset; then
+# find a string as large as possible, as long as the shell can cope with it
+ for cmd in 'sed 50q "[$]0"' 'sed 20q "[$]0"' 'sed 10q "[$]0"' 'sed 2q "[$]0"' 'echo test'; do
+ # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ...
+ if (echo_test_string=`eval $cmd`) 2>/dev/null &&
+ echo_test_string=`eval $cmd` &&
+ (test "X$echo_test_string" = "X$echo_test_string") 2>/dev/null
+ then
+ break
+ fi
+ done
+fi
+
+if test "X`($echo '\t') 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ :
+else
+ # The Solaris, AIX, and Digital Unix default echo programs unquote
+ # backslashes. This makes it impossible to quote backslashes using
+ # echo "$something" | sed 's/\\/\\\\/g'
+ #
+ # So, first we look for a working echo in the user's PATH.
+
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for dir in $PATH /usr/ucb; do
+ IFS="$lt_save_ifs"
+ if (test -f $dir/echo || test -f $dir/echo$ac_exeext) &&
+ test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ echo="$dir/echo"
+ break
+ fi
+ done
+ IFS="$lt_save_ifs"
+
+ if test "X$echo" = Xecho; then
+ # We didn't find a better echo, so look for alternatives.
+ if test "X`(print -r '\t') 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`(print -r "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ # This shell has a builtin print -r that does the trick.
+ echo='print -r'
+ elif (test -f /bin/ksh || test -f /bin/ksh$ac_exeext) &&
+ test "X$CONFIG_SHELL" != X/bin/ksh; then
+ # If we have ksh, try running configure again with it.
+ ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh}
+ export ORIGINAL_CONFIG_SHELL
+ CONFIG_SHELL=/bin/ksh
+ export CONFIG_SHELL
+ exec $CONFIG_SHELL "[$]0" --no-reexec ${1+"[$]@"}
+ else
+ # Try using printf.
+ echo='printf %s\n'
+ if test "X`($echo '\t') 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ # Cool, printf works
+ :
+ elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
+ test "X$echo_testing_string" = 'X\t' &&
+ echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL
+ export CONFIG_SHELL
+ SHELL="$CONFIG_SHELL"
+ export SHELL
+ echo="$CONFIG_SHELL [$]0 --fallback-echo"
+ elif echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
+ test "X$echo_testing_string" = 'X\t' &&
+ echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ echo="$CONFIG_SHELL [$]0 --fallback-echo"
+ else
+ # maybe with a smaller string...
+ prev=:
+
+ for cmd in 'echo test' 'sed 2q "[$]0"' 'sed 10q "[$]0"' 'sed 20q "[$]0"' 'sed 50q "[$]0"'; do
+ if (test "X$echo_test_string" = "X`eval $cmd`") 2>/dev/null
+ then
+ break
+ fi
+ prev="$cmd"
+ done
+
+ if test "$prev" != 'sed 50q "[$]0"'; then
+ echo_test_string=`eval $prev`
+ export echo_test_string
+ exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "[$]0" ${1+"[$]@"}
+ else
+ # Oops. We lost completely, so just stick with echo.
+ echo=echo
+ fi
+ fi
+ fi
+ fi
+fi
+fi
+
+# Copy echo and quote the copy suitably for passing to libtool from
+# the Makefile, instead of quoting the original, which is used later.
+ECHO=$echo
+if test "X$ECHO" = "X$CONFIG_SHELL [$]0 --fallback-echo"; then
+ ECHO="$CONFIG_SHELL \\\$\[$]0 --fallback-echo"
+fi
+
+AC_SUBST(ECHO)
+])])# _LT_AC_PROG_ECHO_BACKSLASH
+
+
+# _LT_AC_LOCK
+# -----------
+AC_DEFUN([_LT_AC_LOCK],
+[AC_ARG_ENABLE([libtool-lock],
+ [AC_HELP_STRING([--disable-libtool-lock],
+ [avoid locking (might break parallel builds)])])
+test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
+
+# Some flags need to be propagated to the compiler or linker for good
+# libtool support.
+case $host in
+ia64-*-hpux*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *ELF-32*)
+ HPUX_IA64_MODE="32"
+ ;;
+ *ELF-64*)
+ HPUX_IA64_MODE="64"
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+*-*-irix6*)
+ # Find out which ABI we are using.
+ echo '[#]line __oline__ "configure"' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -melf32bsmip"
+ ;;
+ *N32*)
+ LD="${LD-ld} -melf32bmipn32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -melf64bmip"
+ ;;
+ esac
+ else
+ case `/usr/bin/file conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -32"
+ ;;
+ *N32*)
+ LD="${LD-ld} -n32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -64"
+ ;;
+ esac
+ fi
+ fi
+ rm -rf conftest*
+ ;;
+
+x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*|s390*-*linux*|sparc*-*linux*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case `/usr/bin/file conftest.o` in
+ *32-bit*)
+ case $host in
+ x86_64-*linux*)
+ LD="${LD-ld} -m elf_i386"
+ ;;
+ ppc64-*linux*|powerpc64-*linux*)
+ LD="${LD-ld} -m elf32ppclinux"
+ ;;
+ s390x-*linux*)
+ LD="${LD-ld} -m elf_s390"
+ ;;
+ sparc64-*linux*)
+ LD="${LD-ld} -m elf32_sparc"
+ ;;
+ esac
+ ;;
+ *64-bit*)
+ case $host in
+ x86_64-*linux*)
+ LD="${LD-ld} -m elf_x86_64"
+ ;;
+ ppc*-*linux*|powerpc*-*linux*)
+ LD="${LD-ld} -m elf64ppc"
+ ;;
+ s390*-*linux*)
+ LD="${LD-ld} -m elf64_s390"
+ ;;
+ sparc*-*linux*)
+ LD="${LD-ld} -m elf64_sparc"
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+
+*-*-sco3.2v5*)
+ # On SCO OpenServer 5, we need -belf to get full-featured binaries.
+ SAVE_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS -belf"
+ AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf,
+ [AC_LANG_PUSH(C)
+ AC_TRY_LINK([],[],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no])
+ AC_LANG_POP])
+ if test x"$lt_cv_cc_needs_belf" != x"yes"; then
+ # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
+ CFLAGS="$SAVE_CFLAGS"
+ fi
+ ;;
+sparc*-*solaris*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case `/usr/bin/file conftest.o` in
+ *64-bit*)
+ case $lt_cv_prog_gnu_ld in
+ yes*) LD="${LD-ld} -m elf64_sparc" ;;
+ *) LD="${LD-ld} -64" ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+
+AC_PROVIDE_IFELSE([AC_LIBTOOL_WIN32_DLL],
+[*-*-cygwin* | *-*-mingw* | *-*-pw32*)
+ AC_CHECK_TOOL(DLLTOOL, dlltool, false)
+ AC_CHECK_TOOL(AS, as, false)
+ AC_CHECK_TOOL(OBJDUMP, objdump, false)
+ ;;
+ ])
+esac
+
+need_locks="$enable_libtool_lock"
+
+])# _LT_AC_LOCK
+
+
+# AC_LIBTOOL_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
+# [OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE])
+# ----------------------------------------------------------------
+# Check whether the given compiler option works
+AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION],
+[AC_REQUIRE([LT_AC_PROG_SED])
+AC_CACHE_CHECK([$1], [$2],
+ [$2=no
+ ifelse([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4])
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="$3"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ $2=yes
+ fi
+ fi
+ $rm conftest*
+])
+
+if test x"[$]$2" = xyes; then
+ ifelse([$5], , :, [$5])
+else
+ ifelse([$6], , :, [$6])
+fi
+])# AC_LIBTOOL_COMPILER_OPTION
+
+
+# AC_LIBTOOL_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
+# [ACTION-SUCCESS], [ACTION-FAILURE])
+# ------------------------------------------------------------
+# Check whether the given compiler option works
+AC_DEFUN([AC_LIBTOOL_LINKER_OPTION],
+[AC_CACHE_CHECK([$1], [$2],
+ [$2=no
+ save_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS $3"
+ printf "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&AS_MESSAGE_LOG_FD
+ $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ $2=yes
+ fi
+ else
+ $2=yes
+ fi
+ fi
+ $rm conftest*
+ LDFLAGS="$save_LDFLAGS"
+])
+
+if test x"[$]$2" = xyes; then
+ ifelse([$4], , :, [$4])
+else
+ ifelse([$5], , :, [$5])
+fi
+])# AC_LIBTOOL_LINKER_OPTION
+
+
+# AC_LIBTOOL_SYS_MAX_CMD_LEN
+# --------------------------
+AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN],
+[# find the maximum length of command line arguments
+AC_MSG_CHECKING([the maximum length of command line arguments])
+AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
+ i=0
+ teststring="ABCD"
+
+ case $build_os in
+ msdosdjgpp*)
+ # On DJGPP, this test can blow up pretty badly due to problems in libc
+ # (any single argument exceeding 2000 bytes causes a buffer overrun
+ # during glob expansion). Even if it were fixed, the result of this
+ # check would be larger than it should be.
+ lt_cv_sys_max_cmd_len=12288; # 12K is about right
+ ;;
+
+ gnu*)
+ # Under GNU Hurd, this test is not required because there is
+ # no limit to the length of command line arguments.
+ # Libtool will interpret -1 as no limit whatsoever
+ lt_cv_sys_max_cmd_len=-1;
+ ;;
+
+ cygwin* | mingw*)
+ # On Win9x/ME, this test blows up -- it succeeds, but takes
+ # about 5 minutes as the teststring grows exponentially.
+ # Worse, since 9x/ME are not pre-emptively multitasking,
+ # you end up with a "frozen" computer, even though with patience
+ # the test eventually succeeds (with a max line length of 256k).
+ # Instead, let's just punt: use the minimum linelength reported by
+ # all of the supported platforms: 8192 (on NT/2K/XP).
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ amigaos*)
+ # On AmigaOS with pdksh, this test takes hours, literally.
+ # So we just punt and use a minimum line length of 8192.
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ netbsd* | freebsd* | openbsd* | darwin* | dragonfly*)
+ # This has been around since 386BSD, at least. Likely further.
+ if test -x /sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
+ elif test -x /usr/sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax`
+ else
+ lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs
+ fi
+ # And add a safety zone
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+ ;;
+
+ interix*)
+ # We know the value 262144 and hardcode it with a safety zone (like BSD)
+ lt_cv_sys_max_cmd_len=196608
+ ;;
+
+ osf*)
+ # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
+ # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
+ # nice to cause kernel panics so lets avoid the loop below.
+ # First set a reasonable default.
+ lt_cv_sys_max_cmd_len=16384
+ #
+ if test -x /sbin/sysconfig; then
+ case `/sbin/sysconfig -q proc exec_disable_arg_limit` in
+ *1*) lt_cv_sys_max_cmd_len=-1 ;;
+ esac
+ fi
+ ;;
+ sco3.2v5*)
+ lt_cv_sys_max_cmd_len=102400
+ ;;
+ sysv5* | sco5v6* | sysv4.2uw2*)
+ kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
+ if test -n "$kargmax"; then
+ lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[ ]]//'`
+ else
+ lt_cv_sys_max_cmd_len=32768
+ fi
+ ;;
+ *)
+ # If test is not a shell built-in, we'll probably end up computing a
+ # maximum length that is only half of the actual maximum length, but
+ # we can't tell.
+ SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
+ while (test "X"`$SHELL [$]0 --fallback-echo "X$teststring" 2>/dev/null` \
+ = "XX$teststring") >/dev/null 2>&1 &&
+ new_result=`expr "X$teststring" : ".*" 2>&1` &&
+ lt_cv_sys_max_cmd_len=$new_result &&
+ test $i != 17 # 1/2 MB should be enough
+ do
+ i=`expr $i + 1`
+ teststring=$teststring$teststring
+ done
+ teststring=
+ # Add a significant safety factor because C++ compilers can tack on massive
+ # amounts of additional arguments before passing them to the linker.
+ # It appears as though 1/2 is a usable value.
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2`
+ ;;
+ esac
+])
+if test -n $lt_cv_sys_max_cmd_len ; then
+ AC_MSG_RESULT($lt_cv_sys_max_cmd_len)
+else
+ AC_MSG_RESULT(none)
+fi
+])# AC_LIBTOOL_SYS_MAX_CMD_LEN
+
+
+# _LT_AC_CHECK_DLFCN
+# ------------------
+AC_DEFUN([_LT_AC_CHECK_DLFCN],
+[AC_CHECK_HEADERS(dlfcn.h)dnl
+])# _LT_AC_CHECK_DLFCN
+
+
+# _LT_AC_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE,
+# ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING)
+# ---------------------------------------------------------------------
+AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF],
+[AC_REQUIRE([_LT_AC_CHECK_DLFCN])dnl
+if test "$cross_compiling" = yes; then :
+ [$4]
+else
+ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+ lt_status=$lt_dlunknown
+ cat > conftest.$ac_ext <<EOF
+[#line __oline__ "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LT_DLGLOBAL RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+# define LT_DLGLOBAL DL_GLOBAL
+# else
+# define LT_DLGLOBAL 0
+# endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+ find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+# ifdef RTLD_LAZY
+# define LT_DLLAZY_OR_NOW RTLD_LAZY
+# else
+# ifdef DL_LAZY
+# define LT_DLLAZY_OR_NOW DL_LAZY
+# else
+# ifdef RTLD_NOW
+# define LT_DLLAZY_OR_NOW RTLD_NOW
+# else
+# ifdef DL_NOW
+# define LT_DLLAZY_OR_NOW DL_NOW
+# else
+# define LT_DLLAZY_OR_NOW 0
+# endif
+# endif
+# endif
+# endif
+#endif
+
+#ifdef __cplusplus
+extern "C" void exit (int);
+#endif
+
+void fnord() { int i=42;}
+int main ()
+{
+ void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+ int status = $lt_dlunknown;
+
+ if (self)
+ {
+ if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
+ else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ /* dlclose (self); */
+ }
+ else
+ puts (dlerror ());
+
+ exit (status);
+}]
+EOF
+ if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext} 2>/dev/null; then
+ (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null
+ lt_status=$?
+ case x$lt_status in
+ x$lt_dlno_uscore) $1 ;;
+ x$lt_dlneed_uscore) $2 ;;
+ x$lt_dlunknown|x*) $3 ;;
+ esac
+ else :
+ # compilation failed
+ $3
+ fi
+fi
+rm -fr conftest*
+])# _LT_AC_TRY_DLOPEN_SELF
+
+
+# AC_LIBTOOL_DLOPEN_SELF
+# ----------------------
+AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF],
+[AC_REQUIRE([_LT_AC_CHECK_DLFCN])dnl
+if test "x$enable_dlopen" != xyes; then
+ enable_dlopen=unknown
+ enable_dlopen_self=unknown
+ enable_dlopen_self_static=unknown
+else
+ lt_cv_dlopen=no
+ lt_cv_dlopen_libs=
+
+ case $host_os in
+ beos*)
+ lt_cv_dlopen="load_add_on"
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+ ;;
+
+ mingw* | pw32*)
+ lt_cv_dlopen="LoadLibrary"
+ lt_cv_dlopen_libs=
+ ;;
+
+ cygwin*)
+ lt_cv_dlopen="dlopen"
+ lt_cv_dlopen_libs=
+ ;;
+
+ darwin*)
+ # if libdl is installed we need to link against it
+ AC_CHECK_LIB([dl], [dlopen],
+ [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],[
+ lt_cv_dlopen="dyld"
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+ ])
+ ;;
+
+ *)
+ AC_CHECK_FUNC([shl_load],
+ [lt_cv_dlopen="shl_load"],
+ [AC_CHECK_LIB([dld], [shl_load],
+ [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-dld"],
+ [AC_CHECK_FUNC([dlopen],
+ [lt_cv_dlopen="dlopen"],
+ [AC_CHECK_LIB([dl], [dlopen],
+ [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],
+ [AC_CHECK_LIB([svld], [dlopen],
+ [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"],
+ [AC_CHECK_LIB([dld], [dld_link],
+ [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld"])
+ ])
+ ])
+ ])
+ ])
+ ])
+ ;;
+ esac
+
+ if test "x$lt_cv_dlopen" != xno; then
+ enable_dlopen=yes
+ else
+ enable_dlopen=no
+ fi
+
+ case $lt_cv_dlopen in
+ dlopen)
+ save_CPPFLAGS="$CPPFLAGS"
+ test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
+
+ save_LDFLAGS="$LDFLAGS"
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
+
+ save_LIBS="$LIBS"
+ LIBS="$lt_cv_dlopen_libs $LIBS"
+
+ AC_CACHE_CHECK([whether a program can dlopen itself],
+ lt_cv_dlopen_self, [dnl
+ _LT_AC_TRY_DLOPEN_SELF(
+ lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes,
+ lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross)
+ ])
+
+ if test "x$lt_cv_dlopen_self" = xyes; then
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
+ AC_CACHE_CHECK([whether a statically linked program can dlopen itself],
+ lt_cv_dlopen_self_static, [dnl
+ _LT_AC_TRY_DLOPEN_SELF(
+ lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes,
+ lt_cv_dlopen_self_static=no, lt_cv_dlopen_self_static=cross)
+ ])
+ fi
+
+ CPPFLAGS="$save_CPPFLAGS"
+ LDFLAGS="$save_LDFLAGS"
+ LIBS="$save_LIBS"
+ ;;
+ esac
+
+ case $lt_cv_dlopen_self in
+ yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
+ *) enable_dlopen_self=unknown ;;
+ esac
+
+ case $lt_cv_dlopen_self_static in
+ yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
+ *) enable_dlopen_self_static=unknown ;;
+ esac
+fi
+])# AC_LIBTOOL_DLOPEN_SELF
+
+
+# AC_LIBTOOL_PROG_CC_C_O([TAGNAME])
+# ---------------------------------
+# Check to see if options -c and -o are simultaneously supported by compiler
+AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O],
+[AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl
+AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext],
+ [_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)],
+ [_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no
+ $rm -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&AS_MESSAGE_LOG_FD
+ echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ _LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
+ fi
+ fi
+ chmod u+w . 2>&AS_MESSAGE_LOG_FD
+ $rm conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files
+ $rm out/* && rmdir out
+ cd ..
+ rmdir conftest
+ $rm conftest*
+])
+])# AC_LIBTOOL_PROG_CC_C_O
+
+
+# AC_LIBTOOL_SYS_HARD_LINK_LOCKS([TAGNAME])
+# -----------------------------------------
+# Check to see if we can do hard links to lock some files if needed
+AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS],
+[AC_REQUIRE([_LT_AC_LOCK])dnl
+
+hard_links="nottested"
+if test "$_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != no; then
+ # do not overwrite the value of need_locks provided by the user
+ AC_MSG_CHECKING([if we can lock with hard links])
+ hard_links=yes
+ $rm conftest*
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ touch conftest.a
+ ln conftest.a conftest.b 2>&5 || hard_links=no
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ AC_MSG_RESULT([$hard_links])
+ if test "$hard_links" = no; then
+ AC_MSG_WARN([`$CC' does not support `-c -o', so `make -j' may be unsafe])
+ need_locks=warn
+ fi
+else
+ need_locks=no
+fi
+])# AC_LIBTOOL_SYS_HARD_LINK_LOCKS
+
+
+# AC_LIBTOOL_OBJDIR
+# -----------------
+AC_DEFUN([AC_LIBTOOL_OBJDIR],
+[AC_CACHE_CHECK([for objdir], [lt_cv_objdir],
+[rm -f .libs 2>/dev/null
+mkdir .libs 2>/dev/null
+if test -d .libs; then
+ lt_cv_objdir=.libs
+else
+ # MS-DOS does not allow filenames that begin with a dot.
+ lt_cv_objdir=_libs
+fi
+rmdir .libs 2>/dev/null])
+objdir=$lt_cv_objdir
+])# AC_LIBTOOL_OBJDIR
+
+
+# AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH([TAGNAME])
+# ----------------------------------------------
+# Check hardcoding attributes.
+AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH],
+[AC_MSG_CHECKING([how to hardcode library paths into programs])
+_LT_AC_TAGVAR(hardcode_action, $1)=
+if test -n "$_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)" || \
+ test -n "$_LT_AC_TAGVAR(runpath_var, $1)" || \
+ test "X$_LT_AC_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then
+
+ # We can hardcode non-existant directories.
+ if test "$_LT_AC_TAGVAR(hardcode_direct, $1)" != no &&
+ # If the only mechanism to avoid hardcoding is shlibpath_var, we
+ # have to relink, otherwise we might link with an installed library
+ # when we should be linking with a yet-to-be-installed one
+ ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)" != no &&
+ test "$_LT_AC_TAGVAR(hardcode_minus_L, $1)" != no; then
+ # Linking always hardcodes the temporary library directory.
+ _LT_AC_TAGVAR(hardcode_action, $1)=relink
+ else
+ # We can link without hardcoding, and we can hardcode nonexisting dirs.
+ _LT_AC_TAGVAR(hardcode_action, $1)=immediate
+ fi
+else
+ # We cannot hardcode anything, or else we can only hardcode existing
+ # directories.
+ _LT_AC_TAGVAR(hardcode_action, $1)=unsupported
+fi
+AC_MSG_RESULT([$_LT_AC_TAGVAR(hardcode_action, $1)])
+
+if test "$_LT_AC_TAGVAR(hardcode_action, $1)" = relink; then
+ # Fast installation is not supported
+ enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+ test "$enable_shared" = no; then
+ # Fast installation is not necessary
+ enable_fast_install=needless
+fi
+])# AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH
+
+
+# AC_LIBTOOL_SYS_LIB_STRIP
+# ------------------------
+AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP],
+[striplib=
+old_striplib=
+AC_MSG_CHECKING([whether stripping libraries is possible])
+if test -n "$STRIP" && $STRIP -V 2>&1 | grep "GNU strip" >/dev/null; then
+ test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
+ test -z "$striplib" && striplib="$STRIP --strip-unneeded"
+ AC_MSG_RESULT([yes])
+else
+# FIXME - insert some real tests, host_os isn't really good enough
+ case $host_os in
+ darwin*)
+ if test -n "$STRIP" ; then
+ striplib="$STRIP -x"
+ AC_MSG_RESULT([yes])
+ else
+ AC_MSG_RESULT([no])
+fi
+ ;;
+ *)
+ AC_MSG_RESULT([no])
+ ;;
+ esac
+fi
+])# AC_LIBTOOL_SYS_LIB_STRIP
+
+
+# AC_LIBTOOL_SYS_DYNAMIC_LINKER
+# -----------------------------
+# PORTME Fill in your ld.so characteristics
+AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER],
+[AC_MSG_CHECKING([dynamic linker characteristics])
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=".so"
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+if test "$GCC" = yes; then
+ sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then
+ # if the path contains ";" then we assume it to be the separator
+ # otherwise default to the standard path separator (i.e. ":") - it is
+ # assumed that no part of a normal pathname contains ";" but that should
+ # okay in the real world where ";" in dirpaths is itself problematic.
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+else
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+case $host_os in
+aix3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
+ shlibpath_var=LIBPATH
+
+ # AIX 3 has no versioning support, so we append a major version to the name.
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+
+aix4* | aix5*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ hardcode_into_libs=yes
+ if test "$host_cpu" = ia64; then
+ # AIX 5 supports IA64
+ library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ else
+ # With GCC up to 2.95.x, collect2 would create an import file
+ # for dependence libraries. The import file would start with
+ # the line `#! .'. This would cause the generated library to
+ # depend on `.', always an invalid library. This was fixed in
+ # development snapshots of GCC prior to 3.0.
+ case $host_os in
+ aix4 | aix4.[[01]] | aix4.[[01]].*)
+ if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+ echo ' yes '
+ echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then
+ :
+ else
+ can_build_shared=no
+ fi
+ ;;
+ esac
+ # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
+ # soname into executable. Probably we can add versioning support to
+ # collect2, so additional links can be useful in future.
+ if test "$aix_use_runtimelinking" = yes; then
+ # If using run time linking (on AIX 4.2 or later) use lib<name>.so
+ # instead of lib<name>.a to let people know that these are not
+ # typical AIX shared libraries.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ else
+ # We preserve .a as extension for shared libraries through AIX4.2
+ # and later when we are not doing run time linking.
+ library_names_spec='${libname}${release}.a $libname.a'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ fi
+ shlibpath_var=LIBPATH
+ fi
+ ;;
+
+amigaos*)
+ library_names_spec='$libname.ixlibrary $libname.a'
+ # Create ${libname}_ixlibrary.a entries in /sys/libs.
+ finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+ ;;
+
+beos*)
+ library_names_spec='${libname}${shared_ext}'
+ dynamic_linker="$host_os ld.so"
+ shlibpath_var=LIBRARY_PATH
+ ;;
+
+bsdi[[45]]*)
+ version_type=linux
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+ # the default ld.so.conf also contains /usr/contrib/lib and
+ # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+ # libtool to hard-code these into programs
+ ;;
+
+cygwin* | mingw* | pw32*)
+ version_type=windows
+ shrext_cmds=".dll"
+ need_version=no
+ need_lib_prefix=no
+
+ case $GCC,$host_os in
+ yes,cygwin* | yes,mingw* | yes,pw32*)
+ library_names_spec='$libname.dll.a'
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \${file}`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $rm \$dlpath'
+ shlibpath_overrides_runpath=yes
+
+ case $host_os in
+ cygwin*)
+ # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+ soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
+ ;;
+ mingw*)
+ # MinGW DLLs use traditional 'lib' prefix
+ soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if echo "$sys_lib_search_path_spec" | [grep ';[c-zC-Z]:/' >/dev/null]; then
+ # It is most probably a Windows format PATH printed by
+ # mingw gcc, but we are running on Cygwin. Gcc prints its search
+ # path with ; separators, and with drive letters. We can handle the
+ # drive letters (cygwin fileutils understands them), so leave them,
+ # especially as we might pass files found there to a mingw objdump,
+ # which wouldn't understand a cygwinified path. Ahh.
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+ ;;
+ pw32*)
+ # pw32 DLLs use 'pw' prefix rather than 'lib'
+ library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+ ;;
+ esac
+ ;;
+
+ *)
+ library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib'
+ ;;
+ esac
+ dynamic_linker='Win32 ld.exe'
+ # FIXME: first we should search . and the directory the executable is in
+ shlibpath_var=PATH
+ ;;
+
+darwin* | rhapsody*)
+ dynamic_linker="$host_os dyld"
+ version_type=darwin
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${versuffix}$shared_ext ${libname}${release}${major}$shared_ext ${libname}$shared_ext'
+ soname_spec='${libname}${release}${major}$shared_ext'
+ shlibpath_overrides_runpath=yes
+ shlibpath_var=DYLD_LIBRARY_PATH
+ shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+ # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same.
+ if test "$GCC" = yes; then
+ sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"`
+ else
+ sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib'
+ fi
+ sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+ ;;
+
+dgux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+freebsd1*)
+ dynamic_linker=no
+ ;;
+
+kfreebsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='GNU ld.so'
+ ;;
+
+freebsd* | dragonfly*)
+ # DragonFly does not have aout. When/if they implement a new
+ # versioning mechanism, adjust this.
+ if test -x /usr/bin/objformat; then
+ objformat=`/usr/bin/objformat`
+ else
+ case $host_os in
+ freebsd[[123]]*) objformat=aout ;;
+ *) objformat=elf ;;
+ esac
+ fi
+ version_type=freebsd-$objformat
+ case $version_type in
+ freebsd-elf*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ need_version=no
+ need_lib_prefix=no
+ ;;
+ freebsd-*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
+ need_version=yes
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_os in
+ freebsd2*)
+ shlibpath_overrides_runpath=yes
+ ;;
+ freebsd3.[[01]]* | freebsdelf3.[[01]]*)
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \
+ freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1)
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+ freebsd*) # from 4.6 on
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ esac
+ ;;
+
+gnu*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ ;;
+
+hpux9* | hpux10* | hpux11*)
+ # Give a soname corresponding to the major version so that dld.sl refuses to
+ # link against other versions.
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ case $host_cpu in
+ ia64*)
+ shrext_cmds='.so'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.so"
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ if test "X$HPUX_IA64_MODE" = X32; then
+ sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+ else
+ sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+ fi
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ hppa*64*)
+ shrext_cmds='.sl'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ *)
+ shrext_cmds='.sl'
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=SHLIB_PATH
+ shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+ esac
+ # HP-UX runs *really* slowly unless shared libraries are mode 555.
+ postinstall_cmds='chmod 555 $lib'
+ ;;
+
+interix3*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $host_os in
+ nonstopux*) version_type=nonstopux ;;
+ *)
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ version_type=linux
+ else
+ version_type=irix
+ fi ;;
+ esac
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
+ case $host_os in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in # libtool.m4 will add one of these switches to LD
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+ libsuff= shlibsuff= libmagic=32-bit;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+ libsuff=32 shlibsuff=N32 libmagic=N32;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+ libsuff=64 shlibsuff=64 libmagic=64-bit;;
+ *) libsuff= shlibsuff= libmagic=never-match;;
+ esac
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+ sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+ hardcode_into_libs=yes
+ ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+ dynamic_linker=no
+ ;;
+
+# This must be Linux ELF.
+linux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ # Append ld.so.conf contents to the search path
+ if test -f /etc/ld.so.conf; then
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ fi
+
+ # We used to test for /lib/ld.so.1 and disable shared libraries on
+ # powerpc, because MkLinux only supported shared libraries with the
+ # GNU dynamic linker. Since this was broken with cross compilers,
+ # most powerpc-linux boxes support dynamic linking these days and
+ # people can always --disable-shared, the test was removed, and we
+ # assume the GNU/Linux dynamic linker is in use.
+ dynamic_linker='GNU/Linux ld.so'
+ ;;
+
+knetbsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='GNU ld.so'
+ ;;
+
+netbsd*)
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ dynamic_linker='NetBSD (a.out) ld.so'
+ else
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='NetBSD ld.elf_so'
+ fi
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+
+newsos6)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+nto-qnx*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+openbsd*)
+ version_type=sunos
+ sys_lib_dlsearch_path_spec="/usr/lib"
+ need_lib_prefix=no
+ # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
+ case $host_os in
+ openbsd3.3 | openbsd3.3.*) need_version=yes ;;
+ *) need_version=no ;;
+ esac
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ case $host_os in
+ openbsd2.[[89]] | openbsd2.[[89]].*)
+ shlibpath_overrides_runpath=no
+ ;;
+ *)
+ shlibpath_overrides_runpath=yes
+ ;;
+ esac
+ else
+ shlibpath_overrides_runpath=yes
+ fi
+ ;;
+
+os2*)
+ libname_spec='$name'
+ shrext_cmds=".dll"
+ need_lib_prefix=no
+ library_names_spec='$libname${shared_ext} $libname.a'
+ dynamic_linker='OS/2 ld.exe'
+ shlibpath_var=LIBPATH
+ ;;
+
+osf3* | osf4* | osf5*)
+ version_type=osf
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+ sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+ ;;
+
+solaris*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ # ldd complains unless libraries are executable
+ postinstall_cmds='chmod +x $lib'
+ ;;
+
+sunos4*)
+ version_type=sunos
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ if test "$with_gnu_ld" = yes; then
+ need_lib_prefix=no
+ fi
+ need_version=yes
+ ;;
+
+sysv4 | sysv4.3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_vendor in
+ sni)
+ shlibpath_overrides_runpath=no
+ need_lib_prefix=no
+ export_dynamic_flag_spec='${wl}-Blargedynsym'
+ runpath_var=LD_RUN_PATH
+ ;;
+ siemens)
+ need_lib_prefix=no
+ ;;
+ motorola)
+ need_lib_prefix=no
+ need_version=no
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+ ;;
+ esac
+ ;;
+
+sysv4*MP*)
+ if test -d /usr/nec ;then
+ version_type=linux
+ library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
+ soname_spec='$libname${shared_ext}.$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ fi
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ version_type=freebsd-elf
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ if test "$with_gnu_ld" = yes; then
+ sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+ shlibpath_overrides_runpath=no
+ else
+ sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+ shlibpath_overrides_runpath=yes
+ case $host_os in
+ sco3.2v5*)
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+ ;;
+ esac
+ fi
+ sys_lib_dlsearch_path_spec='/usr/lib'
+ ;;
+
+uts4*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+*)
+ dynamic_linker=no
+ ;;
+esac
+AC_MSG_RESULT([$dynamic_linker])
+test "$dynamic_linker" = no && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test "$GCC" = yes; then
+ variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+])# AC_LIBTOOL_SYS_DYNAMIC_LINKER
+
+
+# _LT_AC_TAGCONFIG
+# ----------------
+AC_DEFUN([_LT_AC_TAGCONFIG],
+[AC_ARG_WITH([tags],
+ [AC_HELP_STRING([--with-tags@<:@=TAGS@:>@],
+ [include additional configurations @<:@automatic@:>@])],
+ [tagnames="$withval"])
+
+if test -f "$ltmain" && test -n "$tagnames"; then
+ if test ! -f "${ofile}"; then
+ AC_MSG_WARN([output file `$ofile' does not exist])
+ fi
+
+ if test -z "$LTCC"; then
+ eval "`$SHELL ${ofile} --config | grep '^LTCC='`"
+ if test -z "$LTCC"; then
+ AC_MSG_WARN([output file `$ofile' does not look like a libtool script])
+ else
+ AC_MSG_WARN([using `LTCC=$LTCC', extracted from `$ofile'])
+ fi
+ fi
+ if test -z "$LTCFLAGS"; then
+ eval "`$SHELL ${ofile} --config | grep '^LTCFLAGS='`"
+ fi
+
+ # Extract list of available tagged configurations in $ofile.
+ # Note that this assumes the entire list is on one line.
+ available_tags=`grep "^available_tags=" "${ofile}" | $SED -e 's/available_tags=\(.*$\)/\1/' -e 's/\"//g'`
+
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for tagname in $tagnames; do
+ IFS="$lt_save_ifs"
+ # Check whether tagname contains only valid characters
+ case `$echo "X$tagname" | $Xsed -e 's:[[-_ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890,/]]::g'` in
+ "") ;;
+ *) AC_MSG_ERROR([invalid tag name: $tagname])
+ ;;
+ esac
+
+ if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "${ofile}" > /dev/null
+ then
+ AC_MSG_ERROR([tag name \"$tagname\" already exists])
+ fi
+
+ # Update the list of available tags.
+ if test -n "$tagname"; then
+ echo appending configuration tag \"$tagname\" to $ofile
+
+ case $tagname in
+ CXX)
+ if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
+ ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
+ (test "X$CXX" != "Xg++"))) ; then
+ AC_LIBTOOL_LANG_CXX_CONFIG
+ else
+ tagname=""
+ fi
+ ;;
+
+ F77)
+ if test -n "$F77" && test "X$F77" != "Xno"; then
+ AC_LIBTOOL_LANG_F77_CONFIG
+ else
+ tagname=""
+ fi
+ ;;
+
+ GCJ)
+ if test -n "$GCJ" && test "X$GCJ" != "Xno"; then
+ AC_LIBTOOL_LANG_GCJ_CONFIG
+ else
+ tagname=""
+ fi
+ ;;
+
+ RC)
+ AC_LIBTOOL_LANG_RC_CONFIG
+ ;;
+
+ *)
+ AC_MSG_ERROR([Unsupported tag name: $tagname])
+ ;;
+ esac
+
+ # Append the new tag name to the list of available tags.
+ if test -n "$tagname" ; then
+ available_tags="$available_tags $tagname"
+ fi
+ fi
+ done
+ IFS="$lt_save_ifs"
+
+ # Now substitute the updated list of available tags.
+ if eval "sed -e 's/^available_tags=.*\$/available_tags=\"$available_tags\"/' \"$ofile\" > \"${ofile}T\""; then
+ mv "${ofile}T" "$ofile"
+ chmod +x "$ofile"
+ else
+ rm -f "${ofile}T"
+ AC_MSG_ERROR([unable to update list of available tagged configurations.])
+ fi
+fi
+])# _LT_AC_TAGCONFIG
+
+
+# AC_LIBTOOL_DLOPEN
+# -----------------
+# enable checks for dlopen support
+AC_DEFUN([AC_LIBTOOL_DLOPEN],
+ [AC_BEFORE([$0],[AC_LIBTOOL_SETUP])
+])# AC_LIBTOOL_DLOPEN
+
+
+# AC_LIBTOOL_WIN32_DLL
+# --------------------
+# declare package support for building win32 DLLs
+AC_DEFUN([AC_LIBTOOL_WIN32_DLL],
+[AC_BEFORE([$0], [AC_LIBTOOL_SETUP])
+])# AC_LIBTOOL_WIN32_DLL
+
+
+# AC_ENABLE_SHARED([DEFAULT])
+# ---------------------------
+# implement the --enable-shared flag
+# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'.
+AC_DEFUN([AC_ENABLE_SHARED],
+[define([AC_ENABLE_SHARED_DEFAULT], ifelse($1, no, no, yes))dnl
+AC_ARG_ENABLE([shared],
+ [AC_HELP_STRING([--enable-shared@<:@=PKGS@:>@],
+ [build shared libraries @<:@default=]AC_ENABLE_SHARED_DEFAULT[@:>@])],
+ [p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_shared=yes ;;
+ no) enable_shared=no ;;
+ *)
+ enable_shared=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_shared=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac],
+ [enable_shared=]AC_ENABLE_SHARED_DEFAULT)
+])# AC_ENABLE_SHARED
+
+
+# AC_DISABLE_SHARED
+# -----------------
+# set the default shared flag to --disable-shared
+AC_DEFUN([AC_DISABLE_SHARED],
+[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
+AC_ENABLE_SHARED(no)
+])# AC_DISABLE_SHARED
+
+
+# AC_ENABLE_STATIC([DEFAULT])
+# ---------------------------
+# implement the --enable-static flag
+# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'.
+AC_DEFUN([AC_ENABLE_STATIC],
+[define([AC_ENABLE_STATIC_DEFAULT], ifelse($1, no, no, yes))dnl
+AC_ARG_ENABLE([static],
+ [AC_HELP_STRING([--enable-static@<:@=PKGS@:>@],
+ [build static libraries @<:@default=]AC_ENABLE_STATIC_DEFAULT[@:>@])],
+ [p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_static=yes ;;
+ no) enable_static=no ;;
+ *)
+ enable_static=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_static=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac],
+ [enable_static=]AC_ENABLE_STATIC_DEFAULT)
+])# AC_ENABLE_STATIC
+
+
+# AC_DISABLE_STATIC
+# -----------------
+# set the default static flag to --disable-static
+AC_DEFUN([AC_DISABLE_STATIC],
+[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
+AC_ENABLE_STATIC(no)
+])# AC_DISABLE_STATIC
+
+
+# AC_ENABLE_FAST_INSTALL([DEFAULT])
+# ---------------------------------
+# implement the --enable-fast-install flag
+# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'.
+AC_DEFUN([AC_ENABLE_FAST_INSTALL],
+[define([AC_ENABLE_FAST_INSTALL_DEFAULT], ifelse($1, no, no, yes))dnl
+AC_ARG_ENABLE([fast-install],
+ [AC_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@],
+ [optimize for fast installation @<:@default=]AC_ENABLE_FAST_INSTALL_DEFAULT[@:>@])],
+ [p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_fast_install=yes ;;
+ no) enable_fast_install=no ;;
+ *)
+ enable_fast_install=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_fast_install=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac],
+ [enable_fast_install=]AC_ENABLE_FAST_INSTALL_DEFAULT)
+])# AC_ENABLE_FAST_INSTALL
+
+
+# AC_DISABLE_FAST_INSTALL
+# -----------------------
+# set the default to --disable-fast-install
+AC_DEFUN([AC_DISABLE_FAST_INSTALL],
+[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
+AC_ENABLE_FAST_INSTALL(no)
+])# AC_DISABLE_FAST_INSTALL
+
+
+# AC_LIBTOOL_PICMODE([MODE])
+# --------------------------
+# implement the --with-pic flag
+# MODE is either `yes' or `no'. If omitted, it defaults to `both'.
+AC_DEFUN([AC_LIBTOOL_PICMODE],
+[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
+pic_mode=ifelse($#,1,$1,default)
+])# AC_LIBTOOL_PICMODE
+
+
+# AC_PROG_EGREP
+# -------------
+# This is predefined starting with Autoconf 2.54, so this conditional
+# definition can be removed once we require Autoconf 2.54 or later.
+m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP],
+[AC_CACHE_CHECK([for egrep], [ac_cv_prog_egrep],
+ [if echo a | (grep -E '(a|b)') >/dev/null 2>&1
+ then ac_cv_prog_egrep='grep -E'
+ else ac_cv_prog_egrep='egrep'
+ fi])
+ EGREP=$ac_cv_prog_egrep
+ AC_SUBST([EGREP])
+])])
+
+
+# AC_PATH_TOOL_PREFIX
+# -------------------
+# find a file program which can recognise shared library
+AC_DEFUN([AC_PATH_TOOL_PREFIX],
+[AC_REQUIRE([AC_PROG_EGREP])dnl
+AC_MSG_CHECKING([for $1])
+AC_CACHE_VAL(lt_cv_path_MAGIC_CMD,
+[case $MAGIC_CMD in
+[[\\/*] | ?:[\\/]*])
+ lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
+ ;;
+*)
+ lt_save_MAGIC_CMD="$MAGIC_CMD"
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+dnl $ac_dummy forces splitting on constant user-supplied paths.
+dnl POSIX.2 word splitting is done only on the output of word expansions,
+dnl not every word. This closes a longstanding sh security hole.
+ ac_dummy="ifelse([$2], , $PATH, [$2])"
+ for ac_dir in $ac_dummy; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f $ac_dir/$1; then
+ lt_cv_path_MAGIC_CMD="$ac_dir/$1"
+ if test -n "$file_magic_test_file"; then
+ case $deplibs_check_method in
+ "file_magic "*)
+ file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+ MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+ if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+ $EGREP "$file_magic_regex" > /dev/null; then
+ :
+ else
+ cat <<EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such. This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem. Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+EOF
+ fi ;;
+ esac
+ fi
+ break
+ fi
+ done
+ IFS="$lt_save_ifs"
+ MAGIC_CMD="$lt_save_MAGIC_CMD"
+ ;;
+esac])
+MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+if test -n "$MAGIC_CMD"; then
+ AC_MSG_RESULT($MAGIC_CMD)
+else
+ AC_MSG_RESULT(no)
+fi
+])# AC_PATH_TOOL_PREFIX
+
+
+# AC_PATH_MAGIC
+# -------------
+# find a file program which can recognise a shared library
+AC_DEFUN([AC_PATH_MAGIC],
+[AC_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH)
+if test -z "$lt_cv_path_MAGIC_CMD"; then
+ if test -n "$ac_tool_prefix"; then
+ AC_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH)
+ else
+ MAGIC_CMD=:
+ fi
+fi
+])# AC_PATH_MAGIC
+
+
+# AC_PROG_LD
+# ----------
+# find the pathname to the GNU or non-GNU linker
+AC_DEFUN([AC_PROG_LD],
+[AC_ARG_WITH([gnu-ld],
+ [AC_HELP_STRING([--with-gnu-ld],
+ [assume the C compiler uses GNU ld @<:@default=no@:>@])],
+ [test "$withval" = no || with_gnu_ld=yes],
+ [with_gnu_ld=no])
+AC_REQUIRE([LT_AC_PROG_SED])dnl
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+ac_prog=ld
+if test "$GCC" = yes; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ AC_MSG_CHECKING([for ld used by $CC])
+ case $host in
+ *-*-mingw*)
+ # gcc leaves a trailing carriage return which upsets mingw
+ ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+ *)
+ ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+ esac
+ case $ac_prog in
+ # Accept absolute paths.
+ [[\\/]]* | ?:[[\\/]]*)
+ re_direlt='/[[^/]][[^/]]*/\.\./'
+ # Canonicalize the pathname of ld
+ ac_prog=`echo $ac_prog| $SED 's%\\\\%/%g'`
+ while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do
+ ac_prog=`echo $ac_prog| $SED "s%$re_direlt%/%"`
+ done
+ test -z "$LD" && LD="$ac_prog"
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test "$with_gnu_ld" = yes; then
+ AC_MSG_CHECKING([for GNU ld])
+else
+ AC_MSG_CHECKING([for non-GNU ld])
+fi
+AC_CACHE_VAL(lt_cv_path_LD,
+[if test -z "$LD"; then
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+ lt_cv_path_LD="$ac_dir/$ac_prog"
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some variants of GNU ld only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ case `"$lt_cv_path_LD" -v 2>&1 </dev/null` in
+ *GNU* | *'with BFD'*)
+ test "$with_gnu_ld" != no && break
+ ;;
+ *)
+ test "$with_gnu_ld" != yes && break
+ ;;
+ esac
+ fi
+ done
+ IFS="$lt_save_ifs"
+else
+ lt_cv_path_LD="$LD" # Let the user override the test with a path.
+fi])
+LD="$lt_cv_path_LD"
+if test -n "$LD"; then
+ AC_MSG_RESULT($LD)
+else
+ AC_MSG_RESULT(no)
+fi
+test -z "$LD" && AC_MSG_ERROR([no acceptable ld found in \$PATH])
+AC_PROG_LD_GNU
+])# AC_PROG_LD
+
+
+# AC_PROG_LD_GNU
+# --------------
+AC_DEFUN([AC_PROG_LD_GNU],
+[AC_REQUIRE([AC_PROG_EGREP])dnl
+AC_CACHE_CHECK([if the linker ($LD) is GNU ld], lt_cv_prog_gnu_ld,
+[# I'd rather use --version here, but apparently some GNU lds only accept -v.
+case `$LD -v 2>&1 </dev/null` in
+*GNU* | *'with BFD'*)
+ lt_cv_prog_gnu_ld=yes
+ ;;
+*)
+ lt_cv_prog_gnu_ld=no
+ ;;
+esac])
+with_gnu_ld=$lt_cv_prog_gnu_ld
+])# AC_PROG_LD_GNU
+
+
+# AC_PROG_LD_RELOAD_FLAG
+# ----------------------
+# find reload flag for linker
+# -- PORTME Some linkers may need a different reload flag.
+AC_DEFUN([AC_PROG_LD_RELOAD_FLAG],
+[AC_CACHE_CHECK([for $LD option to reload object files],
+ lt_cv_ld_reload_flag,
+ [lt_cv_ld_reload_flag='-r'])
+reload_flag=$lt_cv_ld_reload_flag
+case $reload_flag in
+"" | " "*) ;;
+*) reload_flag=" $reload_flag" ;;
+esac
+reload_cmds='$LD$reload_flag -o $output$reload_objs'
+case $host_os in
+ darwin*)
+ if test "$GCC" = yes; then
+ reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs'
+ else
+ reload_cmds='$LD$reload_flag -o $output$reload_objs'
+ fi
+ ;;
+esac
+])# AC_PROG_LD_RELOAD_FLAG
+
+
+# AC_DEPLIBS_CHECK_METHOD
+# -----------------------
+# how to check for library dependencies
+# -- PORTME fill in with the dynamic library characteristics
+AC_DEFUN([AC_DEPLIBS_CHECK_METHOD],
+[AC_CACHE_CHECK([how to recognise dependent libraries],
+lt_cv_deplibs_check_method,
+[lt_cv_file_magic_cmd='$MAGIC_CMD'
+lt_cv_file_magic_test_file=
+lt_cv_deplibs_check_method='unknown'
+# Need to set the preceding variable on all platforms that support
+# interlibrary dependencies.
+# 'none' -- dependencies not supported.
+# `unknown' -- same as none, but documents that we really don't know.
+# 'pass_all' -- all dependencies passed with no checks.
+# 'test_compile' -- check by making test program.
+# 'file_magic [[regex]]' -- check by looking for files in library path
+# which responds to the $file_magic_cmd with a given extended regex.
+# If you have `file' or equivalent on your system and you're not sure
+# whether `pass_all' will *always* work, you probably want this one.
+
+case $host_os in
+aix4* | aix5*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+beos*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+bsdi[[45]]*)
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib)'
+ lt_cv_file_magic_cmd='/usr/bin/file -L'
+ lt_cv_file_magic_test_file=/shlib/libc.so
+ ;;
+
+cygwin*)
+ # func_win32_libid is a shell function defined in ltmain.sh
+ lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+ lt_cv_file_magic_cmd='func_win32_libid'
+ ;;
+
+mingw* | pw32*)
+ # Base MSYS/MinGW do not provide the 'file' command needed by
+ # func_win32_libid shell function, so use a weaker test based on 'objdump'.
+ lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?'
+ lt_cv_file_magic_cmd='$OBJDUMP -f'
+ ;;
+
+darwin* | rhapsody*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+freebsd* | kfreebsd*-gnu | dragonfly*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then
+ case $host_cpu in
+ i*86 )
+ # Not sure whether the presence of OpenBSD here was a mistake.
+ # Let's accept both of them until this is cleared up.
+ lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library'
+ lt_cv_file_magic_cmd=/usr/bin/file
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
+ ;;
+ esac
+ else
+ lt_cv_deplibs_check_method=pass_all
+ fi
+ ;;
+
+gnu*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+hpux10.20* | hpux11*)
+ lt_cv_file_magic_cmd=/usr/bin/file
+ case $host_cpu in
+ ia64*)
+ lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64'
+ lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
+ ;;
+ hppa*64*)
+ [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]']
+ lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
+ ;;
+ *)
+ lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]].[[0-9]]) shared library'
+ lt_cv_file_magic_test_file=/usr/lib/libc.sl
+ ;;
+ esac
+ ;;
+
+interix3*)
+ # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$'
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $LD in
+ *-32|*"-32 ") libmagic=32-bit;;
+ *-n32|*"-n32 ") libmagic=N32;;
+ *-64|*"-64 ") libmagic=64-bit;;
+ *) libmagic=never-match;;
+ esac
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+# This must be Linux ELF.
+linux*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$'
+ fi
+ ;;
+
+newos6*)
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)'
+ lt_cv_file_magic_cmd=/usr/bin/file
+ lt_cv_file_magic_test_file=/usr/lib/libnls.so
+ ;;
+
+nto-qnx*)
+ lt_cv_deplibs_check_method=unknown
+ ;;
+
+openbsd*)
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
+ fi
+ ;;
+
+osf3* | osf4* | osf5*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+solaris*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+sysv4 | sysv4.3*)
+ case $host_vendor in
+ motorola)
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]'
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*`
+ ;;
+ ncr)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ sequent)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )'
+ ;;
+ sni)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib"
+ lt_cv_file_magic_test_file=/lib/libc.so
+ ;;
+ siemens)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ pc)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ esac
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+esac
+])
+file_magic_cmd=$lt_cv_file_magic_cmd
+deplibs_check_method=$lt_cv_deplibs_check_method
+test -z "$deplibs_check_method" && deplibs_check_method=unknown
+])# AC_DEPLIBS_CHECK_METHOD
+
+
+# AC_PROG_NM
+# ----------
+# find the pathname to a BSD-compatible name lister
+AC_DEFUN([AC_PROG_NM],
+[AC_CACHE_CHECK([for BSD-compatible nm], lt_cv_path_NM,
+[if test -n "$NM"; then
+ # Let the user override the test.
+ lt_cv_path_NM="$NM"
+else
+ lt_nm_to_check="${ac_tool_prefix}nm"
+ if test -n "$ac_tool_prefix" && test "$build" = "$host"; then
+ lt_nm_to_check="$lt_nm_to_check nm"
+ fi
+ for lt_tmp_nm in $lt_nm_to_check; do
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ tmp_nm="$ac_dir/$lt_tmp_nm"
+ if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then
+ # Check to see if the nm accepts a BSD-compat flag.
+ # Adding the `sed 1q' prevents false positives on HP-UX, which says:
+ # nm: unknown option "B" ignored
+ # Tru64's nm complains that /dev/null is an invalid object file
+ case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in
+ */dev/null* | *'Invalid file or object type'*)
+ lt_cv_path_NM="$tmp_nm -B"
+ break
+ ;;
+ *)
+ case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in
+ */dev/null*)
+ lt_cv_path_NM="$tmp_nm -p"
+ break
+ ;;
+ *)
+ lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but
+ continue # so that we can try to find one that supports BSD flags
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ done
+ IFS="$lt_save_ifs"
+ done
+ test -z "$lt_cv_path_NM" && lt_cv_path_NM=nm
+fi])
+NM="$lt_cv_path_NM"
+])# AC_PROG_NM
+
+
+# AC_CHECK_LIBM
+# -------------
+# check for math library
+AC_DEFUN([AC_CHECK_LIBM],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+LIBM=
+case $host in
+*-*-beos* | *-*-cygwin* | *-*-pw32* | *-*-darwin*)
+ # These system don't have libm, or don't need it
+ ;;
+*-ncr-sysv4.3*)
+ AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw")
+ AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm")
+ ;;
+*)
+ AC_CHECK_LIB(m, cos, LIBM="-lm")
+ ;;
+esac
+])# AC_CHECK_LIBM
+
+
+# AC_LIBLTDL_CONVENIENCE([DIRECTORY])
+# -----------------------------------
+# sets LIBLTDL to the link flags for the libltdl convenience library and
+# LTDLINCL to the include flags for the libltdl header and adds
+# --enable-ltdl-convenience to the configure arguments. Note that
+# AC_CONFIG_SUBDIRS is not called here. If DIRECTORY is not provided,
+# it is assumed to be `libltdl'. LIBLTDL will be prefixed with
+# '${top_builddir}/' and LTDLINCL will be prefixed with '${top_srcdir}/'
+# (note the single quotes!). If your package is not flat and you're not
+# using automake, define top_builddir and top_srcdir appropriately in
+# the Makefiles.
+AC_DEFUN([AC_LIBLTDL_CONVENIENCE],
+[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
+ case $enable_ltdl_convenience in
+ no) AC_MSG_ERROR([this package needs a convenience libltdl]) ;;
+ "") enable_ltdl_convenience=yes
+ ac_configure_args="$ac_configure_args --enable-ltdl-convenience" ;;
+ esac
+ LIBLTDL='${top_builddir}/'ifelse($#,1,[$1],['libltdl'])/libltdlc.la
+ LTDLINCL='-I${top_srcdir}/'ifelse($#,1,[$1],['libltdl'])
+ # For backwards non-gettext consistent compatibility...
+ INCLTDL="$LTDLINCL"
+])# AC_LIBLTDL_CONVENIENCE
+
+
+# AC_LIBLTDL_INSTALLABLE([DIRECTORY])
+# -----------------------------------
+# sets LIBLTDL to the link flags for the libltdl installable library and
+# LTDLINCL to the include flags for the libltdl header and adds
+# --enable-ltdl-install to the configure arguments. Note that
+# AC_CONFIG_SUBDIRS is not called here. If DIRECTORY is not provided,
+# and an installed libltdl is not found, it is assumed to be `libltdl'.
+# LIBLTDL will be prefixed with '${top_builddir}/'# and LTDLINCL with
+# '${top_srcdir}/' (note the single quotes!). If your package is not
+# flat and you're not using automake, define top_builddir and top_srcdir
+# appropriately in the Makefiles.
+# In the future, this macro may have to be called after AC_PROG_LIBTOOL.
+AC_DEFUN([AC_LIBLTDL_INSTALLABLE],
+[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
+ AC_CHECK_LIB(ltdl, lt_dlinit,
+ [test x"$enable_ltdl_install" != xyes && enable_ltdl_install=no],
+ [if test x"$enable_ltdl_install" = xno; then
+ AC_MSG_WARN([libltdl not installed, but installation disabled])
+ else
+ enable_ltdl_install=yes
+ fi
+ ])
+ if test x"$enable_ltdl_install" = x"yes"; then
+ ac_configure_args="$ac_configure_args --enable-ltdl-install"
+ LIBLTDL='${top_builddir}/'ifelse($#,1,[$1],['libltdl'])/libltdl.la
+ LTDLINCL='-I${top_srcdir}/'ifelse($#,1,[$1],['libltdl'])
+ else
+ ac_configure_args="$ac_configure_args --enable-ltdl-install=no"
+ LIBLTDL="-lltdl"
+ LTDLINCL=
+ fi
+ # For backwards non-gettext consistent compatibility...
+ INCLTDL="$LTDLINCL"
+])# AC_LIBLTDL_INSTALLABLE
+
+
+# AC_LIBTOOL_CXX
+# --------------
+# enable support for C++ libraries
+AC_DEFUN([AC_LIBTOOL_CXX],
+[AC_REQUIRE([_LT_AC_LANG_CXX])
+])# AC_LIBTOOL_CXX
+
+
+# _LT_AC_LANG_CXX
+# ---------------
+AC_DEFUN([_LT_AC_LANG_CXX],
+[AC_REQUIRE([AC_PROG_CXX])
+AC_REQUIRE([_LT_AC_PROG_CXXCPP])
+_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}CXX])
+])# _LT_AC_LANG_CXX
+
+# _LT_AC_PROG_CXXCPP
+# ------------------
+AC_DEFUN([_LT_AC_PROG_CXXCPP],
+[
+AC_REQUIRE([AC_PROG_CXX])
+if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
+ ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
+ (test "X$CXX" != "Xg++"))) ; then
+ AC_PROG_CXXCPP
+fi
+])# _LT_AC_PROG_CXXCPP
+
+# AC_LIBTOOL_F77
+# --------------
+# enable support for Fortran 77 libraries
+AC_DEFUN([AC_LIBTOOL_F77],
+[AC_REQUIRE([_LT_AC_LANG_F77])
+])# AC_LIBTOOL_F77
+
+
+# _LT_AC_LANG_F77
+# ---------------
+AC_DEFUN([_LT_AC_LANG_F77],
+[AC_REQUIRE([AC_PROG_F77])
+_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}F77])
+])# _LT_AC_LANG_F77
+
+
+# AC_LIBTOOL_GCJ
+# --------------
+# enable support for GCJ libraries
+AC_DEFUN([AC_LIBTOOL_GCJ],
+[AC_REQUIRE([_LT_AC_LANG_GCJ])
+])# AC_LIBTOOL_GCJ
+
+
+# _LT_AC_LANG_GCJ
+# ---------------
+AC_DEFUN([_LT_AC_LANG_GCJ],
+[AC_PROVIDE_IFELSE([AC_PROG_GCJ],[],
+ [AC_PROVIDE_IFELSE([A][M_PROG_GCJ],[],
+ [AC_PROVIDE_IFELSE([LT_AC_PROG_GCJ],[],
+ [ifdef([AC_PROG_GCJ],[AC_REQUIRE([AC_PROG_GCJ])],
+ [ifdef([A][M_PROG_GCJ],[AC_REQUIRE([A][M_PROG_GCJ])],
+ [AC_REQUIRE([A][C_PROG_GCJ_OR_A][M_PROG_GCJ])])])])])])
+_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}GCJ])
+])# _LT_AC_LANG_GCJ
+
+
+# AC_LIBTOOL_RC
+# -------------
+# enable support for Windows resource files
+AC_DEFUN([AC_LIBTOOL_RC],
+[AC_REQUIRE([LT_AC_PROG_RC])
+_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}RC])
+])# AC_LIBTOOL_RC
+
+
+# AC_LIBTOOL_LANG_C_CONFIG
+# ------------------------
+# Ensure that the configuration vars for the C compiler are
+# suitably defined. Those variables are subsequently used by
+# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'.
+AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG], [_LT_AC_LANG_C_CONFIG])
+AC_DEFUN([_LT_AC_LANG_C_CONFIG],
+[lt_save_CC="$CC"
+AC_LANG_PUSH(C)
+
+# Source file extension for C test sources.
+ac_ext=c
+
+# Object file extension for compiled C test sources.
+objext=o
+_LT_AC_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="int some_variable = 0;\n"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='int main(){return(0);}\n'
+
+_LT_AC_SYS_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+AC_LIBTOOL_PROG_COMPILER_NO_RTTI($1)
+AC_LIBTOOL_PROG_COMPILER_PIC($1)
+AC_LIBTOOL_PROG_CC_C_O($1)
+AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1)
+AC_LIBTOOL_PROG_LD_SHLIBS($1)
+AC_LIBTOOL_SYS_DYNAMIC_LINKER($1)
+AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1)
+AC_LIBTOOL_SYS_LIB_STRIP
+AC_LIBTOOL_DLOPEN_SELF
+
+# Report which library types will actually be built
+AC_MSG_CHECKING([if libtool supports shared libraries])
+AC_MSG_RESULT([$can_build_shared])
+
+AC_MSG_CHECKING([whether to build shared libraries])
+test "$can_build_shared" = "no" && enable_shared=no
+
+# On AIX, shared libraries and static libraries use the same namespace, and
+# are all built from PIC.
+case $host_os in
+aix3*)
+ test "$enable_shared" = yes && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+
+aix4* | aix5*)
+ if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+ test "$enable_shared" = yes && enable_static=no
+ fi
+ ;;
+esac
+AC_MSG_RESULT([$enable_shared])
+
+AC_MSG_CHECKING([whether to build static libraries])
+# Make sure either enable_shared or enable_static is yes.
+test "$enable_shared" = yes || enable_static=yes
+AC_MSG_RESULT([$enable_static])
+
+AC_LIBTOOL_CONFIG($1)
+
+AC_LANG_POP
+CC="$lt_save_CC"
+])# AC_LIBTOOL_LANG_C_CONFIG
+
+
+# AC_LIBTOOL_LANG_CXX_CONFIG
+# --------------------------
+# Ensure that the configuration vars for the C compiler are
+# suitably defined. Those variables are subsequently used by
+# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'.
+AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG], [_LT_AC_LANG_CXX_CONFIG(CXX)])
+AC_DEFUN([_LT_AC_LANG_CXX_CONFIG],
+[AC_LANG_PUSH(C++)
+AC_REQUIRE([AC_PROG_CXX])
+AC_REQUIRE([_LT_AC_PROG_CXXCPP])
+
+_LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_AC_TAGVAR(allow_undefined_flag, $1)=
+_LT_AC_TAGVAR(always_export_symbols, $1)=no
+_LT_AC_TAGVAR(archive_expsym_cmds, $1)=
+_LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_AC_TAGVAR(hardcode_direct, $1)=no
+_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
+_LT_AC_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_AC_TAGVAR(hardcode_minus_L, $1)=no
+_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+_LT_AC_TAGVAR(hardcode_automatic, $1)=no
+_LT_AC_TAGVAR(module_cmds, $1)=
+_LT_AC_TAGVAR(module_expsym_cmds, $1)=
+_LT_AC_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_AC_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_AC_TAGVAR(no_undefined_flag, $1)=
+_LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Dependencies to place before and after the object being linked:
+_LT_AC_TAGVAR(predep_objects, $1)=
+_LT_AC_TAGVAR(postdep_objects, $1)=
+_LT_AC_TAGVAR(predeps, $1)=
+_LT_AC_TAGVAR(postdeps, $1)=
+_LT_AC_TAGVAR(compiler_lib_search_path, $1)=
+
+# Source file extension for C++ test sources.
+ac_ext=cpp
+
+# Object file extension for compiled C++ test sources.
+objext=o
+_LT_AC_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="int some_variable = 0;\n"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }\n'
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_AC_SYS_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC=$CC
+lt_save_LD=$LD
+lt_save_GCC=$GCC
+GCC=$GXX
+lt_save_with_gnu_ld=$with_gnu_ld
+lt_save_path_LD=$lt_cv_path_LD
+if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then
+ lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx
+else
+ $as_unset lt_cv_prog_gnu_ld
+fi
+if test -n "${lt_cv_path_LDCXX+set}"; then
+ lt_cv_path_LD=$lt_cv_path_LDCXX
+else
+ $as_unset lt_cv_path_LD
+fi
+test -z "${LDCXX+set}" || LD=$LDCXX
+CC=${CXX-"c++"}
+compiler=$CC
+_LT_AC_TAGVAR(compiler, $1)=$CC
+_LT_CC_BASENAME([$compiler])
+
+# We don't want -fno-exception wen compiling C++ code, so set the
+# no_builtin_flag separately
+if test "$GXX" = yes; then
+ _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
+else
+ _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
+fi
+
+if test "$GXX" = yes; then
+ # Set up default GNU C++ configuration
+
+ AC_PROG_LD
+
+ # Check if GNU C++ uses GNU ld as the underlying linker, since the
+ # archiving commands below assume that GNU ld is being used.
+ if test "$with_gnu_ld" = yes; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to
+ # investigate it a little bit more. (MM)
+ wlarc='${wl}'
+
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if eval "`$CC -print-prog-name=ld` --help 2>&1" | \
+ grep 'no-whole-archive' > /dev/null; then
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ else
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
+ fi
+ else
+ with_gnu_ld=no
+ wlarc=
+
+ # A generic and very simple default shared library creation
+ # command for GNU C++ for the case where it uses the native
+ # linker, instead of GNU ld. If possible, this setting should
+ # overridden to take advantage of the native linker features on
+ # the platform it is being used on.
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+ fi
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"'
+
+else
+ GXX=no
+ with_gnu_ld=no
+ wlarc=
+fi
+
+# PORTME: fill in a description of your system's C++ link characteristics
+AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
+_LT_AC_TAGVAR(ld_shlibs, $1)=yes
+case $host_os in
+ aix3*)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ aix4* | aix5*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=""
+ else
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[[23]]|aix4.[[23]].*|aix5*)
+ for ld_flag in $LDFLAGS; do
+ case $ld_flag in
+ *-brtl*)
+ aix_use_runtimelinking=yes
+ break
+ ;;
+ esac
+ done
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ _LT_AC_TAGVAR(archive_cmds, $1)=''
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
+
+ if test "$GXX" = yes; then
+ case $host_os in aix4.[[012]]|aix4.[[012]].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" && \
+ strings "$collect2name" | grep resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ else
+ # We have old collect2
+ _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=
+ fi
+ ;;
+ esac
+ shared_flag='-shared'
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag="$shared_flag "'${wl}-G'
+ fi
+ else
+ # not using gcc
+ if test "$host_cpu" = ia64; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag='${wl}-G'
+ else
+ shared_flag='${wl}-bM:SRE'
+ fi
+ fi
+ fi
+
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to export.
+ _LT_AC_TAGVAR(always_export_symbols, $1)=yes
+ if test "$aix_use_runtimelinking" = yes; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='-berok'
+ # Determine the default libpath from the value encoded in an empty executable.
+ _LT_AC_SYS_LIBPATH_AIX
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ else
+ if test "$host_cpu" = ia64; then
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an empty executable.
+ _LT_AC_SYS_LIBPATH_AIX
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
+ # Exported symbols can be pulled into shared objects from archives
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes
+ # This is similar to how AIX traditionally builds its shared libraries.
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+ fi
+ fi
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
+ # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ else
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ chorus*)
+ case $cc_basename in
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ cygwin* | mingw* | pw32*)
+ # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
+ # as there is no search path for DLLs.
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_AC_TAGVAR(always_export_symbols, $1)=no
+ _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+
+ if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file (1st line
+ # is EXPORTS), use it as is; otherwise, prepend...
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ darwin* | rhapsody*)
+ case $host_os in
+ rhapsody* | darwin1.[[012]])
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress'
+ ;;
+ *) # Darwin 1.3 on
+ if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ else
+ case ${MACOSX_DEPLOYMENT_TARGET} in
+ 10.[[012]])
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ ;;
+ 10.*)
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup'
+ ;;
+ esac
+ fi
+ ;;
+ esac
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_AC_TAGVAR(hardcode_direct, $1)=no
+ _LT_AC_TAGVAR(hardcode_automatic, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=''
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
+
+ if test "$GXX" = yes ; then
+ lt_int_apple_cc_single_mod=no
+ output_verbose_link_cmd='echo'
+ if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then
+ lt_int_apple_cc_single_mod=yes
+ fi
+ if test "X$lt_int_apple_cc_single_mod" = Xyes ; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
+ else
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
+ fi
+ _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ if test "X$lt_int_apple_cc_single_mod" = Xyes ; then
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ else
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ fi
+ _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ else
+ case $cc_basename in
+ xlc*)
+ output_verbose_link_cmd='echo'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring'
+ _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ ;;
+ *)
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ fi
+ ;;
+
+ dgux*)
+ case $cc_basename in
+ ec++*)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ ghcx*)
+ # Green Hills C++ Compiler
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+ freebsd[[12]]*)
+ # C++ shared libraries reported to be fairly broken before switch to ELF
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ freebsd-elf*)
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+ ;;
+ freebsd* | kfreebsd*-gnu | dragonfly*)
+ # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF
+ # conventions
+ _LT_AC_TAGVAR(ld_shlibs, $1)=yes
+ ;;
+ gnu*)
+ ;;
+ hpux9*)
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
+ # but as the default
+ # location of the library.
+
+ case $cc_basename in
+ CC*)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ aCC*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "[[-]]L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+ ;;
+ *)
+ if test "$GXX" = yes; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ else
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+ hpux10*|hpux11*)
+ if test $with_gnu_ld = no; then
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir'
+ ;;
+ *)
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ ;;
+ esac
+ fi
+ case $host_cpu in
+ hppa*64*|ia64*)
+ _LT_AC_TAGVAR(hardcode_direct, $1)=no
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+ *)
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
+ # but as the default
+ # location of the library.
+ ;;
+ esac
+
+ case $cc_basename in
+ CC*)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ aCC*)
+ case $host_cpu in
+ hppa*64*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ ia64*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ *)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ esac
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+ ;;
+ *)
+ if test "$GXX" = yes; then
+ if test $with_gnu_ld = no; then
+ case $host_cpu in
+ hppa*64*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ ia64*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ *)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ esac
+ fi
+ else
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+ interix3*)
+ _LT_AC_TAGVAR(hardcode_direct, $1)=no
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+ irix5* | irix6*)
+ case $cc_basename in
+ CC*)
+ # SGI C++
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+
+ # Archives containing C++ object files must be created using
+ # "CC -ar", where "CC" is the IRIX C++ compiler. This is
+ # necessary to make sure instantiated templates are included
+ # in the archive.
+ _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs'
+ ;;
+ *)
+ if test "$GXX" = yes; then
+ if test "$with_gnu_ld" = no; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` -o $lib'
+ fi
+ fi
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+ esac
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+ ;;
+ linux*)
+ case $cc_basename in
+ KCC*)
+ # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+ # KCC will only create a shared library if the output file
+ # ends with ".so" (or ".sl" for HP-UX), so rename the library
+ # to its proper name (with version) after linking.
+ _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib'
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | grep "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath,$libdir'
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+
+ # Archives containing C++ object files must be created using
+ # "CC -Bstatic", where "CC" is the KAI C++ compiler.
+ _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs'
+ ;;
+ icpc*)
+ # Intel C++
+ with_gnu_ld=yes
+ # version 8.0 and above of icpc choke on multiply defined symbols
+ # if we add $predep_objects and $postdep_objects, however 7.1 and
+ # earlier do not add the objects themselves.
+ case `$CC -V 2>&1` in
+ *"Version 7."*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ ;;
+ *) # Version 8.0 or newer
+ tmp_idyn=
+ case $host_cpu in
+ ia64*) tmp_idyn=' -i_dynamic';;
+ esac
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ ;;
+ esac
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+ ;;
+ pgCC*)
+ # Portland Group C++ compiler
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
+ ;;
+ cxx*)
+ # Compaq C++
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols'
+
+ runpath_var=LD_RUN_PATH
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+ ;;
+ esac
+ ;;
+ lynxos*)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ m88k*)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ mvs*)
+ case $cc_basename in
+ cxx*)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+ netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags'
+ wlarc=
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ fi
+ # Workaround some broken pre-1.5 toolchains
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"'
+ ;;
+ openbsd2*)
+ # C++ shared libraries are fairly broken
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ openbsd*)
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib'
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ fi
+ output_verbose_link_cmd='echo'
+ ;;
+ osf3*)
+ case $cc_basename in
+ KCC*)
+ # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+ # KCC will only create a shared library if the output file
+ # ends with ".so" (or ".sl" for HP-UX), so rename the library
+ # to its proper name (with version) after linking.
+ _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Archives containing C++ object files must be created using
+ # "CC -Bstatic", where "CC" is the KAI C++ compiler.
+ _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs'
+
+ ;;
+ RCC*)
+ # Rational C++ 2.4.1
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ cxx*)
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && echo ${wl}-set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+ ;;
+ *)
+ if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"'
+
+ else
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+ osf4* | osf5*)
+ case $cc_basename in
+ KCC*)
+ # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+ # KCC will only create a shared library if the output file
+ # ends with ".so" (or ".sl" for HP-UX), so rename the library
+ # to its proper name (with version) after linking.
+ _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Archives containing C++ object files must be created using
+ # the KAI C++ compiler.
+ _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs'
+ ;;
+ RCC*)
+ # Rational C++ 2.4.1
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ cxx*)
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~
+ echo "-hidden">> $lib.exp~
+ $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname -Wl,-input -Wl,$lib.exp `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~
+ $rm $lib.exp'
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+ ;;
+ *)
+ if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"'
+
+ else
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+ psos*)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ sunos4*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.x
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ lcc*)
+ # Lucid
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+ solaris*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.2, 5.x and Centerline C++
+ _LT_AC_TAGVAR(archive_cmds_need_lc,$1)=yes
+ _LT_AC_TAGVAR(no_undefined_flag, $1)=' -zdefs'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp'
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ case $host_os in
+ solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+ *)
+ # The C++ compiler is used as linker so we must use $wl
+ # flag to pass the commands to the underlying system
+ # linker. We must also pass each convience library through
+ # to the system linker between allextract/defaultextract.
+ # The C++ compiler will combine linker options so we
+ # cannot just pass the convience library names through
+ # without $wl.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract'
+ ;;
+ esac
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
+
+ output_verbose_link_cmd='echo'
+
+ # Archives containing C++ object files must be created using
+ # "CC -xar", where "CC" is the Sun C++ compiler. This is
+ # necessary to make sure instantiated templates are included
+ # in the archive.
+ _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
+ ;;
+ gcx*)
+ # Green Hills C++ Compiler
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+
+ # The C++ compiler must be used to create the archive.
+ _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs'
+ ;;
+ *)
+ # GNU C++ compiler with Solaris linker
+ if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+ _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs'
+ if $CC --version | grep -v '^2\.7' > /dev/null; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp'
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd="$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\""
+ else
+ # g++ 2.7 appears to require `-G' NOT `-shared' on this
+ # platform.
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp'
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd="$CC -G $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\""
+ fi
+
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir'
+ fi
+ ;;
+ esac
+ ;;
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
+ _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ runpath_var='LD_RUN_PATH'
+
+ case $cc_basename in
+ CC*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ ;;
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We can NOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ # For security reasons, it is highly recommended that you always
+ # use absolute paths for naming shared libraries, and exclude the
+ # DT_RUNPATH tag from executables and libraries. But doing so
+ # requires that you compile everything twice, which is a pain.
+ # So that behaviour is only enabled if SCOABSPATH is set to a
+ # non-empty value in the environment. Most likely only useful for
+ # creating official distributions of packages.
+ # This is a hack until libtool officially supports absolute path
+ # names for shared libraries.
+ _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs'
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ case $cc_basename in
+ CC*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ ;;
+ tandem*)
+ case $cc_basename in
+ NCC*)
+ # NonStop-UX NCC 3.20
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+ vxworks*)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+esac
+AC_MSG_RESULT([$_LT_AC_TAGVAR(ld_shlibs, $1)])
+test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no
+
+_LT_AC_TAGVAR(GCC, $1)="$GXX"
+_LT_AC_TAGVAR(LD, $1)="$LD"
+
+AC_LIBTOOL_POSTDEP_PREDEP($1)
+AC_LIBTOOL_PROG_COMPILER_PIC($1)
+AC_LIBTOOL_PROG_CC_C_O($1)
+AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1)
+AC_LIBTOOL_PROG_LD_SHLIBS($1)
+AC_LIBTOOL_SYS_DYNAMIC_LINKER($1)
+AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1)
+
+AC_LIBTOOL_CONFIG($1)
+
+AC_LANG_POP
+CC=$lt_save_CC
+LDCXX=$LD
+LD=$lt_save_LD
+GCC=$lt_save_GCC
+with_gnu_ldcxx=$with_gnu_ld
+with_gnu_ld=$lt_save_with_gnu_ld
+lt_cv_path_LDCXX=$lt_cv_path_LD
+lt_cv_path_LD=$lt_save_path_LD
+lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld
+lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld
+])# AC_LIBTOOL_LANG_CXX_CONFIG
+
+# AC_LIBTOOL_POSTDEP_PREDEP([TAGNAME])
+# ------------------------------------
+# Figure out "hidden" library dependencies from verbose
+# compiler output when linking a shared library.
+# Parse the compiler output and extract the necessary
+# objects, libraries and library flags.
+AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP],[
+dnl we can't use the lt_simple_compile_test_code here,
+dnl because it contains code intended for an executable,
+dnl not a library. It's possible we should let each
+dnl tag define a new lt_????_link_test_code variable,
+dnl but it's only used here...
+ifelse([$1],[],[cat > conftest.$ac_ext <<EOF
+int a;
+void foo (void) { a = 0; }
+EOF
+],[$1],[CXX],[cat > conftest.$ac_ext <<EOF
+class Foo
+{
+public:
+ Foo (void) { a = 0; }
+private:
+ int a;
+};
+EOF
+],[$1],[F77],[cat > conftest.$ac_ext <<EOF
+ subroutine foo
+ implicit none
+ integer*4 a
+ a=0
+ return
+ end
+EOF
+],[$1],[GCJ],[cat > conftest.$ac_ext <<EOF
+public class foo {
+ private int a;
+ public void bar (void) {
+ a = 0;
+ }
+};
+EOF
+])
+dnl Parse the compiler output and extract the necessary
+dnl objects, libraries and library flags.
+if AC_TRY_EVAL(ac_compile); then
+ # Parse the compiler output and extract the necessary
+ # objects, libraries and library flags.
+
+ # Sentinel used to keep track of whether or not we are before
+ # the conftest object file.
+ pre_test_object_deps_done=no
+
+ # The `*' in the case matches for architectures that use `case' in
+ # $output_verbose_cmd can trigger glob expansion during the loop
+ # eval without this substitution.
+ output_verbose_link_cmd=`$echo "X$output_verbose_link_cmd" | $Xsed -e "$no_glob_subst"`
+
+ for p in `eval $output_verbose_link_cmd`; do
+ case $p in
+
+ -L* | -R* | -l*)
+ # Some compilers place space between "-{L,R}" and the path.
+ # Remove the space.
+ if test $p = "-L" \
+ || test $p = "-R"; then
+ prev=$p
+ continue
+ else
+ prev=
+ fi
+
+ if test "$pre_test_object_deps_done" = no; then
+ case $p in
+ -L* | -R*)
+ # Internal compiler library paths should come after those
+ # provided the user. The postdeps already come after the
+ # user supplied libs so there is no need to process them.
+ if test -z "$_LT_AC_TAGVAR(compiler_lib_search_path, $1)"; then
+ _LT_AC_TAGVAR(compiler_lib_search_path, $1)="${prev}${p}"
+ else
+ _LT_AC_TAGVAR(compiler_lib_search_path, $1)="${_LT_AC_TAGVAR(compiler_lib_search_path, $1)} ${prev}${p}"
+ fi
+ ;;
+ # The "-l" case would never come before the object being
+ # linked, so don't bother handling this case.
+ esac
+ else
+ if test -z "$_LT_AC_TAGVAR(postdeps, $1)"; then
+ _LT_AC_TAGVAR(postdeps, $1)="${prev}${p}"
+ else
+ _LT_AC_TAGVAR(postdeps, $1)="${_LT_AC_TAGVAR(postdeps, $1)} ${prev}${p}"
+ fi
+ fi
+ ;;
+
+ *.$objext)
+ # This assumes that the test object file only shows up
+ # once in the compiler output.
+ if test "$p" = "conftest.$objext"; then
+ pre_test_object_deps_done=yes
+ continue
+ fi
+
+ if test "$pre_test_object_deps_done" = no; then
+ if test -z "$_LT_AC_TAGVAR(predep_objects, $1)"; then
+ _LT_AC_TAGVAR(predep_objects, $1)="$p"
+ else
+ _LT_AC_TAGVAR(predep_objects, $1)="$_LT_AC_TAGVAR(predep_objects, $1) $p"
+ fi
+ else
+ if test -z "$_LT_AC_TAGVAR(postdep_objects, $1)"; then
+ _LT_AC_TAGVAR(postdep_objects, $1)="$p"
+ else
+ _LT_AC_TAGVAR(postdep_objects, $1)="$_LT_AC_TAGVAR(postdep_objects, $1) $p"
+ fi
+ fi
+ ;;
+
+ *) ;; # Ignore the rest.
+
+ esac
+ done
+
+ # Clean up.
+ rm -f a.out a.exe
+else
+ echo "libtool.m4: error: problem compiling $1 test program"
+fi
+
+$rm -f confest.$objext
+
+# PORTME: override above test on systems where it is broken
+ifelse([$1],[CXX],
+[case $host_os in
+interix3*)
+ # Interix 3.5 installs completely hosed .la files for C++, so rather than
+ # hack all around it, let's just trust "g++" to DTRT.
+ _LT_AC_TAGVAR(predep_objects,$1)=
+ _LT_AC_TAGVAR(postdep_objects,$1)=
+ _LT_AC_TAGVAR(postdeps,$1)=
+ ;;
+
+solaris*)
+ case $cc_basename in
+ CC*)
+ # Adding this requires a known-good setup of shared libraries for
+ # Sun compiler versions before 5.6, else PIC objects from an old
+ # archive will be linked into the output, leading to subtle bugs.
+ _LT_AC_TAGVAR(postdeps,$1)='-lCstd -lCrun'
+ ;;
+ esac
+ ;;
+esac
+])
+
+case " $_LT_AC_TAGVAR(postdeps, $1) " in
+*" -lc "*) _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no ;;
+esac
+])# AC_LIBTOOL_POSTDEP_PREDEP
+
+# AC_LIBTOOL_LANG_F77_CONFIG
+# --------------------------
+# Ensure that the configuration vars for the C compiler are
+# suitably defined. Those variables are subsequently used by
+# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'.
+AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG], [_LT_AC_LANG_F77_CONFIG(F77)])
+AC_DEFUN([_LT_AC_LANG_F77_CONFIG],
+[AC_REQUIRE([AC_PROG_F77])
+AC_LANG_PUSH(Fortran 77)
+
+_LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_AC_TAGVAR(allow_undefined_flag, $1)=
+_LT_AC_TAGVAR(always_export_symbols, $1)=no
+_LT_AC_TAGVAR(archive_expsym_cmds, $1)=
+_LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_AC_TAGVAR(hardcode_direct, $1)=no
+_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
+_LT_AC_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_AC_TAGVAR(hardcode_minus_L, $1)=no
+_LT_AC_TAGVAR(hardcode_automatic, $1)=no
+_LT_AC_TAGVAR(module_cmds, $1)=
+_LT_AC_TAGVAR(module_expsym_cmds, $1)=
+_LT_AC_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_AC_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_AC_TAGVAR(no_undefined_flag, $1)=
+_LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Source file extension for f77 test sources.
+ac_ext=f
+
+# Object file extension for compiled f77 test sources.
+objext=o
+_LT_AC_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code=" subroutine t\n return\n end\n"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code=" program t\n end\n"
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_AC_SYS_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC="$CC"
+CC=${F77-"f77"}
+compiler=$CC
+_LT_AC_TAGVAR(compiler, $1)=$CC
+_LT_CC_BASENAME([$compiler])
+
+AC_MSG_CHECKING([if libtool supports shared libraries])
+AC_MSG_RESULT([$can_build_shared])
+
+AC_MSG_CHECKING([whether to build shared libraries])
+test "$can_build_shared" = "no" && enable_shared=no
+
+# On AIX, shared libraries and static libraries use the same namespace, and
+# are all built from PIC.
+case $host_os in
+aix3*)
+ test "$enable_shared" = yes && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+aix4* | aix5*)
+ if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+ test "$enable_shared" = yes && enable_static=no
+ fi
+ ;;
+esac
+AC_MSG_RESULT([$enable_shared])
+
+AC_MSG_CHECKING([whether to build static libraries])
+# Make sure either enable_shared or enable_static is yes.
+test "$enable_shared" = yes || enable_static=yes
+AC_MSG_RESULT([$enable_static])
+
+_LT_AC_TAGVAR(GCC, $1)="$G77"
+_LT_AC_TAGVAR(LD, $1)="$LD"
+
+AC_LIBTOOL_PROG_COMPILER_PIC($1)
+AC_LIBTOOL_PROG_CC_C_O($1)
+AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1)
+AC_LIBTOOL_PROG_LD_SHLIBS($1)
+AC_LIBTOOL_SYS_DYNAMIC_LINKER($1)
+AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1)
+
+AC_LIBTOOL_CONFIG($1)
+
+AC_LANG_POP
+CC="$lt_save_CC"
+])# AC_LIBTOOL_LANG_F77_CONFIG
+
+
+# AC_LIBTOOL_LANG_GCJ_CONFIG
+# --------------------------
+# Ensure that the configuration vars for the C compiler are
+# suitably defined. Those variables are subsequently used by
+# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'.
+AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG], [_LT_AC_LANG_GCJ_CONFIG(GCJ)])
+AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG],
+[AC_LANG_SAVE
+
+# Source file extension for Java test sources.
+ac_ext=java
+
+# Object file extension for compiled Java test sources.
+objext=o
+_LT_AC_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="class foo {}\n"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='public class conftest { public static void main(String[[]] argv) {}; }\n'
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_AC_SYS_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC="$CC"
+CC=${GCJ-"gcj"}
+compiler=$CC
+_LT_AC_TAGVAR(compiler, $1)=$CC
+_LT_CC_BASENAME([$compiler])
+
+# GCJ did not exist at the time GCC didn't implicitly link libc in.
+_LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+
+_LT_AC_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+
+AC_LIBTOOL_PROG_COMPILER_NO_RTTI($1)
+AC_LIBTOOL_PROG_COMPILER_PIC($1)
+AC_LIBTOOL_PROG_CC_C_O($1)
+AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1)
+AC_LIBTOOL_PROG_LD_SHLIBS($1)
+AC_LIBTOOL_SYS_DYNAMIC_LINKER($1)
+AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1)
+
+AC_LIBTOOL_CONFIG($1)
+
+AC_LANG_RESTORE
+CC="$lt_save_CC"
+])# AC_LIBTOOL_LANG_GCJ_CONFIG
+
+
+# AC_LIBTOOL_LANG_RC_CONFIG
+# -------------------------
+# Ensure that the configuration vars for the Windows resource compiler are
+# suitably defined. Those variables are subsequently used by
+# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'.
+AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG], [_LT_AC_LANG_RC_CONFIG(RC)])
+AC_DEFUN([_LT_AC_LANG_RC_CONFIG],
+[AC_LANG_SAVE
+
+# Source file extension for RC test sources.
+ac_ext=rc
+
+# Object file extension for compiled RC test sources.
+objext=o
+_LT_AC_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }\n'
+
+# Code to be used in simple link tests
+lt_simple_link_test_code="$lt_simple_compile_test_code"
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_AC_SYS_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC="$CC"
+CC=${RC-"windres"}
+compiler=$CC
+_LT_AC_TAGVAR(compiler, $1)=$CC
+_LT_CC_BASENAME([$compiler])
+_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
+
+AC_LIBTOOL_CONFIG($1)
+
+AC_LANG_RESTORE
+CC="$lt_save_CC"
+])# AC_LIBTOOL_LANG_RC_CONFIG
+
+
+# AC_LIBTOOL_CONFIG([TAGNAME])
+# ----------------------------
+# If TAGNAME is not passed, then create an initial libtool script
+# with a default configuration from the untagged config vars. Otherwise
+# add code to config.status for appending the configuration named by
+# TAGNAME from the matching tagged config vars.
+AC_DEFUN([AC_LIBTOOL_CONFIG],
+[# The else clause should only fire when bootstrapping the
+# libtool distribution, otherwise you forgot to ship ltmain.sh
+# with your package, and you will get complaints that there are
+# no rules to generate ltmain.sh.
+if test -f "$ltmain"; then
+ # See if we are running on zsh, and set the options which allow our commands through
+ # without removal of \ escapes.
+ if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+ fi
+ # Now quote all the things that may contain metacharacters while being
+ # careful not to overquote the AC_SUBSTed values. We take copies of the
+ # variables and quote the copies for generation of the libtool script.
+ for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \
+ SED SHELL STRIP \
+ libname_spec library_names_spec soname_spec extract_expsyms_cmds \
+ old_striplib striplib file_magic_cmd finish_cmds finish_eval \
+ deplibs_check_method reload_flag reload_cmds need_locks \
+ lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \
+ lt_cv_sys_global_symbol_to_c_name_address \
+ sys_lib_search_path_spec sys_lib_dlsearch_path_spec \
+ old_postinstall_cmds old_postuninstall_cmds \
+ _LT_AC_TAGVAR(compiler, $1) \
+ _LT_AC_TAGVAR(CC, $1) \
+ _LT_AC_TAGVAR(LD, $1) \
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1) \
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1) \
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1) \
+ _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) \
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1) \
+ _LT_AC_TAGVAR(thread_safe_flag_spec, $1) \
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1) \
+ _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1) \
+ _LT_AC_TAGVAR(old_archive_cmds, $1) \
+ _LT_AC_TAGVAR(old_archive_from_new_cmds, $1) \
+ _LT_AC_TAGVAR(predep_objects, $1) \
+ _LT_AC_TAGVAR(postdep_objects, $1) \
+ _LT_AC_TAGVAR(predeps, $1) \
+ _LT_AC_TAGVAR(postdeps, $1) \
+ _LT_AC_TAGVAR(compiler_lib_search_path, $1) \
+ _LT_AC_TAGVAR(archive_cmds, $1) \
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1) \
+ _LT_AC_TAGVAR(postinstall_cmds, $1) \
+ _LT_AC_TAGVAR(postuninstall_cmds, $1) \
+ _LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1) \
+ _LT_AC_TAGVAR(allow_undefined_flag, $1) \
+ _LT_AC_TAGVAR(no_undefined_flag, $1) \
+ _LT_AC_TAGVAR(export_symbols_cmds, $1) \
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) \
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1) \
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1) \
+ _LT_AC_TAGVAR(hardcode_automatic, $1) \
+ _LT_AC_TAGVAR(module_cmds, $1) \
+ _LT_AC_TAGVAR(module_expsym_cmds, $1) \
+ _LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1) \
+ _LT_AC_TAGVAR(exclude_expsyms, $1) \
+ _LT_AC_TAGVAR(include_expsyms, $1); do
+
+ case $var in
+ _LT_AC_TAGVAR(old_archive_cmds, $1) | \
+ _LT_AC_TAGVAR(old_archive_from_new_cmds, $1) | \
+ _LT_AC_TAGVAR(archive_cmds, $1) | \
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1) | \
+ _LT_AC_TAGVAR(module_cmds, $1) | \
+ _LT_AC_TAGVAR(module_expsym_cmds, $1) | \
+ _LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1) | \
+ _LT_AC_TAGVAR(export_symbols_cmds, $1) | \
+ extract_expsyms_cmds | reload_cmds | finish_cmds | \
+ postinstall_cmds | postuninstall_cmds | \
+ old_postinstall_cmds | old_postuninstall_cmds | \
+ sys_lib_search_path_spec | sys_lib_dlsearch_path_spec)
+ # Double-quote double-evaled strings.
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\""
+ ;;
+ *)
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\""
+ ;;
+ esac
+ done
+
+ case $lt_echo in
+ *'\[$]0 --fallback-echo"')
+ lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\[$]0 --fallback-echo"[$]/[$]0 --fallback-echo"/'`
+ ;;
+ esac
+
+ifelse([$1], [],
+ [cfgfile="${ofile}T"
+ trap "$rm \"$cfgfile\"; exit 1" 1 2 15
+ $rm -f "$cfgfile"
+ AC_MSG_NOTICE([creating $ofile])],
+ [cfgfile="$ofile"])
+
+ cat <<__EOF__ >> "$cfgfile"
+ifelse([$1], [],
+[#! $SHELL
+
+# `$echo "$cfgfile" | sed 's%^.*/%%'` - Provide generalized library-building support services.
+# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP)
+# NOTE: Changes made to this file will be lost: look at ltmain.sh.
+#
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001
+# Free Software Foundation, Inc.
+#
+# This file is part of GNU Libtool:
+# Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# A sed program that does not truncate output.
+SED=$lt_SED
+
+# Sed that helps us avoid accidentally triggering echo(1) options like -n.
+Xsed="$SED -e 1s/^X//"
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+# The names of the tagged configurations supported by this script.
+available_tags=
+
+# ### BEGIN LIBTOOL CONFIG],
+[# ### BEGIN LIBTOOL TAG CONFIG: $tagname])
+
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+
+# Shell to use when invoking shell scripts.
+SHELL=$lt_SHELL
+
+# Whether or not to build shared libraries.
+build_libtool_libs=$enable_shared
+
+# Whether or not to build static libraries.
+build_old_libs=$enable_static
+
+# Whether or not to add -lc for building shared libraries.
+build_libtool_need_lc=$_LT_AC_TAGVAR(archive_cmds_need_lc, $1)
+
+# Whether or not to disallow shared libs when runtime libs are static
+allow_libtool_libs_with_static_runtimes=$_LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)
+
+# Whether or not to optimize for fast installation.
+fast_install=$enable_fast_install
+
+# The host system.
+host_alias=$host_alias
+host=$host
+host_os=$host_os
+
+# The build system.
+build_alias=$build_alias
+build=$build
+build_os=$build_os
+
+# An echo program that does not interpret backslashes.
+echo=$lt_echo
+
+# The archiver.
+AR=$lt_AR
+AR_FLAGS=$lt_AR_FLAGS
+
+# A C compiler.
+LTCC=$lt_LTCC
+
+# LTCC compiler flags.
+LTCFLAGS=$lt_LTCFLAGS
+
+# A language-specific compiler.
+CC=$lt_[]_LT_AC_TAGVAR(compiler, $1)
+
+# Is the compiler the GNU C compiler?
+with_gcc=$_LT_AC_TAGVAR(GCC, $1)
+
+# An ERE matcher.
+EGREP=$lt_EGREP
+
+# The linker used to build libraries.
+LD=$lt_[]_LT_AC_TAGVAR(LD, $1)
+
+# Whether we need hard or soft links.
+LN_S=$lt_LN_S
+
+# A BSD-compatible nm program.
+NM=$lt_NM
+
+# A symbol stripping program
+STRIP=$lt_STRIP
+
+# Used to examine libraries when file_magic_cmd begins "file"
+MAGIC_CMD=$MAGIC_CMD
+
+# Used on cygwin: DLL creation program.
+DLLTOOL="$DLLTOOL"
+
+# Used on cygwin: object dumper.
+OBJDUMP="$OBJDUMP"
+
+# Used on cygwin: assembler.
+AS="$AS"
+
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
+
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag
+reload_cmds=$lt_reload_cmds
+
+# How to pass a linker flag through the compiler.
+wl=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_wl, $1)
+
+# Object file suffix (normally "o").
+objext="$ac_objext"
+
+# Old archive suffix (normally "a").
+libext="$libext"
+
+# Shared library suffix (normally ".so").
+shrext_cmds='$shrext_cmds'
+
+# Executable file suffix (normally "").
+exeext="$exeext"
+
+# Additional compiler flags for building library objects.
+pic_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)
+pic_mode=$pic_mode
+
+# What is the maximum length of a command?
+max_cmd_len=$lt_cv_sys_max_cmd_len
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$lt_[]_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)
+
+# Must we lock files when doing compilation?
+need_locks=$lt_need_locks
+
+# Do we need the lib prefix for modules?
+need_lib_prefix=$need_lib_prefix
+
+# Do we need a version for libraries?
+need_version=$need_version
+
+# Whether dlopen is supported.
+dlopen_support=$enable_dlopen
+
+# Whether dlopen of programs is supported.
+dlopen_self=$enable_dlopen_self
+
+# Whether dlopen of statically linked programs is supported.
+dlopen_self_static=$enable_dlopen_self_static
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_static, $1)
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$lt_[]_LT_AC_TAGVAR(export_dynamic_flag_spec, $1)
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$lt_[]_LT_AC_TAGVAR(whole_archive_flag_spec, $1)
+
+# Compiler flag to generate thread-safe objects.
+thread_safe_flag_spec=$lt_[]_LT_AC_TAGVAR(thread_safe_flag_spec, $1)
+
+# Library versioning type.
+version_type=$version_type
+
+# Format of library name prefix.
+libname_spec=$lt_libname_spec
+
+# List of archive names. First name is the real one, the rest are links.
+# The last name is the one that the linker finds with -lNAME.
+library_names_spec=$lt_library_names_spec
+
+# The coded name of the library, if different from the real name.
+soname_spec=$lt_soname_spec
+
+# Commands used to build and install an old-style archive.
+RANLIB=$lt_RANLIB
+old_archive_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_cmds, $1)
+old_postinstall_cmds=$lt_old_postinstall_cmds
+old_postuninstall_cmds=$lt_old_postuninstall_cmds
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_from_new_cmds, $1)
+
+# Create a temporary old-style archive to link instead of a shared archive.
+old_archive_from_expsyms_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1)
+
+# Commands used to build and install a shared archive.
+archive_cmds=$lt_[]_LT_AC_TAGVAR(archive_cmds, $1)
+archive_expsym_cmds=$lt_[]_LT_AC_TAGVAR(archive_expsym_cmds, $1)
+postinstall_cmds=$lt_postinstall_cmds
+postuninstall_cmds=$lt_postuninstall_cmds
+
+# Commands used to build a loadable module (assumed same as above if empty)
+module_cmds=$lt_[]_LT_AC_TAGVAR(module_cmds, $1)
+module_expsym_cmds=$lt_[]_LT_AC_TAGVAR(module_expsym_cmds, $1)
+
+# Commands to strip libraries.
+old_striplib=$lt_old_striplib
+striplib=$lt_striplib
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predep_objects=$lt_[]_LT_AC_TAGVAR(predep_objects, $1)
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdep_objects=$lt_[]_LT_AC_TAGVAR(postdep_objects, $1)
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predeps=$lt_[]_LT_AC_TAGVAR(predeps, $1)
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdeps=$lt_[]_LT_AC_TAGVAR(postdeps, $1)
+
+# The library search path used internally by the compiler when linking
+# a shared library.
+compiler_lib_search_path=$lt_[]_LT_AC_TAGVAR(compiler_lib_search_path, $1)
+
+# Method to check whether dependent libraries are shared objects.
+deplibs_check_method=$lt_deplibs_check_method
+
+# Command to use when deplibs_check_method == file_magic.
+file_magic_cmd=$lt_file_magic_cmd
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$lt_[]_LT_AC_TAGVAR(allow_undefined_flag, $1)
+
+# Flag that forces no undefined symbols.
+no_undefined_flag=$lt_[]_LT_AC_TAGVAR(no_undefined_flag, $1)
+
+# Commands used to finish a libtool library installation in a directory.
+finish_cmds=$lt_finish_cmds
+
+# Same as above, but a single script fragment to be evaled but not shown.
+finish_eval=$lt_finish_eval
+
+# Take the output of nm and produce a listing of raw symbols and C names.
+global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe
+
+# Transform the output of nm in a proper C declaration
+global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl
+
+# Transform the output of nm in a C name address pair
+global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
+
+# This is the shared library runtime path variable.
+runpath_var=$runpath_var
+
+# This is the shared library path variable.
+shlibpath_var=$shlibpath_var
+
+# Is shlibpath searched before the hard-coded library search path?
+shlibpath_overrides_runpath=$shlibpath_overrides_runpath
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$_LT_AC_TAGVAR(hardcode_action, $1)
+
+# Whether we should hardcode library paths into libraries.
+hardcode_into_libs=$hardcode_into_libs
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist.
+hardcode_libdir_flag_spec=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)
+
+# If ld is used when linking, flag to hardcode \$libdir into
+# a binary during linking. This must work even if \$libdir does
+# not exist.
+hardcode_libdir_flag_spec_ld=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)
+
+# Whether we need a single -rpath flag with a separated argument.
+hardcode_libdir_separator=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_separator, $1)
+
+# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the
+# resulting binary.
+hardcode_direct=$_LT_AC_TAGVAR(hardcode_direct, $1)
+
+# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
+# resulting binary.
+hardcode_minus_L=$_LT_AC_TAGVAR(hardcode_minus_L, $1)
+
+# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into
+# the resulting binary.
+hardcode_shlibpath_var=$_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)
+
+# Set to yes if building a shared library automatically hardcodes DIR into the library
+# and all subsequent libraries and executables linked against it.
+hardcode_automatic=$_LT_AC_TAGVAR(hardcode_automatic, $1)
+
+# Variables whose values should be saved in libtool wrapper scripts and
+# restored at relink time.
+variables_saved_for_relink="$variables_saved_for_relink"
+
+# Whether libtool must link a program against all its dependency libraries.
+link_all_deplibs=$_LT_AC_TAGVAR(link_all_deplibs, $1)
+
+# Compile-time system search path for libraries
+sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
+
+# Run-time system search path for libraries
+sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec
+
+# Fix the shell variable \$srcfile for the compiler.
+fix_srcfile_path="$_LT_AC_TAGVAR(fix_srcfile_path, $1)"
+
+# Set to yes if exported symbols are required.
+always_export_symbols=$_LT_AC_TAGVAR(always_export_symbols, $1)
+
+# The commands to list exported symbols.
+export_symbols_cmds=$lt_[]_LT_AC_TAGVAR(export_symbols_cmds, $1)
+
+# The commands to extract the exported symbol list from a shared archive.
+extract_expsyms_cmds=$lt_extract_expsyms_cmds
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$lt_[]_LT_AC_TAGVAR(exclude_expsyms, $1)
+
+# Symbols that must always be exported.
+include_expsyms=$lt_[]_LT_AC_TAGVAR(include_expsyms, $1)
+
+ifelse([$1],[],
+[# ### END LIBTOOL CONFIG],
+[# ### END LIBTOOL TAG CONFIG: $tagname])
+
+__EOF__
+
+ifelse([$1],[], [
+ case $host_os in
+ aix3*)
+ cat <<\EOF >> "$cfgfile"
+
+# AIX sometimes has problems with the GCC collect2 program. For some
+# reason, if we set the COLLECT_NAMES environment variable, the problems
+# vanish in a puff of smoke.
+if test "X${COLLECT_NAMES+set}" != Xset; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+fi
+EOF
+ ;;
+ esac
+
+ # We use sed instead of cat because bash on DJGPP gets confused if
+ # if finds mixed CR/LF and LF-only lines. Since sed operates in
+ # text mode, it properly converts lines to CR/LF. This bash problem
+ # is reportedly fixed, but why not run on old versions too?
+ sed '$q' "$ltmain" >> "$cfgfile" || (rm -f "$cfgfile"; exit 1)
+
+ mv -f "$cfgfile" "$ofile" || \
+ (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
+ chmod +x "$ofile"
+])
+else
+ # If there is no Makefile yet, we rely on a make rule to execute
+ # `config.status --recheck' to rerun these tests and create the
+ # libtool script then.
+ ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'`
+ if test -f "$ltmain_in"; then
+ test -f Makefile && make "$ltmain"
+ fi
+fi
+])# AC_LIBTOOL_CONFIG
+
+
+# AC_LIBTOOL_PROG_COMPILER_NO_RTTI([TAGNAME])
+# -------------------------------------------
+AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI],
+[AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl
+
+_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
+
+if test "$GCC" = yes; then
+ _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
+
+ AC_LIBTOOL_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions],
+ lt_cv_prog_compiler_rtti_exceptions,
+ [-fno-rtti -fno-exceptions], [],
+ [_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"])
+fi
+])# AC_LIBTOOL_PROG_COMPILER_NO_RTTI
+
+
+# AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE
+# ---------------------------------
+AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE],
+[AC_REQUIRE([AC_CANONICAL_HOST])
+AC_REQUIRE([AC_PROG_NM])
+AC_REQUIRE([AC_OBJEXT])
+# Check for command to grab the raw symbol name followed by C symbol from nm.
+AC_MSG_CHECKING([command to parse $NM output from $compiler object])
+AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe],
+[
+# These are sane defaults that work on at least a few old systems.
+# [They come from Ultrix. What could be older than Ultrix?!! ;)]
+
+# Character class describing NM global symbol codes.
+symcode='[[BCDEGRST]]'
+
+# Regexp to match symbols that can be accessed directly from C.
+sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)'
+
+# Transform an extracted symbol line into a proper C declaration
+lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^. .* \(.*\)$/extern int \1;/p'"
+
+# Transform an extracted symbol line into symbol name and symbol address
+lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'"
+
+# Define system-specific variables.
+case $host_os in
+aix*)
+ symcode='[[BCDT]]'
+ ;;
+cygwin* | mingw* | pw32*)
+ symcode='[[ABCDGISTW]]'
+ ;;
+hpux*) # Its linker distinguishes data from code symbols
+ if test "$host_cpu" = ia64; then
+ symcode='[[ABCDEGRST]]'
+ fi
+ lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
+ lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'"
+ ;;
+linux*)
+ if test "$host_cpu" = ia64; then
+ symcode='[[ABCDGIRSTW]]'
+ lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
+ lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'"
+ fi
+ ;;
+irix* | nonstopux*)
+ symcode='[[BCDEGRST]]'
+ ;;
+osf*)
+ symcode='[[BCDEGQRST]]'
+ ;;
+solaris*)
+ symcode='[[BDRT]]'
+ ;;
+sco3.2v5*)
+ symcode='[[DT]]'
+ ;;
+sysv4.2uw2*)
+ symcode='[[DT]]'
+ ;;
+sysv5* | sco5v6* | unixware* | OpenUNIX*)
+ symcode='[[ABDT]]'
+ ;;
+sysv4)
+ symcode='[[DFNSTU]]'
+ ;;
+esac
+
+# Handle CRLF in mingw tool chain
+opt_cr=
+case $build_os in
+mingw*)
+ opt_cr=`echo 'x\{0,1\}' | tr x '\015'` # option cr in regexp
+ ;;
+esac
+
+# If we're using GNU nm, then use its standard symbol codes.
+case `$NM -V 2>&1` in
+*GNU* | *'with BFD'*)
+ symcode='[[ABCDGIRSTW]]' ;;
+esac
+
+# Try without a prefix undercore, then with it.
+for ac_symprfx in "" "_"; do
+
+ # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol.
+ symxfrm="\\1 $ac_symprfx\\2 \\2"
+
+ # Write the raw and C identifiers.
+ lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
+
+ # Check to see that the pipe works correctly.
+ pipe_works=no
+
+ rm -f conftest*
+ cat > conftest.$ac_ext <<EOF
+#ifdef __cplusplus
+extern "C" {
+#endif
+char nm_test_var;
+void nm_test_func(){}
+#ifdef __cplusplus
+}
+#endif
+int main(){nm_test_var='a';nm_test_func();return(0);}
+EOF
+
+ if AC_TRY_EVAL(ac_compile); then
+ # Now try to grab the symbols.
+ nlist=conftest.nm
+ if AC_TRY_EVAL(NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) && test -s "$nlist"; then
+ # Try sorting and uniquifying the output.
+ if sort "$nlist" | uniq > "$nlist"T; then
+ mv -f "$nlist"T "$nlist"
+ else
+ rm -f "$nlist"T
+ fi
+
+ # Make sure that we snagged all the symbols we need.
+ if grep ' nm_test_var$' "$nlist" >/dev/null; then
+ if grep ' nm_test_func$' "$nlist" >/dev/null; then
+ cat <<EOF > conftest.$ac_ext
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+EOF
+ # Now generate the symbol file.
+ eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | grep -v main >> conftest.$ac_ext'
+
+ cat <<EOF >> conftest.$ac_ext
+#if defined (__STDC__) && __STDC__
+# define lt_ptr_t void *
+#else
+# define lt_ptr_t char *
+# define const
+#endif
+
+/* The mapping between symbol names and symbols. */
+const struct {
+ const char *name;
+ lt_ptr_t address;
+}
+lt_preloaded_symbols[[]] =
+{
+EOF
+ $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (lt_ptr_t) \&\2},/" < "$nlist" | grep -v main >> conftest.$ac_ext
+ cat <<\EOF >> conftest.$ac_ext
+ {0, (lt_ptr_t) 0}
+};
+
+#ifdef __cplusplus
+}
+#endif
+EOF
+ # Now try linking the two files.
+ mv conftest.$ac_objext conftstm.$ac_objext
+ lt_save_LIBS="$LIBS"
+ lt_save_CFLAGS="$CFLAGS"
+ LIBS="conftstm.$ac_objext"
+ CFLAGS="$CFLAGS$_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)"
+ if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then
+ pipe_works=yes
+ fi
+ LIBS="$lt_save_LIBS"
+ CFLAGS="$lt_save_CFLAGS"
+ else
+ echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD
+ fi
+ else
+ echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD
+ fi
+ else
+ echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD
+ fi
+ else
+ echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD
+ cat conftest.$ac_ext >&5
+ fi
+ rm -f conftest* conftst*
+
+ # Do not use the global_symbol_pipe unless it works.
+ if test "$pipe_works" = yes; then
+ break
+ else
+ lt_cv_sys_global_symbol_pipe=
+ fi
+done
+])
+if test -z "$lt_cv_sys_global_symbol_pipe"; then
+ lt_cv_sys_global_symbol_to_cdecl=
+fi
+if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then
+ AC_MSG_RESULT(failed)
+else
+ AC_MSG_RESULT(ok)
+fi
+]) # AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE
+
+
+# AC_LIBTOOL_PROG_COMPILER_PIC([TAGNAME])
+# ---------------------------------------
+AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC],
+[_LT_AC_TAGVAR(lt_prog_compiler_wl, $1)=
+_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
+_LT_AC_TAGVAR(lt_prog_compiler_static, $1)=
+
+AC_MSG_CHECKING([for $compiler option to produce PIC])
+ ifelse([$1],[CXX],[
+ # C++ specific cases for pic, static, wl, etc.
+ if test "$GXX" = yes; then
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ fi
+ ;;
+ amigaos*)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the `-m68020' flag to GCC prevents building anything better,
+ # like `-m68040'.
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
+ ;;
+ beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+ mingw* | os2* | pw32*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'
+ ;;
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
+ ;;
+ *djgpp*)
+ # DJGPP does not support shared libraries at all
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
+ ;;
+ interix3*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
+ fi
+ ;;
+ hpux*)
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ ;;
+ *)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ ;;
+ *)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ else
+ case $host_os in
+ aix4* | aix5*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ else
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+ chorus*)
+ case $cc_basename in
+ cxch68*)
+ # Green Hills C++ Compiler
+ # _LT_AC_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a"
+ ;;
+ esac
+ ;;
+ darwin*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ case $cc_basename in
+ xlc*)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-qnocommon'
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ ;;
+ esac
+ ;;
+ dgux*)
+ case $cc_basename in
+ ec++*)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ ;;
+ ghcx*)
+ # Green Hills C++ Compiler
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ freebsd* | kfreebsd*-gnu | dragonfly*)
+ # FreeBSD uses GNU C++
+ ;;
+ hpux9* | hpux10* | hpux11*)
+ case $cc_basename in
+ CC*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
+ if test "$host_cpu" != ia64; then
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+ fi
+ ;;
+ aCC*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+ ;;
+ esac
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ interix*)
+ # This is c89, which is MS Visual C++ (no shared libs)
+ # Anyone wants to do a port?
+ ;;
+ irix5* | irix6* | nonstopux*)
+ case $cc_basename in
+ CC*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ # CC pic flag -KPIC is the default.
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ linux*)
+ case $cc_basename in
+ KCC*)
+ # KAI C++ Compiler
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ icpc* | ecpc*)
+ # Intel C++
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ pgCC*)
+ # Portland Group C++ compiler.
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ cxx*)
+ # Compaq C++
+ # Make sure the PIC flag is empty. It appears that all Alpha
+ # Linux and Compaq Tru64 Unix objects are PIC.
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ lynxos*)
+ ;;
+ m88k*)
+ ;;
+ mvs*)
+ case $cc_basename in
+ cxx*)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ netbsd*)
+ ;;
+ osf3* | osf4* | osf5*)
+ case $cc_basename in
+ KCC*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
+ ;;
+ RCC*)
+ # Rational C++ 2.4.1
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ ;;
+ cxx*)
+ # Digital/Compaq C++
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # Make sure the PIC flag is empty. It appears that all Alpha
+ # Linux and Compaq Tru64 Unix objects are PIC.
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ psos*)
+ ;;
+ solaris*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.2, 5.x and Centerline C++
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+ ;;
+ gcx*)
+ # Green Hills C++ Compiler
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ sunos4*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.x
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ lcc*)
+ # Lucid
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ tandem*)
+ case $cc_basename in
+ NCC*)
+ # NonStop-UX NCC 3.20
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ case $cc_basename in
+ CC*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ esac
+ ;;
+ vxworks*)
+ ;;
+ *)
+ _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ ;;
+ esac
+ fi
+],
+[
+ if test "$GCC" = yes; then
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ fi
+ ;;
+
+ amigaos*)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the `-m68020' flag to GCC prevents building anything better,
+ # like `-m68040'.
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
+ ;;
+
+ beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+
+ mingw* | pw32* | os2*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'
+ ;;
+
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
+ ;;
+
+ interix3*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+
+ msdosdjgpp*)
+ # Just because we use GCC doesn't mean we suddenly get shared libraries
+ # on systems that don't support them.
+ _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ enable_shared=no
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
+ fi
+ ;;
+
+ hpux*)
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ ;;
+
+ *)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ else
+ # PORTME Check for flag to pass linker flags through the system compiler.
+ case $host_os in
+ aix*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ else
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+ darwin*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ case $cc_basename in
+ xlc*)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-qnocommon'
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ ;;
+ esac
+ ;;
+
+ mingw* | pw32* | os2*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'
+ ;;
+
+ hpux9* | hpux10* | hpux11*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+ ;;
+ esac
+ # Is there a better lt_prog_compiler_static that works with the bundled CC?
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # PIC (with -KPIC) is the default.
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+
+ newsos6)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ linux*)
+ case $cc_basename in
+ icc* | ecc*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ pgcc* | pgf77* | pgf90* | pgf95*)
+ # Portland Group compilers (*not* the Pentium gcc compiler,
+ # which looks to be a dead project)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ ccc*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # All Alpha code is PIC.
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+ esac
+ ;;
+
+ osf3* | osf4* | osf5*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # All OSF/1 code is PIC.
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+
+ solaris*)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ case $cc_basename in
+ f77* | f90* | f95*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';;
+ *)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';;
+ esac
+ ;;
+
+ sunos4*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ sysv4 | sysv4.2uw2* | sysv4.3*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec ;then
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ fi
+ ;;
+
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ unicos*)
+ _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ ;;
+
+ uts4*)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ *)
+ _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ ;;
+ esac
+ fi
+])
+AC_MSG_RESULT([$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)])
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)"; then
+ AC_LIBTOOL_COMPILER_OPTION([if $compiler PIC flag $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) works],
+ _LT_AC_TAGVAR(lt_prog_compiler_pic_works, $1),
+ [$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)ifelse([$1],[],[ -DPIC],[ifelse([$1],[CXX],[ -DPIC],[])])], [],
+ [case $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) in
+ "" | " "*) ;;
+ *) _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)" ;;
+ esac],
+ [_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
+ _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no])
+fi
+case $host_os in
+ # For platforms which do not support PIC, -DPIC is meaningless:
+ *djgpp*)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=
+ ;;
+ *)
+ _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)ifelse([$1],[],[ -DPIC],[ifelse([$1],[CXX],[ -DPIC],[])])"
+ ;;
+esac
+
+#
+# Check to make sure the static flag actually works.
+#
+wl=$_LT_AC_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_AC_TAGVAR(lt_prog_compiler_static, $1)\"
+AC_LIBTOOL_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works],
+ _LT_AC_TAGVAR(lt_prog_compiler_static_works, $1),
+ $lt_tmp_static_flag,
+ [],
+ [_LT_AC_TAGVAR(lt_prog_compiler_static, $1)=])
+])
+
+
+# AC_LIBTOOL_PROG_LD_SHLIBS([TAGNAME])
+# ------------------------------------
+# See if the linker supports building shared libraries.
+AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS],
+[AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
+ifelse([$1],[CXX],[
+ _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ case $host_os in
+ aix4* | aix5*)
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to AIX nm, but means don't demangle with GNU nm
+ if $NM -V 2>&1 | grep 'GNU' > /dev/null; then
+ _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols'
+ else
+ _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols'
+ fi
+ ;;
+ pw32*)
+ _LT_AC_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds"
+ ;;
+ cygwin* | mingw*)
+ _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]] /s/.* \([[^ ]]*\)/\1 DATA/;/^.* __nm__/s/^.* __nm__\([[^ ]]*\) [[^ ]]*/\1 DATA/;/^I /d;/^[[AITW]] /s/.* //'\'' | sort | uniq > $export_symbols'
+ ;;
+ *)
+ _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ ;;
+ esac
+],[
+ runpath_var=
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=
+ _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+ _LT_AC_TAGVAR(archive_cmds, $1)=
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)=
+ _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)=
+ _LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1)=
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
+ _LT_AC_TAGVAR(thread_safe_flag_spec, $1)=
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=
+ _LT_AC_TAGVAR(hardcode_direct, $1)=no
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=no
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=unknown
+ _LT_AC_TAGVAR(hardcode_automatic, $1)=no
+ _LT_AC_TAGVAR(module_cmds, $1)=
+ _LT_AC_TAGVAR(module_expsym_cmds, $1)=
+ _LT_AC_TAGVAR(always_export_symbols, $1)=no
+ _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ # include_expsyms should be a list of space-separated symbols to be *always*
+ # included in the symbol list
+ _LT_AC_TAGVAR(include_expsyms, $1)=
+ # exclude_expsyms can be an extended regexp of symbols to exclude
+ # it will be wrapped by ` (' and `)$', so one must not match beginning or
+ # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
+ # as well as any symbol that contains `d'.
+ _LT_AC_TAGVAR(exclude_expsyms, $1)="_GLOBAL_OFFSET_TABLE_"
+ # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+ # platforms (ab)use it in PIC code, but their linkers get confused if
+ # the symbol is explicitly referenced. Since portable code cannot
+ # rely on this symbol name, it's probably fine to never include it in
+ # preloaded symbol tables.
+ extract_expsyms_cmds=
+ # Just being paranoid about ensuring that cc_basename is set.
+ _LT_CC_BASENAME([$compiler])
+ case $host_os in
+ cygwin* | mingw* | pw32*)
+ # FIXME: the MSVC++ port hasn't been tested in a loooong time
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ if test "$GCC" != yes; then
+ with_gnu_ld=no
+ fi
+ ;;
+ interix*)
+ # we just hope/assume this is gcc and not c89 (= MSVC++)
+ with_gnu_ld=yes
+ ;;
+ openbsd*)
+ with_gnu_ld=no
+ ;;
+ esac
+
+ _LT_AC_TAGVAR(ld_shlibs, $1)=yes
+ if test "$with_gnu_ld" = yes; then
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ wlarc='${wl}'
+
+ # Set some defaults for GNU ld with shared library support. These
+ # are reset later if shared libraries are not supported. Putting them
+ # here allows them to be overridden if necessary.
+ runpath_var=LD_RUN_PATH
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ else
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
+ fi
+ supports_anon_versioning=no
+ case `$LD -v 2>/dev/null` in
+ *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11
+ *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
+ *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
+ *\ 2.11.*) ;; # other 2.11 versions
+ *) supports_anon_versioning=yes ;;
+ esac
+
+ # See if GNU ld supports shared libraries.
+ case $host_os in
+ aix3* | aix4* | aix5*)
+ # On AIX/PPC, the GNU linker is very broken
+ if test "$host_cpu" != ia64; then
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ cat <<EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.9.1, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support. If you
+*** really care for shared libraries, you may want to modify your PATH
+*** so that a non-GNU linker is found, and then restart.
+
+EOF
+ fi
+ ;;
+
+ amigaos*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+
+ # Samuel A. Falvo II <kc5tja@dolphin.openprojects.net> reports
+ # that the semantics of dynamic libraries on AmigaOS, at least up
+ # to version 4, is to share data among multiple programs linked
+ # with the same dynamic library. Since this doesn't match the
+ # behavior of shared libraries on other platforms, we can't use
+ # them.
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
+ # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ else
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ cygwin* | mingw* | pw32*)
+ # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
+ # as there is no search path for DLLs.
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_AC_TAGVAR(always_export_symbols, $1)=no
+ _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]] /s/.* \([[^ ]]*\)/\1 DATA/'\'' | $SED -e '\''/^[[AITW]] /s/.* //'\'' | sort | uniq > $export_symbols'
+
+ if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file (1st line
+ # is EXPORTS), use it as is; otherwise, prepend...
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ interix3*)
+ _LT_AC_TAGVAR(hardcode_direct, $1)=no
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+
+ linux*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ tmp_addflag=
+ case $cc_basename,$host_cpu in
+ pgcc*) # Portland Group C compiler
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag'
+ ;;
+ pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag -Mnomain' ;;
+ ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64
+ tmp_addflag=' -i_dynamic' ;;
+ efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64
+ tmp_addflag=' -i_dynamic -nofor_main' ;;
+ ifc* | ifort*) # Intel Fortran compiler
+ tmp_addflag=' -nofor_main' ;;
+ esac
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+
+ if test $supports_anon_versioning = yes; then
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ $echo "local: *; };" >> $output_objdir/$libname.ver~
+ $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+ fi
+ else
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
+ wlarc=
+ else
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ fi
+ ;;
+
+ solaris*)
+ if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ cat <<EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+EOF
+ elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+ case `$LD -v 2>&1` in
+ *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*)
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
+*** reliably create shared libraries on SCO systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.16.91.0.3 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ ;;
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib'
+ else
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+
+ sunos4*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ wlarc=
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+
+ if test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no; then
+ runpath_var=
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=
+ fi
+ else
+ # PORTME fill in a description of your system's linker (not GNU ld)
+ case $host_os in
+ aix3*)
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_AC_TAGVAR(always_export_symbols, $1)=yes
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
+ # Note: this linker hardcodes the directories in LIBPATH if there
+ # are no directories specified by -L.
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+ if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then
+ # Neither direct hardcoding nor static linking is supported with a
+ # broken collect2.
+ _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported
+ fi
+ ;;
+
+ aix4* | aix5*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=""
+ else
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to AIX nm, but means don't demangle with GNU nm
+ if $NM -V 2>&1 | grep 'GNU' > /dev/null; then
+ _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols'
+ else
+ _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols'
+ fi
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[[23]]|aix4.[[23]].*|aix5*)
+ for ld_flag in $LDFLAGS; do
+ if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+ aix_use_runtimelinking=yes
+ break
+ fi
+ done
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ _LT_AC_TAGVAR(archive_cmds, $1)=''
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
+
+ if test "$GCC" = yes; then
+ case $host_os in aix4.[[012]]|aix4.[[012]].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" && \
+ strings "$collect2name" | grep resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ else
+ # We have old collect2
+ _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=
+ fi
+ ;;
+ esac
+ shared_flag='-shared'
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag="$shared_flag "'${wl}-G'
+ fi
+ else
+ # not using gcc
+ if test "$host_cpu" = ia64; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag='${wl}-G'
+ else
+ shared_flag='${wl}-bM:SRE'
+ fi
+ fi
+ fi
+
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to export.
+ _LT_AC_TAGVAR(always_export_symbols, $1)=yes
+ if test "$aix_use_runtimelinking" = yes; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='-berok'
+ # Determine the default libpath from the value encoded in an empty executable.
+ _LT_AC_SYS_LIBPATH_AIX
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ else
+ if test "$host_cpu" = ia64; then
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an empty executable.
+ _LT_AC_SYS_LIBPATH_AIX
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
+ # Exported symbols can be pulled into shared objects from archives
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes
+ # This is similar to how AIX traditionally builds its shared libraries.
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+ fi
+ fi
+ ;;
+
+ amigaos*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+ # see comment about different semantics on the GNU ld section
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ bsdi[[45]]*)
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic
+ ;;
+
+ cygwin* | mingw* | pw32*)
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=".dll"
+ # FIXME: Setting linknames here is a bad hack.
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames='
+ # The linker will automatically build a .lib file if we build a DLL.
+ _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)='true'
+ # FIXME: Should let the user specify the lib program.
+ _LT_AC_TAGVAR(old_archive_cmds, $1)='lib /OUT:$oldlib$oldobjs$old_deplibs'
+ _LT_AC_TAGVAR(fix_srcfile_path, $1)='`cygpath -w "$srcfile"`'
+ _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ ;;
+
+ darwin* | rhapsody*)
+ case $host_os in
+ rhapsody* | darwin1.[[012]])
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress'
+ ;;
+ *) # Darwin 1.3 on
+ if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ else
+ case ${MACOSX_DEPLOYMENT_TARGET} in
+ 10.[[012]])
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ ;;
+ 10.*)
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup'
+ ;;
+ esac
+ fi
+ ;;
+ esac
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_AC_TAGVAR(hardcode_direct, $1)=no
+ _LT_AC_TAGVAR(hardcode_automatic, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)=''
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
+ if test "$GCC" = yes ; then
+ output_verbose_link_cmd='echo'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
+ _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ else
+ case $cc_basename in
+ xlc*)
+ output_verbose_link_cmd='echo'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring'
+ _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ ;;
+ *)
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ fi
+ ;;
+
+ dgux*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ freebsd1*)
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+ # support. Future versions do this automatically, but an explicit c++rt0.o
+ # does not break anything, and helps significantly (at the cost of a little
+ # extra space).
+ freebsd2.2*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+ freebsd2*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+ freebsd* | kfreebsd*-gnu | dragonfly*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ hpux9*)
+ if test "$GCC" = yes; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ else
+ _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ fi
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ ;;
+
+ hpux10*)
+ if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ if test "$with_gnu_ld" = no; then
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+ fi
+ ;;
+
+ hpux11*)
+ if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ case $host_cpu in
+ hppa*64*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ else
+ case $host_cpu in
+ hppa*64*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ fi
+ if test "$with_gnu_ld" = no; then
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=no
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+ *)
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+ ;;
+ esac
+ fi
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ if test "$GCC" = yes; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir'
+ fi
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
+ else
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF
+ fi
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ newsos6)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ openbsd*)
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+ else
+ case $host_os in
+ openbsd[[01]].* | openbsd2.[[0-7]] | openbsd2.[[0-7]].*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ ;;
+ *)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+ ;;
+ esac
+ fi
+ ;;
+
+ os2*)
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_AC_TAGVAR(archive_cmds, $1)='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+ _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
+ ;;
+
+ osf3*)
+ if test "$GCC" = yes; then
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ fi
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+ ;;
+
+ osf4* | osf5*) # as osf3* with the addition of -msym flag
+ if test "$GCC" = yes; then
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+ else
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~
+ $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp'
+
+ # Both c and cxx compiler support -rpath directly
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+ fi
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=:
+ ;;
+
+ solaris*)
+ _LT_AC_TAGVAR(no_undefined_flag, $1)=' -z text'
+ if test "$GCC" = yes; then
+ wlarc='${wl}'
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp'
+ else
+ wlarc=''
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp'
+ fi
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ case $host_os in
+ solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+ *)
+ # The compiler driver will combine linker options so we
+ # cannot just pass the convience library names through
+ # without $wl, iff we do not link with $LD.
+ # Luckily, gcc supports the same syntax we need for Sun Studio.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ case $wlarc in
+ '')
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' ;;
+ *)
+ _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;;
+ esac ;;
+ esac
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+
+ sunos4*)
+ if test "x$host_vendor" = xsequent; then
+ # Use $CC to link under sequent, because it throws in some extra .o
+ # files that make .init and .fini sections work.
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes
+ _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ sysv4)
+ case $host_vendor in
+ sni)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=yes # is this really true???
+ ;;
+ siemens)
+ ## LD is ld it makes a PLAMLIB
+ ## CC just makes a GrossModule.
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=no
+ ;;
+ motorola)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie
+ ;;
+ esac
+ runpath_var='LD_RUN_PATH'
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ sysv4.3*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ runpath_var=LD_RUN_PATH
+ hardcode_runpath_var=yes
+ _LT_AC_TAGVAR(ld_shlibs, $1)=yes
+ fi
+ ;;
+
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7*)
+ _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We can NOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs'
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
+ _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_AC_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ uts4*)
+ _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ *)
+ _LT_AC_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ fi
+])
+AC_MSG_RESULT([$_LT_AC_TAGVAR(ld_shlibs, $1)])
+test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$_LT_AC_TAGVAR(archive_cmds_need_lc, $1)" in
+x|xyes)
+ # Assume -lc should be added
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes
+
+ if test "$enable_shared" = yes && test "$GCC" = yes; then
+ case $_LT_AC_TAGVAR(archive_cmds, $1) in
+ *'~'*)
+ # FIXME: we may have to deal with multi-command sequences.
+ ;;
+ '$CC '*)
+ # Test whether the compiler implicitly links with -lc since on some
+ # systems, -lgcc has to come before -lc. If gcc already passes -lc
+ # to ld, don't add -lc before -lgcc.
+ AC_MSG_CHECKING([whether -lc should be explicitly linked in])
+ $rm conftest*
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ if AC_TRY_EVAL(ac_compile) 2>conftest.err; then
+ soname=conftest
+ lib=conftest
+ libobjs=conftest.$ac_objext
+ deplibs=
+ wl=$_LT_AC_TAGVAR(lt_prog_compiler_wl, $1)
+ pic_flag=$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)
+ compiler_flags=-v
+ linker_flags=-v
+ verstring=
+ output_objdir=.
+ libname=conftest
+ lt_save_allow_undefined_flag=$_LT_AC_TAGVAR(allow_undefined_flag, $1)
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=
+ if AC_TRY_EVAL(_LT_AC_TAGVAR(archive_cmds, $1) 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1)
+ then
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
+ else
+ _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes
+ fi
+ _LT_AC_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag
+ else
+ cat conftest.err 1>&5
+ fi
+ $rm conftest*
+ AC_MSG_RESULT([$_LT_AC_TAGVAR(archive_cmds_need_lc, $1)])
+ ;;
+ esac
+ fi
+ ;;
+esac
+])# AC_LIBTOOL_PROG_LD_SHLIBS
+
+
+# _LT_AC_FILE_LTDLL_C
+# -------------------
+# Be careful that the start marker always follows a newline.
+AC_DEFUN([_LT_AC_FILE_LTDLL_C], [
+# /* ltdll.c starts here */
+# #define WIN32_LEAN_AND_MEAN
+# #include <windows.h>
+# #undef WIN32_LEAN_AND_MEAN
+# #include <stdio.h>
+#
+# #ifndef __CYGWIN__
+# # ifdef __CYGWIN32__
+# # define __CYGWIN__ __CYGWIN32__
+# # endif
+# #endif
+#
+# #ifdef __cplusplus
+# extern "C" {
+# #endif
+# BOOL APIENTRY DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved);
+# #ifdef __cplusplus
+# }
+# #endif
+#
+# #ifdef __CYGWIN__
+# #include <cygwin/cygwin_dll.h>
+# DECLARE_CYGWIN_DLL( DllMain );
+# #endif
+# HINSTANCE __hDllInstance_base;
+#
+# BOOL APIENTRY
+# DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved)
+# {
+# __hDllInstance_base = hInst;
+# return TRUE;
+# }
+# /* ltdll.c ends here */
+])# _LT_AC_FILE_LTDLL_C
+
+
+# _LT_AC_TAGVAR(VARNAME, [TAGNAME])
+# ---------------------------------
+AC_DEFUN([_LT_AC_TAGVAR], [ifelse([$2], [], [$1], [$1_$2])])
+
+
+# old names
+AC_DEFUN([AM_PROG_LIBTOOL], [AC_PROG_LIBTOOL])
+AC_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)])
+AC_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)])
+AC_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)])
+AC_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)])
+AC_DEFUN([AM_PROG_LD], [AC_PROG_LD])
+AC_DEFUN([AM_PROG_NM], [AC_PROG_NM])
+
+# This is just to silence aclocal about the macro not being used
+ifelse([AC_DISABLE_FAST_INSTALL])
+
+AC_DEFUN([LT_AC_PROG_GCJ],
+[AC_CHECK_TOOL(GCJ, gcj, no)
+ test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2"
+ AC_SUBST(GCJFLAGS)
+])
+
+AC_DEFUN([LT_AC_PROG_RC],
+[AC_CHECK_TOOL(RC, windres, no)
+])
+
+# NOTE: This macro has been submitted for inclusion into #
+# GNU Autoconf as AC_PROG_SED. When it is available in #
+# a released version of Autoconf we should remove this #
+# macro and use it instead. #
+# LT_AC_PROG_SED
+# --------------
+# Check for a fully-functional sed program, that truncates
+# as few characters as possible. Prefer GNU sed if found.
+AC_DEFUN([LT_AC_PROG_SED],
+[AC_MSG_CHECKING([for a sed that does not truncate output])
+AC_CACHE_VAL(lt_cv_path_SED,
+[# Loop through the user's path and test for sed and gsed.
+# Then use that list of sed's as ones to test for truncation.
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for lt_ac_prog in sed gsed; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then
+ lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext"
+ fi
+ done
+ done
+done
+lt_ac_max=0
+lt_ac_count=0
+# Add /usr/xpg4/bin/sed as it is typically found on Solaris
+# along with /bin/sed that truncates output.
+for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do
+ test ! -f $lt_ac_sed && continue
+ cat /dev/null > conftest.in
+ lt_ac_count=0
+ echo $ECHO_N "0123456789$ECHO_C" >conftest.in
+ # Check for GNU sed and select it if it is found.
+ if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then
+ lt_cv_path_SED=$lt_ac_sed
+ break
+ fi
+ while true; do
+ cat conftest.in conftest.in >conftest.tmp
+ mv conftest.tmp conftest.in
+ cp conftest.in conftest.nl
+ echo >>conftest.nl
+ $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break
+ cmp -s conftest.out conftest.nl || break
+ # 10000 chars as input seems more than enough
+ test $lt_ac_count -gt 10 && break
+ lt_ac_count=`expr $lt_ac_count + 1`
+ if test $lt_ac_count -gt $lt_ac_max; then
+ lt_ac_max=$lt_ac_count
+ lt_cv_path_SED=$lt_ac_sed
+ fi
+ done
+done
+])
+SED=$lt_cv_path_SED
+AC_MSG_RESULT([$SED])
+])
+
+# Copyright (C) 2002, 2003, 2005, 2006 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_AUTOMAKE_VERSION(VERSION)
+# ----------------------------
+# Automake X.Y traces this macro to ensure aclocal.m4 has been
+# generated from the m4 files accompanying Automake X.Y.
+# (This private macro should not be called outside this file.)
+AC_DEFUN([AM_AUTOMAKE_VERSION],
+[am__api_version='1.10'
+dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
+dnl require some minimum version. Point them to the right macro.
+m4_if([$1], [1.10], [],
+ [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
+])
+
+# _AM_AUTOCONF_VERSION(VERSION)
+# -----------------------------
+# aclocal traces this macro to find the Autoconf version.
+# This is a private macro too. Using m4_define simplifies
+# the logic in aclocal, which can simply ignore this definition.
+m4_define([_AM_AUTOCONF_VERSION], [])
+
+# AM_SET_CURRENT_AUTOMAKE_VERSION
+# -------------------------------
+# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
+# This function is AC_REQUIREd by AC_INIT_AUTOMAKE.
+AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
+[AM_AUTOMAKE_VERSION([1.10])dnl
+_AM_AUTOCONF_VERSION(m4_PACKAGE_VERSION)])
+
+# AM_AUX_DIR_EXPAND -*- Autoconf -*-
+
+# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets
+# $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to
+# `$srcdir', `$srcdir/..', or `$srcdir/../..'.
+#
+# Of course, Automake must honor this variable whenever it calls a
+# tool from the auxiliary directory. The problem is that $srcdir (and
+# therefore $ac_aux_dir as well) can be either absolute or relative,
+# depending on how configure is run. This is pretty annoying, since
+# it makes $ac_aux_dir quite unusable in subdirectories: in the top
+# source directory, any form will work fine, but in subdirectories a
+# relative path needs to be adjusted first.
+#
+# $ac_aux_dir/missing
+# fails when called from a subdirectory if $ac_aux_dir is relative
+# $top_srcdir/$ac_aux_dir/missing
+# fails if $ac_aux_dir is absolute,
+# fails when called from a subdirectory in a VPATH build with
+# a relative $ac_aux_dir
+#
+# The reason of the latter failure is that $top_srcdir and $ac_aux_dir
+# are both prefixed by $srcdir. In an in-source build this is usually
+# harmless because $srcdir is `.', but things will broke when you
+# start a VPATH build or use an absolute $srcdir.
+#
+# So we could use something similar to $top_srcdir/$ac_aux_dir/missing,
+# iff we strip the leading $srcdir from $ac_aux_dir. That would be:
+# am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"`
+# and then we would define $MISSING as
+# MISSING="\${SHELL} $am_aux_dir/missing"
+# This will work as long as MISSING is not called from configure, because
+# unfortunately $(top_srcdir) has no meaning in configure.
+# However there are other variables, like CC, which are often used in
+# configure, and could therefore not use this "fixed" $ac_aux_dir.
+#
+# Another solution, used here, is to always expand $ac_aux_dir to an
+# absolute PATH. The drawback is that using absolute paths prevent a
+# configured tree to be moved without reconfiguration.
+
+AC_DEFUN([AM_AUX_DIR_EXPAND],
+[dnl Rely on autoconf to set up CDPATH properly.
+AC_PREREQ([2.50])dnl
+# expand $ac_aux_dir to an absolute path
+am_aux_dir=`cd $ac_aux_dir && pwd`
+])
+
+# AM_CONDITIONAL -*- Autoconf -*-
+
+# Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005, 2006
+# Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 8
+
+# AM_CONDITIONAL(NAME, SHELL-CONDITION)
+# -------------------------------------
+# Define a conditional.
+AC_DEFUN([AM_CONDITIONAL],
+[AC_PREREQ(2.52)dnl
+ ifelse([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])],
+ [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl
+AC_SUBST([$1_TRUE])dnl
+AC_SUBST([$1_FALSE])dnl
+_AM_SUBST_NOTMAKE([$1_TRUE])dnl
+_AM_SUBST_NOTMAKE([$1_FALSE])dnl
+if $2; then
+ $1_TRUE=
+ $1_FALSE='#'
+else
+ $1_TRUE='#'
+ $1_FALSE=
+fi
+AC_CONFIG_COMMANDS_PRE(
+[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then
+ AC_MSG_ERROR([[conditional "$1" was never defined.
+Usually this means the macro was only invoked conditionally.]])
+fi])])
+
+# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006
+# Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 9
+
+# There are a few dirty hacks below to avoid letting `AC_PROG_CC' be
+# written in clear, in which case automake, when reading aclocal.m4,
+# will think it sees a *use*, and therefore will trigger all it's
+# C support machinery. Also note that it means that autoscan, seeing
+# CC etc. in the Makefile, will ask for an AC_PROG_CC use...
+
+
+# _AM_DEPENDENCIES(NAME)
+# ----------------------
+# See how the compiler implements dependency checking.
+# NAME is "CC", "CXX", "GCJ", or "OBJC".
+# We try a few techniques and use that to set a single cache variable.
+#
+# We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was
+# modified to invoke _AM_DEPENDENCIES(CC); we would have a circular
+# dependency, and given that the user is not expected to run this macro,
+# just rely on AC_PROG_CC.
+AC_DEFUN([_AM_DEPENDENCIES],
+[AC_REQUIRE([AM_SET_DEPDIR])dnl
+AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl
+AC_REQUIRE([AM_MAKE_INCLUDE])dnl
+AC_REQUIRE([AM_DEP_TRACK])dnl
+
+ifelse([$1], CC, [depcc="$CC" am_compiler_list=],
+ [$1], CXX, [depcc="$CXX" am_compiler_list=],
+ [$1], OBJC, [depcc="$OBJC" am_compiler_list='gcc3 gcc'],
+ [$1], UPC, [depcc="$UPC" am_compiler_list=],
+ [$1], GCJ, [depcc="$GCJ" am_compiler_list='gcc3 gcc'],
+ [depcc="$$1" am_compiler_list=])
+
+AC_CACHE_CHECK([dependency style of $depcc],
+ [am_cv_$1_dependencies_compiler_type],
+[if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+ # We make a subdir and do the tests there. Otherwise we can end up
+ # making bogus files that we don't know about and never remove. For
+ # instance it was reported that on HP-UX the gcc test will end up
+ # making a dummy file named `D' -- because `-MD' means `put the output
+ # in D'.
+ mkdir conftest.dir
+ # Copy depcomp to subdir because otherwise we won't find it if we're
+ # using a relative directory.
+ cp "$am_depcomp" conftest.dir
+ cd conftest.dir
+ # We will build objects and dependencies in a subdirectory because
+ # it helps to detect inapplicable dependency modes. For instance
+ # both Tru64's cc and ICC support -MD to output dependencies as a
+ # side effect of compilation, but ICC will put the dependencies in
+ # the current directory while Tru64 will put them in the object
+ # directory.
+ mkdir sub
+
+ am_cv_$1_dependencies_compiler_type=none
+ if test "$am_compiler_list" = ""; then
+ am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp`
+ fi
+ for depmode in $am_compiler_list; do
+ # Setup a source with many dependencies, because some compilers
+ # like to wrap large dependency lists on column 80 (with \), and
+ # we should not choose a depcomp mode which is confused by this.
+ #
+ # We need to recreate these files for each test, as the compiler may
+ # overwrite some of them when testing with obscure command lines.
+ # This happens at least with the AIX C compiler.
+ : > sub/conftest.c
+ for i in 1 2 3 4 5 6; do
+ echo '#include "conftst'$i'.h"' >> sub/conftest.c
+ # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with
+ # Solaris 8's {/usr,}/bin/sh.
+ touch sub/conftst$i.h
+ done
+ echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+ case $depmode in
+ nosideeffect)
+ # after this tag, mechanisms are not by side-effect, so they'll
+ # only be used when explicitly requested
+ if test "x$enable_dependency_tracking" = xyes; then
+ continue
+ else
+ break
+ fi
+ ;;
+ none) break ;;
+ esac
+ # We check with `-c' and `-o' for the sake of the "dashmstdout"
+ # mode. It turns out that the SunPro C++ compiler does not properly
+ # handle `-M -o', and we need to detect this.
+ if depmode=$depmode \
+ source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \
+ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+ $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \
+ >/dev/null 2>conftest.err &&
+ grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 &&
+ ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+ # icc doesn't choke on unknown options, it will just issue warnings
+ # or remarks (even with -Werror). So we grep stderr for any message
+ # that says an option was ignored or not supported.
+ # When given -MP, icc 7.0 and 7.1 complain thusly:
+ # icc: Command line warning: ignoring option '-M'; no argument required
+ # The diagnosis changed in icc 8.0:
+ # icc: Command line remark: option '-MP' not supported
+ if (grep 'ignoring option' conftest.err ||
+ grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+ am_cv_$1_dependencies_compiler_type=$depmode
+ break
+ fi
+ fi
+ done
+
+ cd ..
+ rm -rf conftest.dir
+else
+ am_cv_$1_dependencies_compiler_type=none
+fi
+])
+AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type])
+AM_CONDITIONAL([am__fastdep$1], [
+ test "x$enable_dependency_tracking" != xno \
+ && test "$am_cv_$1_dependencies_compiler_type" = gcc3])
+])
+
+
+# AM_SET_DEPDIR
+# -------------
+# Choose a directory name for dependency files.
+# This macro is AC_REQUIREd in _AM_DEPENDENCIES
+AC_DEFUN([AM_SET_DEPDIR],
+[AC_REQUIRE([AM_SET_LEADING_DOT])dnl
+AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl
+])
+
+
+# AM_DEP_TRACK
+# ------------
+AC_DEFUN([AM_DEP_TRACK],
+[AC_ARG_ENABLE(dependency-tracking,
+[ --disable-dependency-tracking speeds up one-time build
+ --enable-dependency-tracking do not reject slow dependency extractors])
+if test "x$enable_dependency_tracking" != xno; then
+ am_depcomp="$ac_aux_dir/depcomp"
+ AMDEPBACKSLASH='\'
+fi
+AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno])
+AC_SUBST([AMDEPBACKSLASH])dnl
+_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl
+])
+
+# Generate code to set up dependency tracking. -*- Autoconf -*-
+
+# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005
+# Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+#serial 3
+
+# _AM_OUTPUT_DEPENDENCY_COMMANDS
+# ------------------------------
+AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
+[for mf in $CONFIG_FILES; do
+ # Strip MF so we end up with the name of the file.
+ mf=`echo "$mf" | sed -e 's/:.*$//'`
+ # Check whether this is an Automake generated Makefile or not.
+ # We used to match only the files named `Makefile.in', but
+ # some people rename them; so instead we look at the file content.
+ # Grep'ing the first line is not enough: some people post-process
+ # each Makefile.in and add a new line on top of each file to say so.
+ # Grep'ing the whole file is not good either: AIX grep has a line
+ # limit of 2048, but all sed's we know have understand at least 4000.
+ if sed 10q "$mf" | grep '^#.*generated by automake' > /dev/null 2>&1; then
+ dirpart=`AS_DIRNAME("$mf")`
+ else
+ continue
+ fi
+ # Extract the definition of DEPDIR, am__include, and am__quote
+ # from the Makefile without running `make'.
+ DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"`
+ test -z "$DEPDIR" && continue
+ am__include=`sed -n 's/^am__include = //p' < "$mf"`
+ test -z "am__include" && continue
+ am__quote=`sed -n 's/^am__quote = //p' < "$mf"`
+ # When using ansi2knr, U may be empty or an underscore; expand it
+ U=`sed -n 's/^U = //p' < "$mf"`
+ # Find all dependency output files, they are included files with
+ # $(DEPDIR) in their names. We invoke sed twice because it is the
+ # simplest approach to changing $(DEPDIR) to its actual value in the
+ # expansion.
+ for file in `sed -n "
+ s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \
+ sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do
+ # Make sure the directory exists.
+ test -f "$dirpart/$file" && continue
+ fdir=`AS_DIRNAME(["$file"])`
+ AS_MKDIR_P([$dirpart/$fdir])
+ # echo "creating $dirpart/$file"
+ echo '# dummy' > "$dirpart/$file"
+ done
+done
+])# _AM_OUTPUT_DEPENDENCY_COMMANDS
+
+
+# AM_OUTPUT_DEPENDENCY_COMMANDS
+# -----------------------------
+# This macro should only be invoked once -- use via AC_REQUIRE.
+#
+# This code is only required when automatic dependency tracking
+# is enabled. FIXME. This creates each `.P' file that we will
+# need in order to bootstrap the dependency handling code.
+AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
+[AC_CONFIG_COMMANDS([depfiles],
+ [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS],
+ [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"])
+])
+
+# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005
+# Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 8
+
+# AM_CONFIG_HEADER is obsolete. It has been replaced by AC_CONFIG_HEADERS.
+AU_DEFUN([AM_CONFIG_HEADER], [AC_CONFIG_HEADERS($@)])
+
+# Do all the work for Automake. -*- Autoconf -*-
+
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
+# 2005, 2006 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 12
+
+# This macro actually does too much. Some checks are only needed if
+# your package does certain things. But this isn't really a big deal.
+
+# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE])
+# AM_INIT_AUTOMAKE([OPTIONS])
+# -----------------------------------------------
+# The call with PACKAGE and VERSION arguments is the old style
+# call (pre autoconf-2.50), which is being phased out. PACKAGE
+# and VERSION should now be passed to AC_INIT and removed from
+# the call to AM_INIT_AUTOMAKE.
+# We support both call styles for the transition. After
+# the next Automake release, Autoconf can make the AC_INIT
+# arguments mandatory, and then we can depend on a new Autoconf
+# release and drop the old call support.
+AC_DEFUN([AM_INIT_AUTOMAKE],
+[AC_PREREQ([2.60])dnl
+dnl Autoconf wants to disallow AM_ names. We explicitly allow
+dnl the ones we care about.
+m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl
+AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl
+AC_REQUIRE([AC_PROG_INSTALL])dnl
+if test "`cd $srcdir && pwd`" != "`pwd`"; then
+ # Use -I$(srcdir) only when $(srcdir) != ., so that make's output
+ # is not polluted with repeated "-I."
+ AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl
+ # test to see if srcdir already configured
+ if test -f $srcdir/config.status; then
+ AC_MSG_ERROR([source directory already configured; run "make distclean" there first])
+ fi
+fi
+
+# test whether we have cygpath
+if test -z "$CYGPATH_W"; then
+ if (cygpath --version) >/dev/null 2>/dev/null; then
+ CYGPATH_W='cygpath -w'
+ else
+ CYGPATH_W=echo
+ fi
+fi
+AC_SUBST([CYGPATH_W])
+
+# Define the identity of the package.
+dnl Distinguish between old-style and new-style calls.
+m4_ifval([$2],
+[m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl
+ AC_SUBST([PACKAGE], [$1])dnl
+ AC_SUBST([VERSION], [$2])],
+[_AM_SET_OPTIONS([$1])dnl
+dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT.
+m4_if(m4_ifdef([AC_PACKAGE_NAME], 1)m4_ifdef([AC_PACKAGE_VERSION], 1), 11,,
+ [m4_fatal([AC_INIT should be called with package and version arguments])])dnl
+ AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl
+ AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl
+
+_AM_IF_OPTION([no-define],,
+[AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package])
+ AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])])dnl
+
+# Some tools Automake needs.
+AC_REQUIRE([AM_SANITY_CHECK])dnl
+AC_REQUIRE([AC_ARG_PROGRAM])dnl
+AM_MISSING_PROG(ACLOCAL, aclocal-${am__api_version})
+AM_MISSING_PROG(AUTOCONF, autoconf)
+AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version})
+AM_MISSING_PROG(AUTOHEADER, autoheader)
+AM_MISSING_PROG(MAKEINFO, makeinfo)
+AM_PROG_INSTALL_SH
+AM_PROG_INSTALL_STRIP
+AC_REQUIRE([AM_PROG_MKDIR_P])dnl
+# We need awk for the "check" target. The system "awk" is bad on
+# some platforms.
+AC_REQUIRE([AC_PROG_AWK])dnl
+AC_REQUIRE([AC_PROG_MAKE_SET])dnl
+AC_REQUIRE([AM_SET_LEADING_DOT])dnl
+_AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])],
+ [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])],
+ [_AM_PROG_TAR([v7])])])
+_AM_IF_OPTION([no-dependencies],,
+[AC_PROVIDE_IFELSE([AC_PROG_CC],
+ [_AM_DEPENDENCIES(CC)],
+ [define([AC_PROG_CC],
+ defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl
+AC_PROVIDE_IFELSE([AC_PROG_CXX],
+ [_AM_DEPENDENCIES(CXX)],
+ [define([AC_PROG_CXX],
+ defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl
+AC_PROVIDE_IFELSE([AC_PROG_OBJC],
+ [_AM_DEPENDENCIES(OBJC)],
+ [define([AC_PROG_OBJC],
+ defn([AC_PROG_OBJC])[_AM_DEPENDENCIES(OBJC)])])dnl
+])
+])
+
+
+# When config.status generates a header, we must update the stamp-h file.
+# This file resides in the same directory as the config header
+# that is generated. The stamp files are numbered to have different names.
+
+# Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the
+# loop where config.status creates the headers, so we can generate
+# our stamp files there.
+AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK],
+[# Compute $1's index in $config_headers.
+_am_stamp_count=1
+for _am_header in $config_headers :; do
+ case $_am_header in
+ $1 | $1:* )
+ break ;;
+ * )
+ _am_stamp_count=`expr $_am_stamp_count + 1` ;;
+ esac
+done
+echo "timestamp for $1" >`AS_DIRNAME([$1])`/stamp-h[]$_am_stamp_count])
+
+# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_PROG_INSTALL_SH
+# ------------------
+# Define $install_sh.
+AC_DEFUN([AM_PROG_INSTALL_SH],
+[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
+install_sh=${install_sh-"\$(SHELL) $am_aux_dir/install-sh"}
+AC_SUBST(install_sh)])
+
+# Copyright (C) 2003, 2005 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 2
+
+# Check whether the underlying file-system supports filenames
+# with a leading dot. For instance MS-DOS doesn't.
+AC_DEFUN([AM_SET_LEADING_DOT],
+[rm -rf .tst 2>/dev/null
+mkdir .tst 2>/dev/null
+if test -d .tst; then
+ am__leading_dot=.
+else
+ am__leading_dot=_
+fi
+rmdir .tst 2>/dev/null
+AC_SUBST([am__leading_dot])])
+
+# Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2005
+# Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 5
+
+# AM_PROG_LEX
+# -----------
+# Autoconf leaves LEX=: if lex or flex can't be found. Change that to a
+# "missing" invocation, for better error output.
+AC_DEFUN([AM_PROG_LEX],
+[AC_PREREQ(2.50)dnl
+AC_REQUIRE([AM_MISSING_HAS_RUN])dnl
+AC_REQUIRE([AC_PROG_LEX])dnl
+if test "$LEX" = :; then
+ LEX=${am_missing_run}flex
+fi])
+
+# Check to see how 'make' treats includes. -*- Autoconf -*-
+
+# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 3
+
+# AM_MAKE_INCLUDE()
+# -----------------
+# Check to see how make treats includes.
+AC_DEFUN([AM_MAKE_INCLUDE],
+[am_make=${MAKE-make}
+cat > confinc << 'END'
+am__doit:
+ @echo done
+.PHONY: am__doit
+END
+# If we don't find an include directive, just comment out the code.
+AC_MSG_CHECKING([for style of include used by $am_make])
+am__include="#"
+am__quote=
+_am_result=none
+# First try GNU make style include.
+echo "include confinc" > confmf
+# We grep out `Entering directory' and `Leaving directory'
+# messages which can occur if `w' ends up in MAKEFLAGS.
+# In particular we don't look at `^make:' because GNU make might
+# be invoked under some other name (usually "gmake"), in which
+# case it prints its new name instead of `make'.
+if test "`$am_make -s -f confmf 2> /dev/null | grep -v 'ing directory'`" = "done"; then
+ am__include=include
+ am__quote=
+ _am_result=GNU
+fi
+# Now try BSD make style include.
+if test "$am__include" = "#"; then
+ echo '.include "confinc"' > confmf
+ if test "`$am_make -s -f confmf 2> /dev/null`" = "done"; then
+ am__include=.include
+ am__quote="\""
+ _am_result=BSD
+ fi
+fi
+AC_SUBST([am__include])
+AC_SUBST([am__quote])
+AC_MSG_RESULT([$_am_result])
+rm -f confinc confmf
+])
+
+# Copyright (C) 1999, 2000, 2001, 2003, 2004, 2005
+# Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 5
+
+# AM_PROG_CC_C_O
+# --------------
+# Like AC_PROG_CC_C_O, but changed for automake.
+AC_DEFUN([AM_PROG_CC_C_O],
+[AC_REQUIRE([AC_PROG_CC_C_O])dnl
+AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
+AC_REQUIRE_AUX_FILE([compile])dnl
+# FIXME: we rely on the cache variable name because
+# there is no other way.
+set dummy $CC
+ac_cc=`echo $[2] | sed ['s/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/']`
+if eval "test \"`echo '$ac_cv_prog_cc_'${ac_cc}_c_o`\" != yes"; then
+ # Losing compiler, so override with the script.
+ # FIXME: It is wrong to rewrite CC.
+ # But if we don't then we get into trouble of one sort or another.
+ # A longer-term fix would be to have automake use am__CC in this case,
+ # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)"
+ CC="$am_aux_dir/compile $CC"
+fi
+dnl Make sure AC_PROG_CC is never called again, or it will override our
+dnl setting of CC.
+m4_define([AC_PROG_CC],
+ [m4_fatal([AC_PROG_CC cannot be called after AM_PROG_CC_C_O])])
+])
+
+# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*-
+
+# Copyright (C) 1997, 1999, 2000, 2001, 2003, 2004, 2005
+# Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 5
+
+# AM_MISSING_PROG(NAME, PROGRAM)
+# ------------------------------
+AC_DEFUN([AM_MISSING_PROG],
+[AC_REQUIRE([AM_MISSING_HAS_RUN])
+$1=${$1-"${am_missing_run}$2"}
+AC_SUBST($1)])
+
+
+# AM_MISSING_HAS_RUN
+# ------------------
+# Define MISSING if not defined so far and test if it supports --run.
+# If it does, set am_missing_run to use it, otherwise, to nothing.
+AC_DEFUN([AM_MISSING_HAS_RUN],
+[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
+AC_REQUIRE_AUX_FILE([missing])dnl
+test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing"
+# Use eval to expand $SHELL
+if eval "$MISSING --run true"; then
+ am_missing_run="$MISSING --run "
+else
+ am_missing_run=
+ AC_MSG_WARN([`missing' script is too old or missing])
+fi
+])
+
+# Copyright (C) 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_PROG_MKDIR_P
+# ---------------
+# Check for `mkdir -p'.
+AC_DEFUN([AM_PROG_MKDIR_P],
+[AC_PREREQ([2.60])dnl
+AC_REQUIRE([AC_PROG_MKDIR_P])dnl
+dnl Automake 1.8 to 1.9.6 used to define mkdir_p. We now use MKDIR_P,
+dnl while keeping a definition of mkdir_p for backward compatibility.
+dnl @MKDIR_P@ is magic: AC_OUTPUT adjusts its value for each Makefile.
+dnl However we cannot define mkdir_p as $(MKDIR_P) for the sake of
+dnl Makefile.ins that do not define MKDIR_P, so we do our own
+dnl adjustment using top_builddir (which is defined more often than
+dnl MKDIR_P).
+AC_SUBST([mkdir_p], ["$MKDIR_P"])dnl
+case $mkdir_p in
+ [[\\/$]]* | ?:[[\\/]]*) ;;
+ */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;;
+esac
+])
+
+# Helper functions for option handling. -*- Autoconf -*-
+
+# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 3
+
+# _AM_MANGLE_OPTION(NAME)
+# -----------------------
+AC_DEFUN([_AM_MANGLE_OPTION],
+[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])])
+
+# _AM_SET_OPTION(NAME)
+# ------------------------------
+# Set option NAME. Presently that only means defining a flag for this option.
+AC_DEFUN([_AM_SET_OPTION],
+[m4_define(_AM_MANGLE_OPTION([$1]), 1)])
+
+# _AM_SET_OPTIONS(OPTIONS)
+# ----------------------------------
+# OPTIONS is a space-separated list of Automake options.
+AC_DEFUN([_AM_SET_OPTIONS],
+[AC_FOREACH([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])])
+
+# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET])
+# -------------------------------------------
+# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise.
+AC_DEFUN([_AM_IF_OPTION],
+[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
+
+# Check to make sure that the build environment is sane. -*- Autoconf -*-
+
+# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005
+# Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 4
+
+# AM_SANITY_CHECK
+# ---------------
+AC_DEFUN([AM_SANITY_CHECK],
+[AC_MSG_CHECKING([whether build environment is sane])
+# Just in case
+sleep 1
+echo timestamp > conftest.file
+# Do `set' in a subshell so we don't clobber the current shell's
+# arguments. Must try -L first in case configure is actually a
+# symlink; some systems play weird games with the mod time of symlinks
+# (eg FreeBSD returns the mod time of the symlink's containing
+# directory).
+if (
+ set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null`
+ if test "$[*]" = "X"; then
+ # -L didn't work.
+ set X `ls -t $srcdir/configure conftest.file`
+ fi
+ rm -f conftest.file
+ if test "$[*]" != "X $srcdir/configure conftest.file" \
+ && test "$[*]" != "X conftest.file $srcdir/configure"; then
+
+ # If neither matched, then we have a broken ls. This can happen
+ # if, for instance, CONFIG_SHELL is bash and it inherits a
+ # broken ls alias from the environment. This has actually
+ # happened. Such a system could not be considered "sane".
+ AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken
+alias in your environment])
+ fi
+
+ test "$[2]" = conftest.file
+ )
+then
+ # Ok.
+ :
+else
+ AC_MSG_ERROR([newly created file is older than distributed files!
+Check your system clock])
+fi
+AC_MSG_RESULT(yes)])
+
+# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_PROG_INSTALL_STRIP
+# ---------------------
+# One issue with vendor `install' (even GNU) is that you can't
+# specify the program used to strip binaries. This is especially
+# annoying in cross-compiling environments, where the build's strip
+# is unlikely to handle the host's binaries.
+# Fortunately install-sh will honor a STRIPPROG variable, so we
+# always use install-sh in `make install-strip', and initialize
+# STRIPPROG with the value of the STRIP variable (set by the user).
+AC_DEFUN([AM_PROG_INSTALL_STRIP],
+[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl
+# Installed binaries are usually stripped using `strip' when the user
+# run `make install-strip'. However `strip' might not be the right
+# tool to use in cross-compilation environments, therefore Automake
+# will honor the `STRIP' environment variable to overrule this program.
+dnl Don't test for $cross_compiling = yes, because it might be `maybe'.
+if test "$cross_compiling" != no; then
+ AC_CHECK_TOOL([STRIP], [strip], :)
+fi
+INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
+AC_SUBST([INSTALL_STRIP_PROGRAM])])
+
+# Copyright (C) 2006 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# _AM_SUBST_NOTMAKE(VARIABLE)
+# ---------------------------
+# Prevent Automake from outputing VARIABLE = @VARIABLE@ in Makefile.in.
+# This macro is traced by Automake.
+AC_DEFUN([_AM_SUBST_NOTMAKE])
+
+# Check how to create a tarball. -*- Autoconf -*-
+
+# Copyright (C) 2004, 2005 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 2
+
+# _AM_PROG_TAR(FORMAT)
+# --------------------
+# Check how to create a tarball in format FORMAT.
+# FORMAT should be one of `v7', `ustar', or `pax'.
+#
+# Substitute a variable $(am__tar) that is a command
+# writing to stdout a FORMAT-tarball containing the directory
+# $tardir.
+# tardir=directory && $(am__tar) > result.tar
+#
+# Substitute a variable $(am__untar) that extract such
+# a tarball read from stdin.
+# $(am__untar) < result.tar
+AC_DEFUN([_AM_PROG_TAR],
+[# Always define AMTAR for backward compatibility.
+AM_MISSING_PROG([AMTAR], [tar])
+m4_if([$1], [v7],
+ [am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'],
+ [m4_case([$1], [ustar],, [pax],,
+ [m4_fatal([Unknown tar format])])
+AC_MSG_CHECKING([how to create a $1 tar archive])
+# Loop over all known methods to create a tar archive until one works.
+_am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none'
+_am_tools=${am_cv_prog_tar_$1-$_am_tools}
+# Do not fold the above two line into one, because Tru64 sh and
+# Solaris sh will not grok spaces in the rhs of `-'.
+for _am_tool in $_am_tools
+do
+ case $_am_tool in
+ gnutar)
+ for _am_tar in tar gnutar gtar;
+ do
+ AM_RUN_LOG([$_am_tar --version]) && break
+ done
+ am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"'
+ am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"'
+ am__untar="$_am_tar -xf -"
+ ;;
+ plaintar)
+ # Must skip GNU tar: if it does not support --format= it doesn't create
+ # ustar tarball either.
+ (tar --version) >/dev/null 2>&1 && continue
+ am__tar='tar chf - "$$tardir"'
+ am__tar_='tar chf - "$tardir"'
+ am__untar='tar xf -'
+ ;;
+ pax)
+ am__tar='pax -L -x $1 -w "$$tardir"'
+ am__tar_='pax -L -x $1 -w "$tardir"'
+ am__untar='pax -r'
+ ;;
+ cpio)
+ am__tar='find "$$tardir" -print | cpio -o -H $1 -L'
+ am__tar_='find "$tardir" -print | cpio -o -H $1 -L'
+ am__untar='cpio -i -H $1 -d'
+ ;;
+ none)
+ am__tar=false
+ am__tar_=false
+ am__untar=false
+ ;;
+ esac
+
+ # If the value was cached, stop now. We just wanted to have am__tar
+ # and am__untar set.
+ test -n "${am_cv_prog_tar_$1}" && break
+
+ # tar/untar a dummy directory, and stop if the command works
+ rm -rf conftest.dir
+ mkdir conftest.dir
+ echo GrepMe > conftest.dir/file
+ AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar])
+ rm -rf conftest.dir
+ if test -s conftest.tar; then
+ AM_RUN_LOG([$am__untar <conftest.tar])
+ grep GrepMe conftest.dir/file >/dev/null 2>&1 && break
+ fi
+done
+rm -rf conftest.dir
+
+AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool])
+AC_MSG_RESULT([$am_cv_prog_tar_$1])])
+AC_SUBST([am__tar])
+AC_SUBST([am__untar])
+]) # _AM_PROG_TAR
+
+m4_include([m4/gettext.m4])
+m4_include([m4/iconv.m4])
+m4_include([m4/jh_path_xml_catalog.m4])
+m4_include([m4/ld-O1.m4])
+m4_include([m4/ld-as-needed.m4])
+m4_include([m4/lib-ld.m4])
+m4_include([m4/lib-link.m4])
+m4_include([m4/lib-prefix.m4])
+m4_include([m4/libprelude.m4])
+m4_include([m4/nls.m4])
+m4_include([m4/po.m4])
+m4_include([m4/progtest.m4])
+m4_include([acinclude.m4])
diff --git a/Linux-PAM/bin/README b/Linux-PAM/bin/README
deleted file mode 100644
index 2d2fba52..00000000
--- a/Linux-PAM/bin/README
+++ /dev/null
@@ -1,30 +0,0 @@
-##
-# $Id: README,v 1.2 2000/12/04 19:02:33 baggins Exp $
-##
-
-(now we are getting networked apps, be careful to try and test on a
-securely isolated system!)
-
-N=2 <-- blank xsh
-
-Following a 'make install' (which should be done as root) in the
-parent directory this directory will contain $N binaries. The source
-for these programs is in ../examples. They are various short programs
-to use and otherwise test-drive the Linux-PAM libraries/modules with.
-
-These programs grant no privileges, but they give an idea of how well
-the modules are working.
-
-blank is new as of Linux-PAM-0.21. If you are writing/modifying an
-application it might be a place to start...
-
-xsh is new as of Linux-PAM-0.31, it is identical to blank, but invokes
-/bin/sh if the user is authenticated.
-
-[other apps are to be found in SimplePAMApps and many more on Red
-Hat's server.. http://www.redhat.com/]
-
-Best wishes
-
-Andrew
-(morgan@parc.power.net)
diff --git a/Linux-PAM/compile b/Linux-PAM/compile
new file mode 100755
index 00000000..1b1d2321
--- /dev/null
+++ b/Linux-PAM/compile
@@ -0,0 +1,142 @@
+#! /bin/sh
+# Wrapper for compilers which do not understand `-c -o'.
+
+scriptversion=2005-05-14.22
+
+# Copyright (C) 1999, 2000, 2003, 2004, 2005 Free Software Foundation, Inc.
+# Written by Tom Tromey <tromey@cygnus.com>.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# This file is maintained in Automake, please report
+# bugs to <bug-automake@gnu.org> or send patches to
+# <automake-patches@gnu.org>.
+
+case $1 in
+ '')
+ echo "$0: No command. Try \`$0 --help' for more information." 1>&2
+ exit 1;
+ ;;
+ -h | --h*)
+ cat <<\EOF
+Usage: compile [--help] [--version] PROGRAM [ARGS]
+
+Wrapper for compilers which do not understand `-c -o'.
+Remove `-o dest.o' from ARGS, run PROGRAM with the remaining
+arguments, and rename the output as expected.
+
+If you are trying to build a whole package this is not the
+right script to run: please start by reading the file `INSTALL'.
+
+Report bugs to <bug-automake@gnu.org>.
+EOF
+ exit $?
+ ;;
+ -v | --v*)
+ echo "compile $scriptversion"
+ exit $?
+ ;;
+esac
+
+ofile=
+cfile=
+eat=
+
+for arg
+do
+ if test -n "$eat"; then
+ eat=
+ else
+ case $1 in
+ -o)
+ # configure might choose to run compile as `compile cc -o foo foo.c'.
+ # So we strip `-o arg' only if arg is an object.
+ eat=1
+ case $2 in
+ *.o | *.obj)
+ ofile=$2
+ ;;
+ *)
+ set x "$@" -o "$2"
+ shift
+ ;;
+ esac
+ ;;
+ *.c)
+ cfile=$1
+ set x "$@" "$1"
+ shift
+ ;;
+ *)
+ set x "$@" "$1"
+ shift
+ ;;
+ esac
+ fi
+ shift
+done
+
+if test -z "$ofile" || test -z "$cfile"; then
+ # If no `-o' option was seen then we might have been invoked from a
+ # pattern rule where we don't need one. That is ok -- this is a
+ # normal compilation that the losing compiler can handle. If no
+ # `.c' file was seen then we are probably linking. That is also
+ # ok.
+ exec "$@"
+fi
+
+# Name of file we expect compiler to create.
+cofile=`echo "$cfile" | sed -e 's|^.*/||' -e 's/\.c$/.o/'`
+
+# Create the lock directory.
+# Note: use `[/.-]' here to ensure that we don't use the same name
+# that we are using for the .o file. Also, base the name on the expected
+# object file name, since that is what matters with a parallel build.
+lockdir=`echo "$cofile" | sed -e 's|[/.-]|_|g'`.d
+while true; do
+ if mkdir "$lockdir" >/dev/null 2>&1; then
+ break
+ fi
+ sleep 1
+done
+# FIXME: race condition here if user kills between mkdir and trap.
+trap "rmdir '$lockdir'; exit 1" 1 2 15
+
+# Run the compile.
+"$@"
+ret=$?
+
+if test -f "$cofile"; then
+ mv "$cofile" "$ofile"
+elif test -f "${cofile}bj"; then
+ mv "${cofile}bj" "$ofile"
+fi
+
+rmdir "$lockdir"
+exit $ret
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-end: "$"
+# End:
diff --git a/Linux-PAM/conf/Makefile b/Linux-PAM/conf/Makefile
deleted file mode 100644
index 67523c59..00000000
--- a/Linux-PAM/conf/Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# $Id: Makefile,v 1.1.1.1 2000/06/20 22:10:44 agmorgan Exp $
-#
-#
-
-dummy:
- @echo "*** This is not a top level Makefile!"
-
-##########################################################
-
-all:
- $(MAKE) -C pam_conv1 all
-
-install: $(FAKEROOT)$(CONFIGED)/pam.conf
- $(MAKE) -C pam_conv1 install
-
-$(FAKEROOT)$(CONFIGED)/pam.conf: ./pam.conf
- bash -f ./install_conf
-
-remove:
- rm -f $(FAKEROOT)$(CONFIGED)/pam.conf
- $(MAKE) -C pam_conv1 remove
-
-check:
- bash -f ./md5itall
-
-lclean:
- rm -f core *~ .ignore_age
-
-clean: lclean
- $(MAKE) -C pam_conv1 clean
-
-extraclean: lclean
- $(MAKE) -C pam_conv1 extraclean
diff --git a/Linux-PAM/conf/Makefile.am b/Linux-PAM/conf/Makefile.am
new file mode 100644
index 00000000..f8b693bf
--- /dev/null
+++ b/Linux-PAM/conf/Makefile.am
@@ -0,0 +1,6 @@
+
+SUBDIRS = pam_conv1
+
+CLEANFILES = *~
+
+EXTRA_DIST = install_conf md5itall pam.conf
diff --git a/Linux-PAM/conf/Makefile.in b/Linux-PAM/conf/Makefile.in
new file mode 100644
index 00000000..93ea88d9
--- /dev/null
+++ b/Linux-PAM/conf/Makefile.in
@@ -0,0 +1,541 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = conf
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+SOURCES =
+DIST_SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
+ html-recursive info-recursive install-data-recursive \
+ install-dvi-recursive install-exec-recursive \
+ install-html-recursive install-info-recursive \
+ install-pdf-recursive install-ps-recursive install-recursive \
+ installcheck-recursive installdirs-recursive pdf-recursive \
+ ps-recursive uninstall-recursive
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+ETAGS = etags
+CTAGS = ctags
+DIST_SUBDIRS = $(SUBDIRS)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+SUBDIRS = pam_conv1
+CLEANFILES = *~
+EXTRA_DIST = install_conf md5itall pam.conf
+all: all-recursive
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu conf/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu conf/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run `make' without going through this Makefile.
+# To change the values of `make' variables: instead of editing Makefiles,
+# (1) if the variable is set in `config.status', edit `config.status'
+# (which will cause the Makefiles to be regenerated when you run `make');
+# (2) otherwise, pass the desired values on the `make' command line.
+$(RECURSIVE_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+$(RECURSIVE_CLEAN_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ rev=''; for subdir in $$list; do \
+ if test "$$subdir" = "."; then :; else \
+ rev="$$subdir $$rev"; \
+ fi; \
+ done; \
+ rev="$$rev ."; \
+ target=`echo $@ | sed s/-recursive//`; \
+ for subdir in $$rev; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done && test -z "$$fail"
+tags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
+ done
+ctags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+ list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ distdir=`$(am__cd) $(distdir) && pwd`; \
+ top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
+ (cd $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$top_distdir" \
+ distdir="$$distdir/$$subdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-recursive
+all-am: Makefile
+installdirs: installdirs-recursive
+installdirs-am:
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+info: info-recursive
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-recursive
+
+install-exec-am:
+
+install-html: install-html-recursive
+
+install-info: install-info-recursive
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-ps: install-ps-recursive
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \
+ install-strip
+
+.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
+ all all-am check check-am clean clean-generic clean-libtool \
+ ctags ctags-recursive distclean distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-ps install-ps-am install-strip installcheck \
+ installcheck-am installdirs installdirs-am maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \
+ uninstall uninstall-am
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/conf/install b/Linux-PAM/conf/install
deleted file mode 100755
index 2eae3671..00000000
--- a/Linux-PAM/conf/install
+++ /dev/null
@@ -1,178 +0,0 @@
-#!/bin/sh
-#
-# [This file was lifted from an X distribution. There was no explicit
-# copyright in the file, but the following text was associated with it.
-# should anyone from the X Consortium wish to alter the following
-# text. Please email <morgan@parc.power.net> Thanks. ]
-#
-# --------------------------
-# The X Consortium maintains and distributes the X Window System and
-# related software and documentation in coordinated releases. A release
-# consists of two distinct parts:
-#
-# 1) Specifications and Sample implementations of X Consortium
-# standards, and
-#
-# 2) software and documentation contributed by the general X Consortium
-# community.
-#
-# The timing and contents of a release are determined by the Consortium
-# staff based on the needs and desires of the Members and the advice of
-# the Advisory Board, tempered by the resource constraints of the
-# Consortium.
-#
-# Members have access to all X Consortium produced software and
-# documentation prior to release to the public. Each Member can receive
-# pre-releases and public releases at no charge. In addition, Members
-# have access to software and documentation while it is under
-# development, and can periodically request snapshots of the development
-# system at no charge.
-#
-# The X Consortium also maintains an electronic mail system for
-# reporting problems with X Consortium produced software and
-# documentation. Members have access to all bug reports, as well as all
-# software patches as they are incrementally developed by the Consortium
-# staff between releases.
-#
-# In general, all materials included in X Consortium releases are
-# copyrighted and contain permission notices granting unrestricted use,
-# sales and redistribution rights provided that the copyrights and the
-# permission notices are left intact. All materials are provided "as
-# is," without express or implied warranty.
-# --------------------------
-#
-# This accepts bsd-style install arguments and makes the appropriate calls
-# to the System V install.
-#
-
-flags=""
-dst=""
-src=""
-dostrip=""
-owner=""
-mode=""
-
-while [ x$1 != x ]; do
- case $1 in
- -c) shift
- continue;;
-
- -m) flags="$flags $1 $2 "
- mode="$2"
- shift
- shift
- continue;;
-
- -o) flags="$flags -u $2 "
- owner="$2"
- shift
- shift
- continue;;
-
- -g) flags="$flags $1 $2 "
- shift
- shift
- continue;;
-
- -s) dostrip="strip"
- shift
- continue;;
-
- *) if [ x$src = x ]
- then
- src=$1
- else
- dst=$1
- fi
- shift
- continue;;
- esac
-done
-
-case "$mode" in
-"")
- ;;
-*)
- case "$owner" in
- "")
- flags="$flags -u root"
- ;;
- esac
- ;;
-esac
-
-if [ x$src = x ]
-then
- echo "$0: no input file specified"
- exit 1
-fi
-
-if [ x$dst = x ]
-then
- echo "$0: no destination specified"
- exit 1
-fi
-
-
-# set up some variable to be used later
-
-rmcmd=""
-srcdir="."
-
-# if the destination isn't a directory we'll need to copy it first
-
-if [ ! -d $dst ]
-then
- dstbase=`basename $dst`
- cp $src /tmp/$dstbase
- rmcmd="rm -f /tmp/$dstbase"
- src=$dstbase
- srcdir=/tmp
- dst="`echo $dst | sed 's,^\(.*\)/.*$,\1,'`"
- if [ x$dst = x ]
- then
- dst="."
- fi
-fi
-
-
-# If the src file has a directory, copy it to /tmp to make install happy
-
-srcbase=`basename $src`
-
-if [ "$src" != "$srcbase" -a "$src" != "./$srcbase" ]
-then
- cp $src /tmp/$srcbase
- src=$srcbase
- srcdir=/tmp
- rmcmd="rm -f /tmp/$srcbase"
-fi
-
-# do the actual install
-
-if [ -f /usr/sbin/install ]
-then
- installcmd=/usr/sbin/install
-elif [ -f /etc/install ]
-then
- installcmd=/etc/install
-else
- installcmd=install
-fi
-
-# This rm is commented out because some people want to be able to
-# install through symbolic links. Uncomment it if it offends you.
-rm -f $dst/$srcbase
-(cd $srcdir ; $installcmd -f $dst $flags $src)
-
-if [ x$dostrip = xstrip ]
-then
- strip $dst/$srcbase
-fi
-
-# and clean up
-
-$rmcmd
-
-exit
-
diff --git a/Linux-PAM/conf/mkdirp b/Linux-PAM/conf/mkdirp
deleted file mode 100755
index b0e04b05..00000000
--- a/Linux-PAM/conf/mkdirp
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-#
-# this is a wrapper for difficult mkdir programs...
-#
-
-for d in $*
-do
- if [ ! -d $d ]; then
- mkdir -p $d
- if [ $? -ne 0 ]; then exit $? ; fi
- fi
-done
-
-exit 0
-
-##########################################################################
-# if your mkdir does not support the -p option delete the above lines and
-# use what follows:
---------------------
-#!/bin/sh
-
-#VERBOSE=yes
-Cwd=`pwd`
-
-for d in $*
-do
- if [ "`echo $d|cut -c1`" != "/" ]; then
- x=`pwd`/$d
- else
- x=$d
- fi
- x="`echo $x|sed -e 'yX/X X'`"
- cd /
- for s in $x
- do
- if [ -d $s ]; then
- if [ -n "$VERBOSE" ]; then echo -n "[$s/]"; fi
- cd $s
- else
- mkdir $s
- if [ $? -ne 0 ]; then exit $? ; fi
- if [ -n "$VERBOSE" ]; then echo -n "$s/"; fi
- cd $s
- fi
- done
- if [ -n "$VERBOSE" ]; then echo ; fi
- cd $Cwd
-done
-
-exit 0
diff --git a/Linux-PAM/conf/pam_conv1/Makefile b/Linux-PAM/conf/pam_conv1/Makefile
deleted file mode 100644
index daf2e6cf..00000000
--- a/Linux-PAM/conf/pam_conv1/Makefile
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# $Id: Makefile,v 1.3 2004/09/23 15:52:56 kukuk Exp $
-#
-
-include ../../Make.Rules
-
-#
-ifeq ($(OS),solaris)
-
-clean:
- @echo not available in Solaris
-
-all:
- @echo not available in Solaris
-
-install:
- @echo not available in Solaris
-
-else
-
-all: pam_conv1
-
-pam_conv1: pam_conv.tab.c lex.yy.c
- $(CC) -o pam_conv1 $(CFLAGS) pam_conv.tab.c $(LINK_LIBLEX)
-
-pam_conv.tab.c: pam_conv.y lex.yy.c
- bison pam_conv.y
-
-lex.yy.c: pam_conv.lex
- flex pam_conv.lex
-
-lclean:
- rm -f core pam_conv1 lex.yy.c pam_conv.tab.c *.o *~
- rm -rf ./pam.d pam_conv.output
-
-clean: lclean
-
-install: pam_conv1
- cp -f ./pam_conv1 ../../bin
-
-endif
-
-remove:
- rm -f ../../bin/pam_conv1
-
-extraclean: remove clean
diff --git a/Linux-PAM/conf/pam_conv1/Makefile.am b/Linux-PAM/conf/pam_conv1/Makefile.am
new file mode 100644
index 00000000..b9e6153f
--- /dev/null
+++ b/Linux-PAM/conf/pam_conv1/Makefile.am
@@ -0,0 +1,17 @@
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README
+
+AM_YFLAGS = -d
+
+BUILT_SOURCES = pam_conv_y.h
+
+noinst_PROGRAMS = pam_conv1
+
+pam_conv1_SOURCES = pam_conv_l.l pam_conv_y.y
+
+pam_conv1_LDADD = @LEXLIB@
diff --git a/Linux-PAM/conf/pam_conv1/Makefile.in b/Linux-PAM/conf/pam_conv1/Makefile.in
new file mode 100644
index 00000000..4ee8d046
--- /dev/null
+++ b/Linux-PAM/conf/pam_conv1/Makefile.in
@@ -0,0 +1,525 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+noinst_PROGRAMS = pam_conv1$(EXEEXT)
+subdir = conf/pam_conv1
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
+ pam_conv_l.c pam_conv_y.c pam_conv_y.h
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+PROGRAMS = $(noinst_PROGRAMS)
+am_pam_conv1_OBJECTS = pam_conv_l.$(OBJEXT) pam_conv_y.$(OBJEXT)
+pam_conv1_OBJECTS = $(am_pam_conv1_OBJECTS)
+pam_conv1_DEPENDENCIES =
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+LEXCOMPILE = $(LEX) $(LFLAGS) $(AM_LFLAGS)
+LTLEXCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(LEX) $(LFLAGS) $(AM_LFLAGS)
+YLWRAP = $(top_srcdir)/ylwrap
+YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS)
+LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS)
+SOURCES = $(pam_conv1_SOURCES)
+DIST_SOURCES = $(pam_conv1_SOURCES)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README
+AM_YFLAGS = -d
+BUILT_SOURCES = pam_conv_y.h
+pam_conv1_SOURCES = pam_conv_l.l pam_conv_y.y
+pam_conv1_LDADD = @LEXLIB@
+all: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .l .lo .o .obj .y
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu conf/pam_conv1/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu conf/pam_conv1/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+clean-noinstPROGRAMS:
+ @list='$(noinst_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+pam_conv_y.h: pam_conv_y.c
+ @if test ! -f $@; then \
+ rm -f pam_conv_y.c; \
+ $(MAKE) $(AM_MAKEFLAGS) pam_conv_y.c; \
+ else :; fi
+pam_conv1$(EXEEXT): $(pam_conv1_OBJECTS) $(pam_conv1_DEPENDENCIES)
+ @rm -f pam_conv1$(EXEEXT)
+ $(LINK) $(pam_conv1_OBJECTS) $(pam_conv1_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_conv_l.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_conv_y.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+.l.c:
+ $(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE)
+
+.y.c:
+ $(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h $*.h y.output $*.output -- $(YACCCOMPILE)
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) check-am
+all-am: Makefile $(PROGRAMS)
+installdirs:
+install: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+ -rm -f pam_conv_l.c
+ -rm -f pam_conv_y.c
+ -rm -f pam_conv_y.h
+ -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libtool clean-noinstPROGRAMS ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/conf/pam_conv1/README b/Linux-PAM/conf/pam_conv1/README
index 7a09df38..9d27e223 100644
--- a/Linux-PAM/conf/pam_conv1/README
+++ b/Linux-PAM/conf/pam_conv1/README
@@ -1,4 +1,3 @@
-$Id: README,v 1.1.1.1 2000/06/20 22:10:45 agmorgan Exp $
This directory contains a untility to convert pam.conf files to a pam.d/
tree. The conversion program takes pam.conf from the standard input and
diff --git a/Linux-PAM/conf/pam_conv1/pam_conv_l.c b/Linux-PAM/conf/pam_conv1/pam_conv_l.c
new file mode 100644
index 00000000..11f21b52
--- /dev/null
+++ b/Linux-PAM/conf/pam_conv1/pam_conv_l.c
@@ -0,0 +1,1691 @@
+
+#line 3 "pam_conv_l.c"
+
+#define YY_INT_ALIGNED short int
+
+/* A lexical scanner generated by flex */
+
+#define FLEX_SCANNER
+#define YY_FLEX_MAJOR_VERSION 2
+#define YY_FLEX_MINOR_VERSION 5
+#define YY_FLEX_SUBMINOR_VERSION 31
+#if YY_FLEX_SUBMINOR_VERSION > 0
+#define FLEX_BETA
+#endif
+
+/* First, we deal with platform-specific or compiler-specific issues. */
+
+/* begin standard C headers. */
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <stdlib.h>
+
+/* end standard C headers. */
+
+/* flex integer type definitions */
+
+#ifndef FLEXINT_H
+#define FLEXINT_H
+
+/* C99 systems have <inttypes.h>. Non-C99 systems may or may not. */
+
+#if defined __STDC_VERSION__ && __STDC_VERSION__ >= 199901L
+#include <inttypes.h>
+typedef int8_t flex_int8_t;
+typedef uint8_t flex_uint8_t;
+typedef int16_t flex_int16_t;
+typedef uint16_t flex_uint16_t;
+typedef int32_t flex_int32_t;
+typedef uint32_t flex_uint32_t;
+#else
+typedef signed char flex_int8_t;
+typedef short int flex_int16_t;
+typedef int flex_int32_t;
+typedef unsigned char flex_uint8_t;
+typedef unsigned short int flex_uint16_t;
+typedef unsigned int flex_uint32_t;
+#endif /* ! C99 */
+
+/* Limits of integral types. */
+#ifndef INT8_MIN
+#define INT8_MIN (-128)
+#endif
+#ifndef INT16_MIN
+#define INT16_MIN (-32767-1)
+#endif
+#ifndef INT32_MIN
+#define INT32_MIN (-2147483647-1)
+#endif
+#ifndef INT8_MAX
+#define INT8_MAX (127)
+#endif
+#ifndef INT16_MAX
+#define INT16_MAX (32767)
+#endif
+#ifndef INT32_MAX
+#define INT32_MAX (2147483647)
+#endif
+#ifndef UINT8_MAX
+#define UINT8_MAX (255U)
+#endif
+#ifndef UINT16_MAX
+#define UINT16_MAX (65535U)
+#endif
+#ifndef UINT32_MAX
+#define UINT32_MAX (4294967295U)
+#endif
+
+#endif /* ! FLEXINT_H */
+
+#ifdef __cplusplus
+
+/* The "const" storage-class-modifier is valid. */
+#define YY_USE_CONST
+
+#else /* ! __cplusplus */
+
+#if __STDC__
+
+#define YY_USE_CONST
+
+#endif /* __STDC__ */
+#endif /* ! __cplusplus */
+
+#ifdef YY_USE_CONST
+#define yyconst const
+#else
+#define yyconst
+#endif
+
+/* Returned upon end-of-file. */
+#define YY_NULL 0
+
+/* Promotes a possibly negative, possibly signed char to an unsigned
+ * integer for use as an array index. If the signed char is negative,
+ * we want to instead treat it as an 8-bit unsigned char, hence the
+ * double cast.
+ */
+#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
+
+/* Enter a start condition. This macro really ought to take a parameter,
+ * but we do it the disgusting crufty way forced on us by the ()-less
+ * definition of BEGIN.
+ */
+#define BEGIN (yy_start) = 1 + 2 *
+
+/* Translate the current start state into a value that can be later handed
+ * to BEGIN to return to the state. The YYSTATE alias is for lex
+ * compatibility.
+ */
+#define YY_START (((yy_start) - 1) / 2)
+#define YYSTATE YY_START
+
+/* Action number for EOF rule of a given start state. */
+#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
+
+/* Special action meaning "start processing a new file". */
+#define YY_NEW_FILE yyrestart(yyin )
+
+#define YY_END_OF_BUFFER_CHAR 0
+
+/* Size of default input buffer. */
+#ifndef YY_BUF_SIZE
+#define YY_BUF_SIZE 16384
+#endif
+
+/* The state buf must be large enough to hold one state per character in the main buffer.
+ */
+#define YY_STATE_BUF_SIZE ((YY_BUF_SIZE + 2) * sizeof(yy_state_type))
+
+#ifndef YY_TYPEDEF_YY_BUFFER_STATE
+#define YY_TYPEDEF_YY_BUFFER_STATE
+typedef struct yy_buffer_state *YY_BUFFER_STATE;
+#endif
+
+extern int yyleng;
+
+extern FILE *yyin, *yyout;
+
+#define EOB_ACT_CONTINUE_SCAN 0
+#define EOB_ACT_END_OF_FILE 1
+#define EOB_ACT_LAST_MATCH 2
+
+ #define YY_LESS_LINENO(n)
+
+/* Return all but the first "n" matched characters back to the input stream. */
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ int yyless_macro_arg = (n); \
+ YY_LESS_LINENO(yyless_macro_arg);\
+ *yy_cp = (yy_hold_char); \
+ YY_RESTORE_YY_MORE_OFFSET \
+ (yy_c_buf_p) = yy_cp = yy_bp + yyless_macro_arg - YY_MORE_ADJ; \
+ YY_DO_BEFORE_ACTION; /* set up yytext again */ \
+ } \
+ while ( 0 )
+
+#define unput(c) yyunput( c, (yytext_ptr) )
+
+/* The following is because we cannot portably get our hands on size_t
+ * (without autoconf's help, which isn't available because we want
+ * flex-generated scanners to compile on their own).
+ */
+
+#ifndef YY_TYPEDEF_YY_SIZE_T
+#define YY_TYPEDEF_YY_SIZE_T
+typedef unsigned int yy_size_t;
+#endif
+
+#ifndef YY_STRUCT_YY_BUFFER_STATE
+#define YY_STRUCT_YY_BUFFER_STATE
+struct yy_buffer_state
+ {
+ FILE *yy_input_file;
+
+ char *yy_ch_buf; /* input buffer */
+ char *yy_buf_pos; /* current position in input buffer */
+
+ /* Size of input buffer in bytes, not including room for EOB
+ * characters.
+ */
+ yy_size_t yy_buf_size;
+
+ /* Number of characters read into yy_ch_buf, not including EOB
+ * characters.
+ */
+ int yy_n_chars;
+
+ /* Whether we "own" the buffer - i.e., we know we created it,
+ * and can realloc() it to grow it, and should free() it to
+ * delete it.
+ */
+ int yy_is_our_buffer;
+
+ /* Whether this is an "interactive" input source; if so, and
+ * if we're using stdio for input, then we want to use getc()
+ * instead of fread(), to make sure we stop fetching input after
+ * each newline.
+ */
+ int yy_is_interactive;
+
+ /* Whether we're considered to be at the beginning of a line.
+ * If so, '^' rules will be active on the next match, otherwise
+ * not.
+ */
+ int yy_at_bol;
+
+ int yy_bs_lineno; /**< The line count. */
+ int yy_bs_column; /**< The column count. */
+
+ /* Whether to try to fill the input buffer when we reach the
+ * end of it.
+ */
+ int yy_fill_buffer;
+
+ int yy_buffer_status;
+
+#define YY_BUFFER_NEW 0
+#define YY_BUFFER_NORMAL 1
+ /* When an EOF's been seen but there's still some text to process
+ * then we mark the buffer as YY_EOF_PENDING, to indicate that we
+ * shouldn't try reading from the input source any more. We might
+ * still have a bunch of tokens to match, though, because of
+ * possible backing-up.
+ *
+ * When we actually see the EOF, we change the status to "new"
+ * (via yyrestart()), so that the user can continue scanning by
+ * just pointing yyin at a new input file.
+ */
+#define YY_BUFFER_EOF_PENDING 2
+
+ };
+#endif /* !YY_STRUCT_YY_BUFFER_STATE */
+
+/* Stack of input buffers. */
+static size_t yy_buffer_stack_top = 0; /**< index of top of stack. */
+static size_t yy_buffer_stack_max = 0; /**< capacity of stack. */
+static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */
+
+/* We provide macros for accessing buffer states in case in the
+ * future we want to put the buffer states in a more general
+ * "scanner state".
+ *
+ * Returns the top of the stack, or NULL.
+ */
+#define YY_CURRENT_BUFFER ( (yy_buffer_stack) \
+ ? (yy_buffer_stack)[(yy_buffer_stack_top)] \
+ : NULL)
+
+/* Same as previous macro, but useful when we know that the buffer stack is not
+ * NULL or when we need an lvalue. For internal use only.
+ */
+#define YY_CURRENT_BUFFER_LVALUE (yy_buffer_stack)[(yy_buffer_stack_top)]
+
+/* yy_hold_char holds the character lost when yytext is formed. */
+static char yy_hold_char;
+static int yy_n_chars; /* number of characters read into yy_ch_buf */
+int yyleng;
+
+/* Points to current character in buffer. */
+static char *yy_c_buf_p = (char *) 0;
+static int yy_init = 1; /* whether we need to initialize */
+static int yy_start = 0; /* start state number */
+
+/* Flag which is used to allow yywrap()'s to do buffer switches
+ * instead of setting up a fresh yyin. A bit of a hack ...
+ */
+static int yy_did_buffer_switch_on_eof;
+
+void yyrestart (FILE *input_file );
+void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer );
+YY_BUFFER_STATE yy_create_buffer (FILE *file,int size );
+void yy_delete_buffer (YY_BUFFER_STATE b );
+void yy_flush_buffer (YY_BUFFER_STATE b );
+void yypush_buffer_state (YY_BUFFER_STATE new_buffer );
+void yypop_buffer_state (void );
+
+static void yyensure_buffer_stack (void );
+static void yy_load_buffer_state (void );
+static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file );
+
+#define YY_FLUSH_BUFFER yy_flush_buffer(YY_CURRENT_BUFFER )
+
+YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size );
+YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str );
+YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len );
+
+void *yyalloc (yy_size_t );
+void *yyrealloc (void *,yy_size_t );
+void yyfree (void * );
+
+#define yy_new_buffer yy_create_buffer
+
+#define yy_set_interactive(is_interactive) \
+ { \
+ if ( ! YY_CURRENT_BUFFER ){ \
+ yyensure_buffer_stack (); \
+ YY_CURRENT_BUFFER_LVALUE = \
+ yy_create_buffer(yyin,YY_BUF_SIZE ); \
+ } \
+ YY_CURRENT_BUFFER_LVALUE->yy_is_interactive = is_interactive; \
+ }
+
+#define yy_set_bol(at_bol) \
+ { \
+ if ( ! YY_CURRENT_BUFFER ){\
+ yyensure_buffer_stack (); \
+ YY_CURRENT_BUFFER_LVALUE = \
+ yy_create_buffer(yyin,YY_BUF_SIZE ); \
+ } \
+ YY_CURRENT_BUFFER_LVALUE->yy_at_bol = at_bol; \
+ }
+
+#define YY_AT_BOL() (YY_CURRENT_BUFFER_LVALUE->yy_at_bol)
+
+/* Begin user sect3 */
+
+typedef unsigned char YY_CHAR;
+
+FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0;
+
+typedef int yy_state_type;
+
+extern int yylineno;
+extern char *yytext;
+#define yytext_ptr yytext
+
+static yy_state_type yy_get_previous_state (void );
+static yy_state_type yy_try_NUL_trans (yy_state_type current_state );
+static int yy_get_next_buffer (void );
+static void yy_fatal_error (yyconst char msg[] );
+
+/* Done after the current pattern has been matched and before the
+ * corresponding action - sets up yytext.
+ */
+#define YY_DO_BEFORE_ACTION \
+ (yytext_ptr) = yy_bp; \
+ yyleng = (size_t) (yy_cp - yy_bp); \
+ (yy_hold_char) = *yy_cp; \
+ *yy_cp = '\0'; \
+ (yy_c_buf_p) = yy_cp;
+
+#define YY_NUM_RULES 6
+#define YY_END_OF_BUFFER 7
+/* This struct is not used in this scanner,
+ but its presence is necessary. */
+struct yy_trans_info
+ {
+ flex_int32_t yy_verify;
+ flex_int32_t yy_nxt;
+ };
+static yyconst flex_int16_t yy_accept[21] =
+ { 0,
+ 0, 0, 7, 3, 4, 5, 1, 3, 3, 3,
+ 4, 1, 1, 1, 3, 2, 3, 1, 1, 0
+ } ;
+
+static yyconst flex_int32_t yy_ec[256] =
+ { 0,
+ 1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 2, 1, 1, 4, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 5, 1, 1, 1, 1, 1, 1, 1, 1,
+
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1
+ } ;
+
+static yyconst flex_int32_t yy_meta[6] =
+ { 0,
+ 1, 2, 3, 1, 1
+ } ;
+
+static yyconst flex_int16_t yy_base[24] =
+ { 0,
+ 0, 0, 26, 20, 0, 27, 5, 10, 19, 20,
+ 0, 0, 0, 15, 0, 27, 0, 0, 0, 27,
+ 17, 6, 20
+ } ;
+
+static yyconst flex_int16_t yy_def[24] =
+ { 0,
+ 20, 1, 20, 21, 22, 20, 20, 20, 21, 8,
+ 22, 7, 23, 20, 9, 20, 10, 7, 14, 0,
+ 20, 20, 20
+ } ;
+
+static yyconst flex_int16_t yy_nxt[33] =
+ { 0,
+ 4, 5, 6, 7, 8, 12, 13, 11, 12, 14,
+ 15, 9, 16, 15, 17, 18, 12, 9, 18, 19,
+ 13, 13, 20, 10, 10, 20, 3, 20, 20, 20,
+ 20, 20
+ } ;
+
+static yyconst flex_int16_t yy_chk[33] =
+ { 0,
+ 1, 1, 1, 1, 1, 7, 7, 22, 7, 7,
+ 8, 8, 8, 8, 8, 14, 14, 21, 14, 14,
+ 23, 23, 10, 9, 4, 3, 20, 20, 20, 20,
+ 20, 20
+ } ;
+
+static yy_state_type yy_last_accepting_state;
+static char *yy_last_accepting_cpos;
+
+extern int yy_flex_debug;
+int yy_flex_debug = 0;
+
+/* The intent behind this definition is that it'll catch
+ * any uses of REJECT which flex missed.
+ */
+#define REJECT reject_used_but_not_detected
+#define yymore() yymore_used_but_not_detected
+#define YY_MORE_ADJ 0
+#define YY_RESTORE_YY_MORE_OFFSET
+char *yytext;
+#line 1 "pam_conv_l.l"
+#line 3 "pam_conv_l.l"
+/*
+ * $Id: pam_conv_l.l,v 1.1 2006/07/24 16:14:40 kukuk Exp $
+ *
+ * Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net>
+ *
+ * This file is covered by the Linux-PAM License (which should be
+ * distributed with this file.)
+ */
+
+ static const char lexid[]=
+ "$Id: pam_conv_l.l,v 1.1 2006/07/24 16:14:40 kukuk Exp $\n"
+ "Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net>\n";
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <stdio.h>
+
+#include "pam_conv_y.h"
+
+ extern int current_line;
+#line 476 "pam_conv_l.c"
+
+#define INITIAL 0
+
+/* Special case for "unistd.h", since it is non-ANSI. We include it way
+ * down here because we want the user's section 1 to have been scanned first.
+ * The user has a chance to override it with an option.
+ */
+#include <unistd.h>
+
+#ifndef YY_EXTRA_TYPE
+#define YY_EXTRA_TYPE void *
+#endif
+
+/* Macros after this point can all be overridden by user definitions in
+ * section 1.
+ */
+
+#ifndef YY_SKIP_YYWRAP
+#ifdef __cplusplus
+extern "C" int yywrap (void );
+#else
+extern int yywrap (void );
+#endif
+#endif
+
+ static void yyunput (int c,char *buf_ptr );
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy (char *,yyconst char *,int );
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen (yyconst char * );
+#endif
+
+#ifndef YY_NO_INPUT
+
+#ifdef __cplusplus
+static int yyinput (void );
+#else
+static int input (void );
+#endif
+
+#endif
+
+/* Amount of stuff to slurp up with each read. */
+#ifndef YY_READ_BUF_SIZE
+#define YY_READ_BUF_SIZE 8192
+#endif
+
+/* Copy whatever the last rule matched to the standard output. */
+#ifndef ECHO
+/* This used to be an fputs(), but since the string might contain NUL's,
+ * we now use fwrite().
+ */
+#define ECHO (void) fwrite( yytext, yyleng, 1, yyout )
+#endif
+
+/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL,
+ * is returned in "result".
+ */
+#ifndef YY_INPUT
+#define YY_INPUT(buf,result,max_size) \
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \
+ { \
+ int c = '*'; \
+ size_t n; \
+ for ( n = 0; n < max_size && \
+ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
+ buf[n] = (char) c; \
+ if ( c == '\n' ) \
+ buf[n++] = (char) c; \
+ if ( c == EOF && ferror( yyin ) ) \
+ YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ result = n; \
+ } \
+ else \
+ { \
+ errno=0; \
+ while ( (result = fread(buf, 1, max_size, yyin))==0 && ferror(yyin)) \
+ { \
+ if( errno != EINTR) \
+ { \
+ YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ break; \
+ } \
+ errno=0; \
+ clearerr(yyin); \
+ } \
+ }\
+\
+
+#endif
+
+/* No semi-colon after return; correct usage is to write "yyterminate();" -
+ * we don't want an extra ';' after the "return" because that will cause
+ * some compilers to complain about unreachable statements.
+ */
+#ifndef yyterminate
+#define yyterminate() return YY_NULL
+#endif
+
+/* Number of entries by which start-condition stack grows. */
+#ifndef YY_START_STACK_INCR
+#define YY_START_STACK_INCR 25
+#endif
+
+/* Report a fatal error. */
+#ifndef YY_FATAL_ERROR
+#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
+#endif
+
+/* end tables serialization structures and prototypes */
+
+/* Default declaration of generated scanner - a define so the user can
+ * easily add parameters.
+ */
+#ifndef YY_DECL
+#define YY_DECL_IS_OURS 1
+
+extern int yylex (void);
+
+#define YY_DECL int yylex (void)
+#endif /* !YY_DECL */
+
+/* Code executed at the beginning of each rule, after yytext and yyleng
+ * have been set up.
+ */
+#ifndef YY_USER_ACTION
+#define YY_USER_ACTION
+#endif
+
+/* Code executed at the end of each rule. */
+#ifndef YY_BREAK
+#define YY_BREAK break;
+#endif
+
+#define YY_RULE_SETUP \
+ YY_USER_ACTION
+
+/** The main scanner function which does all the work.
+ */
+YY_DECL
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp, *yy_bp;
+ register int yy_act;
+
+#line 27 "pam_conv_l.l"
+
+
+#line 628 "pam_conv_l.c"
+
+ if ( (yy_init) )
+ {
+ (yy_init) = 0;
+
+#ifdef YY_USER_INIT
+ YY_USER_INIT;
+#endif
+
+ if ( ! (yy_start) )
+ (yy_start) = 1; /* first start state */
+
+ if ( ! yyin )
+ yyin = stdin;
+
+ if ( ! yyout )
+ yyout = stdout;
+
+ if ( ! YY_CURRENT_BUFFER ) {
+ yyensure_buffer_stack ();
+ YY_CURRENT_BUFFER_LVALUE =
+ yy_create_buffer(yyin,YY_BUF_SIZE );
+ }
+
+ yy_load_buffer_state( );
+ }
+
+ while ( 1 ) /* loops until end-of-file is reached */
+ {
+ yy_cp = (yy_c_buf_p);
+
+ /* Support of yytext. */
+ *yy_cp = (yy_hold_char);
+
+ /* yy_bp points to the position in yy_ch_buf of the start of
+ * the current run.
+ */
+ yy_bp = yy_cp;
+
+ yy_current_state = (yy_start);
+yy_match:
+ do
+ {
+ register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
+ if ( yy_accept[yy_current_state] )
+ {
+ (yy_last_accepting_state) = yy_current_state;
+ (yy_last_accepting_cpos) = yy_cp;
+ }
+ while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if ( yy_current_state >= 21 )
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ ++yy_cp;
+ }
+ while ( yy_base[yy_current_state] != 27 );
+
+yy_find_action:
+ yy_act = yy_accept[yy_current_state];
+ if ( yy_act == 0 )
+ { /* have to back up */
+ yy_cp = (yy_last_accepting_cpos);
+ yy_current_state = (yy_last_accepting_state);
+ yy_act = yy_accept[yy_current_state];
+ }
+
+ YY_DO_BEFORE_ACTION;
+
+do_action: /* This label is used only to access EOF actions. */
+
+ switch ( yy_act )
+ { /* beginning of action switch */
+ case 0: /* must back up */
+ /* undo the effects of YY_DO_BEFORE_ACTION */
+ *yy_cp = (yy_hold_char);
+ yy_cp = (yy_last_accepting_cpos);
+ yy_current_state = (yy_last_accepting_state);
+ goto yy_find_action;
+
+case 1:
+YY_RULE_SETUP
+#line 29 "pam_conv_l.l"
+; /* skip comments (sorry) */
+ YY_BREAK
+case 2:
+/* rule 2 can match eol */
+YY_RULE_SETUP
+#line 31 "pam_conv_l.l"
+{
+ ++current_line;
+}
+ YY_BREAK
+case 3:
+YY_RULE_SETUP
+#line 35 "pam_conv_l.l"
+{
+ return TOK;
+}
+ YY_BREAK
+case 4:
+YY_RULE_SETUP
+#line 39 "pam_conv_l.l"
+; /* Ignore */
+ YY_BREAK
+case YY_STATE_EOF(INITIAL):
+#line 41 "pam_conv_l.l"
+{
+ return EOFILE;
+}
+ YY_BREAK
+case 5:
+/* rule 5 can match eol */
+YY_RULE_SETUP
+#line 45 "pam_conv_l.l"
+{
+ ++current_line;
+ return NL;
+}
+ YY_BREAK
+case 6:
+YY_RULE_SETUP
+#line 50 "pam_conv_l.l"
+ECHO;
+ YY_BREAK
+#line 756 "pam_conv_l.c"
+
+ case YY_END_OF_BUFFER:
+ {
+ /* Amount of text matched not including the EOB char. */
+ int yy_amount_of_matched_text = (int) (yy_cp - (yytext_ptr)) - 1;
+
+ /* Undo the effects of YY_DO_BEFORE_ACTION. */
+ *yy_cp = (yy_hold_char);
+ YY_RESTORE_YY_MORE_OFFSET
+
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_NEW )
+ {
+ /* We're scanning a new file or input source. It's
+ * possible that this happened because the user
+ * just pointed yyin at a new source and called
+ * yylex(). If so, then we have to assure
+ * consistency between YY_CURRENT_BUFFER and our
+ * globals. Here is the right place to do so, because
+ * this is the first action (other than possibly a
+ * back-up) that will match for the new input source.
+ */
+ (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
+ YY_CURRENT_BUFFER_LVALUE->yy_input_file = yyin;
+ YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL;
+ }
+
+ /* Note that here we test for yy_c_buf_p "<=" to the position
+ * of the first EOB in the buffer, since yy_c_buf_p will
+ * already have been incremented past the NUL character
+ * (since all states make transitions on EOB to the
+ * end-of-buffer state). Contrast this with the test
+ * in input().
+ */
+ if ( (yy_c_buf_p) <= &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] )
+ { /* This was really a NUL. */
+ yy_state_type yy_next_state;
+
+ (yy_c_buf_p) = (yytext_ptr) + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state( );
+
+ /* Okay, we're now positioned to make the NUL
+ * transition. We couldn't have
+ * yy_get_previous_state() go ahead and do it
+ * for us because it doesn't know how to deal
+ * with the possibility of jamming (and we don't
+ * want to build jamming into it because then it
+ * will run more slowly).
+ */
+
+ yy_next_state = yy_try_NUL_trans( yy_current_state );
+
+ yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+
+ if ( yy_next_state )
+ {
+ /* Consume the NUL. */
+ yy_cp = ++(yy_c_buf_p);
+ yy_current_state = yy_next_state;
+ goto yy_match;
+ }
+
+ else
+ {
+ yy_cp = (yy_c_buf_p);
+ goto yy_find_action;
+ }
+ }
+
+ else switch ( yy_get_next_buffer( ) )
+ {
+ case EOB_ACT_END_OF_FILE:
+ {
+ (yy_did_buffer_switch_on_eof) = 0;
+
+ if ( yywrap( ) )
+ {
+ /* Note: because we've taken care in
+ * yy_get_next_buffer() to have set up
+ * yytext, we can now set up
+ * yy_c_buf_p so that if some total
+ * hoser (like flex itself) wants to
+ * call the scanner after we return the
+ * YY_NULL, it'll still work - another
+ * YY_NULL will get returned.
+ */
+ (yy_c_buf_p) = (yytext_ptr) + YY_MORE_ADJ;
+
+ yy_act = YY_STATE_EOF(YY_START);
+ goto do_action;
+ }
+
+ else
+ {
+ if ( ! (yy_did_buffer_switch_on_eof) )
+ YY_NEW_FILE;
+ }
+ break;
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ (yy_c_buf_p) =
+ (yytext_ptr) + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state( );
+
+ yy_cp = (yy_c_buf_p);
+ yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+ goto yy_match;
+
+ case EOB_ACT_LAST_MATCH:
+ (yy_c_buf_p) =
+ &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)];
+
+ yy_current_state = yy_get_previous_state( );
+
+ yy_cp = (yy_c_buf_p);
+ yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+ goto yy_find_action;
+ }
+ break;
+ }
+
+ default:
+ YY_FATAL_ERROR(
+ "fatal flex scanner internal error--no action found" );
+ } /* end of action switch */
+ } /* end of scanning one token */
+} /* end of yylex */
+
+/* yy_get_next_buffer - try to read in a new buffer
+ *
+ * Returns a code representing an action:
+ * EOB_ACT_LAST_MATCH -
+ * EOB_ACT_CONTINUE_SCAN - continue scanning from current position
+ * EOB_ACT_END_OF_FILE - end of file
+ */
+static int yy_get_next_buffer (void)
+{
+ register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
+ register char *source = (yytext_ptr);
+ register int number_to_move, i;
+ int ret_val;
+
+ if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] )
+ YY_FATAL_ERROR(
+ "fatal flex scanner internal error--end of buffer missed" );
+
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_fill_buffer == 0 )
+ { /* Don't try to fill the buffer, so this is an EOF. */
+ if ( (yy_c_buf_p) - (yytext_ptr) - YY_MORE_ADJ == 1 )
+ {
+ /* We matched a single character, the EOB, so
+ * treat this as a final EOF.
+ */
+ return EOB_ACT_END_OF_FILE;
+ }
+
+ else
+ {
+ /* We matched some text prior to the EOB, first
+ * process it.
+ */
+ return EOB_ACT_LAST_MATCH;
+ }
+ }
+
+ /* Try to read more data. */
+
+ /* First move last chars to start of buffer. */
+ number_to_move = (int) ((yy_c_buf_p) - (yytext_ptr)) - 1;
+
+ for ( i = 0; i < number_to_move; ++i )
+ *(dest++) = *(source++);
+
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING )
+ /* don't do the read, it's not guaranteed to return an EOF,
+ * just force an EOF
+ */
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars) = 0;
+
+ else
+ {
+ size_t num_to_read =
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1;
+
+ while ( num_to_read <= 0 )
+ { /* Not enough room in the buffer - grow it. */
+
+ /* just a shorter name for the current buffer */
+ YY_BUFFER_STATE b = YY_CURRENT_BUFFER;
+
+ int yy_c_buf_p_offset =
+ (int) ((yy_c_buf_p) - b->yy_ch_buf);
+
+ if ( b->yy_is_our_buffer )
+ {
+ int new_size = b->yy_buf_size * 2;
+
+ if ( new_size <= 0 )
+ b->yy_buf_size += b->yy_buf_size / 8;
+ else
+ b->yy_buf_size *= 2;
+
+ b->yy_ch_buf = (char *)
+ /* Include room in for 2 EOB chars. */
+ yyrealloc((void *) b->yy_ch_buf,b->yy_buf_size + 2 );
+ }
+ else
+ /* Can't grow it, we don't own it. */
+ b->yy_ch_buf = 0;
+
+ if ( ! b->yy_ch_buf )
+ YY_FATAL_ERROR(
+ "fatal error - scanner input buffer overflow" );
+
+ (yy_c_buf_p) = &b->yy_ch_buf[yy_c_buf_p_offset];
+
+ num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size -
+ number_to_move - 1;
+
+ }
+
+ if ( num_to_read > YY_READ_BUF_SIZE )
+ num_to_read = YY_READ_BUF_SIZE;
+
+ /* Read in more data. */
+ YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]),
+ (yy_n_chars), num_to_read );
+
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+ }
+
+ if ( (yy_n_chars) == 0 )
+ {
+ if ( number_to_move == YY_MORE_ADJ )
+ {
+ ret_val = EOB_ACT_END_OF_FILE;
+ yyrestart(yyin );
+ }
+
+ else
+ {
+ ret_val = EOB_ACT_LAST_MATCH;
+ YY_CURRENT_BUFFER_LVALUE->yy_buffer_status =
+ YY_BUFFER_EOF_PENDING;
+ }
+ }
+
+ else
+ ret_val = EOB_ACT_CONTINUE_SCAN;
+
+ (yy_n_chars) += number_to_move;
+ YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR;
+ YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR;
+
+ (yytext_ptr) = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[0];
+
+ return ret_val;
+}
+
+/* yy_get_previous_state - get the state just before the EOB char was reached */
+
+ static yy_state_type yy_get_previous_state (void)
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp;
+
+ yy_current_state = (yy_start);
+
+ for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp )
+ {
+ register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
+ if ( yy_accept[yy_current_state] )
+ {
+ (yy_last_accepting_state) = yy_current_state;
+ (yy_last_accepting_cpos) = yy_cp;
+ }
+ while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if ( yy_current_state >= 21 )
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ }
+
+ return yy_current_state;
+}
+
+/* yy_try_NUL_trans - try to make a transition on the NUL character
+ *
+ * synopsis
+ * next_state = yy_try_NUL_trans( current_state );
+ */
+ static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state )
+{
+ register int yy_is_jam;
+ register char *yy_cp = (yy_c_buf_p);
+
+ register YY_CHAR yy_c = 1;
+ if ( yy_accept[yy_current_state] )
+ {
+ (yy_last_accepting_state) = yy_current_state;
+ (yy_last_accepting_cpos) = yy_cp;
+ }
+ while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if ( yy_current_state >= 21 )
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ yy_is_jam = (yy_current_state == 20);
+
+ return yy_is_jam ? 0 : yy_current_state;
+}
+
+ static void yyunput (int c, register char * yy_bp )
+{
+ register char *yy_cp;
+
+ yy_cp = (yy_c_buf_p);
+
+ /* undo effects of setting up yytext */
+ *yy_cp = (yy_hold_char);
+
+ if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 )
+ { /* need to shift things up to make room */
+ /* +2 for EOB chars. */
+ register int number_to_move = (yy_n_chars) + 2;
+ register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2];
+ register char *source =
+ &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move];
+
+ while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf )
+ *--dest = *--source;
+
+ yy_cp += (int) (dest - source);
+ yy_bp += (int) (dest - source);
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars =
+ (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_buf_size;
+
+ if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 )
+ YY_FATAL_ERROR( "flex scanner push-back overflow" );
+ }
+
+ *--yy_cp = (char) c;
+
+ (yytext_ptr) = yy_bp;
+ (yy_hold_char) = *yy_cp;
+ (yy_c_buf_p) = yy_cp;
+}
+
+#ifndef YY_NO_INPUT
+#ifdef __cplusplus
+ static int yyinput (void)
+#else
+ static int input (void)
+#endif
+
+{
+ int c;
+
+ *(yy_c_buf_p) = (yy_hold_char);
+
+ if ( *(yy_c_buf_p) == YY_END_OF_BUFFER_CHAR )
+ {
+ /* yy_c_buf_p now points to the character we want to return.
+ * If this occurs *before* the EOB characters, then it's a
+ * valid NUL; if not, then we've hit the end of the buffer.
+ */
+ if ( (yy_c_buf_p) < &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] )
+ /* This was really a NUL. */
+ *(yy_c_buf_p) = '\0';
+
+ else
+ { /* need more input */
+ int offset = (yy_c_buf_p) - (yytext_ptr);
+ ++(yy_c_buf_p);
+
+ switch ( yy_get_next_buffer( ) )
+ {
+ case EOB_ACT_LAST_MATCH:
+ /* This happens because yy_g_n_b()
+ * sees that we've accumulated a
+ * token and flags that we need to
+ * try matching the token before
+ * proceeding. But for input(),
+ * there's no matching to consider.
+ * So convert the EOB_ACT_LAST_MATCH
+ * to EOB_ACT_END_OF_FILE.
+ */
+
+ /* Reset buffer status. */
+ yyrestart(yyin );
+
+ /*FALLTHROUGH*/
+
+ case EOB_ACT_END_OF_FILE:
+ {
+ if ( yywrap( ) )
+ return EOF;
+
+ if ( ! (yy_did_buffer_switch_on_eof) )
+ YY_NEW_FILE;
+#ifdef __cplusplus
+ return yyinput();
+#else
+ return input();
+#endif
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ (yy_c_buf_p) = (yytext_ptr) + offset;
+ break;
+ }
+ }
+ }
+
+ c = *(unsigned char *) (yy_c_buf_p); /* cast for 8-bit char's */
+ *(yy_c_buf_p) = '\0'; /* preserve yytext */
+ (yy_hold_char) = *++(yy_c_buf_p);
+
+ return c;
+}
+#endif /* ifndef YY_NO_INPUT */
+
+/** Immediately switch to a different input stream.
+ * @param input_file A readable stream.
+ *
+ * @note This function does not reset the start condition to @c INITIAL .
+ */
+ void yyrestart (FILE * input_file )
+{
+
+ if ( ! YY_CURRENT_BUFFER ){
+ yyensure_buffer_stack ();
+ YY_CURRENT_BUFFER_LVALUE =
+ yy_create_buffer(yyin,YY_BUF_SIZE );
+ }
+
+ yy_init_buffer(YY_CURRENT_BUFFER,input_file );
+ yy_load_buffer_state( );
+}
+
+/** Switch to a different input buffer.
+ * @param new_buffer The new input buffer.
+ *
+ */
+ void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer )
+{
+
+ /* TODO. We should be able to replace this entire function body
+ * with
+ * yypop_buffer_state();
+ * yypush_buffer_state(new_buffer);
+ */
+ yyensure_buffer_stack ();
+ if ( YY_CURRENT_BUFFER == new_buffer )
+ return;
+
+ if ( YY_CURRENT_BUFFER )
+ {
+ /* Flush out information for old buffer. */
+ *(yy_c_buf_p) = (yy_hold_char);
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p);
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+ }
+
+ YY_CURRENT_BUFFER_LVALUE = new_buffer;
+ yy_load_buffer_state( );
+
+ /* We don't actually know whether we did this switch during
+ * EOF (yywrap()) processing, but the only time this flag
+ * is looked at is after yywrap() is called, so it's safe
+ * to go ahead and always set it.
+ */
+ (yy_did_buffer_switch_on_eof) = 1;
+}
+
+static void yy_load_buffer_state (void)
+{
+ (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
+ (yytext_ptr) = (yy_c_buf_p) = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos;
+ yyin = YY_CURRENT_BUFFER_LVALUE->yy_input_file;
+ (yy_hold_char) = *(yy_c_buf_p);
+}
+
+/** Allocate and initialize an input buffer state.
+ * @param file A readable stream.
+ * @param size The character buffer size in bytes. When in doubt, use @c YY_BUF_SIZE.
+ *
+ * @return the allocated buffer state.
+ */
+ YY_BUFFER_STATE yy_create_buffer (FILE * file, int size )
+{
+ YY_BUFFER_STATE b;
+
+ b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) );
+ if ( ! b )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
+
+ b->yy_buf_size = size;
+
+ /* yy_ch_buf has to be 2 characters longer than the size given because
+ * we need to put in 2 end-of-buffer characters.
+ */
+ b->yy_ch_buf = (char *) yyalloc(b->yy_buf_size + 2 );
+ if ( ! b->yy_ch_buf )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
+
+ b->yy_is_our_buffer = 1;
+
+ yy_init_buffer(b,file );
+
+ return b;
+}
+
+/** Destroy the buffer.
+ * @param b a buffer created with yy_create_buffer()
+ *
+ */
+ void yy_delete_buffer (YY_BUFFER_STATE b )
+{
+
+ if ( ! b )
+ return;
+
+ if ( b == YY_CURRENT_BUFFER ) /* Not sure if we should pop here. */
+ YY_CURRENT_BUFFER_LVALUE = (YY_BUFFER_STATE) 0;
+
+ if ( b->yy_is_our_buffer )
+ yyfree((void *) b->yy_ch_buf );
+
+ yyfree((void *) b );
+}
+
+#ifndef __cplusplus
+extern int isatty (int );
+#endif /* __cplusplus */
+
+/* Initializes or reinitializes a buffer.
+ * This function is sometimes called more than once on the same buffer,
+ * such as during a yyrestart() or at EOF.
+ */
+ static void yy_init_buffer (YY_BUFFER_STATE b, FILE * file )
+
+{
+ int oerrno = errno;
+
+ yy_flush_buffer(b );
+
+ b->yy_input_file = file;
+ b->yy_fill_buffer = 1;
+
+ /* If b is the current buffer, then yy_init_buffer was _probably_
+ * called from yyrestart() or through yy_get_next_buffer.
+ * In that case, we don't want to reset the lineno or column.
+ */
+ if (b != YY_CURRENT_BUFFER){
+ b->yy_bs_lineno = 1;
+ b->yy_bs_column = 0;
+ }
+
+ b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0;
+
+ errno = oerrno;
+}
+
+/** Discard all buffered characters. On the next scan, YY_INPUT will be called.
+ * @param b the buffer state to be flushed, usually @c YY_CURRENT_BUFFER.
+ *
+ */
+ void yy_flush_buffer (YY_BUFFER_STATE b )
+{
+ if ( ! b )
+ return;
+
+ b->yy_n_chars = 0;
+
+ /* We always need two end-of-buffer characters. The first causes
+ * a transition to the end-of-buffer state. The second causes
+ * a jam in that state.
+ */
+ b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
+ b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
+
+ b->yy_buf_pos = &b->yy_ch_buf[0];
+
+ b->yy_at_bol = 1;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ if ( b == YY_CURRENT_BUFFER )
+ yy_load_buffer_state( );
+}
+
+/** Pushes the new state onto the stack. The new state becomes
+ * the current state. This function will allocate the stack
+ * if necessary.
+ * @param new_buffer The new state.
+ *
+ */
+void yypush_buffer_state (YY_BUFFER_STATE new_buffer )
+{
+ if (new_buffer == NULL)
+ return;
+
+ yyensure_buffer_stack();
+
+ /* This block is copied from yy_switch_to_buffer. */
+ if ( YY_CURRENT_BUFFER )
+ {
+ /* Flush out information for old buffer. */
+ *(yy_c_buf_p) = (yy_hold_char);
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p);
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+ }
+
+ /* Only push if top exists. Otherwise, replace top. */
+ if (YY_CURRENT_BUFFER)
+ (yy_buffer_stack_top)++;
+ YY_CURRENT_BUFFER_LVALUE = new_buffer;
+
+ /* copied from yy_switch_to_buffer. */
+ yy_load_buffer_state( );
+ (yy_did_buffer_switch_on_eof) = 1;
+}
+
+/** Removes and deletes the top of the stack, if present.
+ * The next element becomes the new top.
+ *
+ */
+void yypop_buffer_state (void)
+{
+ if (!YY_CURRENT_BUFFER)
+ return;
+
+ yy_delete_buffer(YY_CURRENT_BUFFER );
+ YY_CURRENT_BUFFER_LVALUE = NULL;
+ if ((yy_buffer_stack_top) > 0)
+ --(yy_buffer_stack_top);
+
+ if (YY_CURRENT_BUFFER) {
+ yy_load_buffer_state( );
+ (yy_did_buffer_switch_on_eof) = 1;
+ }
+}
+
+/* Allocates the stack if it does not exist.
+ * Guarantees space for at least one push.
+ */
+static void yyensure_buffer_stack (void)
+{
+ int num_to_alloc;
+
+ if (!(yy_buffer_stack)) {
+
+ /* First allocation is just for 2 elements, since we don't know if this
+ * scanner will even need a stack. We use 2 instead of 1 to avoid an
+ * immediate realloc on the next call.
+ */
+ num_to_alloc = 1;
+ (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc
+ (num_to_alloc * sizeof(struct yy_buffer_state*)
+ );
+
+ memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*));
+
+ (yy_buffer_stack_max) = num_to_alloc;
+ (yy_buffer_stack_top) = 0;
+ return;
+ }
+
+ if ((yy_buffer_stack_top) >= ((yy_buffer_stack_max)) - 1){
+
+ /* Increase the buffer to prepare for a possible push. */
+ int grow_size = 8 /* arbitrary grow size */;
+
+ num_to_alloc = (yy_buffer_stack_max) + grow_size;
+ (yy_buffer_stack) = (struct yy_buffer_state**)yyrealloc
+ ((yy_buffer_stack),
+ num_to_alloc * sizeof(struct yy_buffer_state*)
+ );
+
+ /* zero only the new slots.*/
+ memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*));
+ (yy_buffer_stack_max) = num_to_alloc;
+ }
+}
+
+/** Setup the input buffer state to scan directly from a user-specified character buffer.
+ * @param base the character buffer
+ * @param size the size in bytes of the character buffer
+ *
+ * @return the newly allocated buffer state object.
+ */
+YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size )
+{
+ YY_BUFFER_STATE b;
+
+ if ( size < 2 ||
+ base[size-2] != YY_END_OF_BUFFER_CHAR ||
+ base[size-1] != YY_END_OF_BUFFER_CHAR )
+ /* They forgot to leave room for the EOB's. */
+ return 0;
+
+ b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) );
+ if ( ! b )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" );
+
+ b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */
+ b->yy_buf_pos = b->yy_ch_buf = base;
+ b->yy_is_our_buffer = 0;
+ b->yy_input_file = 0;
+ b->yy_n_chars = b->yy_buf_size;
+ b->yy_is_interactive = 0;
+ b->yy_at_bol = 1;
+ b->yy_fill_buffer = 0;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ yy_switch_to_buffer(b );
+
+ return b;
+}
+
+/** Setup the input buffer state to scan a string. The next call to yylex() will
+ * scan from a @e copy of @a str.
+ * @param str a NUL-terminated string to scan
+ *
+ * @return the newly allocated buffer state object.
+ * @note If you want to scan bytes that may contain NUL values, then use
+ * yy_scan_bytes() instead.
+ */
+YY_BUFFER_STATE yy_scan_string (yyconst char * str )
+{
+
+ return yy_scan_bytes(str,strlen(str) );
+}
+
+/** Setup the input buffer state to scan the given bytes. The next call to yylex() will
+ * scan from a @e copy of @a bytes.
+ * @param bytes the byte buffer to scan
+ * @param len the number of bytes in the buffer pointed to by @a bytes.
+ *
+ * @return the newly allocated buffer state object.
+ */
+YY_BUFFER_STATE yy_scan_bytes (yyconst char * bytes, int len )
+{
+ YY_BUFFER_STATE b;
+ char *buf;
+ yy_size_t n;
+ int i;
+
+ /* Get memory for full buffer, including space for trailing EOB's. */
+ n = len + 2;
+ buf = (char *) yyalloc(n );
+ if ( ! buf )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" );
+
+ for ( i = 0; i < len; ++i )
+ buf[i] = bytes[i];
+
+ buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR;
+
+ b = yy_scan_buffer(buf,n );
+ if ( ! b )
+ YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" );
+
+ /* It's okay to grow etc. this buffer, and we should throw it
+ * away when we're done.
+ */
+ b->yy_is_our_buffer = 1;
+
+ return b;
+}
+
+#ifndef YY_EXIT_FAILURE
+#define YY_EXIT_FAILURE 2
+#endif
+
+static void yy_fatal_error (yyconst char* msg )
+{
+ (void) fprintf( stderr, "%s\n", msg );
+ exit( YY_EXIT_FAILURE );
+}
+
+/* Redefine yyless() so it works in section 3 code. */
+
+#undef yyless
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ int yyless_macro_arg = (n); \
+ YY_LESS_LINENO(yyless_macro_arg);\
+ yytext[yyleng] = (yy_hold_char); \
+ (yy_c_buf_p) = yytext + yyless_macro_arg; \
+ (yy_hold_char) = *(yy_c_buf_p); \
+ *(yy_c_buf_p) = '\0'; \
+ yyleng = yyless_macro_arg; \
+ } \
+ while ( 0 )
+
+/* Accessor methods (get/set functions) to struct members. */
+
+/** Get the input stream.
+ *
+ */
+FILE *yyget_in (void)
+{
+ return yyin;
+}
+
+/** Get the output stream.
+ *
+ */
+FILE *yyget_out (void)
+{
+ return yyout;
+}
+
+/** Get the length of the current token.
+ *
+ */
+int yyget_leng (void)
+{
+ return yyleng;
+}
+
+/** Get the current token.
+ *
+ */
+
+char *yyget_text (void)
+{
+ return yytext;
+}
+
+/** Set the input stream. This does not discard the current
+ * input buffer.
+ * @param in_str A readable stream.
+ *
+ * @see yy_switch_to_buffer
+ */
+void yyset_in (FILE * in_str )
+{
+ yyin = in_str ;
+}
+
+void yyset_out (FILE * out_str )
+{
+ yyout = out_str ;
+}
+
+int yyget_debug (void)
+{
+ return yy_flex_debug;
+}
+
+void yyset_debug (int bdebug )
+{
+ yy_flex_debug = bdebug ;
+}
+
+/* yylex_destroy is for both reentrant and non-reentrant scanners. */
+int yylex_destroy (void)
+{
+
+ /* Pop the buffer stack, destroying each element. */
+ while(YY_CURRENT_BUFFER){
+ yy_delete_buffer(YY_CURRENT_BUFFER );
+ YY_CURRENT_BUFFER_LVALUE = NULL;
+ yypop_buffer_state();
+ }
+
+ /* Destroy the stack itself. */
+ yyfree((yy_buffer_stack) );
+ (yy_buffer_stack) = NULL;
+
+ return 0;
+}
+
+/*
+ * Internal utility routines.
+ */
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy (char* s1, yyconst char * s2, int n )
+{
+ register int i;
+ for ( i = 0; i < n; ++i )
+ s1[i] = s2[i];
+}
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen (yyconst char * s )
+{
+ register int n;
+ for ( n = 0; s[n]; ++n )
+ ;
+
+ return n;
+}
+#endif
+
+void *yyalloc (yy_size_t size )
+{
+ return (void *) malloc( size );
+}
+
+void *yyrealloc (void * ptr, yy_size_t size )
+{
+ /* The cast to (char *) in the following accommodates both
+ * implementations that use char* generic pointers, and those
+ * that use void* generic pointers. It works with the latter
+ * because both ANSI C and C++ allow castless assignment from
+ * any pointer type to void*, and deal with argument conversions
+ * as though doing an assignment.
+ */
+ return (void *) realloc( (char *) ptr, size );
+}
+
+void yyfree (void * ptr )
+{
+ free( (char *) ptr ); /* see yyrealloc() for (char *) cast */
+}
+
+#define YYTABLES_NAME "yytables"
+
+#line 50 "pam_conv_l.l"
+
+
+
diff --git a/Linux-PAM/conf/pam_conv1/pam_conv.lex b/Linux-PAM/conf/pam_conv1/pam_conv_l.l
index ef8cb41a..c899d6bc 100644
--- a/Linux-PAM/conf/pam_conv1/pam_conv.lex
+++ b/Linux-PAM/conf/pam_conv1/pam_conv_l.l
@@ -1,7 +1,7 @@
%{
/*
- * $Id: pam_conv.lex,v 1.1.1.1 2000/06/20 22:10:45 agmorgan Exp $
+ * $Id: pam_conv_l.l,v 1.1 2006/07/24 16:14:40 kukuk Exp $
*
* Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net>
*
@@ -9,10 +9,18 @@
* distributed with this file.)
*/
- const static char lexid[]=
- "$Id: pam_conv.lex,v 1.1.1.1 2000/06/20 22:10:45 agmorgan Exp $\n"
+ static const char lexid[]=
+ "$Id: pam_conv_l.l,v 1.1 2006/07/24 16:14:40 kukuk Exp $\n"
"Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net>\n";
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <stdio.h>
+
+#include "pam_conv_y.h"
+
extern int current_line;
%}
diff --git a/Linux-PAM/conf/pam_conv1/pam_conv_y.c b/Linux-PAM/conf/pam_conv1/pam_conv_y.c
new file mode 100644
index 00000000..13a95163
--- /dev/null
+++ b/Linux-PAM/conf/pam_conv1/pam_conv_y.c
@@ -0,0 +1,1575 @@
+/* A Bison parser, made by GNU Bison 2.1. */
+
+/* Skeleton parser for Yacc-like parsing with Bison,
+ Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA. */
+
+/* As a special exception, when this file is copied by Bison into a
+ Bison output file, you may use that output file without restriction.
+ This special exception was added by the Free Software Foundation
+ in version 1.24 of Bison. */
+
+/* Written by Richard Stallman by simplifying the original so called
+ ``semantic'' parser. */
+
+/* All symbols defined below should begin with yy or YY, to avoid
+ infringing on user name space. This should be done even for local
+ variables, as they might otherwise be expanded by user macros.
+ There are some unavoidable exceptions within include files to
+ define necessary library symbols; they are noted "INFRINGES ON
+ USER NAME SPACE" below. */
+
+/* Identify Bison output. */
+#define YYBISON 1
+
+/* Bison version. */
+#define YYBISON_VERSION "2.1"
+
+/* Skeleton name. */
+#define YYSKELETON_NAME "yacc.c"
+
+/* Pure parsers. */
+#define YYPURE 0
+
+/* Using locations. */
+#define YYLSP_NEEDED 0
+
+
+
+/* Tokens. */
+#ifndef YYTOKENTYPE
+# define YYTOKENTYPE
+ /* Put the tokens into the symbol table, so that GDB and other debuggers
+ know about them. */
+ enum yytokentype {
+ NL = 258,
+ EOFILE = 259,
+ TOK = 260
+ };
+#endif
+/* Tokens. */
+#define NL 258
+#define EOFILE 259
+#define TOK 260
+
+
+
+
+/* Copy the first part of user declarations. */
+#line 1 "pam_conv_y.y"
+
+
+/*
+ * $Id: pam_conv_y.y,v 1.1 2006/07/24 16:14:40 kukuk Exp $
+ *
+ * Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net>
+ *
+ * This file is covered by the Linux-PAM License (which should be
+ * distributed with this file.)
+ */
+
+ static const char bisonid[]=
+ "$Id: pam_conv_y.y,v 1.1 2006/07/24 16:14:40 kukuk Exp $\n"
+ "Copyright (c) Andrew G. Morgan 1997-8 <morgan@linux.kernel.org>\n";
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <string.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <sys/stat.h>
+
+ extern int yylex(void);
+
+ int current_line=1;
+ extern char *yytext;
+
+/* XXX - later we'll change this to be the specific conf file(s) */
+#define newpamf stderr
+
+#define PAM_D "./pam.d"
+#define PAM_D_MODE 0755
+#define PAM_D_MAGIC_HEADER \
+ "#%%PAM-1.0\n" \
+ "#[For version 1.0 syntax, the above header is optional]\n"
+
+#define PAM_D_FILE_FMT PAM_D "/%s"
+
+ const char *old_to_new_ctrl_flag(const char *old);
+ void yyerror(const char *format, ...);
+
+
+/* Enabling traces. */
+#ifndef YYDEBUG
+# define YYDEBUG 0
+#endif
+
+/* Enabling verbose error messages. */
+#ifdef YYERROR_VERBOSE
+# undef YYERROR_VERBOSE
+# define YYERROR_VERBOSE 1
+#else
+# define YYERROR_VERBOSE 0
+#endif
+
+/* Enabling the token table. */
+#ifndef YYTOKEN_TABLE
+# define YYTOKEN_TABLE 0
+#endif
+
+#if ! defined (YYSTYPE) && ! defined (YYSTYPE_IS_DECLARED)
+#line 47 "pam_conv_y.y"
+typedef union YYSTYPE {
+ int def;
+ char *string;
+} YYSTYPE;
+/* Line 196 of yacc.c. */
+#line 146 "pam_conv_y.c"
+# define yystype YYSTYPE /* obsolescent; will be withdrawn */
+# define YYSTYPE_IS_DECLARED 1
+# define YYSTYPE_IS_TRIVIAL 1
+#endif
+
+
+
+/* Copy the second part of user declarations. */
+
+
+/* Line 219 of yacc.c. */
+#line 158 "pam_conv_y.c"
+
+#if ! defined (YYSIZE_T) && defined (__SIZE_TYPE__)
+# define YYSIZE_T __SIZE_TYPE__
+#endif
+#if ! defined (YYSIZE_T) && defined (size_t)
+# define YYSIZE_T size_t
+#endif
+#if ! defined (YYSIZE_T) && (defined (__STDC__) || defined (__cplusplus))
+# include <stddef.h> /* INFRINGES ON USER NAME SPACE */
+# define YYSIZE_T size_t
+#endif
+#if ! defined (YYSIZE_T)
+# define YYSIZE_T unsigned int
+#endif
+
+#ifndef YY_
+# if YYENABLE_NLS
+# if ENABLE_NLS
+# include <libintl.h> /* INFRINGES ON USER NAME SPACE */
+# define YY_(msgid) dgettext ("bison-runtime", msgid)
+# endif
+# endif
+# ifndef YY_
+# define YY_(msgid) msgid
+# endif
+#endif
+
+#if ! defined (yyoverflow) || YYERROR_VERBOSE
+
+/* The parser invokes alloca or malloc; define the necessary symbols. */
+
+# ifdef YYSTACK_USE_ALLOCA
+# if YYSTACK_USE_ALLOCA
+# ifdef __GNUC__
+# define YYSTACK_ALLOC __builtin_alloca
+# else
+# define YYSTACK_ALLOC alloca
+# if defined (__STDC__) || defined (__cplusplus)
+# include <stdlib.h> /* INFRINGES ON USER NAME SPACE */
+# define YYINCLUDED_STDLIB_H
+# endif
+# endif
+# endif
+# endif
+
+# ifdef YYSTACK_ALLOC
+ /* Pacify GCC's `empty if-body' warning. */
+# define YYSTACK_FREE(Ptr) do { /* empty */; } while (0)
+# ifndef YYSTACK_ALLOC_MAXIMUM
+ /* The OS might guarantee only one guard page at the bottom of the stack,
+ and a page size can be as small as 4096 bytes. So we cannot safely
+ invoke alloca (N) if N exceeds 4096. Use a slightly smaller number
+ to allow for a few compiler-allocated temporary stack slots. */
+# define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2005 */
+# endif
+# else
+# define YYSTACK_ALLOC YYMALLOC
+# define YYSTACK_FREE YYFREE
+# ifndef YYSTACK_ALLOC_MAXIMUM
+# define YYSTACK_ALLOC_MAXIMUM ((YYSIZE_T) -1)
+# endif
+# ifdef __cplusplus
+extern "C" {
+# endif
+# ifndef YYMALLOC
+# define YYMALLOC malloc
+# if (! defined (malloc) && ! defined (YYINCLUDED_STDLIB_H) \
+ && (defined (__STDC__) || defined (__cplusplus)))
+void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */
+# endif
+# endif
+# ifndef YYFREE
+# define YYFREE free
+# if (! defined (free) && ! defined (YYINCLUDED_STDLIB_H) \
+ && (defined (__STDC__) || defined (__cplusplus)))
+void free (void *); /* INFRINGES ON USER NAME SPACE */
+# endif
+# endif
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif /* ! defined (yyoverflow) || YYERROR_VERBOSE */
+
+
+#if (! defined (yyoverflow) \
+ && (! defined (__cplusplus) \
+ || (defined (YYSTYPE_IS_TRIVIAL) && YYSTYPE_IS_TRIVIAL)))
+
+/* A type that is properly aligned for any stack member. */
+union yyalloc
+{
+ short int yyss;
+ YYSTYPE yyvs;
+ };
+
+/* The size of the maximum gap between one aligned stack and the next. */
+# define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1)
+
+/* The size of an array large to enough to hold all stacks, each with
+ N elements. */
+# define YYSTACK_BYTES(N) \
+ ((N) * (sizeof (short int) + sizeof (YYSTYPE)) \
+ + YYSTACK_GAP_MAXIMUM)
+
+/* Copy COUNT objects from FROM to TO. The source and destination do
+ not overlap. */
+# ifndef YYCOPY
+# if defined (__GNUC__) && 1 < __GNUC__
+# define YYCOPY(To, From, Count) \
+ __builtin_memcpy (To, From, (Count) * sizeof (*(From)))
+# else
+# define YYCOPY(To, From, Count) \
+ do \
+ { \
+ YYSIZE_T yyi; \
+ for (yyi = 0; yyi < (Count); yyi++) \
+ (To)[yyi] = (From)[yyi]; \
+ } \
+ while (0)
+# endif
+# endif
+
+/* Relocate STACK from its old location to the new one. The
+ local variables YYSIZE and YYSTACKSIZE give the old and new number of
+ elements in the stack, and YYPTR gives the new location of the
+ stack. Advance YYPTR to a properly aligned location for the next
+ stack. */
+# define YYSTACK_RELOCATE(Stack) \
+ do \
+ { \
+ YYSIZE_T yynewbytes; \
+ YYCOPY (&yyptr->Stack, Stack, yysize); \
+ Stack = &yyptr->Stack; \
+ yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \
+ yyptr += yynewbytes / sizeof (*yyptr); \
+ } \
+ while (0)
+
+#endif
+
+#if defined (__STDC__) || defined (__cplusplus)
+ typedef signed char yysigned_char;
+#else
+ typedef short int yysigned_char;
+#endif
+
+/* YYFINAL -- State number of the termination state. */
+#define YYFINAL 2
+/* YYLAST -- Last index in YYTABLE. */
+#define YYLAST 13
+
+/* YYNTOKENS -- Number of terminals. */
+#define YYNTOKENS 6
+/* YYNNTS -- Number of nonterminals. */
+#define YYNNTS 6
+/* YYNRULES -- Number of rules. */
+#define YYNRULES 11
+/* YYNRULES -- Number of states. */
+#define YYNSTATES 17
+
+/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */
+#define YYUNDEFTOK 2
+#define YYMAXUTOK 260
+
+#define YYTRANSLATE(YYX) \
+ ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK)
+
+/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */
+static const unsigned char yytranslate[] =
+{
+ 0, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 1, 2, 3, 4,
+ 5
+};
+
+#if YYDEBUG
+/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in
+ YYRHS. */
+static const unsigned char yyprhs[] =
+{
+ 0, 0, 3, 4, 7, 10, 13, 20, 23, 24,
+ 27, 29
+};
+
+/* YYRHS -- A `-1'-separated list of the rules' RHS. */
+static const yysigned_char yyrhs[] =
+{
+ 7, 0, -1, -1, 7, 3, -1, 7, 8, -1,
+ 7, 4, -1, 11, 11, 11, 10, 9, 3, -1,
+ 1, 3, -1, -1, 9, 11, -1, 5, -1, 5,
+ -1
+};
+
+/* YYRLINE[YYN] -- source line where rule number YYN was defined. */
+static const unsigned char yyrline[] =
+{
+ 0, 60, 60, 62, 63, 64, 70, 134, 140, 143,
+ 159, 165
+};
+#endif
+
+#if YYDEBUG || YYERROR_VERBOSE || YYTOKEN_TABLE
+/* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM.
+ First, the terminals, then, starting at YYNTOKENS, nonterminals. */
+static const char *const yytname[] =
+{
+ "$end", "error", "$undefined", "NL", "EOFILE", "TOK", "$accept",
+ "complete", "line", "tokenls", "path", "tok", 0
+};
+#endif
+
+# ifdef YYPRINT
+/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to
+ token YYLEX-NUM. */
+static const unsigned short int yytoknum[] =
+{
+ 0, 256, 257, 258, 259, 260
+};
+# endif
+
+/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */
+static const unsigned char yyr1[] =
+{
+ 0, 6, 7, 7, 7, 7, 8, 8, 9, 9,
+ 10, 11
+};
+
+/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */
+static const unsigned char yyr2[] =
+{
+ 0, 2, 0, 2, 2, 2, 6, 2, 0, 2,
+ 1, 1
+};
+
+/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state
+ STATE-NUM when YYTABLE doesn't specify something else to do. Zero
+ means the default is an error. */
+static const unsigned char yydefact[] =
+{
+ 2, 0, 1, 0, 3, 5, 11, 4, 0, 7,
+ 0, 0, 10, 8, 0, 6, 9
+};
+
+/* YYDEFGOTO[NTERM-NUM]. */
+static const yysigned_char yydefgoto[] =
+{
+ -1, 1, 7, 14, 13, 8
+};
+
+/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing
+ STATE-NUM. */
+#define YYPACT_NINF -9
+static const yysigned_char yypact[] =
+{
+ -9, 4, -9, 7, -9, -9, -9, -9, 6, -9,
+ 6, 8, -9, -9, -2, -9, -9
+};
+
+/* YYPGOTO[NTERM-NUM]. */
+static const yysigned_char yypgoto[] =
+{
+ -9, -9, -9, -9, -9, -8
+};
+
+/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If
+ positive, shift that token. If negative, reduce the rule which
+ number is the opposite. If zero, do what YYDEFACT says.
+ If YYTABLE_NINF, syntax error. */
+#define YYTABLE_NINF -1
+static const unsigned char yytable[] =
+{
+ 10, 15, 11, 6, 2, 3, 16, 4, 5, 6,
+ 9, 6, 0, 12
+};
+
+static const yysigned_char yycheck[] =
+{
+ 8, 3, 10, 5, 0, 1, 14, 3, 4, 5,
+ 3, 5, -1, 5
+};
+
+/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing
+ symbol of state STATE-NUM. */
+static const unsigned char yystos[] =
+{
+ 0, 7, 0, 1, 3, 4, 5, 8, 11, 3,
+ 11, 11, 5, 10, 9, 3, 11
+};
+
+#define yyerrok (yyerrstatus = 0)
+#define yyclearin (yychar = YYEMPTY)
+#define YYEMPTY (-2)
+#define YYEOF 0
+
+#define YYACCEPT goto yyacceptlab
+#define YYABORT goto yyabortlab
+#define YYERROR goto yyerrorlab
+
+
+/* Like YYERROR except do call yyerror. This remains here temporarily
+ to ease the transition to the new meaning of YYERROR, for GCC.
+ Once GCC version 2 has supplanted version 1, this can go. */
+
+#define YYFAIL goto yyerrlab
+
+#define YYRECOVERING() (!!yyerrstatus)
+
+#define YYBACKUP(Token, Value) \
+do \
+ if (yychar == YYEMPTY && yylen == 1) \
+ { \
+ yychar = (Token); \
+ yylval = (Value); \
+ yytoken = YYTRANSLATE (yychar); \
+ YYPOPSTACK; \
+ goto yybackup; \
+ } \
+ else \
+ { \
+ yyerror (YY_("syntax error: cannot back up")); \
+ YYERROR; \
+ } \
+while (0)
+
+
+#define YYTERROR 1
+#define YYERRCODE 256
+
+
+/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N].
+ If N is 0, then set CURRENT to the empty location which ends
+ the previous symbol: RHS[0] (always defined). */
+
+#define YYRHSLOC(Rhs, K) ((Rhs)[K])
+#ifndef YYLLOC_DEFAULT
+# define YYLLOC_DEFAULT(Current, Rhs, N) \
+ do \
+ if (N) \
+ { \
+ (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \
+ (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \
+ (Current).last_line = YYRHSLOC (Rhs, N).last_line; \
+ (Current).last_column = YYRHSLOC (Rhs, N).last_column; \
+ } \
+ else \
+ { \
+ (Current).first_line = (Current).last_line = \
+ YYRHSLOC (Rhs, 0).last_line; \
+ (Current).first_column = (Current).last_column = \
+ YYRHSLOC (Rhs, 0).last_column; \
+ } \
+ while (0)
+#endif
+
+
+/* YY_LOCATION_PRINT -- Print the location on the stream.
+ This macro was not mandated originally: define only if we know
+ we won't break user code: when these are the locations we know. */
+
+#ifndef YY_LOCATION_PRINT
+# if YYLTYPE_IS_TRIVIAL
+# define YY_LOCATION_PRINT(File, Loc) \
+ fprintf (File, "%d.%d-%d.%d", \
+ (Loc).first_line, (Loc).first_column, \
+ (Loc).last_line, (Loc).last_column)
+# else
+# define YY_LOCATION_PRINT(File, Loc) ((void) 0)
+# endif
+#endif
+
+
+/* YYLEX -- calling `yylex' with the right arguments. */
+
+#ifdef YYLEX_PARAM
+# define YYLEX yylex (YYLEX_PARAM)
+#else
+# define YYLEX yylex ()
+#endif
+
+/* Enable debugging if requested. */
+#if YYDEBUG
+
+# ifndef YYFPRINTF
+# include <stdio.h> /* INFRINGES ON USER NAME SPACE */
+# define YYFPRINTF fprintf
+# endif
+
+# define YYDPRINTF(Args) \
+do { \
+ if (yydebug) \
+ YYFPRINTF Args; \
+} while (0)
+
+# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \
+do { \
+ if (yydebug) \
+ { \
+ YYFPRINTF (stderr, "%s ", Title); \
+ yysymprint (stderr, \
+ Type, Value); \
+ YYFPRINTF (stderr, "\n"); \
+ } \
+} while (0)
+
+/*------------------------------------------------------------------.
+| yy_stack_print -- Print the state stack from its BOTTOM up to its |
+| TOP (included). |
+`------------------------------------------------------------------*/
+
+#if defined (__STDC__) || defined (__cplusplus)
+static void
+yy_stack_print (short int *bottom, short int *top)
+#else
+static void
+yy_stack_print (bottom, top)
+ short int *bottom;
+ short int *top;
+#endif
+{
+ YYFPRINTF (stderr, "Stack now");
+ for (/* Nothing. */; bottom <= top; ++bottom)
+ YYFPRINTF (stderr, " %d", *bottom);
+ YYFPRINTF (stderr, "\n");
+}
+
+# define YY_STACK_PRINT(Bottom, Top) \
+do { \
+ if (yydebug) \
+ yy_stack_print ((Bottom), (Top)); \
+} while (0)
+
+
+/*------------------------------------------------.
+| Report that the YYRULE is going to be reduced. |
+`------------------------------------------------*/
+
+#if defined (__STDC__) || defined (__cplusplus)
+static void
+yy_reduce_print (int yyrule)
+#else
+static void
+yy_reduce_print (yyrule)
+ int yyrule;
+#endif
+{
+ int yyi;
+ unsigned long int yylno = yyrline[yyrule];
+ YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu), ",
+ yyrule - 1, yylno);
+ /* Print the symbols being reduced, and their result. */
+ for (yyi = yyprhs[yyrule]; 0 <= yyrhs[yyi]; yyi++)
+ YYFPRINTF (stderr, "%s ", yytname[yyrhs[yyi]]);
+ YYFPRINTF (stderr, "-> %s\n", yytname[yyr1[yyrule]]);
+}
+
+# define YY_REDUCE_PRINT(Rule) \
+do { \
+ if (yydebug) \
+ yy_reduce_print (Rule); \
+} while (0)
+
+/* Nonzero means print parse trace. It is left uninitialized so that
+ multiple parsers can coexist. */
+int yydebug;
+#else /* !YYDEBUG */
+# define YYDPRINTF(Args)
+# define YY_SYMBOL_PRINT(Title, Type, Value, Location)
+# define YY_STACK_PRINT(Bottom, Top)
+# define YY_REDUCE_PRINT(Rule)
+#endif /* !YYDEBUG */
+
+
+/* YYINITDEPTH -- initial size of the parser's stacks. */
+#ifndef YYINITDEPTH
+# define YYINITDEPTH 200
+#endif
+
+/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only
+ if the built-in stack extension method is used).
+
+ Do not make this value too large; the results are undefined if
+ YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH)
+ evaluated with infinite-precision integer arithmetic. */
+
+#ifndef YYMAXDEPTH
+# define YYMAXDEPTH 10000
+#endif
+
+
+
+#if YYERROR_VERBOSE
+
+# ifndef yystrlen
+# if defined (__GLIBC__) && defined (_STRING_H)
+# define yystrlen strlen
+# else
+/* Return the length of YYSTR. */
+static YYSIZE_T
+# if defined (__STDC__) || defined (__cplusplus)
+yystrlen (const char *yystr)
+# else
+yystrlen (yystr)
+ const char *yystr;
+# endif
+{
+ const char *yys = yystr;
+
+ while (*yys++ != '\0')
+ continue;
+
+ return yys - yystr - 1;
+}
+# endif
+# endif
+
+# ifndef yystpcpy
+# if defined (__GLIBC__) && defined (_STRING_H) && defined (_GNU_SOURCE)
+# define yystpcpy stpcpy
+# else
+/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in
+ YYDEST. */
+static char *
+# if defined (__STDC__) || defined (__cplusplus)
+yystpcpy (char *yydest, const char *yysrc)
+# else
+yystpcpy (yydest, yysrc)
+ char *yydest;
+ const char *yysrc;
+# endif
+{
+ char *yyd = yydest;
+ const char *yys = yysrc;
+
+ while ((*yyd++ = *yys++) != '\0')
+ continue;
+
+ return yyd - 1;
+}
+# endif
+# endif
+
+# ifndef yytnamerr
+/* Copy to YYRES the contents of YYSTR after stripping away unnecessary
+ quotes and backslashes, so that it's suitable for yyerror. The
+ heuristic is that double-quoting is unnecessary unless the string
+ contains an apostrophe, a comma, or backslash (other than
+ backslash-backslash). YYSTR is taken from yytname. If YYRES is
+ null, do not copy; instead, return the length of what the result
+ would have been. */
+static YYSIZE_T
+yytnamerr (char *yyres, const char *yystr)
+{
+ if (*yystr == '"')
+ {
+ size_t yyn = 0;
+ char const *yyp = yystr;
+
+ for (;;)
+ switch (*++yyp)
+ {
+ case '\'':
+ case ',':
+ goto do_not_strip_quotes;
+
+ case '\\':
+ if (*++yyp != '\\')
+ goto do_not_strip_quotes;
+ /* Fall through. */
+ default:
+ if (yyres)
+ yyres[yyn] = *yyp;
+ yyn++;
+ break;
+
+ case '"':
+ if (yyres)
+ yyres[yyn] = '\0';
+ return yyn;
+ }
+ do_not_strip_quotes: ;
+ }
+
+ if (! yyres)
+ return yystrlen (yystr);
+
+ return yystpcpy (yyres, yystr) - yyres;
+}
+# endif
+
+#endif /* YYERROR_VERBOSE */
+
+
+
+#if YYDEBUG
+/*--------------------------------.
+| Print this symbol on YYOUTPUT. |
+`--------------------------------*/
+
+#if defined (__STDC__) || defined (__cplusplus)
+static void
+yysymprint (FILE *yyoutput, int yytype, YYSTYPE *yyvaluep)
+#else
+static void
+yysymprint (yyoutput, yytype, yyvaluep)
+ FILE *yyoutput;
+ int yytype;
+ YYSTYPE *yyvaluep;
+#endif
+{
+ /* Pacify ``unused variable'' warnings. */
+ (void) yyvaluep;
+
+ if (yytype < YYNTOKENS)
+ YYFPRINTF (yyoutput, "token %s (", yytname[yytype]);
+ else
+ YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]);
+
+
+# ifdef YYPRINT
+ if (yytype < YYNTOKENS)
+ YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep);
+# endif
+ switch (yytype)
+ {
+ default:
+ break;
+ }
+ YYFPRINTF (yyoutput, ")");
+}
+
+#endif /* ! YYDEBUG */
+/*-----------------------------------------------.
+| Release the memory associated to this symbol. |
+`-----------------------------------------------*/
+
+#if defined (__STDC__) || defined (__cplusplus)
+static void
+yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep)
+#else
+static void
+yydestruct (yymsg, yytype, yyvaluep)
+ const char *yymsg;
+ int yytype;
+ YYSTYPE *yyvaluep;
+#endif
+{
+ /* Pacify ``unused variable'' warnings. */
+ (void) yyvaluep;
+
+ if (!yymsg)
+ yymsg = "Deleting";
+ YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp);
+
+ switch (yytype)
+ {
+
+ default:
+ break;
+ }
+}
+
+
+/* Prevent warnings from -Wmissing-prototypes. */
+
+#ifdef YYPARSE_PARAM
+# if defined (__STDC__) || defined (__cplusplus)
+int yyparse (void *YYPARSE_PARAM);
+# else
+int yyparse ();
+# endif
+#else /* ! YYPARSE_PARAM */
+#if defined (__STDC__) || defined (__cplusplus)
+int yyparse (void);
+#else
+int yyparse ();
+#endif
+#endif /* ! YYPARSE_PARAM */
+
+
+
+/* The look-ahead symbol. */
+int yychar;
+
+/* The semantic value of the look-ahead symbol. */
+YYSTYPE yylval;
+
+/* Number of syntax errors so far. */
+int yynerrs;
+
+
+
+/*----------.
+| yyparse. |
+`----------*/
+
+#ifdef YYPARSE_PARAM
+# if defined (__STDC__) || defined (__cplusplus)
+int yyparse (void *YYPARSE_PARAM)
+# else
+int yyparse (YYPARSE_PARAM)
+ void *YYPARSE_PARAM;
+# endif
+#else /* ! YYPARSE_PARAM */
+#if defined (__STDC__) || defined (__cplusplus)
+int
+yyparse (void)
+#else
+int
+yyparse ()
+ ;
+#endif
+#endif
+{
+
+ int yystate;
+ int yyn;
+ int yyresult;
+ /* Number of tokens to shift before error messages enabled. */
+ int yyerrstatus;
+ /* Look-ahead token as an internal (translated) token number. */
+ int yytoken = 0;
+
+ /* Three stacks and their tools:
+ `yyss': related to states,
+ `yyvs': related to semantic values,
+ `yyls': related to locations.
+
+ Refer to the stacks thru separate pointers, to allow yyoverflow
+ to reallocate them elsewhere. */
+
+ /* The state stack. */
+ short int yyssa[YYINITDEPTH];
+ short int *yyss = yyssa;
+ short int *yyssp;
+
+ /* The semantic value stack. */
+ YYSTYPE yyvsa[YYINITDEPTH];
+ YYSTYPE *yyvs = yyvsa;
+ YYSTYPE *yyvsp;
+
+
+
+#define YYPOPSTACK (yyvsp--, yyssp--)
+
+ YYSIZE_T yystacksize = YYINITDEPTH;
+
+ /* The variables used to return semantic value and location from the
+ action routines. */
+ YYSTYPE yyval;
+
+
+ /* When reducing, the number of symbols on the RHS of the reduced
+ rule. */
+ int yylen;
+
+ YYDPRINTF ((stderr, "Starting parse\n"));
+
+ yystate = 0;
+ yyerrstatus = 0;
+ yynerrs = 0;
+ yychar = YYEMPTY; /* Cause a token to be read. */
+
+ /* Initialize stack pointers.
+ Waste one element of value and location stack
+ so that they stay on the same level as the state stack.
+ The wasted elements are never initialized. */
+
+ yyssp = yyss;
+ yyvsp = yyvs;
+
+ goto yysetstate;
+
+/*------------------------------------------------------------.
+| yynewstate -- Push a new state, which is found in yystate. |
+`------------------------------------------------------------*/
+ yynewstate:
+ /* In all cases, when you get here, the value and location stacks
+ have just been pushed. so pushing a state here evens the stacks.
+ */
+ yyssp++;
+
+ yysetstate:
+ *yyssp = yystate;
+
+ if (yyss + yystacksize - 1 <= yyssp)
+ {
+ /* Get the current used size of the three stacks, in elements. */
+ YYSIZE_T yysize = yyssp - yyss + 1;
+
+#ifdef yyoverflow
+ {
+ /* Give user a chance to reallocate the stack. Use copies of
+ these so that the &'s don't force the real ones into
+ memory. */
+ YYSTYPE *yyvs1 = yyvs;
+ short int *yyss1 = yyss;
+
+
+ /* Each stack pointer address is followed by the size of the
+ data in use in that stack, in bytes. This used to be a
+ conditional around just the two extra args, but that might
+ be undefined if yyoverflow is a macro. */
+ yyoverflow (YY_("memory exhausted"),
+ &yyss1, yysize * sizeof (*yyssp),
+ &yyvs1, yysize * sizeof (*yyvsp),
+
+ &yystacksize);
+
+ yyss = yyss1;
+ yyvs = yyvs1;
+ }
+#else /* no yyoverflow */
+# ifndef YYSTACK_RELOCATE
+ goto yyexhaustedlab;
+# else
+ /* Extend the stack our own way. */
+ if (YYMAXDEPTH <= yystacksize)
+ goto yyexhaustedlab;
+ yystacksize *= 2;
+ if (YYMAXDEPTH < yystacksize)
+ yystacksize = YYMAXDEPTH;
+
+ {
+ short int *yyss1 = yyss;
+ union yyalloc *yyptr =
+ (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize));
+ if (! yyptr)
+ goto yyexhaustedlab;
+ YYSTACK_RELOCATE (yyss);
+ YYSTACK_RELOCATE (yyvs);
+
+# undef YYSTACK_RELOCATE
+ if (yyss1 != yyssa)
+ YYSTACK_FREE (yyss1);
+ }
+# endif
+#endif /* no yyoverflow */
+
+ yyssp = yyss + yysize - 1;
+ yyvsp = yyvs + yysize - 1;
+
+
+ YYDPRINTF ((stderr, "Stack size increased to %lu\n",
+ (unsigned long int) yystacksize));
+
+ if (yyss + yystacksize - 1 <= yyssp)
+ YYABORT;
+ }
+
+ YYDPRINTF ((stderr, "Entering state %d\n", yystate));
+
+ goto yybackup;
+
+/*-----------.
+| yybackup. |
+`-----------*/
+yybackup:
+
+/* Do appropriate processing given the current state. */
+/* Read a look-ahead token if we need one and don't already have one. */
+/* yyresume: */
+
+ /* First try to decide what to do without reference to look-ahead token. */
+
+ yyn = yypact[yystate];
+ if (yyn == YYPACT_NINF)
+ goto yydefault;
+
+ /* Not known => get a look-ahead token if don't already have one. */
+
+ /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */
+ if (yychar == YYEMPTY)
+ {
+ YYDPRINTF ((stderr, "Reading a token: "));
+ yychar = YYLEX;
+ }
+
+ if (yychar <= YYEOF)
+ {
+ yychar = yytoken = YYEOF;
+ YYDPRINTF ((stderr, "Now at end of input.\n"));
+ }
+ else
+ {
+ yytoken = YYTRANSLATE (yychar);
+ YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc);
+ }
+
+ /* If the proper action on seeing token YYTOKEN is to reduce or to
+ detect an error, take that action. */
+ yyn += yytoken;
+ if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken)
+ goto yydefault;
+ yyn = yytable[yyn];
+ if (yyn <= 0)
+ {
+ if (yyn == 0 || yyn == YYTABLE_NINF)
+ goto yyerrlab;
+ yyn = -yyn;
+ goto yyreduce;
+ }
+
+ if (yyn == YYFINAL)
+ YYACCEPT;
+
+ /* Shift the look-ahead token. */
+ YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc);
+
+ /* Discard the token being shifted unless it is eof. */
+ if (yychar != YYEOF)
+ yychar = YYEMPTY;
+
+ *++yyvsp = yylval;
+
+
+ /* Count tokens shifted since error; after three, turn off error
+ status. */
+ if (yyerrstatus)
+ yyerrstatus--;
+
+ yystate = yyn;
+ goto yynewstate;
+
+
+/*-----------------------------------------------------------.
+| yydefault -- do the default action for the current state. |
+`-----------------------------------------------------------*/
+yydefault:
+ yyn = yydefact[yystate];
+ if (yyn == 0)
+ goto yyerrlab;
+ goto yyreduce;
+
+
+/*-----------------------------.
+| yyreduce -- Do a reduction. |
+`-----------------------------*/
+yyreduce:
+ /* yyn is the number of a rule to reduce with. */
+ yylen = yyr2[yyn];
+
+ /* If YYLEN is nonzero, implement the default value of the action:
+ `$$ = $1'.
+
+ Otherwise, the following line sets YYVAL to garbage.
+ This behavior is undocumented and Bison
+ users should not rely upon it. Assigning to YYVAL
+ unconditionally makes the parser a bit smaller, and it avoids a
+ GCC warning that YYVAL may be used uninitialized. */
+ yyval = yyvsp[1-yylen];
+
+
+ YY_REDUCE_PRINT (yyn);
+ switch (yyn)
+ {
+ case 5:
+#line 64 "pam_conv_y.y"
+ {
+ return 0;
+}
+ break;
+
+ case 6:
+#line 70 "pam_conv_y.y"
+ {
+ char *filename;
+ FILE *conf;
+ int i;
+
+ /* make sure we have lower case */
+ for (i=0; (yyvsp[-5].string)[i]; ++i) {
+ (yyvsp[-5].string)[i] = tolower((yyvsp[-5].string)[i]);
+ }
+
+ /* $1 = service-name */
+ yyerror("Appending to " PAM_D "/%s", (yyvsp[-5].string));
+
+ filename = malloc(strlen((yyvsp[-5].string)) + sizeof(PAM_D) + 6);
+ sprintf(filename, PAM_D_FILE_FMT, (yyvsp[-5].string));
+ conf = fopen(filename, "r");
+ if (conf == NULL) {
+ /* new file */
+ conf = fopen(filename, "w");
+ if (conf != NULL) {
+ fprintf(conf, PAM_D_MAGIC_HEADER);
+ fprintf(conf,
+ "#\n"
+ "# The PAM configuration file for the `%s' service\n"
+ "#\n", (yyvsp[-5].string));
+ }
+ } else {
+ fclose(conf);
+ conf = fopen(filename, "a");
+ }
+ if (conf == NULL) {
+ yyerror("trouble opening %s - aborting", filename);
+ exit(1);
+ }
+ free(filename);
+
+ /* $2 = module-type */
+ fprintf(conf, "%-10s", (yyvsp[-4].string));
+ free((yyvsp[-4].string));
+
+ /* $3 = required etc. */
+ {
+ const char *trans;
+
+ trans = old_to_new_ctrl_flag((yyvsp[-3].string));
+ free((yyvsp[-3].string));
+ fprintf(conf, " %-10s", trans);
+ }
+
+ /* $4 = module-path */
+ fprintf(conf, " %s", (yyvsp[-2].string));
+ free((yyvsp[-2].string));
+
+ /* $5 = arguments */
+ if ((yyvsp[-1].string) != NULL) {
+ fprintf(conf, " \\\n\t\t%s", (yyvsp[-1].string));
+ free((yyvsp[-1].string));
+ }
+
+ /* end line */
+ fprintf(conf, "\n");
+
+ fclose(conf);
+}
+ break;
+
+ case 7:
+#line 134 "pam_conv_y.y"
+ {
+ yyerror("malformed line");
+}
+ break;
+
+ case 8:
+#line 140 "pam_conv_y.y"
+ {
+ (yyval.string)=NULL;
+}
+ break;
+
+ case 9:
+#line 143 "pam_conv_y.y"
+ {
+ int len;
+
+ if ((yyvsp[-1].string)) {
+ len = strlen((yyvsp[-1].string)) + strlen((yyvsp[0].string)) + 2;
+ (yyval.string) = malloc(len);
+ sprintf((yyval.string),"%s %s",(yyvsp[-1].string),(yyvsp[0].string));
+ free((yyvsp[-1].string));
+ free((yyvsp[0].string));
+ } else {
+ (yyval.string) = (yyvsp[0].string);
+ }
+}
+ break;
+
+ case 10:
+#line 159 "pam_conv_y.y"
+ {
+ /* XXX - this could be used to check if file present */
+ (yyval.string) = strdup(yytext);
+}
+ break;
+
+ case 11:
+#line 165 "pam_conv_y.y"
+ {
+ (yyval.string) = strdup(yytext);
+}
+ break;
+
+
+ default: break;
+ }
+
+/* Line 1126 of yacc.c. */
+#line 1265 "pam_conv_y.c"
+
+ yyvsp -= yylen;
+ yyssp -= yylen;
+
+
+ YY_STACK_PRINT (yyss, yyssp);
+
+ *++yyvsp = yyval;
+
+
+ /* Now `shift' the result of the reduction. Determine what state
+ that goes to, based on the state we popped back to and the rule
+ number reduced by. */
+
+ yyn = yyr1[yyn];
+
+ yystate = yypgoto[yyn - YYNTOKENS] + *yyssp;
+ if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp)
+ yystate = yytable[yystate];
+ else
+ yystate = yydefgoto[yyn - YYNTOKENS];
+
+ goto yynewstate;
+
+
+/*------------------------------------.
+| yyerrlab -- here on detecting error |
+`------------------------------------*/
+yyerrlab:
+ /* If not already recovering from an error, report this error. */
+ if (!yyerrstatus)
+ {
+ ++yynerrs;
+#if YYERROR_VERBOSE
+ yyn = yypact[yystate];
+
+ if (YYPACT_NINF < yyn && yyn < YYLAST)
+ {
+ int yytype = YYTRANSLATE (yychar);
+ YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]);
+ YYSIZE_T yysize = yysize0;
+ YYSIZE_T yysize1;
+ int yysize_overflow = 0;
+ char *yymsg = 0;
+# define YYERROR_VERBOSE_ARGS_MAXIMUM 5
+ char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
+ int yyx;
+
+#if 0
+ /* This is so xgettext sees the translatable formats that are
+ constructed on the fly. */
+ YY_("syntax error, unexpected %s");
+ YY_("syntax error, unexpected %s, expecting %s");
+ YY_("syntax error, unexpected %s, expecting %s or %s");
+ YY_("syntax error, unexpected %s, expecting %s or %s or %s");
+ YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s");
+#endif
+ char *yyfmt;
+ char const *yyf;
+ static char const yyunexpected[] = "syntax error, unexpected %s";
+ static char const yyexpecting[] = ", expecting %s";
+ static char const yyor[] = " or %s";
+ char yyformat[sizeof yyunexpected
+ + sizeof yyexpecting - 1
+ + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2)
+ * (sizeof yyor - 1))];
+ char const *yyprefix = yyexpecting;
+
+ /* Start YYX at -YYN if negative to avoid negative indexes in
+ YYCHECK. */
+ int yyxbegin = yyn < 0 ? -yyn : 0;
+
+ /* Stay within bounds of both yycheck and yytname. */
+ int yychecklim = YYLAST - yyn;
+ int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS;
+ int yycount = 1;
+
+ yyarg[0] = yytname[yytype];
+ yyfmt = yystpcpy (yyformat, yyunexpected);
+
+ for (yyx = yyxbegin; yyx < yyxend; ++yyx)
+ if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR)
+ {
+ if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM)
+ {
+ yycount = 1;
+ yysize = yysize0;
+ yyformat[sizeof yyunexpected - 1] = '\0';
+ break;
+ }
+ yyarg[yycount++] = yytname[yyx];
+ yysize1 = yysize + yytnamerr (0, yytname[yyx]);
+ yysize_overflow |= yysize1 < yysize;
+ yysize = yysize1;
+ yyfmt = yystpcpy (yyfmt, yyprefix);
+ yyprefix = yyor;
+ }
+
+ yyf = YY_(yyformat);
+ yysize1 = yysize + yystrlen (yyf);
+ yysize_overflow |= yysize1 < yysize;
+ yysize = yysize1;
+
+ if (!yysize_overflow && yysize <= YYSTACK_ALLOC_MAXIMUM)
+ yymsg = (char *) YYSTACK_ALLOC (yysize);
+ if (yymsg)
+ {
+ /* Avoid sprintf, as that infringes on the user's name space.
+ Don't have undefined behavior even if the translation
+ produced a string with the wrong number of "%s"s. */
+ char *yyp = yymsg;
+ int yyi = 0;
+ while ((*yyp = *yyf))
+ {
+ if (*yyp == '%' && yyf[1] == 's' && yyi < yycount)
+ {
+ yyp += yytnamerr (yyp, yyarg[yyi++]);
+ yyf += 2;
+ }
+ else
+ {
+ yyp++;
+ yyf++;
+ }
+ }
+ yyerror (yymsg);
+ YYSTACK_FREE (yymsg);
+ }
+ else
+ {
+ yyerror (YY_("syntax error"));
+ goto yyexhaustedlab;
+ }
+ }
+ else
+#endif /* YYERROR_VERBOSE */
+ yyerror (YY_("syntax error"));
+ }
+
+
+
+ if (yyerrstatus == 3)
+ {
+ /* If just tried and failed to reuse look-ahead token after an
+ error, discard it. */
+
+ if (yychar <= YYEOF)
+ {
+ /* Return failure if at end of input. */
+ if (yychar == YYEOF)
+ YYABORT;
+ }
+ else
+ {
+ yydestruct ("Error: discarding", yytoken, &yylval);
+ yychar = YYEMPTY;
+ }
+ }
+
+ /* Else will try to reuse look-ahead token after shifting the error
+ token. */
+ goto yyerrlab1;
+
+
+/*---------------------------------------------------.
+| yyerrorlab -- error raised explicitly by YYERROR. |
+`---------------------------------------------------*/
+yyerrorlab:
+
+ /* Pacify compilers like GCC when the user code never invokes
+ YYERROR and the label yyerrorlab therefore never appears in user
+ code. */
+ if (0)
+ goto yyerrorlab;
+
+yyvsp -= yylen;
+ yyssp -= yylen;
+ yystate = *yyssp;
+ goto yyerrlab1;
+
+
+/*-------------------------------------------------------------.
+| yyerrlab1 -- common code for both syntax error and YYERROR. |
+`-------------------------------------------------------------*/
+yyerrlab1:
+ yyerrstatus = 3; /* Each real token shifted decrements this. */
+
+ for (;;)
+ {
+ yyn = yypact[yystate];
+ if (yyn != YYPACT_NINF)
+ {
+ yyn += YYTERROR;
+ if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR)
+ {
+ yyn = yytable[yyn];
+ if (0 < yyn)
+ break;
+ }
+ }
+
+ /* Pop the current state because it cannot handle the error token. */
+ if (yyssp == yyss)
+ YYABORT;
+
+
+ yydestruct ("Error: popping", yystos[yystate], yyvsp);
+ YYPOPSTACK;
+ yystate = *yyssp;
+ YY_STACK_PRINT (yyss, yyssp);
+ }
+
+ if (yyn == YYFINAL)
+ YYACCEPT;
+
+ *++yyvsp = yylval;
+
+
+ /* Shift the error token. */
+ YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp);
+
+ yystate = yyn;
+ goto yynewstate;
+
+
+/*-------------------------------------.
+| yyacceptlab -- YYACCEPT comes here. |
+`-------------------------------------*/
+yyacceptlab:
+ yyresult = 0;
+ goto yyreturn;
+
+/*-----------------------------------.
+| yyabortlab -- YYABORT comes here. |
+`-----------------------------------*/
+yyabortlab:
+ yyresult = 1;
+ goto yyreturn;
+
+#ifndef yyoverflow
+/*-------------------------------------------------.
+| yyexhaustedlab -- memory exhaustion comes here. |
+`-------------------------------------------------*/
+yyexhaustedlab:
+ yyerror (YY_("memory exhausted"));
+ yyresult = 2;
+ /* Fall through. */
+#endif
+
+yyreturn:
+ if (yychar != YYEOF && yychar != YYEMPTY)
+ yydestruct ("Cleanup: discarding lookahead",
+ yytoken, &yylval);
+ while (yyssp != yyss)
+ {
+ yydestruct ("Cleanup: popping",
+ yystos[*yyssp], yyvsp);
+ YYPOPSTACK;
+ }
+#ifndef yyoverflow
+ if (yyss != yyssa)
+ YYSTACK_FREE (yyss);
+#endif
+ return yyresult;
+}
+
+
+#line 169 "pam_conv_y.y"
+
+
+const char *old_to_new_ctrl_flag(const char *old)
+{
+ static const char *clist[] = {
+ "requisite",
+ "required",
+ "sufficient",
+ "optional",
+ NULL,
+ };
+ int i;
+
+ for (i=0; clist[i]; ++i) {
+ if (strcasecmp(clist[i], old) == 0) {
+ break;
+ }
+ }
+
+ return clist[i];
+}
+
+void yyerror(const char *format, ...)
+{
+ va_list args;
+
+ fprintf(stderr, "line %d: ", current_line);
+ va_start(args, format);
+ vfprintf(stderr, format, args);
+ va_end(args);
+ fprintf(stderr, "\n");
+}
+
+int main(void)
+{
+ if (mkdir(PAM_D, PAM_D_MODE) != 0) {
+ yyerror(PAM_D " already exists.. aborting");
+ exit(1);
+ }
+ yyparse();
+ exit(0);
+}
+
diff --git a/Linux-PAM/conf/pam_conv1/pam_conv_y.h b/Linux-PAM/conf/pam_conv1/pam_conv_y.h
new file mode 100644
index 00000000..0b3f5177
--- /dev/null
+++ b/Linux-PAM/conf/pam_conv1/pam_conv_y.h
@@ -0,0 +1,61 @@
+/* A Bison parser, made by GNU Bison 2.1. */
+
+/* Skeleton parser for Yacc-like parsing with Bison,
+ Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA. */
+
+/* As a special exception, when this file is copied by Bison into a
+ Bison output file, you may use that output file without restriction.
+ This special exception was added by the Free Software Foundation
+ in version 1.24 of Bison. */
+
+/* Tokens. */
+#ifndef YYTOKENTYPE
+# define YYTOKENTYPE
+ /* Put the tokens into the symbol table, so that GDB and other debuggers
+ know about them. */
+ enum yytokentype {
+ NL = 258,
+ EOFILE = 259,
+ TOK = 260
+ };
+#endif
+/* Tokens. */
+#define NL 258
+#define EOFILE 259
+#define TOK 260
+
+
+
+
+#if ! defined (YYSTYPE) && ! defined (YYSTYPE_IS_DECLARED)
+#line 47 "pam_conv_y.y"
+typedef union YYSTYPE {
+ int def;
+ char *string;
+} YYSTYPE;
+/* Line 1447 of yacc.c. */
+#line 53 "pam_conv_y.h"
+# define yystype YYSTYPE /* obsolescent; will be withdrawn */
+# define YYSTYPE_IS_DECLARED 1
+# define YYSTYPE_IS_TRIVIAL 1
+#endif
+
+extern YYSTYPE yylval;
+
+
+
diff --git a/Linux-PAM/conf/pam_conv1/pam_conv.y b/Linux-PAM/conf/pam_conv1/pam_conv_y.y
index ef712e78..b03af76b 100644
--- a/Linux-PAM/conf/pam_conv1/pam_conv.y
+++ b/Linux-PAM/conf/pam_conv1/pam_conv_y.y
@@ -1,7 +1,7 @@
%{
/*
- * $Id: pam_conv.y,v 1.2 2002/05/29 06:35:46 agmorgan Exp $
+ * $Id: pam_conv_y.y,v 1.1 2006/07/24 16:14:40 kukuk Exp $
*
* Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net>
*
@@ -9,14 +9,22 @@
* distributed with this file.)
*/
- const static char bisonid[]=
- "$Id: pam_conv.y,v 1.2 2002/05/29 06:35:46 agmorgan Exp $\n"
+ static const char bisonid[]=
+ "$Id: pam_conv_y.y,v 1.1 2006/07/24 16:14:40 kukuk Exp $\n"
"Copyright (c) Andrew G. Morgan 1997-8 <morgan@linux.kernel.org>\n";
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
#include <string.h>
#include <stdio.h>
#include <stdarg.h>
#include <stdlib.h>
+#include <ctype.h>
+#include <sys/stat.h>
+
+ extern int yylex(void);
int current_line=1;
extern char *yytext;
@@ -27,7 +35,7 @@
#define PAM_D "./pam.d"
#define PAM_D_MODE 0755
#define PAM_D_MAGIC_HEADER \
- "#%PAM-1.0\n" \
+ "#%%PAM-1.0\n" \
"#[For version 1.0 syntax, the above header is optional]\n"
#define PAM_D_FILE_FMT PAM_D "/%s"
@@ -160,8 +168,6 @@ tok
%%
-#include "lex.yy.c"
-
const char *old_to_new_ctrl_flag(const char *old)
{
static const char *clist[] = {
@@ -193,7 +199,7 @@ void yyerror(const char *format, ...)
fprintf(stderr, "\n");
}
-int main(int argc, char *argv[])
+int main(void)
{
if (mkdir(PAM_D, PAM_D_MODE) != 0) {
yyerror(PAM_D " already exists.. aborting");
diff --git a/Linux-PAM/config.guess b/Linux-PAM/config.guess
new file mode 100755
index 00000000..ee5232ad
--- /dev/null
+++ b/Linux-PAM/config.guess
@@ -0,0 +1,1510 @@
+#! /bin/sh
+# Attempt to guess a canonical system name.
+# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
+# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation,
+# Inc.
+
+timestamp='2006-07-02'
+
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
+# 02110-1301, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+
+# Originally written by Per Bothner <per@bothner.com>.
+# Please send patches to <config-patches@gnu.org>. Submit a context
+# diff and a properly formatted ChangeLog entry.
+#
+# This script attempts to guess a canonical system name similar to
+# config.sub. If it succeeds, it prints the system name on stdout, and
+# exits with 0. Otherwise, it exits with 1.
+#
+# The plan is that this can be called by configure scripts if you
+# don't specify an explicit build system type.
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION]
+
+Output the configuration name of the system \`$me' is run on.
+
+Operation modes:
+ -h, --help print this help, then exit
+ -t, --time-stamp print date of last modification, then exit
+ -v, --version print version number, then exit
+
+Report bugs and patches to <config-patches@gnu.org>."
+
+version="\
+GNU config.guess ($timestamp)
+
+Originally written by Per Bothner.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005
+Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions. There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+ case $1 in
+ --time-stamp | --time* | -t )
+ echo "$timestamp" ; exit ;;
+ --version | -v )
+ echo "$version" ; exit ;;
+ --help | --h* | -h )
+ echo "$usage"; exit ;;
+ -- ) # Stop option processing
+ shift; break ;;
+ - ) # Use stdin as input.
+ break ;;
+ -* )
+ echo "$me: invalid option $1$help" >&2
+ exit 1 ;;
+ * )
+ break ;;
+ esac
+done
+
+if test $# != 0; then
+ echo "$me: too many arguments$help" >&2
+ exit 1
+fi
+
+trap 'exit 1' 1 2 15
+
+# CC_FOR_BUILD -- compiler used by this script. Note that the use of a
+# compiler to aid in system detection is discouraged as it requires
+# temporary files to be created and, as you can see below, it is a
+# headache to deal with in a portable fashion.
+
+# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still
+# use `HOST_CC' if defined, but it is deprecated.
+
+# Portable tmp directory creation inspired by the Autoconf team.
+
+set_cc_for_build='
+trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ;
+trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ;
+: ${TMPDIR=/tmp} ;
+ { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } ||
+ { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } ||
+ { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } ||
+ { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ;
+dummy=$tmp/dummy ;
+tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ;
+case $CC_FOR_BUILD,$HOST_CC,$CC in
+ ,,) echo "int x;" > $dummy.c ;
+ for c in cc gcc c89 c99 ; do
+ if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then
+ CC_FOR_BUILD="$c"; break ;
+ fi ;
+ done ;
+ if test x"$CC_FOR_BUILD" = x ; then
+ CC_FOR_BUILD=no_compiler_found ;
+ fi
+ ;;
+ ,,*) CC_FOR_BUILD=$CC ;;
+ ,*,*) CC_FOR_BUILD=$HOST_CC ;;
+esac ; set_cc_for_build= ;'
+
+# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
+# (ghazi@noc.rutgers.edu 1994-08-24)
+if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
+ PATH=$PATH:/.attbin ; export PATH
+fi
+
+UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
+UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
+UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown
+UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
+
+case "${UNAME_MACHINE}" in
+ i?86)
+ test -z "$VENDOR" && VENDOR=pc
+ ;;
+ *)
+ test -z "$VENDOR" && VENDOR=unknown
+ ;;
+esac
+test -f /etc/SuSE-release -o -f /.buildenv && VENDOR=suse
+
+# Note: order is significant - the case branches are not exclusive.
+
+case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
+ *:NetBSD:*:*)
+ # NetBSD (nbsd) targets should (where applicable) match one or
+ # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
+ # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently
+ # switched to ELF, *-*-netbsd* would select the old
+ # object file format. This provides both forward
+ # compatibility and a consistent mechanism for selecting the
+ # object file format.
+ #
+ # Note: NetBSD doesn't particularly care about the vendor
+ # portion of the name. We always set it to "unknown".
+ sysctl="sysctl -n hw.machine_arch"
+ UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \
+ /usr/sbin/$sysctl 2>/dev/null || echo unknown)`
+ case "${UNAME_MACHINE_ARCH}" in
+ armeb) machine=armeb-unknown ;;
+ arm*) machine=arm-unknown ;;
+ sh3el) machine=shl-unknown ;;
+ sh3eb) machine=sh-unknown ;;
+ *) machine=${UNAME_MACHINE_ARCH}-unknown ;;
+ esac
+ # The Operating System including object format, if it has switched
+ # to ELF recently, or will in the future.
+ case "${UNAME_MACHINE_ARCH}" in
+ arm*|i386|m68k|ns32k|sh3*|sparc|vax)
+ eval $set_cc_for_build
+ if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
+ | grep __ELF__ >/dev/null
+ then
+ # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
+ # Return netbsd for either. FIX?
+ os=netbsd
+ else
+ os=netbsdelf
+ fi
+ ;;
+ *)
+ os=netbsd
+ ;;
+ esac
+ # The OS release
+ # Debian GNU/NetBSD machines have a different userland, and
+ # thus, need a distinct triplet. However, they do not need
+ # kernel version information, so it can be replaced with a
+ # suitable tag, in the style of linux-gnu.
+ case "${UNAME_VERSION}" in
+ Debian*)
+ release='-gnu'
+ ;;
+ *)
+ release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
+ ;;
+ esac
+ # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM:
+ # contains redundant information, the shorter form:
+ # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
+ echo "${machine}-${os}${release}"
+ exit ;;
+ *:OpenBSD:*:*)
+ UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'`
+ echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE}
+ exit ;;
+ *:ekkoBSD:*:*)
+ echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE}
+ exit ;;
+ *:SolidBSD:*:*)
+ echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE}
+ exit ;;
+ macppc:MirBSD:*:*)
+ echo powerpc-unknown-mirbsd${UNAME_RELEASE}
+ exit ;;
+ *:MirBSD:*:*)
+ echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE}
+ exit ;;
+ alpha:OSF1:*:*)
+ case $UNAME_RELEASE in
+ *4.0)
+ UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
+ ;;
+ *5.*)
+ UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
+ ;;
+ esac
+ # According to Compaq, /usr/sbin/psrinfo has been available on
+ # OSF/1 and Tru64 systems produced since 1995. I hope that
+ # covers most systems running today. This code pipes the CPU
+ # types through head -n 1, so we only detect the type of CPU 0.
+ ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1`
+ case "$ALPHA_CPU_TYPE" in
+ "EV4 (21064)")
+ UNAME_MACHINE="alpha" ;;
+ "EV4.5 (21064)")
+ UNAME_MACHINE="alpha" ;;
+ "LCA4 (21066/21068)")
+ UNAME_MACHINE="alpha" ;;
+ "EV5 (21164)")
+ UNAME_MACHINE="alphaev5" ;;
+ "EV5.6 (21164A)")
+ UNAME_MACHINE="alphaev56" ;;
+ "EV5.6 (21164PC)")
+ UNAME_MACHINE="alphapca56" ;;
+ "EV5.7 (21164PC)")
+ UNAME_MACHINE="alphapca57" ;;
+ "EV6 (21264)")
+ UNAME_MACHINE="alphaev6" ;;
+ "EV6.7 (21264A)")
+ UNAME_MACHINE="alphaev67" ;;
+ "EV6.8CB (21264C)")
+ UNAME_MACHINE="alphaev68" ;;
+ "EV6.8AL (21264B)")
+ UNAME_MACHINE="alphaev68" ;;
+ "EV6.8CX (21264D)")
+ UNAME_MACHINE="alphaev68" ;;
+ "EV6.9A (21264/EV69A)")
+ UNAME_MACHINE="alphaev69" ;;
+ "EV7 (21364)")
+ UNAME_MACHINE="alphaev7" ;;
+ "EV7.9 (21364A)")
+ UNAME_MACHINE="alphaev79" ;;
+ esac
+ # A Pn.n version is a patched version.
+ # A Vn.n version is a released version.
+ # A Tn.n version is a released field test version.
+ # A Xn.n version is an unreleased experimental baselevel.
+ # 1.2 uses "1.2" for uname -r.
+ echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+ exit ;;
+ Alpha\ *:Windows_NT*:*)
+ # How do we know it's Interix rather than the generic POSIX subsystem?
+ # Should we change UNAME_MACHINE based on the output of uname instead
+ # of the specific Alpha model?
+ echo alpha-pc-interix
+ exit ;;
+ 21064:Windows_NT:50:3)
+ echo alpha-dec-winnt3.5
+ exit ;;
+ Amiga*:UNIX_System_V:4.0:*)
+ echo m68k-unknown-sysv4
+ exit ;;
+ *:[Aa]miga[Oo][Ss]:*:*)
+ echo ${UNAME_MACHINE}-unknown-amigaos
+ exit ;;
+ *:[Mm]orph[Oo][Ss]:*:*)
+ echo ${UNAME_MACHINE}-unknown-morphos
+ exit ;;
+ *:OS/390:*:*)
+ echo i370-ibm-openedition
+ exit ;;
+ *:z/VM:*:*)
+ echo s390-ibm-zvmoe
+ exit ;;
+ *:OS400:*:*)
+ echo powerpc-ibm-os400
+ exit ;;
+ arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
+ echo arm-acorn-riscix${UNAME_RELEASE}
+ exit ;;
+ arm:riscos:*:*|arm:RISCOS:*:*)
+ echo arm-unknown-riscos
+ exit ;;
+ SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*)
+ echo hppa1.1-hitachi-hiuxmpp
+ exit ;;
+ Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*)
+ # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE.
+ if test "`(/bin/universe) 2>/dev/null`" = att ; then
+ echo pyramid-pyramid-sysv3
+ else
+ echo pyramid-pyramid-bsd
+ fi
+ exit ;;
+ NILE*:*:*:dcosx)
+ echo pyramid-pyramid-svr4
+ exit ;;
+ DRS?6000:unix:4.0:6*)
+ echo sparc-icl-nx6
+ exit ;;
+ DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*)
+ case `/usr/bin/uname -p` in
+ sparc) echo sparc-icl-nx7; exit ;;
+ esac ;;
+ sun4H:SunOS:5.*:*)
+ echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit ;;
+ sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
+ echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit ;;
+ i86pc:SunOS:5.*:*)
+ echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit ;;
+ sun4*:SunOS:6*:*)
+ # According to config.sub, this is the proper way to canonicalize
+ # SunOS6. Hard to guess exactly what SunOS6 will be like, but
+ # it's likely to be more like Solaris than SunOS4.
+ echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit ;;
+ sun4*:SunOS:*:*)
+ case "`/usr/bin/arch -k`" in
+ Series*|S4*)
+ UNAME_RELEASE=`uname -v`
+ ;;
+ esac
+ # Japanese Language versions have a version number like `4.1.3-JL'.
+ echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'`
+ exit ;;
+ sun3*:SunOS:*:*)
+ echo m68k-sun-sunos${UNAME_RELEASE}
+ exit ;;
+ sun*:*:4.2BSD:*)
+ UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null`
+ test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3
+ case "`/bin/arch`" in
+ sun3)
+ echo m68k-sun-sunos${UNAME_RELEASE}
+ ;;
+ sun4)
+ echo sparc-sun-sunos${UNAME_RELEASE}
+ ;;
+ esac
+ exit ;;
+ aushp:SunOS:*:*)
+ echo sparc-auspex-sunos${UNAME_RELEASE}
+ exit ;;
+ # The situation for MiNT is a little confusing. The machine name
+ # can be virtually everything (everything which is not
+ # "atarist" or "atariste" at least should have a processor
+ # > m68000). The system name ranges from "MiNT" over "FreeMiNT"
+ # to the lowercase version "mint" (or "freemint"). Finally
+ # the system name "TOS" denotes a system which is actually not
+ # MiNT. But MiNT is downward compatible to TOS, so this should
+ # be no problem.
+ atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
+ echo m68k-atari-mint${UNAME_RELEASE}
+ exit ;;
+ atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
+ echo m68k-atari-mint${UNAME_RELEASE}
+ exit ;;
+ *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
+ echo m68k-atari-mint${UNAME_RELEASE}
+ exit ;;
+ milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
+ echo m68k-milan-mint${UNAME_RELEASE}
+ exit ;;
+ hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
+ echo m68k-hades-mint${UNAME_RELEASE}
+ exit ;;
+ *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
+ echo m68k-unknown-mint${UNAME_RELEASE}
+ exit ;;
+ m68k:machten:*:*)
+ echo m68k-apple-machten${UNAME_RELEASE}
+ exit ;;
+ powerpc:machten:*:*)
+ echo powerpc-apple-machten${UNAME_RELEASE}
+ exit ;;
+ RISC*:Mach:*:*)
+ echo mips-dec-mach_bsd4.3
+ exit ;;
+ RISC*:ULTRIX:*:*)
+ echo mips-dec-ultrix${UNAME_RELEASE}
+ exit ;;
+ VAX*:ULTRIX*:*:*)
+ echo vax-dec-ultrix${UNAME_RELEASE}
+ exit ;;
+ 2020:CLIX:*:* | 2430:CLIX:*:*)
+ echo clipper-intergraph-clix${UNAME_RELEASE}
+ exit ;;
+ mips:*:*:UMIPS | mips:*:*:RISCos)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+#ifdef __cplusplus
+#include <stdio.h> /* for printf() prototype */
+ int main (int argc, char *argv[]) {
+#else
+ int main (argc, argv) int argc; char *argv[]; {
+#endif
+ #if defined (host_mips) && defined (MIPSEB)
+ #if defined (SYSTYPE_SYSV)
+ printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0);
+ #endif
+ #if defined (SYSTYPE_SVR4)
+ printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0);
+ #endif
+ #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD)
+ printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0);
+ #endif
+ #endif
+ exit (-1);
+ }
+EOF
+ $CC_FOR_BUILD -o $dummy $dummy.c &&
+ dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` &&
+ SYSTEM_NAME=`$dummy $dummyarg` &&
+ { echo "$SYSTEM_NAME"; exit; }
+ echo mips-mips-riscos${UNAME_RELEASE}
+ exit ;;
+ Motorola:PowerMAX_OS:*:*)
+ echo powerpc-motorola-powermax
+ exit ;;
+ Motorola:*:4.3:PL8-*)
+ echo powerpc-harris-powermax
+ exit ;;
+ Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*)
+ echo powerpc-harris-powermax
+ exit ;;
+ Night_Hawk:Power_UNIX:*:*)
+ echo powerpc-harris-powerunix
+ exit ;;
+ m88k:CX/UX:7*:*)
+ echo m88k-harris-cxux7
+ exit ;;
+ m88k:*:4*:R4*)
+ echo m88k-motorola-sysv4
+ exit ;;
+ m88k:*:3*:R3*)
+ echo m88k-motorola-sysv3
+ exit ;;
+ AViiON:dgux:*:*)
+ # DG/UX returns AViiON for all architectures
+ UNAME_PROCESSOR=`/usr/bin/uname -p`
+ if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ]
+ then
+ if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
+ [ ${TARGET_BINARY_INTERFACE}x = x ]
+ then
+ echo m88k-dg-dgux${UNAME_RELEASE}
+ else
+ echo m88k-dg-dguxbcs${UNAME_RELEASE}
+ fi
+ else
+ echo i586-dg-dgux${UNAME_RELEASE}
+ fi
+ exit ;;
+ M88*:DolphinOS:*:*) # DolphinOS (SVR3)
+ echo m88k-dolphin-sysv3
+ exit ;;
+ M88*:*:R3*:*)
+ # Delta 88k system running SVR3
+ echo m88k-motorola-sysv3
+ exit ;;
+ XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
+ echo m88k-tektronix-sysv3
+ exit ;;
+ Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
+ echo m68k-tektronix-bsd
+ exit ;;
+ *:IRIX*:*:*)
+ echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'`
+ exit ;;
+ ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
+ echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id
+ exit ;; # Note that: echo "'`uname -s`'" gives 'AIX '
+ i*86:AIX:*:*)
+ echo i386-ibm-aix
+ exit ;;
+ ia64:AIX:*:*)
+ if [ -x /usr/bin/oslevel ] ; then
+ IBM_REV=`/usr/bin/oslevel`
+ else
+ IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+ fi
+ echo ${UNAME_MACHINE}-ibm-aix${IBM_REV}
+ exit ;;
+ *:AIX:2:3)
+ if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #include <sys/systemcfg.h>
+
+ main()
+ {
+ if (!__power_pc())
+ exit(1);
+ puts("powerpc-ibm-aix3.2.5");
+ exit(0);
+ }
+EOF
+ if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy`
+ then
+ echo "$SYSTEM_NAME"
+ else
+ echo rs6000-ibm-aix3.2.5
+ fi
+ elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
+ echo rs6000-ibm-aix3.2.4
+ else
+ echo rs6000-ibm-aix3.2
+ fi
+ exit ;;
+ *:AIX:*:[45])
+ IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
+ if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
+ IBM_ARCH=rs6000
+ else
+ IBM_ARCH=powerpc
+ fi
+ if [ -x /usr/bin/oslevel ] ; then
+ IBM_REV=`/usr/bin/oslevel`
+ else
+ IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+ fi
+ echo ${IBM_ARCH}-ibm-aix${IBM_REV}
+ exit ;;
+ *:AIX:*:*)
+ echo rs6000-ibm-aix
+ exit ;;
+ ibmrt:4.4BSD:*|romp-ibm:BSD:*)
+ echo romp-ibm-bsd4.4
+ exit ;;
+ ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and
+ echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to
+ exit ;; # report: romp-ibm BSD 4.3
+ *:BOSX:*:*)
+ echo rs6000-bull-bosx
+ exit ;;
+ DPX/2?00:B.O.S.:*:*)
+ echo m68k-bull-sysv3
+ exit ;;
+ 9000/[34]??:4.3bsd:1.*:*)
+ echo m68k-hp-bsd
+ exit ;;
+ hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
+ echo m68k-hp-bsd4.4
+ exit ;;
+ 9000/[34678]??:HP-UX:*:*)
+ HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+ case "${UNAME_MACHINE}" in
+ 9000/31? ) HP_ARCH=m68000 ;;
+ 9000/[34]?? ) HP_ARCH=m68k ;;
+ 9000/[678][0-9][0-9])
+ if [ -x /usr/bin/getconf ]; then
+ sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
+ sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
+ case "${sc_cpu_version}" in
+ 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
+ 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
+ 532) # CPU_PA_RISC2_0
+ case "${sc_kernel_bits}" in
+ 32) HP_ARCH="hppa2.0n" ;;
+ 64) HP_ARCH="hppa2.0w" ;;
+ '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20
+ esac ;;
+ esac
+ fi
+ if [ "${HP_ARCH}" = "" ]; then
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+
+ #define _HPUX_SOURCE
+ #include <stdlib.h>
+ #include <unistd.h>
+
+ int main ()
+ {
+ #if defined(_SC_KERNEL_BITS)
+ long bits = sysconf(_SC_KERNEL_BITS);
+ #endif
+ long cpu = sysconf (_SC_CPU_VERSION);
+
+ switch (cpu)
+ {
+ case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
+ case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
+ case CPU_PA_RISC2_0:
+ #if defined(_SC_KERNEL_BITS)
+ switch (bits)
+ {
+ case 64: puts ("hppa2.0w"); break;
+ case 32: puts ("hppa2.0n"); break;
+ default: puts ("hppa2.0"); break;
+ } break;
+ #else /* !defined(_SC_KERNEL_BITS) */
+ puts ("hppa2.0"); break;
+ #endif
+ default: puts ("hppa1.0"); break;
+ }
+ exit (0);
+ }
+EOF
+ (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
+ test -z "$HP_ARCH" && HP_ARCH=hppa
+ fi ;;
+ esac
+ if [ ${HP_ARCH} = "hppa2.0w" ]
+ then
+ eval $set_cc_for_build
+
+ # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating
+ # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler
+ # generating 64-bit code. GNU and HP use different nomenclature:
+ #
+ # $ CC_FOR_BUILD=cc ./config.guess
+ # => hppa2.0w-hp-hpux11.23
+ # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess
+ # => hppa64-hp-hpux11.23
+
+ if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) |
+ grep __LP64__ >/dev/null
+ then
+ HP_ARCH="hppa2.0w"
+ else
+ HP_ARCH="hppa64"
+ fi
+ fi
+ echo ${HP_ARCH}-hp-hpux${HPUX_REV}
+ exit ;;
+ ia64:HP-UX:*:*)
+ HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+ echo ia64-hp-hpux${HPUX_REV}
+ exit ;;
+ 3050*:HI-UX:*:*)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #include <unistd.h>
+ int
+ main ()
+ {
+ long cpu = sysconf (_SC_CPU_VERSION);
+ /* The order matters, because CPU_IS_HP_MC68K erroneously returns
+ true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct
+ results, however. */
+ if (CPU_IS_PA_RISC (cpu))
+ {
+ switch (cpu)
+ {
+ case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
+ case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
+ case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
+ default: puts ("hppa-hitachi-hiuxwe2"); break;
+ }
+ }
+ else if (CPU_IS_HP_MC68K (cpu))
+ puts ("m68k-hitachi-hiuxwe2");
+ else puts ("unknown-hitachi-hiuxwe2");
+ exit (0);
+ }
+EOF
+ $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` &&
+ { echo "$SYSTEM_NAME"; exit; }
+ echo unknown-hitachi-hiuxwe2
+ exit ;;
+ 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
+ echo hppa1.1-hp-bsd
+ exit ;;
+ 9000/8??:4.3bsd:*:*)
+ echo hppa1.0-hp-bsd
+ exit ;;
+ *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*)
+ echo hppa1.0-hp-mpeix
+ exit ;;
+ hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
+ echo hppa1.1-hp-osf
+ exit ;;
+ hp8??:OSF1:*:*)
+ echo hppa1.0-hp-osf
+ exit ;;
+ i*86:OSF1:*:*)
+ if [ -x /usr/sbin/sysversion ] ; then
+ echo ${UNAME_MACHINE}-unknown-osf1mk
+ else
+ echo ${UNAME_MACHINE}-unknown-osf1
+ fi
+ exit ;;
+ parisc*:Lites*:*:*)
+ echo hppa1.1-hp-lites
+ exit ;;
+ C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
+ echo c1-convex-bsd
+ exit ;;
+ C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
+ if getsysinfo -f scalar_acc
+ then echo c32-convex-bsd
+ else echo c2-convex-bsd
+ fi
+ exit ;;
+ C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
+ echo c34-convex-bsd
+ exit ;;
+ C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
+ echo c38-convex-bsd
+ exit ;;
+ C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
+ echo c4-convex-bsd
+ exit ;;
+ CRAY*Y-MP:*:*:*)
+ echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit ;;
+ CRAY*[A-Z]90:*:*:*)
+ echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \
+ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
+ -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \
+ -e 's/\.[^.]*$/.X/'
+ exit ;;
+ CRAY*TS:*:*:*)
+ echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit ;;
+ CRAY*T3E:*:*:*)
+ echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit ;;
+ CRAY*SV1:*:*:*)
+ echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit ;;
+ *:UNICOS/mp:*:*)
+ echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit ;;
+ F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
+ FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+ FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+ FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
+ echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+ exit ;;
+ 5000:UNIX_System_V:4.*:*)
+ FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+ FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'`
+ echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+ exit ;;
+ i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
+ echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
+ exit ;;
+ sparc*:BSD/OS:*:*)
+ echo sparc-unknown-bsdi${UNAME_RELEASE}
+ exit ;;
+ *:BSD/OS:*:*)
+ echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
+ exit ;;
+ *:FreeBSD:*:*)
+ case ${UNAME_MACHINE} in
+ pc98)
+ echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+ amd64)
+ echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+ *)
+ echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+ esac
+ exit ;;
+ i*:CYGWIN*:*)
+ echo ${UNAME_MACHINE}-pc-cygwin
+ exit ;;
+ i*:MINGW*:*)
+ echo ${UNAME_MACHINE}-pc-mingw32
+ exit ;;
+ i*:windows32*:*)
+ # uname -m includes "-pc" on this system.
+ echo ${UNAME_MACHINE}-mingw32
+ exit ;;
+ i*:PW*:*)
+ echo ${UNAME_MACHINE}-pc-pw32
+ exit ;;
+ x86:Interix*:[3456]*)
+ echo i586-pc-interix${UNAME_RELEASE}
+ exit ;;
+ EM64T:Interix*:[3456]*)
+ echo x86_64-unknown-interix${UNAME_RELEASE}
+ exit ;;
+ [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
+ echo i${UNAME_MACHINE}-pc-mks
+ exit ;;
+ i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
+ # How do we know it's Interix rather than the generic POSIX subsystem?
+ # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
+ # UNAME_MACHINE based on the output of uname instead of i386?
+ echo i586-pc-interix
+ exit ;;
+ i*:UWIN*:*)
+ echo ${UNAME_MACHINE}-pc-uwin
+ exit ;;
+ amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*)
+ echo x86_64-unknown-cygwin
+ exit ;;
+ p*:CYGWIN*:*)
+ echo powerpcle-unknown-cygwin
+ exit ;;
+ prep*:SunOS:5.*:*)
+ echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit ;;
+ *:GNU:*:*)
+ # the GNU system
+ echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
+ exit ;;
+ *:GNU/*:*:*)
+ # other systems with GNU libc and userland
+ echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu
+ exit ;;
+ i*86:Minix:*:*)
+ echo ${UNAME_MACHINE}-pc-minix
+ exit ;;
+ arm*:Linux:*:*)
+ echo ${UNAME_MACHINE}-${VENDOR}-linux-gnu
+ exit ;;
+ avr32*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit ;;
+ cris:Linux:*:*)
+ echo cris-axis-linux-gnu
+ exit ;;
+ crisv32:Linux:*:*)
+ echo crisv32-axis-linux-gnu
+ exit ;;
+ frv:Linux:*:*)
+ echo frv-${VENDOR}-linux-gnu
+ exit ;;
+ ia64:Linux:*:*)
+ echo ${UNAME_MACHINE}-${VENDOR}-linux-gnu
+ exit ;;
+ m32r*:Linux:*:*)
+ echo ${UNAME_MACHINE}-${VENDOR}-linux-gnu
+ exit ;;
+ m68*:Linux:*:*)
+ echo ${UNAME_MACHINE}-${VENDOR}-linux-gnu
+ exit ;;
+ mips:Linux:*:*)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #undef CPU
+ #undef mips
+ #undef mipsel
+ #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
+ CPU=mipsel
+ #else
+ #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
+ CPU=mips
+ #else
+ CPU=
+ #endif
+ #endif
+EOF
+ eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
+ /^CPU/{
+ s: ::g
+ p
+ }'`"
+ test x"${CPU}" != x && { echo "${CPU}-${VENDOR}-linux-gnu"; exit; }
+ ;;
+ mips64:Linux:*:*)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #undef CPU
+ #undef mips64
+ #undef mips64el
+ #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
+ CPU=mips64el
+ #else
+ #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
+ CPU=mips64
+ #else
+ CPU=
+ #endif
+ #endif
+EOF
+ eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
+ /^CPU/{
+ s: ::g
+ p
+ }'`"
+ test x"${CPU}" != x && { echo "${CPU}-${VENDOR}-linux-gnu"; exit; }
+ ;;
+ or32:Linux:*:*)
+ echo or32-${VENDOR}-linux-gnu
+ exit ;;
+ ppc:Linux:*:*)
+ echo powerpc-${VENDOR}-linux-gnu
+ exit ;;
+ ppc64:Linux:*:*)
+ echo powerpc64-${VENDOR}-linux-gnu
+ exit ;;
+ alpha:Linux:*:*)
+ case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
+ EV5) UNAME_MACHINE=alphaev5 ;;
+ EV56) UNAME_MACHINE=alphaev56 ;;
+ PCA56) UNAME_MACHINE=alphapca56 ;;
+ PCA57) UNAME_MACHINE=alphapca56 ;;
+ EV6) UNAME_MACHINE=alphaev6 ;;
+ EV67) UNAME_MACHINE=alphaev67 ;;
+ EV68*) UNAME_MACHINE=alphaev68 ;;
+ esac
+ objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
+ if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
+ echo ${UNAME_MACHINE}-${VENDOR}-linux-gnu${LIBC}
+ exit ;;
+ parisc:Linux:*:* | hppa:Linux:*:*)
+ # Look for CPU level
+ case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in
+ PA7*) echo hppa1.1-${VENDOR}-linux-gnu ;;
+ PA8*) echo hppa2.0-${VENDOR}-linux-gnu ;;
+ *) echo hppa-${VENDOR}-linux-gnu ;;
+ esac
+ exit ;;
+ parisc64:Linux:*:* | hppa64:Linux:*:*)
+ echo hppa64-${VENDOR}-linux-gnu
+ exit ;;
+ s390:Linux:*:* | s390x:Linux:*:*)
+ echo ${UNAME_MACHINE}-ibm-linux
+ exit ;;
+ sh64*:Linux:*:*)
+ echo ${UNAME_MACHINE}-${VENDOR}-linux-gnu
+ exit ;;
+ sh*:Linux:*:*)
+ echo ${UNAME_MACHINE}-${VENDOR}-linux-gnu
+ exit ;;
+ sparc:Linux:*:* | sparc64:Linux:*:*)
+ echo ${UNAME_MACHINE}-${VENDOR}-linux-gnu
+ exit ;;
+ vax:Linux:*:*)
+ echo ${UNAME_MACHINE}-dec-linux-gnu
+ exit ;;
+ x86_64:Linux:*:*)
+ echo x86_64-${VENDOR}-linux-gnu
+ exit ;;
+ i*86:Linux:*:*)
+ # The BFD linker knows what the default object file format is, so
+ # first see if it will tell us. cd to the root directory to prevent
+ # problems with other programs or directories called `ld' in the path.
+ # Set LC_ALL=C to ensure ld outputs messages in English.
+ ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
+ | sed -ne '/supported targets:/!d
+ s/[ ][ ]*/ /g
+ s/.*supported targets: *//
+ s/ .*//
+ p'`
+ case "$ld_supported_targets" in
+ elf32-i386)
+ TENTATIVE="${UNAME_MACHINE}-${VENDOR}-linux-gnu"
+ ;;
+ a.out-i386-linux)
+ echo "${UNAME_MACHINE}-${VENDOR}-linux-gnuaout"
+ exit ;;
+ coff-i386)
+ echo "${UNAME_MACHINE}-${VENDOR}-linux-gnucoff"
+ exit ;;
+ "")
+ # Either a pre-BFD a.out linker (linux-gnuoldld) or
+ # one that does not give us useful --help.
+ echo "${UNAME_MACHINE}-${VENDOR}-linux-gnuoldld"
+ exit ;;
+ esac
+ # Determine whether the default compiler is a.out or elf
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #include <features.h>
+ #ifdef __ELF__
+ # ifdef __GLIBC__
+ # if __GLIBC__ >= 2
+ LIBC=gnu
+ # else
+ LIBC=gnulibc1
+ # endif
+ # else
+ LIBC=gnulibc1
+ # endif
+ #else
+ #if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC)
+ LIBC=gnu
+ #else
+ LIBC=gnuaout
+ #endif
+ #endif
+ #ifdef __dietlibc__
+ LIBC=dietlibc
+ #endif
+EOF
+ eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
+ /^LIBC/{
+ s: ::g
+ p
+ }'`"
+ test x"${LIBC}" != x && {
+ echo "${UNAME_MACHINE}-${VENDOR}-linux-${LIBC}"
+ exit
+ }
+ test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; }
+ ;;
+ i*86:DYNIX/ptx:4*:*)
+ # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
+ # earlier versions are messed up and put the nodename in both
+ # sysname and nodename.
+ echo i386-sequent-sysv4
+ exit ;;
+ i*86:UNIX_SV:4.2MP:2.*)
+ # Unixware is an offshoot of SVR4, but it has its own version
+ # number series starting with 2...
+ # I am not positive that other SVR4 systems won't match this,
+ # I just have to hope. -- rms.
+ # Use sysv4.2uw... so that sysv4* matches it.
+ echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
+ exit ;;
+ i*86:OS/2:*:*)
+ # If we were able to find `uname', then EMX Unix compatibility
+ # is probably installed.
+ echo ${UNAME_MACHINE}-pc-os2-emx
+ exit ;;
+ i*86:XTS-300:*:STOP)
+ echo ${UNAME_MACHINE}-unknown-stop
+ exit ;;
+ i*86:atheos:*:*)
+ echo ${UNAME_MACHINE}-unknown-atheos
+ exit ;;
+ i*86:syllable:*:*)
+ echo ${UNAME_MACHINE}-pc-syllable
+ exit ;;
+ i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
+ echo i386-unknown-lynxos${UNAME_RELEASE}
+ exit ;;
+ i*86:*DOS:*:*)
+ echo ${UNAME_MACHINE}-pc-msdosdjgpp
+ exit ;;
+ i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*)
+ UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'`
+ if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
+ echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL}
+ else
+ echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL}
+ fi
+ exit ;;
+ i*86:*:5:[678]*)
+ # UnixWare 7.x, OpenUNIX and OpenServer 6.
+ case `/bin/uname -X | grep "^Machine"` in
+ *486*) UNAME_MACHINE=i486 ;;
+ *Pentium) UNAME_MACHINE=i586 ;;
+ *Pent*|*Celeron) UNAME_MACHINE=i686 ;;
+ esac
+ echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION}
+ exit ;;
+ i*86:*:3.2:*)
+ if test -f /usr/options/cb.name; then
+ UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
+ echo ${UNAME_MACHINE}-pc-isc$UNAME_REL
+ elif /bin/uname -X 2>/dev/null >/dev/null ; then
+ UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')`
+ (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486
+ (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \
+ && UNAME_MACHINE=i586
+ (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \
+ && UNAME_MACHINE=i686
+ (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \
+ && UNAME_MACHINE=i686
+ echo ${UNAME_MACHINE}-pc-sco$UNAME_REL
+ else
+ echo ${UNAME_MACHINE}-pc-sysv32
+ fi
+ exit ;;
+ pc:*:*:*)
+ # Left here for compatibility:
+ # uname -m prints for DJGPP always 'pc', but it prints nothing about
+ # the processor, so we play safe by assuming i386.
+ echo i386-pc-msdosdjgpp
+ exit ;;
+ Intel:Mach:3*:*)
+ echo i386-pc-mach3
+ exit ;;
+ paragon:*:*:*)
+ echo i860-intel-osf1
+ exit ;;
+ i860:*:4.*:*) # i860-SVR4
+ if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
+ echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4
+ else # Add other i860-SVR4 vendors below as they are discovered.
+ echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4
+ fi
+ exit ;;
+ mini*:CTIX:SYS*5:*)
+ # "miniframe"
+ echo m68010-convergent-sysv
+ exit ;;
+ mc68k:UNIX:SYSTEM5:3.51m)
+ echo m68k-convergent-sysv
+ exit ;;
+ M680?0:D-NIX:5.3:*)
+ echo m68k-diab-dnix
+ exit ;;
+ M68*:*:R3V[5678]*:*)
+ test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;;
+ 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0)
+ OS_REL=''
+ test -r /etc/.relid \
+ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && { echo i486-ncr-sysv4.3${OS_REL}; exit; }
+ /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;;
+ 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && { echo i486-ncr-sysv4; exit; } ;;
+ m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
+ echo m68k-unknown-lynxos${UNAME_RELEASE}
+ exit ;;
+ mc68030:UNIX_System_V:4.*:*)
+ echo m68k-atari-sysv4
+ exit ;;
+ TSUNAMI:LynxOS:2.*:*)
+ echo sparc-unknown-lynxos${UNAME_RELEASE}
+ exit ;;
+ rs6000:LynxOS:2.*:*)
+ echo rs6000-unknown-lynxos${UNAME_RELEASE}
+ exit ;;
+ PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*)
+ echo powerpc-unknown-lynxos${UNAME_RELEASE}
+ exit ;;
+ SM[BE]S:UNIX_SV:*:*)
+ echo mips-dde-sysv${UNAME_RELEASE}
+ exit ;;
+ RM*:ReliantUNIX-*:*:*)
+ echo mips-sni-sysv4
+ exit ;;
+ RM*:SINIX-*:*:*)
+ echo mips-sni-sysv4
+ exit ;;
+ *:SINIX-*:*:*)
+ if uname -p 2>/dev/null >/dev/null ; then
+ UNAME_MACHINE=`(uname -p) 2>/dev/null`
+ echo ${UNAME_MACHINE}-sni-sysv4
+ else
+ echo ns32k-sni-sysv
+ fi
+ exit ;;
+ PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
+ # says <Richard.M.Bartel@ccMail.Census.GOV>
+ echo i586-unisys-sysv4
+ exit ;;
+ *:UNIX_System_V:4*:FTX*)
+ # From Gerald Hewes <hewes@openmarket.com>.
+ # How about differentiating between stratus architectures? -djm
+ echo hppa1.1-stratus-sysv4
+ exit ;;
+ *:*:*:FTX*)
+ # From seanf@swdc.stratus.com.
+ echo i860-stratus-sysv4
+ exit ;;
+ i*86:VOS:*:*)
+ # From Paul.Green@stratus.com.
+ echo ${UNAME_MACHINE}-stratus-vos
+ exit ;;
+ *:VOS:*:*)
+ # From Paul.Green@stratus.com.
+ echo hppa1.1-stratus-vos
+ exit ;;
+ mc68*:A/UX:*:*)
+ echo m68k-apple-aux${UNAME_RELEASE}
+ exit ;;
+ news*:NEWS-OS:6*:*)
+ echo mips-sony-newsos6
+ exit ;;
+ R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
+ if [ -d /usr/nec ]; then
+ echo mips-nec-sysv${UNAME_RELEASE}
+ else
+ echo mips-unknown-sysv${UNAME_RELEASE}
+ fi
+ exit ;;
+ BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only.
+ echo powerpc-be-beos
+ exit ;;
+ BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only.
+ echo powerpc-apple-beos
+ exit ;;
+ BePC:BeOS:*:*) # BeOS running on Intel PC compatible.
+ echo i586-pc-beos
+ exit ;;
+ SX-4:SUPER-UX:*:*)
+ echo sx4-nec-superux${UNAME_RELEASE}
+ exit ;;
+ SX-5:SUPER-UX:*:*)
+ echo sx5-nec-superux${UNAME_RELEASE}
+ exit ;;
+ SX-6:SUPER-UX:*:*)
+ echo sx6-nec-superux${UNAME_RELEASE}
+ exit ;;
+ Power*:Rhapsody:*:*)
+ echo powerpc-apple-rhapsody${UNAME_RELEASE}
+ exit ;;
+ *:Rhapsody:*:*)
+ echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE}
+ exit ;;
+ *:Darwin:*:*)
+ UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
+ case $UNAME_PROCESSOR in
+ unknown) UNAME_PROCESSOR=powerpc ;;
+ esac
+ echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
+ exit ;;
+ *:procnto*:*:* | *:QNX:[0123456789]*:*)
+ UNAME_PROCESSOR=`uname -p`
+ if test "$UNAME_PROCESSOR" = "x86"; then
+ UNAME_PROCESSOR=i386
+ UNAME_MACHINE=pc
+ fi
+ echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE}
+ exit ;;
+ *:QNX:*:4*)
+ echo i386-pc-qnx
+ exit ;;
+ NSE-?:NONSTOP_KERNEL:*:*)
+ echo nse-tandem-nsk${UNAME_RELEASE}
+ exit ;;
+ NSR-?:NONSTOP_KERNEL:*:*)
+ echo nsr-tandem-nsk${UNAME_RELEASE}
+ exit ;;
+ *:NonStop-UX:*:*)
+ echo mips-compaq-nonstopux
+ exit ;;
+ BS2000:POSIX*:*:*)
+ echo bs2000-siemens-sysv
+ exit ;;
+ DS/*:UNIX_System_V:*:*)
+ echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE}
+ exit ;;
+ *:Plan9:*:*)
+ # "uname -m" is not consistent, so use $cputype instead. 386
+ # is converted to i386 for consistency with other x86
+ # operating systems.
+ if test "$cputype" = "386"; then
+ UNAME_MACHINE=i386
+ else
+ UNAME_MACHINE="$cputype"
+ fi
+ echo ${UNAME_MACHINE}-unknown-plan9
+ exit ;;
+ *:TOPS-10:*:*)
+ echo pdp10-unknown-tops10
+ exit ;;
+ *:TENEX:*:*)
+ echo pdp10-unknown-tenex
+ exit ;;
+ KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*)
+ echo pdp10-dec-tops20
+ exit ;;
+ XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*)
+ echo pdp10-xkl-tops20
+ exit ;;
+ *:TOPS-20:*:*)
+ echo pdp10-unknown-tops20
+ exit ;;
+ *:ITS:*:*)
+ echo pdp10-unknown-its
+ exit ;;
+ SEI:*:*:SEIUX)
+ echo mips-sei-seiux${UNAME_RELEASE}
+ exit ;;
+ *:DragonFly:*:*)
+ echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
+ exit ;;
+ *:*VMS:*:*)
+ UNAME_MACHINE=`(uname -p) 2>/dev/null`
+ case "${UNAME_MACHINE}" in
+ A*) echo alpha-dec-vms ; exit ;;
+ I*) echo ia64-dec-vms ; exit ;;
+ V*) echo vax-dec-vms ; exit ;;
+ esac ;;
+ *:XENIX:*:SysV)
+ echo i386-pc-xenix
+ exit ;;
+ i*86:skyos:*:*)
+ echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//'
+ exit ;;
+ i*86:rdos:*:*)
+ echo ${UNAME_MACHINE}-pc-rdos
+ exit ;;
+esac
+
+#echo '(No uname command or uname output not recognized.)' 1>&2
+#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
+
+eval $set_cc_for_build
+cat >$dummy.c <<EOF
+#ifdef _SEQUENT_
+# include <sys/types.h>
+# include <sys/utsname.h>
+#endif
+main ()
+{
+#if defined (sony)
+#if defined (MIPSEB)
+ /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed,
+ I don't know.... */
+ printf ("mips-sony-bsd\n"); exit (0);
+#else
+#include <sys/param.h>
+ printf ("m68k-sony-newsos%s\n",
+#ifdef NEWSOS4
+ "4"
+#else
+ ""
+#endif
+ ); exit (0);
+#endif
+#endif
+
+#if defined (__arm) && defined (__acorn) && defined (__unix)
+ printf ("arm-acorn-riscix\n"); exit (0);
+#endif
+
+#if defined (hp300) && !defined (hpux)
+ printf ("m68k-hp-bsd\n"); exit (0);
+#endif
+
+#if defined (NeXT)
+#if !defined (__ARCHITECTURE__)
+#define __ARCHITECTURE__ "m68k"
+#endif
+ int version;
+ version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
+ if (version < 4)
+ printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version);
+ else
+ printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version);
+ exit (0);
+#endif
+
+#if defined (MULTIMAX) || defined (n16)
+#if defined (UMAXV)
+ printf ("ns32k-encore-sysv\n"); exit (0);
+#else
+#if defined (CMU)
+ printf ("ns32k-encore-mach\n"); exit (0);
+#else
+ printf ("ns32k-encore-bsd\n"); exit (0);
+#endif
+#endif
+#endif
+
+#if defined (__386BSD__)
+ printf ("i386-pc-bsd\n"); exit (0);
+#endif
+
+#if defined (sequent)
+#if defined (i386)
+ printf ("i386-sequent-dynix\n"); exit (0);
+#endif
+#if defined (ns32000)
+ printf ("ns32k-sequent-dynix\n"); exit (0);
+#endif
+#endif
+
+#if defined (_SEQUENT_)
+ struct utsname un;
+
+ uname(&un);
+
+ if (strncmp(un.version, "V2", 2) == 0) {
+ printf ("i386-sequent-ptx2\n"); exit (0);
+ }
+ if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
+ printf ("i386-sequent-ptx1\n"); exit (0);
+ }
+ printf ("i386-sequent-ptx\n"); exit (0);
+
+#endif
+
+#if defined (vax)
+# if !defined (ultrix)
+# include <sys/param.h>
+# if defined (BSD)
+# if BSD == 43
+ printf ("vax-dec-bsd4.3\n"); exit (0);
+# else
+# if BSD == 199006
+ printf ("vax-dec-bsd4.3reno\n"); exit (0);
+# else
+ printf ("vax-dec-bsd\n"); exit (0);
+# endif
+# endif
+# else
+ printf ("vax-dec-bsd\n"); exit (0);
+# endif
+# else
+ printf ("vax-dec-ultrix\n"); exit (0);
+# endif
+#endif
+
+#if defined (alliant) && defined (i860)
+ printf ("i860-alliant-bsd\n"); exit (0);
+#endif
+
+ exit (1);
+}
+EOF
+
+$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` &&
+ { echo "$SYSTEM_NAME"; exit; }
+
+# Apollos put the system type in the environment.
+
+test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; }
+
+# Convex versions that predate uname can use getsysinfo(1)
+
+if [ -x /usr/convex/getsysinfo ]
+then
+ case `getsysinfo -f cpu_type` in
+ c1*)
+ echo c1-convex-bsd
+ exit ;;
+ c2*)
+ if getsysinfo -f scalar_acc
+ then echo c32-convex-bsd
+ else echo c2-convex-bsd
+ fi
+ exit ;;
+ c34*)
+ echo c34-convex-bsd
+ exit ;;
+ c38*)
+ echo c38-convex-bsd
+ exit ;;
+ c4*)
+ echo c4-convex-bsd
+ exit ;;
+ esac
+fi
+
+cat >&2 <<EOF
+$0: unable to guess system type
+
+This script, last modified $timestamp, has failed to recognize
+the operating system you are using. It is advised that you
+download the most up to date version of the config scripts from
+
+ http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.guess
+and
+ http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.sub
+
+If the version you run ($0) is already up to date, please
+send the following data and any information you think might be
+pertinent to <config-patches@gnu.org> in order to provide the needed
+information to handle your system.
+
+config.guess timestamp = $timestamp
+
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null`
+/bin/uname -X = `(/bin/uname -X) 2>/dev/null`
+
+hostinfo = `(hostinfo) 2>/dev/null`
+/bin/universe = `(/bin/universe) 2>/dev/null`
+/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null`
+/bin/arch = `(/bin/arch) 2>/dev/null`
+/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null`
+
+UNAME_MACHINE = ${UNAME_MACHINE}
+UNAME_RELEASE = ${UNAME_RELEASE}
+UNAME_SYSTEM = ${UNAME_SYSTEM}
+UNAME_VERSION = ${UNAME_VERSION}
+EOF
+
+exit 1
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/Linux-PAM/config.h.in b/Linux-PAM/config.h.in
new file mode 100644
index 00000000..617f55b3
--- /dev/null
+++ b/Linux-PAM/config.h.in
@@ -0,0 +1,323 @@
+/* config.h.in. Generated from configure.in by autoheader. */
+
+/* lots of stuff gets written to /var/run/pam-debug.log */
+#undef DEBUG
+
+/* Define to 1 if translation of program messages to the user's native
+ language is requested. */
+#undef ENABLE_NLS
+
+/* Define to the type of elements in the array set by `getgroups'. Usually
+ this is either `int' or `gid_t'. */
+#undef GETGROUPS_T
+
+/* Define to 1 if you have the MacOS X function CFLocaleCopyCurrent in the
+ CoreFoundation framework. */
+#undef HAVE_CFLOCALECOPYCURRENT
+
+/* Define to 1 if you have the MacOS X function CFPreferencesCopyAppValue in
+ the CoreFoundation framework. */
+#undef HAVE_CFPREFERENCESCOPYAPPVALUE
+
+/* Define to 1 if you have the <crypt.h> header file. */
+#undef HAVE_CRYPT_H
+
+/* Define to 1 if you have the <db.h> header file. */
+#undef HAVE_DB_H
+
+/* Define if the GNU dcgettext() function is already present or preinstalled.
+ */
+#undef HAVE_DCGETTEXT
+
+/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
+ */
+#undef HAVE_DIRENT_H
+
+/* Define to 1 if you have the <dlfcn.h> header file. */
+#undef HAVE_DLFCN_H
+
+/* Define to 1 if you have the `dngettext' function. */
+#undef HAVE_DNGETTEXT
+
+/* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */
+#undef HAVE_DOPRNT
+
+/* Define to 1 if you have the <fcntl.h> header file. */
+#undef HAVE_FCNTL_H
+
+/* Define to 1 if you have the `fseeko' function. */
+#undef HAVE_FSEEKO
+
+/* Define to 1 if you have the `getdelim' function. */
+#undef HAVE_GETDELIM
+
+/* Define to 1 if you have the `getgrgid_r' function. */
+#undef HAVE_GETGRGID_R
+
+/* Define to 1 if you have the `getgrnam_r' function. */
+#undef HAVE_GETGRNAM_R
+
+/* Define to 1 if you have the `getgrouplist' function. */
+#undef HAVE_GETGROUPLIST
+
+/* Define to 1 if you have the `gethostname' function. */
+#undef HAVE_GETHOSTNAME
+
+/* Define to 1 if you have the `getline' function. */
+#undef HAVE_GETLINE
+
+/* Define to 1 if you have the `getpwnam_r' function. */
+#undef HAVE_GETPWNAM_R
+
+/* Define to 1 if you have the `getpwuid_r' function. */
+#undef HAVE_GETPWUID_R
+
+/* Define to 1 if you have the `getspnam_r' function. */
+#undef HAVE_GETSPNAM_R
+
+/* Define if the GNU gettext() function is already present or preinstalled. */
+#undef HAVE_GETTEXT
+
+/* Define to 1 if you have the `gettimeofday' function. */
+#undef HAVE_GETTIMEOFDAY
+
+/* Define if you have the iconv() function. */
+#undef HAVE_ICONV
+
+/* Define to 1 if you have the `inet_ntop' function. */
+#undef HAVE_INET_NTOP
+
+/* Define to 1 if you have the `inet_pton' function. */
+#undef HAVE_INET_PTON
+
+/* Define to 1 if you have the <inittypes.h> header file. */
+#undef HAVE_INITTYPES_H
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#undef HAVE_INTTYPES_H
+
+/* Defined if the kernel key management facility is available */
+#undef HAVE_KEY_MANAGEMENT
+
+/* Define to 1 if you have the <lastlog.h> header file. */
+#undef HAVE_LASTLOG_H
+
+/* Define to 1 if you have the `lckpwdf' function. */
+#undef HAVE_LCKPWDF
+
+/* Defined if audit support should be compiled in */
+#undef HAVE_LIBAUDIT
+
+/* Define to 1 if you have the <limits.h> header file. */
+#undef HAVE_LIMITS_H
+
+/* Define to 1 if you have the <malloc.h> header file. */
+#undef HAVE_MALLOC_H
+
+/* Define to 1 if you have the <memory.h> header file. */
+#undef HAVE_MEMORY_H
+
+/* Define to 1 if you have the `mkdir' function. */
+#undef HAVE_MKDIR
+
+/* Define to 1 if you have the <ndbm.h> header file. */
+#undef HAVE_NDBM_H
+
+/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
+#undef HAVE_NDIR_H
+
+/* Define to 1 if you have the <paths.h> header file. */
+#undef HAVE_PATHS_H
+
+/* Define to 1 if you have the `ruserok_af' function. */
+#undef HAVE_RUSEROK_AF
+
+/* Define to 1 if you have the `select' function. */
+#undef HAVE_SELECT
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#undef HAVE_STDINT_H
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#undef HAVE_STDLIB_H
+
+/* Define to 1 if you have the `strcspn' function. */
+#undef HAVE_STRCSPN
+
+/* Define to 1 if you have the `strdup' function. */
+#undef HAVE_STRDUP
+
+/* Define to 1 if you have the <strings.h> header file. */
+#undef HAVE_STRINGS_H
+
+/* Define to 1 if you have the <string.h> header file. */
+#undef HAVE_STRING_H
+
+/* Define to 1 if you have the `strspn' function. */
+#undef HAVE_STRSPN
+
+/* Define to 1 if you have the `strstr' function. */
+#undef HAVE_STRSTR
+
+/* Define to 1 if you have the `strtol' function. */
+#undef HAVE_STRTOL
+
+/* Define to 1 if you have the <syslog.h> header file. */
+#undef HAVE_SYSLOG_H
+
+/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'.
+ */
+#undef HAVE_SYS_DIR_H
+
+/* Define to 1 if you have the <sys/file.h> header file. */
+#undef HAVE_SYS_FILE_H
+
+/* Define to 1 if you have the <sys/fsuid.h> header file. */
+#undef HAVE_SYS_FSUID_H
+
+/* Define to 1 if you have the <sys/ioctl.h> header file. */
+#undef HAVE_SYS_IOCTL_H
+
+/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR'.
+ */
+#undef HAVE_SYS_NDIR_H
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#undef HAVE_SYS_STAT_H
+
+/* Define to 1 if you have the <sys/time.h> header file. */
+#undef HAVE_SYS_TIME_H
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#undef HAVE_SYS_TYPES_H
+
+/* Define to 1 if you have <sys/wait.h> that is POSIX.1 compatible. */
+#undef HAVE_SYS_WAIT_H
+
+/* Define to 1 if you have the <termio.h> header file. */
+#undef HAVE_TERMIO_H
+
+/* Define to 1 if you have the `uname' function. */
+#undef HAVE_UNAME
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#undef HAVE_UNISTD_H
+
+/* Define to 1 if you have the `unshare' function. */
+#undef HAVE_UNSHARE
+
+/* Define to 1 if you have the <utmpx.h> header file. */
+#undef HAVE_UTMPX_H
+
+/* Define to 1 if you have the <utmp.h> header file. */
+#undef HAVE_UTMP_H
+
+/* Define to 1 if you have the `vprintf' function. */
+#undef HAVE_VPRINTF
+
+/* Define to 1 if you have the `yp_get_default_domain' function. */
+#undef HAVE_YP_GET_DEFAULT_DOMAIN
+
+/* Define to 1 if your C compiler doesn't accept -c and -o together. */
+#undef NO_MINUS_C_MINUS_O
+
+/* Name of package */
+#undef PACKAGE
+
+/* Define to the address where bug reports for this package should be sent. */
+#undef PACKAGE_BUGREPORT
+
+/* Define to the full name of this package. */
+#undef PACKAGE_NAME
+
+/* Define to the full name and version of this package. */
+#undef PACKAGE_STRING
+
+/* Define to the one symbol short name of this package. */
+#undef PACKAGE_TARNAME
+
+/* Define to the version of this package. */
+#undef PACKAGE_VERSION
+
+/* libpam should observe a global authentication lock */
+#undef PAM_LOCKING
+
+/* Path where mails are stored */
+#undef PAM_PATH_MAILDIR
+
+/* Additional path of xauth executable */
+#undef PAM_PATH_XAUTH
+
+/* read both /etc/pam.d and /etc/pam.conf files */
+#undef PAM_READ_BOTH_CONFS
+
+/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS
+
+/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
+#undef TIME_WITH_SYS_TIME
+
+/* Define to 1 if your <sys/time.h> declares `struct tm'. */
+#undef TM_IN_SYS_TIME
+
+/* define if your compiler has __att ribute__ ((unused)) */
+#undef UNUSED
+
+/* Define to 1 if the lckpwdf function should be used */
+#undef USE_LCKPWDF
+
+/* Version number of package */
+#undef VERSION
+
+/* Defined if SE Linux support is compiled in */
+#undef WITH_SELINUX
+
+/* Define to 1 if your processor stores words with the most significant byte
+ first (like Motorola and SPARC, unlike Intel and VAX). */
+#undef WORDS_BIGENDIAN
+
+/* Define to 1 if `lex' declares `yytext' as a `char *' by default, not a
+ `char[]'. */
+#undef YYTEXT_POINTER
+
+/* Number of bits in a file offset, on hosts where this is settable. */
+#undef _FILE_OFFSET_BITS
+
+/* Enable GNU extensions on systems that have them. */
+#ifndef _GNU_SOURCE
+# undef _GNU_SOURCE
+#endif
+
+/* Define for large files, on AIX-style hosts. */
+#undef _LARGE_FILES
+
+/* Define to the path, relative to SECUREDIR, where PAMs specific to this
+ architecture can be found. */
+#undef _PAM_ISA
+
+#ifdef ENABLE_NLS
+#include <libintl.h>
+#define _(msgid) dgettext(PACKAGE, msgid)
+#define N_(msgid) msgid
+#else
+#define _(msgid) (msgid)
+#define N_(msgid) msgid
+#endif /* ENABLE_NLS */
+
+/* Define to empty if `const' does not conform to ANSI C. */
+#undef const
+
+/* Define to `int' if <sys/types.h> doesn't define. */
+#undef gid_t
+
+/* Define to `long int' if <sys/types.h> does not define. */
+#undef off_t
+
+/* Define to `int' if <sys/types.h> does not define. */
+#undef pid_t
+
+/* Define to `unsigned int' if <sys/types.h> does not define. */
+#undef size_t
+
+/* Define to `int' if <sys/types.h> doesn't define. */
+#undef uid_t
diff --git a/Linux-PAM/config.rpath b/Linux-PAM/config.rpath
new file mode 100755
index 00000000..c492a93b
--- /dev/null
+++ b/Linux-PAM/config.rpath
@@ -0,0 +1,614 @@
+#! /bin/sh
+# Output a system dependent set of variables, describing how to set the
+# run time search path of shared libraries in an executable.
+#
+# Copyright 1996-2006 Free Software Foundation, Inc.
+# Taken from GNU libtool, 2001
+# Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# The first argument passed to this file is the canonical host specification,
+# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# or
+# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
+# The environment variables CC, GCC, LDFLAGS, LD, with_gnu_ld
+# should be set by the caller.
+#
+# The set of defined variables is at the end of this script.
+
+# Known limitations:
+# - On IRIX 6.5 with CC="cc", the run time search patch must not be longer
+# than 256 bytes, otherwise the compiler driver will dump core. The only
+# known workaround is to choose shorter directory names for the build
+# directory and/or the installation directory.
+
+# All known linkers require a `.a' archive for static linking (except MSVC,
+# which needs '.lib').
+libext=a
+shrext=.so
+
+host="$1"
+host_cpu=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
+host_vendor=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
+host_os=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
+
+# Code taken from libtool.m4's _LT_CC_BASENAME.
+
+for cc_temp in $CC""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`echo "$cc_temp" | sed -e 's%^.*/%%'`
+
+# Code taken from libtool.m4's AC_LIBTOOL_PROG_COMPILER_PIC.
+
+wl=
+if test "$GCC" = yes; then
+ wl='-Wl,'
+else
+ case "$host_os" in
+ aix*)
+ wl='-Wl,'
+ ;;
+ darwin*)
+ case $cc_basename in
+ xlc*)
+ wl='-Wl,'
+ ;;
+ esac
+ ;;
+ mingw* | pw32* | os2*)
+ ;;
+ hpux9* | hpux10* | hpux11*)
+ wl='-Wl,'
+ ;;
+ irix5* | irix6* | nonstopux*)
+ wl='-Wl,'
+ ;;
+ newsos6)
+ ;;
+ linux*)
+ case $cc_basename in
+ icc* | ecc*)
+ wl='-Wl,'
+ ;;
+ pgcc | pgf77 | pgf90)
+ wl='-Wl,'
+ ;;
+ ccc*)
+ wl='-Wl,'
+ ;;
+ como)
+ wl='-lopt='
+ ;;
+ *)
+ case `$CC -V 2>&1 | sed 5q` in
+ *Sun\ C*)
+ wl='-Wl,'
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+ osf3* | osf4* | osf5*)
+ wl='-Wl,'
+ ;;
+ sco3.2v5*)
+ ;;
+ solaris*)
+ wl='-Wl,'
+ ;;
+ sunos4*)
+ wl='-Qoption ld '
+ ;;
+ sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
+ wl='-Wl,'
+ ;;
+ sysv4*MP*)
+ ;;
+ unicos*)
+ wl='-Wl,'
+ ;;
+ uts4*)
+ ;;
+ esac
+fi
+
+# Code taken from libtool.m4's AC_LIBTOOL_PROG_LD_SHLIBS.
+
+hardcode_libdir_flag_spec=
+hardcode_libdir_separator=
+hardcode_direct=no
+hardcode_minus_L=no
+
+case "$host_os" in
+ cygwin* | mingw* | pw32*)
+ # FIXME: the MSVC++ port hasn't been tested in a loooong time
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ if test "$GCC" != yes; then
+ with_gnu_ld=no
+ fi
+ ;;
+ interix*)
+ # we just hope/assume this is gcc and not c89 (= MSVC++)
+ with_gnu_ld=yes
+ ;;
+ openbsd*)
+ with_gnu_ld=no
+ ;;
+esac
+
+ld_shlibs=yes
+if test "$with_gnu_ld" = yes; then
+ # Set some defaults for GNU ld with shared library support. These
+ # are reset later if shared libraries are not supported. Putting them
+ # here allows them to be overridden if necessary.
+ # Unlike libtool, we use -rpath here, not --rpath, since the documented
+ # option of GNU ld is called -rpath, not --rpath.
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ case "$host_os" in
+ aix3* | aix4* | aix5*)
+ # On AIX/PPC, the GNU linker is very broken
+ if test "$host_cpu" != ia64; then
+ ld_shlibs=no
+ fi
+ ;;
+ amigaos*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ # Samuel A. Falvo II <kc5tja@dolphin.openprojects.net> reports
+ # that the semantics of dynamic libraries on AmigaOS, at least up
+ # to version 4, is to share data among multiple programs linked
+ # with the same dynamic library. Since this doesn't match the
+ # behavior of shared libraries on other platforms, we cannot use
+ # them.
+ ld_shlibs=no
+ ;;
+ beos*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ cygwin* | mingw* | pw32*)
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ hardcode_libdir_flag_spec='-L$libdir'
+ if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ interix3*)
+ hardcode_direct=no
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ ;;
+ linux*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ netbsd*)
+ ;;
+ solaris*)
+ if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then
+ ld_shlibs=no
+ elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+ case `$LD -v 2>&1` in
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*)
+ ld_shlibs=no
+ ;;
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ esac
+ ;;
+ sunos4*)
+ hardcode_direct=yes
+ ;;
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ esac
+ if test "$ld_shlibs" = no; then
+ hardcode_libdir_flag_spec=
+ fi
+else
+ case "$host_os" in
+ aix3*)
+ # Note: this linker hardcodes the directories in LIBPATH if there
+ # are no directories specified by -L.
+ hardcode_minus_L=yes
+ if test "$GCC" = yes; then
+ # Neither direct hardcoding nor static linking is supported with a
+ # broken collect2.
+ hardcode_direct=unsupported
+ fi
+ ;;
+ aix4* | aix5*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ else
+ aix_use_runtimelinking=no
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[23]|aix4.[23].*|aix5*)
+ for ld_flag in $LDFLAGS; do
+ if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+ aix_use_runtimelinking=yes
+ break
+ fi
+ done
+ ;;
+ esac
+ fi
+ hardcode_direct=yes
+ hardcode_libdir_separator=':'
+ if test "$GCC" = yes; then
+ case $host_os in aix4.[012]|aix4.[012].*)
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" && \
+ strings "$collect2name" | grep resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ hardcode_direct=yes
+ else
+ # We have old collect2
+ hardcode_direct=unsupported
+ hardcode_minus_L=yes
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_libdir_separator=
+ fi
+ ;;
+ esac
+ fi
+ # Begin _LT_AC_SYS_LIBPATH_AIX.
+ echo 'int main () { return 0; }' > conftest.c
+ ${CC} ${LDFLAGS} conftest.c -o conftest
+ aix_libpath=`dump -H conftest 2>/dev/null | sed -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+ if test -z "$aix_libpath"; then
+ aix_libpath=`dump -HX64 conftest 2>/dev/null | sed -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+ fi
+ if test -z "$aix_libpath"; then
+ aix_libpath="/usr/lib:/lib"
+ fi
+ rm -f conftest.c conftest
+ # End _LT_AC_SYS_LIBPATH_AIX.
+ if test "$aix_use_runtimelinking" = yes; then
+ hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+ else
+ if test "$host_cpu" = ia64; then
+ hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib'
+ else
+ hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+ fi
+ fi
+ ;;
+ amigaos*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ # see comment about different semantics on the GNU ld section
+ ld_shlibs=no
+ ;;
+ bsdi[45]*)
+ ;;
+ cygwin* | mingw* | pw32*)
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ hardcode_libdir_flag_spec=' '
+ libext=lib
+ ;;
+ darwin* | rhapsody*)
+ hardcode_direct=no
+ if test "$GCC" = yes ; then
+ :
+ else
+ case $cc_basename in
+ xlc*)
+ ;;
+ *)
+ ld_shlibs=no
+ ;;
+ esac
+ fi
+ ;;
+ dgux*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ ;;
+ freebsd1*)
+ ld_shlibs=no
+ ;;
+ freebsd2.2*)
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ ;;
+ freebsd2*)
+ hardcode_direct=yes
+ hardcode_minus_L=yes
+ ;;
+ freebsd* | kfreebsd*-gnu | dragonfly*)
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ ;;
+ hpux9*)
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+ hardcode_direct=yes
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ ;;
+ hpux10*)
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+ hardcode_direct=yes
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ fi
+ ;;
+ hpux11*)
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+ case $host_cpu in
+ hppa*64*|ia64*)
+ hardcode_direct=no
+ ;;
+ *)
+ hardcode_direct=yes
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ ;;
+ esac
+ fi
+ ;;
+ irix5* | irix6* | nonstopux*)
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ ;;
+ netbsd*)
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ ;;
+ newsos6)
+ hardcode_direct=yes
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ ;;
+ openbsd*)
+ hardcode_direct=yes
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ else
+ case "$host_os" in
+ openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*)
+ hardcode_libdir_flag_spec='-R$libdir'
+ ;;
+ *)
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ ;;
+ esac
+ fi
+ ;;
+ os2*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ ;;
+ osf3*)
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ ;;
+ osf4* | osf5*)
+ if test "$GCC" = yes; then
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ else
+ # Both cc and cxx compiler support -rpath directly
+ hardcode_libdir_flag_spec='-rpath $libdir'
+ fi
+ hardcode_libdir_separator=:
+ ;;
+ solaris*)
+ hardcode_libdir_flag_spec='-R$libdir'
+ ;;
+ sunos4*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_direct=yes
+ hardcode_minus_L=yes
+ ;;
+ sysv4)
+ case $host_vendor in
+ sni)
+ hardcode_direct=yes # is this really true???
+ ;;
+ siemens)
+ hardcode_direct=no
+ ;;
+ motorola)
+ hardcode_direct=no #Motorola manual says yes, but my tests say they lie
+ ;;
+ esac
+ ;;
+ sysv4.3*)
+ ;;
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ ld_shlibs=yes
+ fi
+ ;;
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*)
+ ;;
+ sysv5* | sco3.2v5* | sco5v6*)
+ hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
+ hardcode_libdir_separator=':'
+ ;;
+ uts4*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ ;;
+ *)
+ ld_shlibs=no
+ ;;
+ esac
+fi
+
+# Check dynamic linker characteristics
+# Code taken from libtool.m4's AC_LIBTOOL_SYS_DYNAMIC_LINKER.
+libname_spec='lib$name'
+case "$host_os" in
+ aix3*)
+ ;;
+ aix4* | aix5*)
+ ;;
+ amigaos*)
+ ;;
+ beos*)
+ ;;
+ bsdi[45]*)
+ ;;
+ cygwin* | mingw* | pw32*)
+ shrext=.dll
+ ;;
+ darwin* | rhapsody*)
+ shrext=.dylib
+ ;;
+ dgux*)
+ ;;
+ freebsd1*)
+ ;;
+ kfreebsd*-gnu)
+ ;;
+ freebsd* | dragonfly*)
+ ;;
+ gnu*)
+ ;;
+ hpux9* | hpux10* | hpux11*)
+ case $host_cpu in
+ ia64*)
+ shrext=.so
+ ;;
+ hppa*64*)
+ shrext=.sl
+ ;;
+ *)
+ shrext=.sl
+ ;;
+ esac
+ ;;
+ interix3*)
+ ;;
+ irix5* | irix6* | nonstopux*)
+ case "$host_os" in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") libsuff= shlibsuff= ;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") libsuff=32 shlibsuff=N32 ;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") libsuff=64 shlibsuff=64 ;;
+ *) libsuff= shlibsuff= ;;
+ esac
+ ;;
+ esac
+ ;;
+ linux*oldld* | linux*aout* | linux*coff*)
+ ;;
+ linux*)
+ ;;
+ knetbsd*-gnu)
+ ;;
+ netbsd*)
+ ;;
+ newsos6)
+ ;;
+ nto-qnx*)
+ ;;
+ openbsd*)
+ ;;
+ os2*)
+ libname_spec='$name'
+ shrext=.dll
+ ;;
+ osf3* | osf4* | osf5*)
+ ;;
+ solaris*)
+ ;;
+ sunos4*)
+ ;;
+ sysv4 | sysv4.3*)
+ ;;
+ sysv4*MP*)
+ ;;
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ ;;
+ uts4*)
+ ;;
+esac
+
+sed_quote_subst='s/\(["`$\\]\)/\\\1/g'
+escaped_wl=`echo "X$wl" | sed -e 's/^X//' -e "$sed_quote_subst"`
+shlibext=`echo "$shrext" | sed -e 's,^\.,,'`
+escaped_hardcode_libdir_flag_spec=`echo "X$hardcode_libdir_flag_spec" | sed -e 's/^X//' -e "$sed_quote_subst"`
+
+LC_ALL=C sed -e 's/^\([a-zA-Z0-9_]*\)=/acl_cv_\1=/' <<EOF
+
+# How to pass a linker flag through the compiler.
+wl="$escaped_wl"
+
+# Static library suffix (normally "a").
+libext="$libext"
+
+# Shared library suffix (normally "so").
+shlibext="$shlibext"
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist.
+hardcode_libdir_flag_spec="$escaped_hardcode_libdir_flag_spec"
+
+# Whether we need a single -rpath flag with a separated argument.
+hardcode_libdir_separator="$hardcode_libdir_separator"
+
+# Set to yes if using DIR/libNAME.so during linking hardcodes DIR into the
+# resulting binary.
+hardcode_direct="$hardcode_direct"
+
+# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
+# resulting binary.
+hardcode_minus_L="$hardcode_minus_L"
+
+EOF
diff --git a/Linux-PAM/config.sub b/Linux-PAM/config.sub
new file mode 100755
index 00000000..fab0aa35
--- /dev/null
+++ b/Linux-PAM/config.sub
@@ -0,0 +1,1616 @@
+#! /bin/sh
+# Configuration validation subroutine script.
+# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
+# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation,
+# Inc.
+
+timestamp='2006-09-20'
+
+# This file is (in principle) common to ALL GNU software.
+# The presence of a machine in this file suggests that SOME GNU software
+# can handle that machine. It does not imply ALL GNU software can.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
+# 02110-1301, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+
+# Please send patches to <config-patches@gnu.org>. Submit a context
+# diff and a properly formatted ChangeLog entry.
+#
+# Configuration subroutine to validate and canonicalize a configuration type.
+# Supply the specified configuration type as an argument.
+# If it is invalid, we print an error message on stderr and exit with code 1.
+# Otherwise, we print the canonical config type on stdout and succeed.
+
+# This file is supposed to be the same for all GNU packages
+# and recognize all the CPU types, system types and aliases
+# that are meaningful with *any* GNU software.
+# Each package is responsible for reporting which valid configurations
+# it does not support. The user should be able to distinguish
+# a failure to support a valid configuration from a meaningless
+# configuration.
+
+# The goal of this file is to map all the various variations of a given
+# machine specification into a single specification in the form:
+# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# or in some cases, the newer four-part form:
+# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
+# It is wrong to echo any other type of specification.
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION] CPU-MFR-OPSYS
+ $0 [OPTION] ALIAS
+
+Canonicalize a configuration name.
+
+Operation modes:
+ -h, --help print this help, then exit
+ -t, --time-stamp print date of last modification, then exit
+ -v, --version print version number, then exit
+
+Report bugs and patches to <config-patches@gnu.org>."
+
+version="\
+GNU config.sub ($timestamp)
+
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005
+Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions. There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+ case $1 in
+ --time-stamp | --time* | -t )
+ echo "$timestamp" ; exit ;;
+ --version | -v )
+ echo "$version" ; exit ;;
+ --help | --h* | -h )
+ echo "$usage"; exit ;;
+ -- ) # Stop option processing
+ shift; break ;;
+ - ) # Use stdin as input.
+ break ;;
+ -* )
+ echo "$me: invalid option $1$help"
+ exit 1 ;;
+
+ *local*)
+ # First pass through any local machine types.
+ echo $1
+ exit ;;
+
+ * )
+ break ;;
+ esac
+done
+
+case $# in
+ 0) echo "$me: missing argument$help" >&2
+ exit 1;;
+ 1) ;;
+ *) echo "$me: too many arguments$help" >&2
+ exit 1;;
+esac
+
+# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
+# Here we must recognize all the valid KERNEL-OS combinations.
+maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
+case $maybe_os in
+ nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
+ uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
+ storm-chaos* | os2-emx* | rtmk-nova*)
+ os=-$maybe_os
+ basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
+ ;;
+ *)
+ basic_machine=`echo $1 | sed 's/-[^-]*$//'`
+ if [ $basic_machine != $1 ]
+ then os=`echo $1 | sed 's/.*-/-/'`
+ else os=; fi
+ ;;
+esac
+
+### Let's recognize common machines as not being operating systems so
+### that things like config.sub decstation-3100 work. We also
+### recognize some manufacturers as not being operating systems, so we
+### can provide default operating systems below.
+case $os in
+ -sun*os*)
+ # Prevent following clause from handling this invalid input.
+ ;;
+ -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \
+ -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \
+ -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \
+ -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
+ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
+ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
+ -apple | -axis | -knuth | -cray)
+ os=
+ basic_machine=$1
+ ;;
+ -sim | -cisco | -oki | -wec | -winbond)
+ os=
+ basic_machine=$1
+ ;;
+ -scout)
+ ;;
+ -wrs)
+ os=-vxworks
+ basic_machine=$1
+ ;;
+ -chorusos*)
+ os=-chorusos
+ basic_machine=$1
+ ;;
+ -chorusrdb)
+ os=-chorusrdb
+ basic_machine=$1
+ ;;
+ -hiux*)
+ os=-hiuxwe2
+ ;;
+ -sco6)
+ os=-sco5v6
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco5)
+ os=-sco3.2v5
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco4)
+ os=-sco3.2v4
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco3.2.[4-9]*)
+ os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco3.2v[4-9]*)
+ # Don't forget version if it is 3.2v4 or newer.
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco5v6*)
+ # Don't forget version if it is 3.2v4 or newer.
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco*)
+ os=-sco3.2v2
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -udk*)
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -isc)
+ os=-isc2.2
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -clix*)
+ basic_machine=clipper-intergraph
+ ;;
+ -isc*)
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -lynx*)
+ os=-lynxos
+ ;;
+ -ptx*)
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
+ ;;
+ -windowsnt*)
+ os=`echo $os | sed -e 's/windowsnt/winnt/'`
+ ;;
+ -psos*)
+ os=-psos
+ ;;
+ -mint | -mint[0-9]*)
+ basic_machine=m68k-atari
+ os=-mint
+ ;;
+esac
+
+# Decode aliases for certain CPU-COMPANY combinations.
+case $basic_machine in
+ # Recognize the basic CPU types without company name.
+ # Some are omitted here because they have special meanings below.
+ 1750a | 580 \
+ | a29k \
+ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
+ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
+ | am33_2.0 \
+ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \
+ | bfin \
+ | c4x | clipper \
+ | d10v | d30v | dlx | dsp16xx \
+ | fr30 | frv \
+ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
+ | i370 | i860 | i960 | ia64 \
+ | ip2k | iq2000 \
+ | m32c | m32r | m32rle | m68000 | m68k | m88k \
+ | maxq | mb | microblaze | mcore \
+ | mips | mipsbe | mipseb | mipsel | mipsle \
+ | mips16 \
+ | mips64 | mips64el \
+ | mips64vr | mips64vrel \
+ | mips64orion | mips64orionel \
+ | mips64vr4100 | mips64vr4100el \
+ | mips64vr4300 | mips64vr4300el \
+ | mips64vr5000 | mips64vr5000el \
+ | mips64vr5900 | mips64vr5900el \
+ | mipsisa32 | mipsisa32el \
+ | mipsisa32r2 | mipsisa32r2el \
+ | mipsisa64 | mipsisa64el \
+ | mipsisa64r2 | mipsisa64r2el \
+ | mipsisa64sb1 | mipsisa64sb1el \
+ | mipsisa64sr71k | mipsisa64sr71kel \
+ | mipstx39 | mipstx39el \
+ | mn10200 | mn10300 \
+ | mt \
+ | msp430 \
+ | nios | nios2 \
+ | ns16k | ns32k \
+ | or32 \
+ | pdp10 | pdp11 | pj | pjl \
+ | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
+ | pyramid \
+ | score \
+ | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
+ | sh64 | sh64le \
+ | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
+ | sparcv8 | sparcv9 | sparcv9b | sparcv9v \
+ | spu | strongarm \
+ | tahoe | thumb | tic4x | tic80 | tron \
+ | v850 | v850e \
+ | we32k \
+ | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
+ | z8k)
+ basic_machine=$basic_machine-unknown
+ ;;
+ m6811 | m68hc11 | m6812 | m68hc12)
+ # Motorola 68HC11/12.
+ basic_machine=$basic_machine-unknown
+ os=-none
+ ;;
+ m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
+ ;;
+ ms1)
+ basic_machine=mt-unknown
+ ;;
+
+ # We use `pc' rather than `unknown'
+ # because (1) that's what they normally are, and
+ # (2) the word "unknown" tends to confuse beginning users.
+ i*86 | x86_64)
+ basic_machine=$basic_machine-pc
+ ;;
+ # Object if more than one company name word.
+ *-*-*)
+ echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+ exit 1
+ ;;
+ # Recognize the basic CPU types with company name.
+ 580-* \
+ | a29k-* \
+ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
+ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
+ | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
+ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \
+ | avr-* | avr32-* \
+ | bfin-* | bs2000-* \
+ | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
+ | clipper-* | craynv-* | cydra-* \
+ | d10v-* | d30v-* | dlx-* \
+ | elxsi-* \
+ | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
+ | h8300-* | h8500-* \
+ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
+ | i*86-* | i860-* | i960-* | ia64-* \
+ | ip2k-* | iq2000-* \
+ | m32c-* | m32r-* | m32rle-* \
+ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
+ | m88110-* | m88k-* | maxq-* | mcore-* \
+ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
+ | mips16-* \
+ | mips64-* | mips64el-* \
+ | mips64vr-* | mips64vrel-* \
+ | mips64orion-* | mips64orionel-* \
+ | mips64vr4100-* | mips64vr4100el-* \
+ | mips64vr4300-* | mips64vr4300el-* \
+ | mips64vr5000-* | mips64vr5000el-* \
+ | mips64vr5900-* | mips64vr5900el-* \
+ | mipsisa32-* | mipsisa32el-* \
+ | mipsisa32r2-* | mipsisa32r2el-* \
+ | mipsisa64-* | mipsisa64el-* \
+ | mipsisa64r2-* | mipsisa64r2el-* \
+ | mipsisa64sb1-* | mipsisa64sb1el-* \
+ | mipsisa64sr71k-* | mipsisa64sr71kel-* \
+ | mipstx39-* | mipstx39el-* \
+ | mmix-* \
+ | mt-* \
+ | msp430-* \
+ | nios-* | nios2-* \
+ | none-* | np1-* | ns16k-* | ns32k-* \
+ | orion-* \
+ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
+ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
+ | pyramid-* \
+ | romp-* | rs6000-* \
+ | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
+ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
+ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
+ | sparclite-* \
+ | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
+ | tahoe-* | thumb-* \
+ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
+ | tron-* \
+ | v850-* | v850e-* | vax-* \
+ | we32k-* \
+ | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
+ | xstormy16-* | xtensa-* \
+ | ymp-* \
+ | z8k-*)
+ ;;
+ # Recognize the various machine names and aliases which stand
+ # for a CPU type and a company and sometimes even an OS.
+ 386bsd)
+ basic_machine=i386-unknown
+ os=-bsd
+ ;;
+ 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
+ basic_machine=m68000-att
+ ;;
+ 3b*)
+ basic_machine=we32k-att
+ ;;
+ a29khif)
+ basic_machine=a29k-amd
+ os=-udi
+ ;;
+ abacus)
+ basic_machine=abacus-unknown
+ ;;
+ adobe68k)
+ basic_machine=m68010-adobe
+ os=-scout
+ ;;
+ alliant | fx80)
+ basic_machine=fx80-alliant
+ ;;
+ altos | altos3068)
+ basic_machine=m68k-altos
+ ;;
+ am29k)
+ basic_machine=a29k-none
+ os=-bsd
+ ;;
+ amd64)
+ basic_machine=x86_64-pc
+ ;;
+ amd64-*)
+ basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ amdahl)
+ basic_machine=580-amdahl
+ os=-sysv
+ ;;
+ amiga | amiga-*)
+ basic_machine=m68k-unknown
+ ;;
+ amigaos | amigados)
+ basic_machine=m68k-unknown
+ os=-amigaos
+ ;;
+ amigaunix | amix)
+ basic_machine=m68k-unknown
+ os=-sysv4
+ ;;
+ apollo68)
+ basic_machine=m68k-apollo
+ os=-sysv
+ ;;
+ apollo68bsd)
+ basic_machine=m68k-apollo
+ os=-bsd
+ ;;
+ aux)
+ basic_machine=m68k-apple
+ os=-aux
+ ;;
+ balance)
+ basic_machine=ns32k-sequent
+ os=-dynix
+ ;;
+ c90)
+ basic_machine=c90-cray
+ os=-unicos
+ ;;
+ convex-c1)
+ basic_machine=c1-convex
+ os=-bsd
+ ;;
+ convex-c2)
+ basic_machine=c2-convex
+ os=-bsd
+ ;;
+ convex-c32)
+ basic_machine=c32-convex
+ os=-bsd
+ ;;
+ convex-c34)
+ basic_machine=c34-convex
+ os=-bsd
+ ;;
+ convex-c38)
+ basic_machine=c38-convex
+ os=-bsd
+ ;;
+ cray | j90)
+ basic_machine=j90-cray
+ os=-unicos
+ ;;
+ craynv)
+ basic_machine=craynv-cray
+ os=-unicosmp
+ ;;
+ cr16c)
+ basic_machine=cr16c-unknown
+ os=-elf
+ ;;
+ crds | unos)
+ basic_machine=m68k-crds
+ ;;
+ crisv32 | crisv32-* | etraxfs*)
+ basic_machine=crisv32-axis
+ ;;
+ cris | cris-* | etrax*)
+ basic_machine=cris-axis
+ ;;
+ crx)
+ basic_machine=crx-unknown
+ os=-elf
+ ;;
+ da30 | da30-*)
+ basic_machine=m68k-da30
+ ;;
+ decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
+ basic_machine=mips-dec
+ ;;
+ decsystem10* | dec10*)
+ basic_machine=pdp10-dec
+ os=-tops10
+ ;;
+ decsystem20* | dec20*)
+ basic_machine=pdp10-dec
+ os=-tops20
+ ;;
+ delta | 3300 | motorola-3300 | motorola-delta \
+ | 3300-motorola | delta-motorola)
+ basic_machine=m68k-motorola
+ ;;
+ delta88)
+ basic_machine=m88k-motorola
+ os=-sysv3
+ ;;
+ djgpp)
+ basic_machine=i586-pc
+ os=-msdosdjgpp
+ ;;
+ dpx20 | dpx20-*)
+ basic_machine=rs6000-bull
+ os=-bosx
+ ;;
+ dpx2* | dpx2*-bull)
+ basic_machine=m68k-bull
+ os=-sysv3
+ ;;
+ ebmon29k)
+ basic_machine=a29k-amd
+ os=-ebmon
+ ;;
+ elxsi)
+ basic_machine=elxsi-elxsi
+ os=-bsd
+ ;;
+ encore | umax | mmax)
+ basic_machine=ns32k-encore
+ ;;
+ es1800 | OSE68k | ose68k | ose | OSE)
+ basic_machine=m68k-ericsson
+ os=-ose
+ ;;
+ fx2800)
+ basic_machine=i860-alliant
+ ;;
+ genix)
+ basic_machine=ns32k-ns
+ ;;
+ gmicro)
+ basic_machine=tron-gmicro
+ os=-sysv
+ ;;
+ go32)
+ basic_machine=i386-pc
+ os=-go32
+ ;;
+ h3050r* | hiux*)
+ basic_machine=hppa1.1-hitachi
+ os=-hiuxwe2
+ ;;
+ h8300hms)
+ basic_machine=h8300-hitachi
+ os=-hms
+ ;;
+ h8300xray)
+ basic_machine=h8300-hitachi
+ os=-xray
+ ;;
+ h8500hms)
+ basic_machine=h8500-hitachi
+ os=-hms
+ ;;
+ harris)
+ basic_machine=m88k-harris
+ os=-sysv3
+ ;;
+ hp300-*)
+ basic_machine=m68k-hp
+ ;;
+ hp300bsd)
+ basic_machine=m68k-hp
+ os=-bsd
+ ;;
+ hp300hpux)
+ basic_machine=m68k-hp
+ os=-hpux
+ ;;
+ hp3k9[0-9][0-9] | hp9[0-9][0-9])
+ basic_machine=hppa1.0-hp
+ ;;
+ hp9k2[0-9][0-9] | hp9k31[0-9])
+ basic_machine=m68000-hp
+ ;;
+ hp9k3[2-9][0-9])
+ basic_machine=m68k-hp
+ ;;
+ hp9k6[0-9][0-9] | hp6[0-9][0-9])
+ basic_machine=hppa1.0-hp
+ ;;
+ hp9k7[0-79][0-9] | hp7[0-79][0-9])
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k78[0-9] | hp78[0-9])
+ # FIXME: really hppa2.0-hp
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893)
+ # FIXME: really hppa2.0-hp
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k8[0-9][13679] | hp8[0-9][13679])
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k8[0-9][0-9] | hp8[0-9][0-9])
+ basic_machine=hppa1.0-hp
+ ;;
+ hppa-next)
+ os=-nextstep3
+ ;;
+ hppaosf)
+ basic_machine=hppa1.1-hp
+ os=-osf
+ ;;
+ hppro)
+ basic_machine=hppa1.1-hp
+ os=-proelf
+ ;;
+ i370-ibm* | ibm*)
+ basic_machine=i370-ibm
+ ;;
+# I'm not sure what "Sysv32" means. Should this be sysv3.2?
+ i*86v32)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-sysv32
+ ;;
+ i*86v4*)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-sysv4
+ ;;
+ i*86v)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-sysv
+ ;;
+ i*86sol2)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-solaris2
+ ;;
+ i386mach)
+ basic_machine=i386-mach
+ os=-mach
+ ;;
+ i386-vsta | vsta)
+ basic_machine=i386-unknown
+ os=-vsta
+ ;;
+ iris | iris4d)
+ basic_machine=mips-sgi
+ case $os in
+ -irix*)
+ ;;
+ *)
+ os=-irix4
+ ;;
+ esac
+ ;;
+ isi68 | isi)
+ basic_machine=m68k-isi
+ os=-sysv
+ ;;
+ m88k-omron*)
+ basic_machine=m88k-omron
+ ;;
+ magnum | m3230)
+ basic_machine=mips-mips
+ os=-sysv
+ ;;
+ merlin)
+ basic_machine=ns32k-utek
+ os=-sysv
+ ;;
+ mingw32)
+ basic_machine=i386-pc
+ os=-mingw32
+ ;;
+ miniframe)
+ basic_machine=m68000-convergent
+ ;;
+ *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*)
+ basic_machine=m68k-atari
+ os=-mint
+ ;;
+ mips3*-*)
+ basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
+ ;;
+ mips3*)
+ basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
+ ;;
+ monitor)
+ basic_machine=m68k-rom68k
+ os=-coff
+ ;;
+ morphos)
+ basic_machine=powerpc-unknown
+ os=-morphos
+ ;;
+ msdos)
+ basic_machine=i386-pc
+ os=-msdos
+ ;;
+ ms1-*)
+ basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
+ ;;
+ mvs)
+ basic_machine=i370-ibm
+ os=-mvs
+ ;;
+ ncr3000)
+ basic_machine=i486-ncr
+ os=-sysv4
+ ;;
+ netbsd386)
+ basic_machine=i386-unknown
+ os=-netbsd
+ ;;
+ netwinder)
+ basic_machine=armv4l-rebel
+ os=-linux
+ ;;
+ news | news700 | news800 | news900)
+ basic_machine=m68k-sony
+ os=-newsos
+ ;;
+ news1000)
+ basic_machine=m68030-sony
+ os=-newsos
+ ;;
+ news-3600 | risc-news)
+ basic_machine=mips-sony
+ os=-newsos
+ ;;
+ necv70)
+ basic_machine=v70-nec
+ os=-sysv
+ ;;
+ next | m*-next )
+ basic_machine=m68k-next
+ case $os in
+ -nextstep* )
+ ;;
+ -ns2*)
+ os=-nextstep2
+ ;;
+ *)
+ os=-nextstep3
+ ;;
+ esac
+ ;;
+ nh3000)
+ basic_machine=m68k-harris
+ os=-cxux
+ ;;
+ nh[45]000)
+ basic_machine=m88k-harris
+ os=-cxux
+ ;;
+ nindy960)
+ basic_machine=i960-intel
+ os=-nindy
+ ;;
+ mon960)
+ basic_machine=i960-intel
+ os=-mon960
+ ;;
+ nonstopux)
+ basic_machine=mips-compaq
+ os=-nonstopux
+ ;;
+ np1)
+ basic_machine=np1-gould
+ ;;
+ nsr-tandem)
+ basic_machine=nsr-tandem
+ ;;
+ op50n-* | op60c-*)
+ basic_machine=hppa1.1-oki
+ os=-proelf
+ ;;
+ openrisc | openrisc-*)
+ basic_machine=or32-unknown
+ ;;
+ os400)
+ basic_machine=powerpc-ibm
+ os=-os400
+ ;;
+ OSE68000 | ose68000)
+ basic_machine=m68000-ericsson
+ os=-ose
+ ;;
+ os68k)
+ basic_machine=m68k-none
+ os=-os68k
+ ;;
+ pa-hitachi)
+ basic_machine=hppa1.1-hitachi
+ os=-hiuxwe2
+ ;;
+ paragon)
+ basic_machine=i860-intel
+ os=-osf
+ ;;
+ pbd)
+ basic_machine=sparc-tti
+ ;;
+ pbb)
+ basic_machine=m68k-tti
+ ;;
+ pc532 | pc532-*)
+ basic_machine=ns32k-pc532
+ ;;
+ pc98)
+ basic_machine=i386-pc
+ ;;
+ pc98-*)
+ basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pentium | p5 | k5 | k6 | nexgen | viac3)
+ basic_machine=i586-pc
+ ;;
+ pentiumpro | p6 | 6x86 | athlon | athlon_*)
+ basic_machine=i686-pc
+ ;;
+ pentiumii | pentium2 | pentiumiii | pentium3)
+ basic_machine=i686-pc
+ ;;
+ pentium4)
+ basic_machine=i786-pc
+ ;;
+ pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
+ basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pentiumpro-* | p6-* | 6x86-* | athlon-*)
+ basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*)
+ basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pentium4-*)
+ basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pn)
+ basic_machine=pn-gould
+ ;;
+ power) basic_machine=power-ibm
+ ;;
+ ppc) basic_machine=powerpc-unknown
+ ;;
+ ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ppcle | powerpclittle | ppc-le | powerpc-little)
+ basic_machine=powerpcle-unknown
+ ;;
+ ppcle-* | powerpclittle-*)
+ basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ppc64) basic_machine=powerpc64-unknown
+ ;;
+ ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ppc64le | powerpc64little | ppc64-le | powerpc64-little)
+ basic_machine=powerpc64le-unknown
+ ;;
+ ppc64le-* | powerpc64little-*)
+ basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ps2)
+ basic_machine=i386-ibm
+ ;;
+ pw32)
+ basic_machine=i586-unknown
+ os=-pw32
+ ;;
+ rdos)
+ basic_machine=i386-pc
+ os=-rdos
+ ;;
+ rom68k)
+ basic_machine=m68k-rom68k
+ os=-coff
+ ;;
+ rm[46]00)
+ basic_machine=mips-siemens
+ ;;
+ rtpc | rtpc-*)
+ basic_machine=romp-ibm
+ ;;
+ s390 | s390-*)
+ basic_machine=s390-ibm
+ ;;
+ s390x | s390x-*)
+ basic_machine=s390x-ibm
+ ;;
+ sa29200)
+ basic_machine=a29k-amd
+ os=-udi
+ ;;
+ sb1)
+ basic_machine=mipsisa64sb1-unknown
+ ;;
+ sb1el)
+ basic_machine=mipsisa64sb1el-unknown
+ ;;
+ sde)
+ basic_machine=mipsisa32-sde
+ os=-elf
+ ;;
+ sei)
+ basic_machine=mips-sei
+ os=-seiux
+ ;;
+ sequent)
+ basic_machine=i386-sequent
+ ;;
+ sh)
+ basic_machine=sh-hitachi
+ os=-hms
+ ;;
+ sh64)
+ basic_machine=sh64-unknown
+ ;;
+ sparclite-wrs | simso-wrs)
+ basic_machine=sparclite-wrs
+ os=-vxworks
+ ;;
+ sps7)
+ basic_machine=m68k-bull
+ os=-sysv2
+ ;;
+ spur)
+ basic_machine=spur-unknown
+ ;;
+ st2000)
+ basic_machine=m68k-tandem
+ ;;
+ stratus)
+ basic_machine=i860-stratus
+ os=-sysv4
+ ;;
+ sun2)
+ basic_machine=m68000-sun
+ ;;
+ sun2os3)
+ basic_machine=m68000-sun
+ os=-sunos3
+ ;;
+ sun2os4)
+ basic_machine=m68000-sun
+ os=-sunos4
+ ;;
+ sun3os3)
+ basic_machine=m68k-sun
+ os=-sunos3
+ ;;
+ sun3os4)
+ basic_machine=m68k-sun
+ os=-sunos4
+ ;;
+ sun4os3)
+ basic_machine=sparc-sun
+ os=-sunos3
+ ;;
+ sun4os4)
+ basic_machine=sparc-sun
+ os=-sunos4
+ ;;
+ sun4sol2)
+ basic_machine=sparc-sun
+ os=-solaris2
+ ;;
+ sun3 | sun3-*)
+ basic_machine=m68k-sun
+ ;;
+ sun4)
+ basic_machine=sparc-sun
+ ;;
+ sun386 | sun386i | roadrunner)
+ basic_machine=i386-sun
+ ;;
+ sv1)
+ basic_machine=sv1-cray
+ os=-unicos
+ ;;
+ symmetry)
+ basic_machine=i386-sequent
+ os=-dynix
+ ;;
+ t3e)
+ basic_machine=alphaev5-cray
+ os=-unicos
+ ;;
+ t90)
+ basic_machine=t90-cray
+ os=-unicos
+ ;;
+ tic54x | c54x*)
+ basic_machine=tic54x-unknown
+ os=-coff
+ ;;
+ tic55x | c55x*)
+ basic_machine=tic55x-unknown
+ os=-coff
+ ;;
+ tic6x | c6x*)
+ basic_machine=tic6x-unknown
+ os=-coff
+ ;;
+ tx39)
+ basic_machine=mipstx39-unknown
+ ;;
+ tx39el)
+ basic_machine=mipstx39el-unknown
+ ;;
+ toad1)
+ basic_machine=pdp10-xkl
+ os=-tops20
+ ;;
+ tower | tower-32)
+ basic_machine=m68k-ncr
+ ;;
+ tpf)
+ basic_machine=s390x-ibm
+ os=-tpf
+ ;;
+ udi29k)
+ basic_machine=a29k-amd
+ os=-udi
+ ;;
+ ultra3)
+ basic_machine=a29k-nyu
+ os=-sym1
+ ;;
+ v810 | necv810)
+ basic_machine=v810-nec
+ os=-none
+ ;;
+ vaxv)
+ basic_machine=vax-dec
+ os=-sysv
+ ;;
+ vms)
+ basic_machine=vax-dec
+ os=-vms
+ ;;
+ vpp*|vx|vx-*)
+ basic_machine=f301-fujitsu
+ ;;
+ vxworks960)
+ basic_machine=i960-wrs
+ os=-vxworks
+ ;;
+ vxworks68)
+ basic_machine=m68k-wrs
+ os=-vxworks
+ ;;
+ vxworks29k)
+ basic_machine=a29k-wrs
+ os=-vxworks
+ ;;
+ w65*)
+ basic_machine=w65-wdc
+ os=-none
+ ;;
+ w89k-*)
+ basic_machine=hppa1.1-winbond
+ os=-proelf
+ ;;
+ xbox)
+ basic_machine=i686-pc
+ os=-mingw32
+ ;;
+ xps | xps100)
+ basic_machine=xps100-honeywell
+ ;;
+ ymp)
+ basic_machine=ymp-cray
+ os=-unicos
+ ;;
+ z8k-*-coff)
+ basic_machine=z8k-unknown
+ os=-sim
+ ;;
+ none)
+ basic_machine=none-none
+ os=-none
+ ;;
+
+# Here we handle the default manufacturer of certain CPU types. It is in
+# some cases the only manufacturer, in others, it is the most popular.
+ w89k)
+ basic_machine=hppa1.1-winbond
+ ;;
+ op50n)
+ basic_machine=hppa1.1-oki
+ ;;
+ op60c)
+ basic_machine=hppa1.1-oki
+ ;;
+ romp)
+ basic_machine=romp-ibm
+ ;;
+ mmix)
+ basic_machine=mmix-knuth
+ ;;
+ rs6000)
+ basic_machine=rs6000-ibm
+ ;;
+ vax)
+ basic_machine=vax-dec
+ ;;
+ pdp10)
+ # there are many clones, so DEC is not a safe bet
+ basic_machine=pdp10-unknown
+ ;;
+ pdp11)
+ basic_machine=pdp11-dec
+ ;;
+ we32k)
+ basic_machine=we32k-att
+ ;;
+ sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele)
+ basic_machine=sh-unknown
+ ;;
+ sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)
+ basic_machine=sparc-sun
+ ;;
+ cydra)
+ basic_machine=cydra-cydrome
+ ;;
+ orion)
+ basic_machine=orion-highlevel
+ ;;
+ orion105)
+ basic_machine=clipper-highlevel
+ ;;
+ mac | mpw | mac-mpw)
+ basic_machine=m68k-apple
+ ;;
+ pmac | pmac-mpw)
+ basic_machine=powerpc-apple
+ ;;
+ *-unknown)
+ # Make sure to match an already-canonicalized machine name.
+ ;;
+ *)
+ echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+ exit 1
+ ;;
+esac
+
+# Here we canonicalize certain aliases for manufacturers.
+case $basic_machine in
+ *-digital*)
+ basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
+ ;;
+ *-commodore*)
+ basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
+ ;;
+ *)
+ ;;
+esac
+
+# Decode manufacturer-specific aliases for certain operating systems.
+
+if [ x"$os" != x"" ]
+then
+case $os in
+ # First match some system type aliases
+ # that might get confused with valid system types.
+ # -solaris* is a basic system type, with this one exception.
+ -solaris1 | -solaris1.*)
+ os=`echo $os | sed -e 's|solaris1|sunos4|'`
+ ;;
+ -solaris)
+ os=-solaris2
+ ;;
+ -svr4*)
+ os=-sysv4
+ ;;
+ -unixware*)
+ os=-sysv4.2uw
+ ;;
+ -gnu/linux*)
+ os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
+ ;;
+ # First accept the basic system types.
+ # The portable systems comes first.
+ # Each alternative MUST END IN A *, to match a version number.
+ # -sysv* is not here because it comes later, after sysvr4.
+ -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
+ | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
+ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
+ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
+ | -aos* \
+ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
+ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
+ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
+ | -openbsd* | -solidbsd* \
+ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
+ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
+ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
+ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
+ | -chorusos* | -chorusrdb* \
+ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
+ | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
+ | -uxpv* | -beos* | -mpeix* | -udk* \
+ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
+ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
+ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
+ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
+ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
+ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
+ | -skyos* | -haiku* | -rdos* | -toppers*)
+ # Remember, each alternative MUST END IN *, to match a version number.
+ ;;
+ -qnx*)
+ case $basic_machine in
+ x86-* | i*86-*)
+ ;;
+ *)
+ os=-nto$os
+ ;;
+ esac
+ ;;
+ -nto-qnx*)
+ ;;
+ -nto*)
+ os=`echo $os | sed -e 's|nto|nto-qnx|'`
+ ;;
+ -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
+ | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \
+ | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
+ ;;
+ -mac*)
+ os=`echo $os | sed -e 's|mac|macos|'`
+ ;;
+ -linux-dietlibc)
+ os=-linux-dietlibc
+ ;;
+ -linux*)
+ os=`echo $os | sed -e 's|linux|linux-gnu|'`
+ ;;
+ -sunos5*)
+ os=`echo $os | sed -e 's|sunos5|solaris2|'`
+ ;;
+ -sunos6*)
+ os=`echo $os | sed -e 's|sunos6|solaris3|'`
+ ;;
+ -opened*)
+ os=-openedition
+ ;;
+ -os400*)
+ os=-os400
+ ;;
+ -wince*)
+ os=-wince
+ ;;
+ -osfrose*)
+ os=-osfrose
+ ;;
+ -osf*)
+ os=-osf
+ ;;
+ -utek*)
+ os=-bsd
+ ;;
+ -dynix*)
+ os=-bsd
+ ;;
+ -acis*)
+ os=-aos
+ ;;
+ -atheos*)
+ os=-atheos
+ ;;
+ -syllable*)
+ os=-syllable
+ ;;
+ -386bsd)
+ os=-bsd
+ ;;
+ -ctix* | -uts*)
+ os=-sysv
+ ;;
+ -nova*)
+ os=-rtmk-nova
+ ;;
+ -ns2 )
+ os=-nextstep2
+ ;;
+ -nsk*)
+ os=-nsk
+ ;;
+ # Preserve the version number of sinix5.
+ -sinix5.*)
+ os=`echo $os | sed -e 's|sinix|sysv|'`
+ ;;
+ -sinix*)
+ os=-sysv4
+ ;;
+ -tpf*)
+ os=-tpf
+ ;;
+ -triton*)
+ os=-sysv3
+ ;;
+ -oss*)
+ os=-sysv3
+ ;;
+ -svr4)
+ os=-sysv4
+ ;;
+ -svr3)
+ os=-sysv3
+ ;;
+ -sysvr4)
+ os=-sysv4
+ ;;
+ # This must come after -sysvr4.
+ -sysv*)
+ ;;
+ -ose*)
+ os=-ose
+ ;;
+ -es1800*)
+ os=-ose
+ ;;
+ -xenix)
+ os=-xenix
+ ;;
+ -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+ os=-mint
+ ;;
+ -aros*)
+ os=-aros
+ ;;
+ -kaos*)
+ os=-kaos
+ ;;
+ -zvmoe)
+ os=-zvmoe
+ ;;
+ -none)
+ ;;
+ *)
+ # Get rid of the `-' at the beginning of $os.
+ os=`echo $os | sed 's/[^-]*-//'`
+ echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
+ exit 1
+ ;;
+esac
+else
+
+# Here we handle the default operating systems that come with various machines.
+# The value should be what the vendor currently ships out the door with their
+# machine or put another way, the most popular os provided with the machine.
+
+# Note that if you're going to try to match "-MANUFACTURER" here (say,
+# "-sun"), then you have to tell the case statement up towards the top
+# that MANUFACTURER isn't an operating system. Otherwise, code above
+# will signal an error saying that MANUFACTURER isn't an operating
+# system, and we'll never get to this point.
+
+case $basic_machine in
+ score-*)
+ os=-elf
+ ;;
+ spu-*)
+ os=-elf
+ ;;
+ *-acorn)
+ os=-riscix1.2
+ ;;
+ arm*-rebel)
+ os=-linux
+ ;;
+ arm*-semi)
+ os=-aout
+ ;;
+ c4x-* | tic4x-*)
+ os=-coff
+ ;;
+ # This must come before the *-dec entry.
+ pdp10-*)
+ os=-tops20
+ ;;
+ pdp11-*)
+ os=-none
+ ;;
+ *-dec | vax-*)
+ os=-ultrix4.2
+ ;;
+ m68*-apollo)
+ os=-domain
+ ;;
+ i386-sun)
+ os=-sunos4.0.2
+ ;;
+ m68000-sun)
+ os=-sunos3
+ # This also exists in the configure program, but was not the
+ # default.
+ # os=-sunos4
+ ;;
+ m68*-cisco)
+ os=-aout
+ ;;
+ mips*-cisco)
+ os=-elf
+ ;;
+ mips*-*)
+ os=-elf
+ ;;
+ or32-*)
+ os=-coff
+ ;;
+ *-tti) # must be before sparc entry or we get the wrong os.
+ os=-sysv3
+ ;;
+ sparc-* | *-sun)
+ os=-sunos4.1.1
+ ;;
+ *-be)
+ os=-beos
+ ;;
+ *-haiku)
+ os=-haiku
+ ;;
+ *-ibm)
+ os=-aix
+ ;;
+ *-knuth)
+ os=-mmixware
+ ;;
+ *-wec)
+ os=-proelf
+ ;;
+ *-winbond)
+ os=-proelf
+ ;;
+ *-oki)
+ os=-proelf
+ ;;
+ *-hp)
+ os=-hpux
+ ;;
+ *-hitachi)
+ os=-hiux
+ ;;
+ i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
+ os=-sysv
+ ;;
+ *-cbm)
+ os=-amigaos
+ ;;
+ *-dg)
+ os=-dgux
+ ;;
+ *-dolphin)
+ os=-sysv3
+ ;;
+ m68k-ccur)
+ os=-rtu
+ ;;
+ m88k-omron*)
+ os=-luna
+ ;;
+ *-next )
+ os=-nextstep
+ ;;
+ *-sequent)
+ os=-ptx
+ ;;
+ *-crds)
+ os=-unos
+ ;;
+ *-ns)
+ os=-genix
+ ;;
+ i370-*)
+ os=-mvs
+ ;;
+ *-next)
+ os=-nextstep3
+ ;;
+ *-gould)
+ os=-sysv
+ ;;
+ *-highlevel)
+ os=-bsd
+ ;;
+ *-encore)
+ os=-bsd
+ ;;
+ *-sgi)
+ os=-irix
+ ;;
+ *-siemens)
+ os=-sysv4
+ ;;
+ *-masscomp)
+ os=-rtu
+ ;;
+ f30[01]-fujitsu | f700-fujitsu)
+ os=-uxpv
+ ;;
+ *-rom68k)
+ os=-coff
+ ;;
+ *-*bug)
+ os=-coff
+ ;;
+ *-apple)
+ os=-macos
+ ;;
+ *-atari*)
+ os=-mint
+ ;;
+ *)
+ os=-none
+ ;;
+esac
+fi
+
+# Here we handle the case where we know the os, and the CPU type, but not the
+# manufacturer. We pick the logical manufacturer.
+vendor=unknown
+case $basic_machine in
+ *-unknown)
+ case $os in
+ -riscix*)
+ vendor=acorn
+ ;;
+ -sunos*)
+ vendor=sun
+ ;;
+ -aix*)
+ vendor=ibm
+ ;;
+ -beos*)
+ vendor=be
+ ;;
+ -hpux*)
+ vendor=hp
+ ;;
+ -mpeix*)
+ vendor=hp
+ ;;
+ -hiux*)
+ vendor=hitachi
+ ;;
+ -unos*)
+ vendor=crds
+ ;;
+ -dgux*)
+ vendor=dg
+ ;;
+ -luna*)
+ vendor=omron
+ ;;
+ -genix*)
+ vendor=ns
+ ;;
+ -mvs* | -opened*)
+ vendor=ibm
+ ;;
+ -os400*)
+ vendor=ibm
+ ;;
+ -ptx*)
+ vendor=sequent
+ ;;
+ -tpf*)
+ vendor=ibm
+ ;;
+ -vxsim* | -vxworks* | -windiss*)
+ vendor=wrs
+ ;;
+ -aux*)
+ vendor=apple
+ ;;
+ -hms*)
+ vendor=hitachi
+ ;;
+ -mpw* | -macos*)
+ vendor=apple
+ ;;
+ -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+ vendor=atari
+ ;;
+ -vos*)
+ vendor=stratus
+ ;;
+ esac
+ basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
+ ;;
+esac
+
+echo $basic_machine$os
+exit
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/Linux-PAM/configure b/Linux-PAM/configure
index 1d2c8591..b6c3f0a3 100755
--- a/Linux-PAM/configure
+++ b/Linux-PAM/configure
@@ -1,25 +1,54 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59.
+# Generated by GNU Autoconf 2.61.
#
-# Copyright (C) 2003 Free Software Foundation, Inc.
+# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
+# 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# This configure script is free software; the Free Software Foundation
# gives unlimited permission to copy, distribute and modify it.
## --------------------- ##
## M4sh Initialization. ##
## --------------------- ##
-# Be Bourne compatible
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
emulate sh
NULLCMD=:
# Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
# is contrary to our usage. Disable this feature.
alias -g '${1+"$@"}'='"$@"'
-elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then
- set -o posix
+ setopt NO_GLOB_SUBST
+else
+ case `(set -o) 2>/dev/null` in
+ *posix*) set -o posix ;;
+esac
+
+fi
+
+
+
+
+# PATH needs CR
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
+ fi
+ rm -f conf$$.sh
fi
-DUALCASE=1; export DUALCASE # for MKS sh
# Support unset when possible.
if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
@@ -29,8 +58,43 @@ else
fi
+# IFS
+# We need space, tab and new line, in precisely that order. Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+as_nl='
+'
+IFS=" "" $as_nl"
+
+# Find who we are. Look in the path if we contain no directory separator.
+case $0 in
+ *[\\/]* ) as_myself=$0 ;;
+ *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+done
+IFS=$as_save_IFS
+
+ ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+ as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+ echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+ { (exit 1); exit 1; }
+fi
+
# Work around bugs in pre-3.0 UWIN ksh.
-$as_unset ENV MAIL MAILPATH
+for as_var in ENV MAIL MAILPATH
+do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
+done
PS1='$ '
PS2='> '
PS4='+ '
@@ -44,18 +108,19 @@ do
if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
eval $as_var=C; export $as_var
else
- $as_unset $as_var
+ ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
fi
done
# Required to use basename.
-if expr a : '\(a\)' >/dev/null 2>&1; then
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+ test "X`expr 00001 : '.*\(...\)'`" = X001; then
as_expr=expr
else
as_expr=false
fi
-if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
as_basename=basename
else
as_basename=false
@@ -63,157 +128,388 @@ fi
# Name of the executable.
-as_me=`$as_basename "$0" ||
+as_me=`$as_basename -- "$0" ||
$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)$' \| \
- . : '\(.\)' 2>/dev/null ||
+ X"$0" : 'X\(/\)' \| . 2>/dev/null ||
echo X/"$0" |
- sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; }
- /^X\/\(\/\/\)$/{ s//\1/; q; }
- /^X\/\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
+ sed '/^.*\/\([^/][^/]*\)\/*$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+# CDPATH.
+$as_unset CDPATH
-# PATH needs CR, and LINENO needs CR and PATH.
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
- echo "#! /bin/sh" >conf$$.sh
- echo "exit 0" >>conf$$.sh
- chmod +x conf$$.sh
- if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
- PATH_SEPARATOR=';'
- else
- PATH_SEPARATOR=:
- fi
- rm -f conf$$.sh
+if test "x$CONFIG_SHELL" = x; then
+ if (eval ":") 2>/dev/null; then
+ as_have_required=yes
+else
+ as_have_required=no
fi
+ if test $as_have_required = yes && (eval ":
+(as_func_return () {
+ (exit \$1)
+}
+as_func_success () {
+ as_func_return 0
+}
+as_func_failure () {
+ as_func_return 1
+}
+as_func_ret_success () {
+ return 0
+}
+as_func_ret_failure () {
+ return 1
+}
- as_lineno_1=$LINENO
- as_lineno_2=$LINENO
- as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
- test "x$as_lineno_1" != "x$as_lineno_2" &&
- test "x$as_lineno_3" = "x$as_lineno_2" || {
- # Find who we are. Look in the path if we contain no path at all
- # relative or not.
- case $0 in
- *[\\/]* ) as_myself=$0 ;;
- *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
-done
+exitcode=0
+if as_func_success; then
+ :
+else
+ exitcode=1
+ echo as_func_success failed.
+fi
- ;;
- esac
- # We did not find ourselves, most probably we were run as `sh COMMAND'
- # in which case we are not to be found in the path.
- if test "x$as_myself" = x; then
- as_myself=$0
- fi
- if test ! -f "$as_myself"; then
- { echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2
- { (exit 1); exit 1; }; }
- fi
- case $CONFIG_SHELL in
- '')
+if as_func_failure; then
+ exitcode=1
+ echo as_func_failure succeeded.
+fi
+
+if as_func_ret_success; then
+ :
+else
+ exitcode=1
+ echo as_func_ret_success failed.
+fi
+
+if as_func_ret_failure; then
+ exitcode=1
+ echo as_func_ret_failure succeeded.
+fi
+
+if ( set x; as_func_ret_success y && test x = \"\$1\" ); then
+ :
+else
+ exitcode=1
+ echo positional parameters were not saved.
+fi
+
+test \$exitcode = 0) || { (exit 1); exit 1; }
+
+(
+ as_lineno_1=\$LINENO
+ as_lineno_2=\$LINENO
+ test \"x\$as_lineno_1\" != \"x\$as_lineno_2\" &&
+ test \"x\`expr \$as_lineno_1 + 1\`\" = \"x\$as_lineno_2\") || { (exit 1); exit 1; }
+") 2> /dev/null; then
+ :
+else
+ as_candidate_shells=
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
- for as_base in sh bash ksh sh5; do
- case $as_dir in
+ case $as_dir in
/*)
- if ("$as_dir/$as_base" -c '
+ for as_base in sh bash ksh sh5; do
+ as_candidate_shells="$as_candidate_shells $as_dir/$as_base"
+ done;;
+ esac
+done
+IFS=$as_save_IFS
+
+
+ for as_shell in $as_candidate_shells $SHELL; do
+ # Try only shells that exist, to save several forks.
+ if { test -f "$as_shell" || test -f "$as_shell.exe"; } &&
+ { ("$as_shell") 2> /dev/null <<\_ASEOF
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+ emulate sh
+ NULLCMD=:
+ # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '${1+"$@"}'='"$@"'
+ setopt NO_GLOB_SUBST
+else
+ case `(set -o) 2>/dev/null` in
+ *posix*) set -o posix ;;
+esac
+
+fi
+
+
+:
+_ASEOF
+}; then
+ CONFIG_SHELL=$as_shell
+ as_have_required=yes
+ if { "$as_shell" 2> /dev/null <<\_ASEOF
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+ emulate sh
+ NULLCMD=:
+ # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '${1+"$@"}'='"$@"'
+ setopt NO_GLOB_SUBST
+else
+ case `(set -o) 2>/dev/null` in
+ *posix*) set -o posix ;;
+esac
+
+fi
+
+
+:
+(as_func_return () {
+ (exit $1)
+}
+as_func_success () {
+ as_func_return 0
+}
+as_func_failure () {
+ as_func_return 1
+}
+as_func_ret_success () {
+ return 0
+}
+as_func_ret_failure () {
+ return 1
+}
+
+exitcode=0
+if as_func_success; then
+ :
+else
+ exitcode=1
+ echo as_func_success failed.
+fi
+
+if as_func_failure; then
+ exitcode=1
+ echo as_func_failure succeeded.
+fi
+
+if as_func_ret_success; then
+ :
+else
+ exitcode=1
+ echo as_func_ret_success failed.
+fi
+
+if as_func_ret_failure; then
+ exitcode=1
+ echo as_func_ret_failure succeeded.
+fi
+
+if ( set x; as_func_ret_success y && test x = "$1" ); then
+ :
+else
+ exitcode=1
+ echo positional parameters were not saved.
+fi
+
+test $exitcode = 0) || { (exit 1); exit 1; }
+
+(
as_lineno_1=$LINENO
as_lineno_2=$LINENO
- as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
test "x$as_lineno_1" != "x$as_lineno_2" &&
- test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then
- $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; }
- $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; }
- CONFIG_SHELL=$as_dir/$as_base
- export CONFIG_SHELL
- exec "$CONFIG_SHELL" "$0" ${1+"$@"}
- fi;;
- esac
- done
-done
-;;
- esac
+ test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2") || { (exit 1); exit 1; }
+
+_ASEOF
+}; then
+ break
+fi
+
+fi
+
+ done
+
+ if test "x$CONFIG_SHELL" != x; then
+ for as_var in BASH_ENV ENV
+ do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
+ done
+ export CONFIG_SHELL
+ exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"}
+fi
+
+
+ if test $as_have_required = no; then
+ echo This script requires a shell more modern than all the
+ echo shells that I found on your system. Please install a
+ echo modern shell, or manually run the script under such a
+ echo shell if you do have one.
+ { (exit 1); exit 1; }
+fi
+
+
+fi
+
+fi
+
+
+
+(eval "as_func_return () {
+ (exit \$1)
+}
+as_func_success () {
+ as_func_return 0
+}
+as_func_failure () {
+ as_func_return 1
+}
+as_func_ret_success () {
+ return 0
+}
+as_func_ret_failure () {
+ return 1
+}
+
+exitcode=0
+if as_func_success; then
+ :
+else
+ exitcode=1
+ echo as_func_success failed.
+fi
+
+if as_func_failure; then
+ exitcode=1
+ echo as_func_failure succeeded.
+fi
+
+if as_func_ret_success; then
+ :
+else
+ exitcode=1
+ echo as_func_ret_success failed.
+fi
+
+if as_func_ret_failure; then
+ exitcode=1
+ echo as_func_ret_failure succeeded.
+fi
+
+if ( set x; as_func_ret_success y && test x = \"\$1\" ); then
+ :
+else
+ exitcode=1
+ echo positional parameters were not saved.
+fi
+
+test \$exitcode = 0") || {
+ echo No shell found that supports shell functions.
+ echo Please tell autoconf@gnu.org about your system,
+ echo including any error possibly output before this
+ echo message
+}
+
+
+
+ as_lineno_1=$LINENO
+ as_lineno_2=$LINENO
+ test "x$as_lineno_1" != "x$as_lineno_2" &&
+ test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2" || {
# Create $as_me.lineno as a copy of $as_myself, but with $LINENO
# uniformly replaced by the line number. The first 'sed' inserts a
- # line-number line before each line; the second 'sed' does the real
- # work. The second script uses 'N' to pair each line-number line
- # with the numbered line, and appends trailing '-' during
- # substitution so that $LINENO is not a special case at line end.
+ # line-number line after each line using $LINENO; the second 'sed'
+ # does the real work. The second script uses 'N' to pair each
+ # line-number line with the line containing $LINENO, and appends
+ # trailing '-' during substitution so that $LINENO is not a special
+ # case at line end.
# (Raja R Harinath suggested sed '=', and Paul Eggert wrote the
- # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-)
- sed '=' <$as_myself |
+ # scripts with optimization help from Paolo Bonzini. Blame Lee
+ # E. McMahon (1931-1989) for sed's syntax. :-)
+ sed -n '
+ p
+ /[$]LINENO/=
+ ' <$as_myself |
sed '
+ s/[$]LINENO.*/&-/
+ t lineno
+ b
+ :lineno
N
- s,$,-,
- : loop
- s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3,
+ :loop
+ s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/
t loop
- s,-$,,
- s,^['$as_cr_digits']*\n,,
+ s/-\n.*//
' >$as_me.lineno &&
- chmod +x $as_me.lineno ||
+ chmod +x "$as_me.lineno" ||
{ echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
{ (exit 1); exit 1; }; }
# Don't try to exec as it changes $[0], causing all sort of problems
# (the dirname of $[0] is not the place where we might find the
- # original and so on. Autoconf is especially sensible to this).
- . ./$as_me.lineno
+ # original and so on. Autoconf is especially sensitive to this).
+ . "./$as_me.lineno"
# Exit status is that of the last command.
exit
}
-case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in
- *c*,-n*) ECHO_N= ECHO_C='
-' ECHO_T=' ' ;;
- *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;;
- *) ECHO_N= ECHO_C='\c' ECHO_T= ;;
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+ as_dirname=dirname
+else
+ as_dirname=false
+fi
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in
+-n*)
+ case `echo 'x\c'` in
+ *c*) ECHO_T=' ';; # ECHO_T is single tab character.
+ *) ECHO_C='\c';;
+ esac;;
+*)
+ ECHO_N='-n';;
esac
-if expr a : '\(a\)' >/dev/null 2>&1; then
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+ test "X`expr 00001 : '.*\(...\)'`" = X001; then
as_expr=expr
else
as_expr=false
fi
rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+ rm -f conf$$.dir/conf$$.file
+else
+ rm -f conf$$.dir
+ mkdir conf$$.dir
+fi
echo >conf$$.file
if ln -s conf$$.file conf$$ 2>/dev/null; then
- # We could just check for DJGPP; but this test a) works b) is more generic
- # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04).
- if test -f conf$$.exe; then
- # Don't use ln at all; we don't have any links
+ as_ln_s='ln -s'
+ # ... but there are two gotchas:
+ # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+ # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+ # In both cases, we have to default to `cp -p'.
+ ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
as_ln_s='cp -p'
- else
- as_ln_s='ln -s'
- fi
elif ln conf$$.file conf$$ 2>/dev/null; then
as_ln_s=ln
else
as_ln_s='cp -p'
fi
-rm -f conf$$ conf$$.exe conf$$.file
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
if mkdir -p . 2>/dev/null; then
as_mkdir_p=:
@@ -222,7 +518,28 @@ else
as_mkdir_p=false
fi
-as_executable_p="test -f"
+if test -x / >/dev/null 2>&1; then
+ as_test_x='test -x'
+else
+ if ls -dL / >/dev/null 2>&1; then
+ as_ls_L_option=L
+ else
+ as_ls_L_option=
+ fi
+ as_test_x='
+ eval sh -c '\''
+ if test -d "$1"; then
+ test -d "$1/.";
+ else
+ case $1 in
+ -*)set "./$1";;
+ esac;
+ case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in
+ ???[sx]*):;;*)false;;esac;fi
+ '\'' sh
+ '
+fi
+as_executable_p=$as_test_x
# Sed expression to map a string onto a valid CPP name.
as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
@@ -231,39 +548,181 @@ as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-# IFS
-# We need space, tab and new line, in precisely that order.
-as_nl='
-'
-IFS=" $as_nl"
-# CDPATH.
-$as_unset CDPATH
+# Check that we are running under the correct shell.
+SHELL=${CONFIG_SHELL-/bin/sh}
+
+case X$ECHO in
+X*--fallback-echo)
+ # Remove one level of quotation (which was required for Make).
+ ECHO=`echo "$ECHO" | sed 's,\\\\\$\\$0,'$0','`
+ ;;
+esac
+
+echo=${ECHO-echo}
+if test "X$1" = X--no-reexec; then
+ # Discard the --no-reexec flag, and continue.
+ shift
+elif test "X$1" = X--fallback-echo; then
+ # Avoid inline document here, it may be left over
+ :
+elif test "X`($echo '\t') 2>/dev/null`" = 'X\t' ; then
+ # Yippee, $echo works!
+ :
+else
+ # Restart under the correct shell.
+ exec $SHELL "$0" --no-reexec ${1+"$@"}
+fi
+
+if test "X$1" = X--fallback-echo; then
+ # used as fallback echo
+ shift
+ cat <<EOF
+$*
+EOF
+ exit 0
+fi
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+if test -z "$ECHO"; then
+if test "X${echo_test_string+set}" != Xset; then
+# find a string as large as possible, as long as the shell can cope with it
+ for cmd in 'sed 50q "$0"' 'sed 20q "$0"' 'sed 10q "$0"' 'sed 2q "$0"' 'echo test'; do
+ # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ...
+ if (echo_test_string=`eval $cmd`) 2>/dev/null &&
+ echo_test_string=`eval $cmd` &&
+ (test "X$echo_test_string" = "X$echo_test_string") 2>/dev/null
+ then
+ break
+ fi
+ done
+fi
+
+if test "X`($echo '\t') 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ :
+else
+ # The Solaris, AIX, and Digital Unix default echo programs unquote
+ # backslashes. This makes it impossible to quote backslashes using
+ # echo "$something" | sed 's/\\/\\\\/g'
+ #
+ # So, first we look for a working echo in the user's PATH.
+
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for dir in $PATH /usr/ucb; do
+ IFS="$lt_save_ifs"
+ if (test -f $dir/echo || test -f $dir/echo$ac_exeext) &&
+ test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ echo="$dir/echo"
+ break
+ fi
+ done
+ IFS="$lt_save_ifs"
+
+ if test "X$echo" = Xecho; then
+ # We didn't find a better echo, so look for alternatives.
+ if test "X`(print -r '\t') 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`(print -r "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ # This shell has a builtin print -r that does the trick.
+ echo='print -r'
+ elif (test -f /bin/ksh || test -f /bin/ksh$ac_exeext) &&
+ test "X$CONFIG_SHELL" != X/bin/ksh; then
+ # If we have ksh, try running configure again with it.
+ ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh}
+ export ORIGINAL_CONFIG_SHELL
+ CONFIG_SHELL=/bin/ksh
+ export CONFIG_SHELL
+ exec $CONFIG_SHELL "$0" --no-reexec ${1+"$@"}
+ else
+ # Try using printf.
+ echo='printf %s\n'
+ if test "X`($echo '\t') 2>/dev/null`" = 'X\t' &&
+ echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ # Cool, printf works
+ :
+ elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "$0" --fallback-echo '\t') 2>/dev/null` &&
+ test "X$echo_testing_string" = 'X\t' &&
+ echo_testing_string=`($ORIGINAL_CONFIG_SHELL "$0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL
+ export CONFIG_SHELL
+ SHELL="$CONFIG_SHELL"
+ export SHELL
+ echo="$CONFIG_SHELL $0 --fallback-echo"
+ elif echo_testing_string=`($CONFIG_SHELL "$0" --fallback-echo '\t') 2>/dev/null` &&
+ test "X$echo_testing_string" = 'X\t' &&
+ echo_testing_string=`($CONFIG_SHELL "$0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
+ test "X$echo_testing_string" = "X$echo_test_string"; then
+ echo="$CONFIG_SHELL $0 --fallback-echo"
+ else
+ # maybe with a smaller string...
+ prev=:
+
+ for cmd in 'echo test' 'sed 2q "$0"' 'sed 10q "$0"' 'sed 20q "$0"' 'sed 50q "$0"'; do
+ if (test "X$echo_test_string" = "X`eval $cmd`") 2>/dev/null
+ then
+ break
+ fi
+ prev="$cmd"
+ done
+
+ if test "$prev" != 'sed 50q "$0"'; then
+ echo_test_string=`eval $prev`
+ export echo_test_string
+ exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "$0" ${1+"$@"}
+ else
+ # Oops. We lost completely, so just stick with echo.
+ echo=echo
+ fi
+ fi
+ fi
+ fi
+fi
+fi
+
+# Copy echo and quote the copy suitably for passing to libtool from
+# the Makefile, instead of quoting the original, which is used later.
+ECHO=$echo
+if test "X$ECHO" = "X$CONFIG_SHELL $0 --fallback-echo"; then
+ ECHO="$CONFIG_SHELL \\\$\$0 --fallback-echo"
+fi
+
+
+
+
+tagnames=${tagnames+${tagnames},}CXX
+
+tagnames=${tagnames+${tagnames},}F77
+
+exec 7<&0 </dev/null 6>&1
# Name of the host.
# hostname on some systems (SVR3.2, Linux) returns a bogus exit status,
# so uname gets run too.
ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
-exec 6>&1
-
#
# Initializations.
#
ac_default_prefix=/usr/local
+ac_clean_files=
ac_config_libobj_dir=.
+LIBOBJS=
cross_compiling=no
subdirs=
MFLAGS=
MAKEFLAGS=
SHELL=${CONFIG_SHELL-/bin/sh}
-# Maximum number of lines to put in a shell here document.
-# This variable seems obsolete. It should probably be removed, and
-# only ac_max_sed_lines should be used.
-: ${ac_max_here_lines=38}
-
# Identity of this package.
PACKAGE_NAME=
PACKAGE_TARNAME=
@@ -271,47 +730,235 @@ PACKAGE_VERSION=
PACKAGE_STRING=
PACKAGE_BUGREPORT=
-ac_unique_file="conf/pam_conv1/pam_conv.y"
-ac_default_prefix=
+ac_unique_file="conf/pam_conv1/pam_conv_y.y"
+ac_default_prefix=/usr
# Factoring default headers for most tests.
ac_includes_default="\
#include <stdio.h>
-#if HAVE_SYS_TYPES_H
+#ifdef HAVE_SYS_TYPES_H
# include <sys/types.h>
#endif
-#if HAVE_SYS_STAT_H
+#ifdef HAVE_SYS_STAT_H
# include <sys/stat.h>
#endif
-#if STDC_HEADERS
+#ifdef STDC_HEADERS
# include <stdlib.h>
# include <stddef.h>
#else
-# if HAVE_STDLIB_H
+# ifdef HAVE_STDLIB_H
# include <stdlib.h>
# endif
#endif
-#if HAVE_STRING_H
-# if !STDC_HEADERS && HAVE_MEMORY_H
+#ifdef HAVE_STRING_H
+# if !defined STDC_HEADERS && defined HAVE_MEMORY_H
# include <memory.h>
# endif
# include <string.h>
#endif
-#if HAVE_STRINGS_H
+#ifdef HAVE_STRINGS_H
# include <strings.h>
#endif
-#if HAVE_INTTYPES_H
+#ifdef HAVE_INTTYPES_H
# include <inttypes.h>
-#else
-# if HAVE_STDINT_H
-# include <stdint.h>
-# endif
#endif
-#if HAVE_UNISTD_H
+#ifdef HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif"
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS LIBPAM_VERSION_MAJOR LIBPAM_VERSION_MINOR LOCALSRCDIR LOCALOBJDIR OS CONF_CFLAGS MKDIR SHLIBMODE MANMODE USESONAME SOSWITCH NEEDSONAME LDCONFIG CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT YACC LEX LEXLIB LEX_OUTPUT_ROOT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA LN_S SET_MAKE WITH_DEBUG WITH_MEMORY_DEBUG WITH_LIBDEBUG WITH_PRELUDE FAKEROOT SECUREDIR SCONFIGDIR SUPLEMENTED INCLUDEDIR DOCDIR MANDIR WITH_PAMLOCKING PAM_READ_BOTH_CONFS STATIC_LIBPAM DYNAMIC_LIBPAM DYNAMIC STATIC WITH_LCKPWDF CPP EGREP PAM_NEEDS_LIBC HAVE_LCKPWDF LIBDL HAVE_LIBCRACK HAVE_LIBCRYPT HAVE_LIBUTIL HAVE_LIBNDBM HAVE_LIBDB HAVE_LIBFL HAVE_LIBNSL HAVE_LIBPWDB HAVE_LIBFLEX HAVE_LIBLEX HAVE_NDBM_H CRACKLIB_DICTPATH DYNTYPE OS_CFLAGS WARNINGS PIC LD LD_D LD_L RANLIB STRIP CC_STATIC LIBOBJS HAVE_SGML2TXT HAVE_SGML2HTML HAVE_SGML2LATEX HAVE_PS2PDF HAVE_SGML2PS PSER PS2PDF LTLIBOBJS'
+ac_subst_vars='SHELL
+PATH_SEPARATOR
+PACKAGE_NAME
+PACKAGE_TARNAME
+PACKAGE_VERSION
+PACKAGE_STRING
+PACKAGE_BUGREPORT
+exec_prefix
+prefix
+program_transform_name
+bindir
+sbindir
+libexecdir
+datarootdir
+datadir
+sysconfdir
+sharedstatedir
+localstatedir
+includedir
+oldincludedir
+docdir
+infodir
+htmldir
+dvidir
+pdfdir
+psdir
+libdir
+localedir
+mandir
+DEFS
+ECHO_C
+ECHO_N
+ECHO_T
+LIBS
+build_alias
+host_alias
+target_alias
+INSTALL_PROGRAM
+INSTALL_SCRIPT
+INSTALL_DATA
+am__isrc
+CYGPATH_W
+PACKAGE
+VERSION
+ACLOCAL
+AUTOCONF
+AUTOMAKE
+AUTOHEADER
+MAKEINFO
+install_sh
+STRIP
+INSTALL_STRIP_PROGRAM
+mkdir_p
+AWK
+SET_MAKE
+am__leading_dot
+AMTAR
+am__tar
+am__untar
+build
+build_cpu
+build_vendor
+build_os
+host
+host_cpu
+host_vendor
+host_os
+STATIC_MODULES_TRUE
+STATIC_MODULES_FALSE
+CC
+CFLAGS
+LDFLAGS
+CPPFLAGS
+ac_ct_CC
+EXEEXT
+OBJEXT
+DEPDIR
+am__include
+am__quote
+AMDEP_TRUE
+AMDEP_FALSE
+AMDEPBACKSLASH
+CCDEPMODE
+am__fastdepCC_TRUE
+am__fastdepCC_FALSE
+YACC
+YFLAGS
+LEX
+LEX_OUTPUT_ROOT
+LEXLIB
+LN_S
+GREP
+EGREP
+ECHO
+AR
+RANLIB
+CPP
+CXX
+CXXFLAGS
+ac_ct_CXX
+CXXDEPMODE
+am__fastdepCXX_TRUE
+am__fastdepCXX_FALSE
+CXXCPP
+F77
+FFLAGS
+ac_ct_F77
+LIBTOOL
+pam_cv_ld_as_needed
+HAVE_VERSIONING_TRUE
+HAVE_VERSIONING_FALSE
+libc_cv_fpie
+PIE_CFLAGS
+PIE_LDFLAGS
+LIBPRELUDE_CONFIG
+LIBPRELUDE_CFLAGS
+LIBPRELUDE_PTHREAD_CFLAGS
+LIBPRELUDE_LDFLAGS
+LIBPRELUDE_LIBS
+LIBPRELUDE_PREFIX
+LIBPRELUDE_CONFIG_PREFIX
+WITH_DEBUG
+SECUREDIR
+SCONFIGDIR
+WITH_PAMLOCKING
+PAM_READ_BOTH_CONFS
+pam_xauth_path
+LIBDL
+LIBCRACK
+HAVE_LIBCRACK_TRUE
+HAVE_LIBCRACK_FALSE
+LIBAUDIT
+LIBCRYPT
+LIBDB
+HAVE_LIBDB_TRUE
+HAVE_LIBDB_FALSE
+LIBNSL
+LIBSELINUX
+HAVE_LIBSELINUX_TRUE
+HAVE_LIBSELINUX_FALSE
+LIBOBJS
+HAVE_UNSHARE_TRUE
+HAVE_UNSHARE_FALSE
+XSLTPROC
+XMLLINT
+XML_CATALOG_FILE
+XMLCATALOG
+BROWSER
+FO2PDF
+ENABLE_REGENERATE_MAN_TRUE
+ENABLE_REGENERATE_MAN_FALSE
+ENABLE_GENERATE_PDF_TRUE
+ENABLE_GENERATE_PDF_FALSE
+USE_NLS
+MSGFMT
+GMSGFMT
+MSGFMT_015
+GMSGFMT_015
+XGETTEXT
+XGETTEXT_015
+MSGMERGE
+INTL_MACOSX_LIBS
+LIBICONV
+LTLIBICONV
+INTLLIBS
+LIBINTL
+LTLIBINTL
+POSUB
+HAVE_KEY_MANAGEMENT
+HAVE_KEY_MANAGEMENT_TRUE
+HAVE_KEY_MANAGEMENT_FALSE
+LTLIBOBJS'
ac_subst_files=''
+ ac_precious_vars='build_alias
+host_alias
+target_alias
+CC
+CFLAGS
+LDFLAGS
+LIBS
+CPPFLAGS
+YACC
+YFLAGS
+CPP
+CXX
+CXXFLAGS
+CCC
+CXXCPP
+F77
+FFLAGS'
+
# Initialize some variables set by options.
ac_init_help=
@@ -338,34 +985,48 @@ x_libraries=NONE
# and all the variables that are supposed to be based on exec_prefix
# by default will actually change.
# Use braces instead of parens because sh, perl, etc. also accept them.
+# (The list follows the same order as the GNU Coding Standards.)
bindir='${exec_prefix}/bin'
sbindir='${exec_prefix}/sbin'
libexecdir='${exec_prefix}/libexec'
-datadir='${prefix}/share'
+datarootdir='${prefix}/share'
+datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
-libdir='${exec_prefix}/lib'
includedir='${prefix}/include'
oldincludedir='/usr/include'
-infodir='${prefix}/info'
-mandir='${prefix}/man'
+docdir='${datarootdir}/doc/${PACKAGE}'
+infodir='${datarootdir}/info'
+htmldir='${docdir}'
+dvidir='${docdir}'
+pdfdir='${docdir}'
+psdir='${docdir}'
+libdir='${exec_prefix}/lib'
+localedir='${datarootdir}/locale'
+mandir='${datarootdir}/man'
ac_prev=
+ac_dashdash=
for ac_option
do
# If the previous option needs an argument, assign it.
if test -n "$ac_prev"; then
- eval "$ac_prev=\$ac_option"
+ eval $ac_prev=\$ac_option
ac_prev=
continue
fi
- ac_optarg=`expr "x$ac_option" : 'x[^=]*=\(.*\)'`
+ case $ac_option in
+ *=*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
+ *) ac_optarg=yes ;;
+ esac
# Accept the important Cygnus configure options, so we can diagnose typos.
- case $ac_option in
+ case $ac_dashdash$ac_option in
+ --)
+ ac_dashdash=yes ;;
-bindir | --bindir | --bindi | --bind | --bin | --bi)
ac_prev=bindir ;;
@@ -387,33 +1048,45 @@ do
--config-cache | -C)
cache_file=config.cache ;;
- -datadir | --datadir | --datadi | --datad | --data | --dat | --da)
+ -datadir | --datadir | --datadi | --datad)
ac_prev=datadir ;;
- -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \
- | --da=*)
+ -datadir=* | --datadir=* | --datadi=* | --datad=*)
datadir=$ac_optarg ;;
+ -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \
+ | --dataroo | --dataro | --datar)
+ ac_prev=datarootdir ;;
+ -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \
+ | --dataroot=* | --dataroo=* | --dataro=* | --datar=*)
+ datarootdir=$ac_optarg ;;
+
-disable-* | --disable-*)
ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
# Reject names that are not valid shell variable names.
- expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null &&
+ expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null &&
{ echo "$as_me: error: invalid feature name: $ac_feature" >&2
{ (exit 1); exit 1; }; }
- ac_feature=`echo $ac_feature | sed 's/-/_/g'`
- eval "enable_$ac_feature=no" ;;
+ ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'`
+ eval enable_$ac_feature=no ;;
+
+ -docdir | --docdir | --docdi | --doc | --do)
+ ac_prev=docdir ;;
+ -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*)
+ docdir=$ac_optarg ;;
+
+ -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv)
+ ac_prev=dvidir ;;
+ -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*)
+ dvidir=$ac_optarg ;;
-enable-* | --enable-*)
ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
# Reject names that are not valid shell variable names.
- expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null &&
+ expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null &&
{ echo "$as_me: error: invalid feature name: $ac_feature" >&2
{ (exit 1); exit 1; }; }
- ac_feature=`echo $ac_feature | sed 's/-/_/g'`
- case $ac_option in
- *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;;
- *) ac_optarg=yes ;;
- esac
- eval "enable_$ac_feature='$ac_optarg'" ;;
+ ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'`
+ eval enable_$ac_feature=\$ac_optarg ;;
-exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
| --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
@@ -440,6 +1113,12 @@ do
-host=* | --host=* | --hos=* | --ho=*)
host_alias=$ac_optarg ;;
+ -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht)
+ ac_prev=htmldir ;;
+ -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \
+ | --ht=*)
+ htmldir=$ac_optarg ;;
+
-includedir | --includedir | --includedi | --included | --include \
| --includ | --inclu | --incl | --inc)
ac_prev=includedir ;;
@@ -464,13 +1143,16 @@ do
| --libexe=* | --libex=* | --libe=*)
libexecdir=$ac_optarg ;;
+ -localedir | --localedir | --localedi | --localed | --locale)
+ ac_prev=localedir ;;
+ -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*)
+ localedir=$ac_optarg ;;
+
-localstatedir | --localstatedir | --localstatedi | --localstated \
- | --localstate | --localstat | --localsta | --localst \
- | --locals | --local | --loca | --loc | --lo)
+ | --localstate | --localstat | --localsta | --localst | --locals)
ac_prev=localstatedir ;;
-localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
- | --localstate=* | --localstat=* | --localsta=* | --localst=* \
- | --locals=* | --local=* | --loca=* | --loc=* | --lo=*)
+ | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*)
localstatedir=$ac_optarg ;;
-mandir | --mandir | --mandi | --mand | --man | --ma | --m)
@@ -535,6 +1217,16 @@ do
| --progr-tra=* | --program-tr=* | --program-t=*)
program_transform_name=$ac_optarg ;;
+ -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd)
+ ac_prev=pdfdir ;;
+ -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*)
+ pdfdir=$ac_optarg ;;
+
+ -psdir | --psdir | --psdi | --psd | --ps)
+ ac_prev=psdir ;;
+ -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*)
+ psdir=$ac_optarg ;;
+
-q | -quiet | --quiet | --quie | --qui | --qu | --q \
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
@@ -587,24 +1279,20 @@ do
-with-* | --with-*)
ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
# Reject names that are not valid shell variable names.
- expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null &&
+ expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null &&
{ echo "$as_me: error: invalid package name: $ac_package" >&2
{ (exit 1); exit 1; }; }
- ac_package=`echo $ac_package| sed 's/-/_/g'`
- case $ac_option in
- *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;;
- *) ac_optarg=yes ;;
- esac
- eval "with_$ac_package='$ac_optarg'" ;;
+ ac_package=`echo $ac_package | sed 's/[-.]/_/g'`
+ eval with_$ac_package=\$ac_optarg ;;
-without-* | --without-*)
ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'`
# Reject names that are not valid shell variable names.
- expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null &&
+ expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null &&
{ echo "$as_me: error: invalid package name: $ac_package" >&2
{ (exit 1); exit 1; }; }
- ac_package=`echo $ac_package | sed 's/-/_/g'`
- eval "with_$ac_package=no" ;;
+ ac_package=`echo $ac_package | sed 's/[-.]/_/g'`
+ eval with_$ac_package=no ;;
--x)
# Obsolete; use --with-x.
@@ -635,8 +1323,7 @@ Try \`$0 --help' for more information." >&2
expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null &&
{ echo "$as_me: error: invalid variable name: $ac_envvar" >&2
{ (exit 1); exit 1; }; }
- ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`
- eval "$ac_envvar='$ac_optarg'"
+ eval $ac_envvar=\$ac_optarg
export $ac_envvar ;;
*)
@@ -656,27 +1343,19 @@ if test -n "$ac_prev"; then
{ (exit 1); exit 1; }; }
fi
-# Be sure to have absolute paths.
-for ac_var in exec_prefix prefix
-do
- eval ac_val=$`echo $ac_var`
- case $ac_val in
- [\\/$]* | ?:[\\/]* | NONE | '' ) ;;
- *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
- { (exit 1); exit 1; }; };;
- esac
-done
-
-# Be sure to have absolute paths.
-for ac_var in bindir sbindir libexecdir datadir sysconfdir sharedstatedir \
- localstatedir libdir includedir oldincludedir infodir mandir
+# Be sure to have absolute directory names.
+for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
+ datadir sysconfdir sharedstatedir localstatedir includedir \
+ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+ libdir localedir mandir
do
- eval ac_val=$`echo $ac_var`
+ eval ac_val=\$$ac_var
case $ac_val in
- [\\/$]* | ?:[\\/]* ) ;;
- *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
- { (exit 1); exit 1; }; };;
+ [\\/$]* | ?:[\\/]* ) continue;;
+ NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
esac
+ { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
+ { (exit 1); exit 1; }; }
done
# There might be people who depend on the old broken behavior: `$host'
@@ -703,74 +1382,76 @@ test -n "$host_alias" && ac_tool_prefix=$host_alias-
test "$silent" = yes && exec 6>/dev/null
+ac_pwd=`pwd` && test -n "$ac_pwd" &&
+ac_ls_di=`ls -di .` &&
+ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
+ { echo "$as_me: error: Working directory cannot be determined" >&2
+ { (exit 1); exit 1; }; }
+test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
+ { echo "$as_me: error: pwd does not report name of working directory" >&2
+ { (exit 1); exit 1; }; }
+
+
# Find the source files, if location was not specified.
if test -z "$srcdir"; then
ac_srcdir_defaulted=yes
- # Try the directory containing this script, then its parent.
- ac_confdir=`(dirname "$0") 2>/dev/null ||
+ # Try the directory containing this script, then the parent directory.
+ ac_confdir=`$as_dirname -- "$0" ||
$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$0" : 'X\(//\)[^/]' \| \
X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
+ X"$0" : 'X\(/\)' \| . 2>/dev/null ||
echo X"$0" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
srcdir=$ac_confdir
- if test ! -r $srcdir/$ac_unique_file; then
+ if test ! -r "$srcdir/$ac_unique_file"; then
srcdir=..
fi
else
ac_srcdir_defaulted=no
fi
-if test ! -r $srcdir/$ac_unique_file; then
- if test "$ac_srcdir_defaulted" = yes; then
- { echo "$as_me: error: cannot find sources ($ac_unique_file) in $ac_confdir or .." >&2
- { (exit 1); exit 1; }; }
- else
- { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2
+if test ! -r "$srcdir/$ac_unique_file"; then
+ test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
+ { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2
{ (exit 1); exit 1; }; }
- fi
fi
-(cd $srcdir && test -r ./$ac_unique_file) 2>/dev/null ||
- { echo "$as_me: error: sources are in $srcdir, but \`cd $srcdir' does not work" >&2
+ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
+ac_abs_confdir=`(
+ cd "$srcdir" && test -r "./$ac_unique_file" || { echo "$as_me: error: $ac_msg" >&2
{ (exit 1); exit 1; }; }
-srcdir=`echo "$srcdir" | sed 's%\([^\\/]\)[\\/]*$%\1%'`
-ac_env_build_alias_set=${build_alias+set}
-ac_env_build_alias_value=$build_alias
-ac_cv_env_build_alias_set=${build_alias+set}
-ac_cv_env_build_alias_value=$build_alias
-ac_env_host_alias_set=${host_alias+set}
-ac_env_host_alias_value=$host_alias
-ac_cv_env_host_alias_set=${host_alias+set}
-ac_cv_env_host_alias_value=$host_alias
-ac_env_target_alias_set=${target_alias+set}
-ac_env_target_alias_value=$target_alias
-ac_cv_env_target_alias_set=${target_alias+set}
-ac_cv_env_target_alias_value=$target_alias
-ac_env_CC_set=${CC+set}
-ac_env_CC_value=$CC
-ac_cv_env_CC_set=${CC+set}
-ac_cv_env_CC_value=$CC
-ac_env_CFLAGS_set=${CFLAGS+set}
-ac_env_CFLAGS_value=$CFLAGS
-ac_cv_env_CFLAGS_set=${CFLAGS+set}
-ac_cv_env_CFLAGS_value=$CFLAGS
-ac_env_LDFLAGS_set=${LDFLAGS+set}
-ac_env_LDFLAGS_value=$LDFLAGS
-ac_cv_env_LDFLAGS_set=${LDFLAGS+set}
-ac_cv_env_LDFLAGS_value=$LDFLAGS
-ac_env_CPPFLAGS_set=${CPPFLAGS+set}
-ac_env_CPPFLAGS_value=$CPPFLAGS
-ac_cv_env_CPPFLAGS_set=${CPPFLAGS+set}
-ac_cv_env_CPPFLAGS_value=$CPPFLAGS
-ac_env_CPP_set=${CPP+set}
-ac_env_CPP_value=$CPP
-ac_cv_env_CPP_set=${CPP+set}
-ac_cv_env_CPP_value=$CPP
+ pwd)`
+# When building in place, set srcdir=.
+if test "$ac_abs_confdir" = "$ac_pwd"; then
+ srcdir=.
+fi
+# Remove unnecessary trailing slashes from srcdir.
+# Double slashes in file names in object file debugging info
+# mess up M-x gdb in Emacs.
+case $srcdir in
+*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;;
+esac
+for ac_var in $ac_precious_vars; do
+ eval ac_env_${ac_var}_set=\${${ac_var}+set}
+ eval ac_env_${ac_var}_value=\$${ac_var}
+ eval ac_cv_env_${ac_var}_set=\${${ac_var}+set}
+ eval ac_cv_env_${ac_var}_value=\$${ac_var}
+done
#
# Report the --help message.
@@ -799,9 +1480,6 @@ Configuration:
-n, --no-create do not create output files
--srcdir=DIR find the sources in DIR [configure dir or \`..']
-_ACEOF
-
- cat <<_ACEOF
Installation directories:
--prefix=PREFIX install architecture-independent files in PREFIX
[$ac_default_prefix]
@@ -819,18 +1497,34 @@ Fine tuning of the installation directories:
--bindir=DIR user executables [EPREFIX/bin]
--sbindir=DIR system admin executables [EPREFIX/sbin]
--libexecdir=DIR program executables [EPREFIX/libexec]
- --datadir=DIR read-only architecture-independent data [PREFIX/share]
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
- --infodir=DIR info documentation [PREFIX/info]
- --mandir=DIR man documentation [PREFIX/man]
+ --datarootdir=DIR read-only arch.-independent data root [PREFIX/share]
+ --datadir=DIR read-only architecture-independent data [DATAROOTDIR]
+ --infodir=DIR info documentation [DATAROOTDIR/info]
+ --localedir=DIR locale-dependent data [DATAROOTDIR/locale]
+ --mandir=DIR man documentation [DATAROOTDIR/man]
+ --docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE]
+ --htmldir=DIR html documentation [DOCDIR]
+ --dvidir=DIR dvi documentation [DOCDIR]
+ --pdfdir=DIR pdf documentation [DOCDIR]
+ --psdir=DIR ps documentation [DOCDIR]
_ACEOF
cat <<\_ACEOF
+
+Program names:
+ --program-prefix=PREFIX prepend PREFIX to installed program names
+ --program-suffix=SUFFIX append SUFFIX to installed program names
+ --program-transform-name=PROGRAM run sed PROGRAM on installed program names
+
+System types:
+ --build=BUILD configure for building on BUILD [guessed]
+ --host=HOST cross-compile to build programs to run on HOST [BUILD]
_ACEOF
fi
@@ -841,157 +1535,163 @@ if test -n "$ac_init_help"; then
Optional Features:
--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
- --enable-debug specify you are building with debugging on
- --enable-memory-debug specify you want every malloc etc. call tracked
- --enable-libdebug specify you are building debugging libraries
- --enable-prelude build prelude ids support
- --enable-fakeroot=<path to packaging directory>
- --enable-securedir=<path to location of PAMs> default \$libdir/security
- --enable-isadir=<path to arch-specific module files> default ../../\`basename \$libdir\`/security
- --enable-sconfigdir=<path to module conf files> default \$sysconfdir/security
- --enable-suplementedir=<path to module helper binaries> default \$sbindir
- --enable-includedir=<path to include location> - where to put <security>
- --enable-docdir=<path to store documentation in - /usr/share/doc/pam>
- --enable-mandir=<path to store manuals in - /usr/share/man>
- --enable-pamlocking configure libpam to observe a global authentication lock
- --enable-uglyhack configure libpam to try to honor old pam_strerror syntax
- --enable-read-both-confs read both /etc/pam.d and /etc/pam.conf files
- --enable-static-libpam build a libpam.a library
- --disable-dynamic-libpam do not build a shared libpam library
- --enable-static-modules do not make the modules dynamically loadable
- --disable-lckpwdf do not use the lckpwdf function
+ --enable-static-modules do not make the modules dynamically loadable
+ --enable-static[=PKGS] build static libraries [default=yes]
+ --enable-shared[=PKGS] build shared libraries [default=no]
+ --disable-dependency-tracking speeds up one-time build
+ --enable-dependency-tracking do not reject slow dependency extractors
+ --enable-fast-install[=PKGS]
+ optimize for fast installation [default=yes]
+ --disable-libtool-lock avoid locking (might break parallel builds)
+ --disable-largefile omit support for large files
+ --disable-pie disable position-independent executeables (PIE)
+ --disable-prelude do not use prelude
+ --enable-debug specify you are building with debugging on
+ --enable-securedir=DIR path to location of PAMs [default=$libdir/security]
+ --enable-isadir=DIR path to arch-specific module files
+ [default=../../(basename of $libdir)/security]
+ --enable-sconfigdir=DIR path to module conf files
+ [default=$sysconfdir/security]
+ --enable-pamlocking configure libpam to observe a global authentication
+ lock
+ --enable-read-both-confs
+ read both /etc/pam.d and /etc/pam.conf files
+ --disable-lckpwdf do not use the lckpwdf function
+ --disable-cracklib do not use cracklib
+ --disable-audit do not enable audit support
+ --enable-db=(db|ndbm|yes|no)
+ Default behavior 'yes', which is to check for libdb
+ first, followed by ndbm. Use 'no' to disable db
+ support.
+ --disable-selinux do not use SELinux
+ --disable-nls do not use Native Language Support
+ --disable-rpath do not hardcode runtime library paths
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
- --with-mailspool path to mail spool directory
- default _PATH_MAILDIR if defined in paths.h, otherwise /var/spool/mail
+ --with-gnu-ld assume the C compiler uses GNU ld [default=no]
+ --with-pic try to use only PIC/non-PIC objects [default=use
+ both]
+ --with-tags[=TAGS] include additional configurations [automatic]
+ --with-libprelude-prefix=PFX
+ Prefix where libprelude is installed (optional)
+ --with-mailspool path to mail spool directory
+ default _PATH_MAILDIR if defined in paths.h, otherwise /var/spool/mail
+ --with-xauth additional path to check for xauth when it is called from pam_xauth
+ added to the default of /usr/X11R6/bin/xauth, /usr/bin/xauth, /usr/bin/X11/xauth
+ --with-xml-catalog=CATALOG
+ path to xml catalog to use
+ --with-gnu-ld assume the C compiler uses GNU ld default=no
+ --with-libiconv-prefix[=DIR] search for libiconv in DIR/include and DIR/lib
+ --without-libiconv-prefix don't search for libiconv in includedir and libdir
+ --with-libintl-prefix[=DIR] search for libintl in DIR/include and DIR/lib
+ --without-libintl-prefix don't search for libintl in includedir and libdir
Some influential environment variables:
CC C compiler command
CFLAGS C compiler flags
LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
nonstandard directory <lib dir>
- CPPFLAGS C/C++ preprocessor flags, e.g. -I<include dir> if you have
- headers in a nonstandard directory <include dir>
+ LIBS libraries to pass to the linker, e.g. -l<library>
+ CPPFLAGS C/C++/Objective C preprocessor flags, e.g. -I<include dir> if
+ you have headers in a nonstandard directory <include dir>
+ YACC The `Yet Another C Compiler' implementation to use. Defaults to
+ the first program found out of: `bison -y', `byacc', `yacc'.
+ YFLAGS The list of arguments that will be passed by default to $YACC.
+ This script will default YFLAGS to the empty string to avoid a
+ default value of `-d' given by some make applications.
CPP C preprocessor
+ CXX C++ compiler command
+ CXXFLAGS C++ compiler flags
+ CXXCPP C++ preprocessor
+ F77 Fortran 77 compiler command
+ FFLAGS Fortran 77 compiler flags
Use these variables to override the choices made by `configure' or to help
it to find libraries and programs with nonstandard names/locations.
_ACEOF
+ac_status=$?
fi
if test "$ac_init_help" = "recursive"; then
# If there are subdirs, report their specific --help.
- ac_popdir=`pwd`
for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
- test -d $ac_dir || continue
+ test -d "$ac_dir" || continue
ac_builddir=.
-if test "$ac_dir" != .; then
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
- # A "../" for each directory in $ac_dir_suffix.
- ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'`
-else
- ac_dir_suffix= ac_top_builddir=
-fi
+ # A ".." for each directory in $ac_dir_suffix.
+ ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'`
+ case $ac_top_builddir_sub in
+ "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+ *) ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+ esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
case $srcdir in
- .) # No --srcdir option. We are building in place.
+ .) # We are building in place.
ac_srcdir=.
- if test -z "$ac_top_builddir"; then
- ac_top_srcdir=.
- else
- ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'`
- fi ;;
- [\\/]* | ?:[\\/]* ) # Absolute path.
+ ac_top_srcdir=$ac_top_builddir_sub
+ ac_abs_top_srcdir=$ac_pwd ;;
+ [\\/]* | ?:[\\/]* ) # Absolute name.
ac_srcdir=$srcdir$ac_dir_suffix;
- ac_top_srcdir=$srcdir ;;
- *) # Relative path.
- ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix
- ac_top_srcdir=$ac_top_builddir$srcdir ;;
-esac
-
-# Do not use `cd foo && pwd` to compute absolute paths, because
-# the directories may not exist.
-case `pwd` in
-.) ac_abs_builddir="$ac_dir";;
-*)
- case "$ac_dir" in
- .) ac_abs_builddir=`pwd`;;
- [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";;
- *) ac_abs_builddir=`pwd`/"$ac_dir";;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_top_builddir=${ac_top_builddir}.;;
-*)
- case ${ac_top_builddir}. in
- .) ac_abs_top_builddir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;;
- *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_srcdir=$ac_srcdir;;
-*)
- case $ac_srcdir in
- .) ac_abs_srcdir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;;
- *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_top_srcdir=$ac_top_srcdir;;
-*)
- case $ac_top_srcdir in
- .) ac_abs_top_srcdir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;;
- *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;;
- esac;;
+ ac_top_srcdir=$srcdir
+ ac_abs_top_srcdir=$srcdir ;;
+ *) # Relative name.
+ ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+ ac_top_srcdir=$ac_top_build_prefix$srcdir
+ ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
esac
-
- cd $ac_dir
- # Check for guested configure; otherwise get Cygnus style configure.
- if test -f $ac_srcdir/configure.gnu; then
- echo
- $SHELL $ac_srcdir/configure.gnu --help=recursive
- elif test -f $ac_srcdir/configure; then
- echo
- $SHELL $ac_srcdir/configure --help=recursive
- elif test -f $ac_srcdir/configure.ac ||
- test -f $ac_srcdir/configure.in; then
- echo
- $ac_configure --help
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+ cd "$ac_dir" || { ac_status=$?; continue; }
+ # Check for guested configure.
+ if test -f "$ac_srcdir/configure.gnu"; then
+ echo &&
+ $SHELL "$ac_srcdir/configure.gnu" --help=recursive
+ elif test -f "$ac_srcdir/configure"; then
+ echo &&
+ $SHELL "$ac_srcdir/configure" --help=recursive
else
echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
- fi
- cd $ac_popdir
+ fi || ac_status=$?
+ cd "$ac_pwd" || { ac_status=$?; break; }
done
fi
-test -n "$ac_init_help" && exit 0
+test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
+configure
+generated by GNU Autoconf 2.61
-Copyright (C) 2003 Free Software Foundation, Inc.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
+2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
This configure script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it.
_ACEOF
- exit 0
+ exit
fi
-exec 5>config.log
-cat >&5 <<_ACEOF
+cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by $as_me, which was
-generated by GNU Autoconf 2.59. Invocation command line was
+generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
_ACEOF
+exec 5>>config.log
{
cat <<_ASUNAME
## --------- ##
@@ -1010,7 +1710,7 @@ uname -v = `(uname -v) 2>/dev/null || echo unknown`
/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown`
/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown`
/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
-hostinfo = `(hostinfo) 2>/dev/null || echo unknown`
+/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown`
/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown`
/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown`
/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown`
@@ -1024,6 +1724,7 @@ do
test -z "$as_dir" && as_dir=.
echo "PATH: $as_dir"
done
+IFS=$as_save_IFS
} >&5
@@ -1045,7 +1746,6 @@ _ACEOF
ac_configure_args=
ac_configure_args0=
ac_configure_args1=
-ac_sep=
ac_must_keep_next=false
for ac_pass in 1 2
do
@@ -1056,7 +1756,7 @@ do
-q | -quiet | --quiet | --quie | --qui | --qu | --q \
| -silent | --silent | --silen | --sile | --sil)
continue ;;
- *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*)
+ *\'*)
ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
esac
case $ac_pass in
@@ -1078,9 +1778,7 @@ do
-* ) ac_must_keep_next=true ;;
esac
fi
- ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'"
- # Get rid of the leading space.
- ac_sep=" "
+ ac_configure_args="$ac_configure_args '$ac_arg'"
;;
esac
done
@@ -1091,8 +1789,8 @@ $as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_
# When interrupted or exit'd, cleanup temporary files, and complete
# config.log. We remove comments because anyway the quotes in there
# would cause problems or look ugly.
-# WARNING: Be sure not to use single quotes in there, as some shells,
-# such as our DU 5.0 friend, will then `close' the trap.
+# WARNING: Use '\'' to represent an apostrophe within the trap.
+# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug.
trap 'exit_status=$?
# Save into config.log some information that might help in debugging.
{
@@ -1105,20 +1803,34 @@ trap 'exit_status=$?
_ASBOX
echo
# The following way of writing the cache mishandles newlines in values,
-{
+(
+ for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do
+ eval ac_val=\$$ac_var
+ case $ac_val in #(
+ *${as_nl}*)
+ case $ac_var in #(
+ *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5
+echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;;
+ esac
+ case $ac_var in #(
+ _ | IFS | as_nl) ;; #(
+ *) $as_unset $ac_var ;;
+ esac ;;
+ esac
+ done
(set) 2>&1 |
- case `(ac_space='"'"' '"'"'; set | grep ac_space) 2>&1` in
- *ac_space=\ *)
+ case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #(
+ *${as_nl}ac_space=\ *)
sed -n \
- "s/'"'"'/'"'"'\\\\'"'"''"'"'/g;
- s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='"'"'\\2'"'"'/p"
- ;;
+ "s/'\''/'\''\\\\'\'''\''/g;
+ s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p"
+ ;; #(
*)
- sed -n \
- "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p"
+ sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
;;
- esac;
-}
+ esac |
+ sort
+)
echo
cat <<\_ASBOX
@@ -1129,22 +1841,28 @@ _ASBOX
echo
for ac_var in $ac_subst_vars
do
- eval ac_val=$`echo $ac_var`
- echo "$ac_var='"'"'$ac_val'"'"'"
+ eval ac_val=\$$ac_var
+ case $ac_val in
+ *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+ esac
+ echo "$ac_var='\''$ac_val'\''"
done | sort
echo
if test -n "$ac_subst_files"; then
cat <<\_ASBOX
-## ------------- ##
-## Output files. ##
-## ------------- ##
+## ------------------- ##
+## File substitutions. ##
+## ------------------- ##
_ASBOX
echo
for ac_var in $ac_subst_files
do
- eval ac_val=$`echo $ac_var`
- echo "$ac_var='"'"'$ac_val'"'"'"
+ eval ac_val=\$$ac_var
+ case $ac_val in
+ *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+ esac
+ echo "$ac_var='\''$ac_val'\''"
done | sort
echo
fi
@@ -1156,26 +1874,24 @@ _ASBOX
## ----------- ##
_ASBOX
echo
- sed "/^$/d" confdefs.h | sort
+ cat confdefs.h
echo
fi
test "$ac_signal" != 0 &&
echo "$as_me: caught signal $ac_signal"
echo "$as_me: exit $exit_status"
} >&5
- rm -f core *.core &&
- rm -rf conftest* confdefs* conf$$* $ac_clean_files &&
+ rm -f core *.core core.conftest.* &&
+ rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
exit $exit_status
- ' 0
+' 0
for ac_signal in 1 2 13 15; do
trap 'ac_signal='$ac_signal'; { (exit 1); exit 1; }' $ac_signal
done
ac_signal=0
# confdefs.h avoids OS command line length limits that DEFS can exceed.
-rm -rf conftest* confdefs.h
-# AIX cpp loses on an empty file, so make sure it contains at least a newline.
-echo >confdefs.h
+rm -f -r conftest* confdefs.h
# Predefined preprocessor variables.
@@ -1206,14 +1922,17 @@ _ACEOF
# Let the site file select an alternate cache file if it wants to.
# Prefer explicitly selected file to automatically selected ones.
-if test -z "$CONFIG_SITE"; then
- if test "x$prefix" != xNONE; then
- CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site"
- else
- CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site"
- fi
+if test -n "$CONFIG_SITE"; then
+ set x "$CONFIG_SITE"
+elif test "x$prefix" != xNONE; then
+ set x "$prefix/share/config.site" "$prefix/etc/config.site"
+else
+ set x "$ac_default_prefix/share/config.site" \
+ "$ac_default_prefix/etc/config.site"
fi
-for ac_site_file in $CONFIG_SITE; do
+shift
+for ac_site_file
+do
if test -r "$ac_site_file"; then
{ echo "$as_me:$LINENO: loading site script $ac_site_file" >&5
echo "$as_me: loading site script $ac_site_file" >&6;}
@@ -1229,8 +1948,8 @@ if test -r "$cache_file"; then
{ echo "$as_me:$LINENO: loading cache $cache_file" >&5
echo "$as_me: loading cache $cache_file" >&6;}
case $cache_file in
- [\\/]* | ?:[\\/]* ) . $cache_file;;
- *) . ./$cache_file;;
+ [\\/]* | ?:[\\/]* ) . "$cache_file";;
+ *) . "./$cache_file";;
esac
fi
else
@@ -1242,12 +1961,11 @@ fi
# Check that the precious variables saved in the cache have kept the same
# value.
ac_cache_corrupted=false
-for ac_var in `(set) 2>&1 |
- sed -n 's/^ac_env_\([a-zA-Z_0-9]*\)_set=.*/\1/p'`; do
+for ac_var in $ac_precious_vars; do
eval ac_old_set=\$ac_cv_env_${ac_var}_set
eval ac_new_set=\$ac_env_${ac_var}_set
- eval ac_old_val="\$ac_cv_env_${ac_var}_value"
- eval ac_new_val="\$ac_env_${ac_var}_value"
+ eval ac_old_val=\$ac_cv_env_${ac_var}_value
+ eval ac_new_val=\$ac_env_${ac_var}_value
case $ac_old_set,$ac_new_set in
set,)
{ echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
@@ -1272,8 +1990,7 @@ echo "$as_me: current value: $ac_new_val" >&2;}
# Pass precious variables to config.status.
if test "$ac_new_set" = set; then
case $ac_new_val in
- *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*)
- ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
+ *\'*) ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
*) ac_arg=$ac_var=$ac_new_val ;;
esac
case " $ac_configure_args " in
@@ -1290,6 +2007,22 @@ echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start ov
{ (exit 1); exit 1; }; }
fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
ac_ext=c
ac_cpp='$CPP $CPPFLAGS'
ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
@@ -1297,77 +2030,388 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $
ac_compiler_gnu=$ac_cv_c_compiler_gnu
+am__api_version='1.10'
+
+ac_aux_dir=
+for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
+ if test -f "$ac_dir/install-sh"; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/install-sh -c"
+ break
+ elif test -f "$ac_dir/install.sh"; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/install.sh -c"
+ break
+ elif test -f "$ac_dir/shtool"; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/shtool install -c"
+ break
+ fi
+done
+if test -z "$ac_aux_dir"; then
+ { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" >&5
+echo "$as_me: error: cannot find install-sh or install.sh in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+# These three variables are undocumented and unsupported,
+# and are intended to be withdrawn in a future Autoconf release.
+# They can cause serious problems if a builder's source tree is in a directory
+# whose full name contains unusual characters.
+ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var.
+ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var.
+ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
+
+
+# Find a good install program. We prefer a C program (faster),
+# so one script is as good as another. But avoid the broken or
+# incompatible versions:
+# SysV /etc/install, /usr/sbin/install
+# SunOS /usr/etc/install
+# IRIX /sbin/install
+# AIX /bin/install
+# AmigaOS /C/install, which installs bootblocks on floppy discs
+# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
+# AFS /usr/afsws/bin/install, which mishandles nonexistent args
+# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
+# OS/2's system install, which has a completely different semantic
+# ./install, which can be erroneously created by make from ./install.sh.
+{ echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5
+echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6; }
+if test -z "$INSTALL"; then
+if test "${ac_cv_path_install+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ # Account for people who put trailing slashes in PATH elements.
+case $as_dir/ in
+ ./ | .// | /cC/* | \
+ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \
+ ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \
+ /usr/ucb/* ) ;;
+ *)
+ # OSF1 and SCO ODT 3.0 have their own names for install.
+ # Don't use installbsd from OSF since it installs stuff as root
+ # by default.
+ for ac_prog in ginstall scoinst install; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then
+ if test $ac_prog = install &&
+ grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+ # AIX install. It has an incompatible calling convention.
+ :
+ elif test $ac_prog = install &&
+ grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+ # program-specific install script used by HP pwplus--don't use.
+ :
+ else
+ ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c"
+ break 3
+ fi
+ fi
+ done
+ done
+ ;;
+esac
+done
+IFS=$as_save_IFS
+
+fi
+ if test "${ac_cv_path_install+set}" = set; then
+ INSTALL=$ac_cv_path_install
+ else
+ # As a last resort, use the slow shell script. Don't cache a
+ # value for INSTALL within a source directory, because that will
+ # break other packages using the cache if that directory is
+ # removed, or if the value is a relative name.
+ INSTALL=$ac_install_sh
+ fi
+fi
+{ echo "$as_me:$LINENO: result: $INSTALL" >&5
+echo "${ECHO_T}$INSTALL" >&6; }
+# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
+# It thinks the first close brace ends the variable substitution.
+test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
+test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}'
+test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
+{ echo "$as_me:$LINENO: checking whether build environment is sane" >&5
+echo $ECHO_N "checking whether build environment is sane... $ECHO_C" >&6; }
+# Just in case
+sleep 1
+echo timestamp > conftest.file
+# Do `set' in a subshell so we don't clobber the current shell's
+# arguments. Must try -L first in case configure is actually a
+# symlink; some systems play weird games with the mod time of symlinks
+# (eg FreeBSD returns the mod time of the symlink's containing
+# directory).
+if (
+ set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null`
+ if test "$*" = "X"; then
+ # -L didn't work.
+ set X `ls -t $srcdir/configure conftest.file`
+ fi
+ rm -f conftest.file
+ if test "$*" != "X $srcdir/configure conftest.file" \
+ && test "$*" != "X conftest.file $srcdir/configure"; then
+
+ # If neither matched, then we have a broken ls. This can happen
+ # if, for instance, CONFIG_SHELL is bash and it inherits a
+ # broken ls alias from the environment. This has actually
+ # happened. Such a system could not be considered "sane".
+ { { echo "$as_me:$LINENO: error: ls -t appears to fail. Make sure there is not a broken
+alias in your environment" >&5
+echo "$as_me: error: ls -t appears to fail. Make sure there is not a broken
+alias in your environment" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+ test "$2" = conftest.file
+ )
+then
+ # Ok.
+ :
+else
+ { { echo "$as_me:$LINENO: error: newly created file is older than distributed files!
+Check your system clock" >&5
+echo "$as_me: error: newly created file is older than distributed files!
+Check your system clock" >&2;}
+ { (exit 1); exit 1; }; }
+fi
+{ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
+test "$program_prefix" != NONE &&
+ program_transform_name="s&^&$program_prefix&;$program_transform_name"
+# Use a double $ so make ignores it.
+test "$program_suffix" != NONE &&
+ program_transform_name="s&\$&$program_suffix&;$program_transform_name"
+# Double any \ or $. echo might interpret backslashes.
+# By default was `s,x,x', remove it if useless.
+cat <<\_ACEOF >conftest.sed
+s/[\\$]/&&/g;s/;s,x,x,$//
+_ACEOF
+program_transform_name=`echo $program_transform_name | sed -f conftest.sed`
+rm -f conftest.sed
+# expand $ac_aux_dir to an absolute path
+am_aux_dir=`cd $ac_aux_dir && pwd`
+test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing"
+# Use eval to expand $SHELL
+if eval "$MISSING --run true"; then
+ am_missing_run="$MISSING --run "
+else
+ am_missing_run=
+ { echo "$as_me:$LINENO: WARNING: \`missing' script is too old or missing" >&5
+echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;}
+fi
+{ echo "$as_me:$LINENO: checking for a thread-safe mkdir -p" >&5
+echo $ECHO_N "checking for a thread-safe mkdir -p... $ECHO_C" >&6; }
+if test -z "$MKDIR_P"; then
+ if test "${ac_cv_path_mkdir+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_prog in mkdir gmkdir; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue
+ case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #(
+ 'mkdir (GNU coreutils) '* | \
+ 'mkdir (coreutils) '* | \
+ 'mkdir (fileutils) '4.1*)
+ ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext
+ break 3;;
+ esac
+ done
+ done
+done
+IFS=$as_save_IFS
+fi
+ if test "${ac_cv_path_mkdir+set}" = set; then
+ MKDIR_P="$ac_cv_path_mkdir -p"
+ else
+ # As a last resort, use the slow shell script. Don't cache a
+ # value for MKDIR_P within a source directory, because that will
+ # break other packages using the cache if that directory is
+ # removed, or if the value is a relative name.
+ test -d ./--version && rmdir ./--version
+ MKDIR_P="$ac_install_sh -d"
+ fi
+fi
+{ echo "$as_me:$LINENO: result: $MKDIR_P" >&5
+echo "${ECHO_T}$MKDIR_P" >&6; }
+mkdir_p="$MKDIR_P"
+case $mkdir_p in
+ [\\/$]* | ?:[\\/]*) ;;
+ */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;;
+esac
+for ac_prog in gawk mawk nawk awk
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_AWK+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$AWK"; then
+ ac_cv_prog_AWK="$AWK" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_AWK="$ac_prog"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+fi
+fi
+AWK=$ac_cv_prog_AWK
+if test -n "$AWK"; then
+ { echo "$as_me:$LINENO: result: $AWK" >&5
+echo "${ECHO_T}$AWK" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+ test -n "$AWK" && break
+done
+{ echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \$(MAKE)" >&5
+echo $ECHO_N "checking whether ${MAKE-make} sets \$(MAKE)... $ECHO_C" >&6; }
+set x ${MAKE-make}; ac_make=`echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
+if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.make <<\_ACEOF
+SHELL = /bin/sh
+all:
+ @echo '@@@%%%=$(MAKE)=@@@%%%'
+_ACEOF
+# GNU make sometimes prints "make[1]: Entering...", which would confuse us.
+case `${MAKE-make} -f conftest.make 2>/dev/null` in
+ *@@@%%%=?*=@@@%%%*)
+ eval ac_cv_prog_make_${ac_make}_set=yes;;
+ *)
+ eval ac_cv_prog_make_${ac_make}_set=no;;
+esac
+rm -f conftest.make
+fi
+if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then
+ { echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
+ SET_MAKE=
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+ SET_MAKE="MAKE=${MAKE-make}"
+fi
- ac_config_headers="$ac_config_headers _pam_aconf.h"
+rm -rf .tst 2>/dev/null
+mkdir .tst 2>/dev/null
+if test -d .tst; then
+ am__leading_dot=.
+else
+ am__leading_dot=_
+fi
+rmdir .tst 2>/dev/null
+if test "`cd $srcdir && pwd`" != "`pwd`"; then
+ # Use -I$(srcdir) only when $(srcdir) != ., so that make's output
+ # is not polluted with repeated "-I."
+ am__isrc=' -I$(srcdir)'
+ # test to see if srcdir already configured
+ if test -f $srcdir/config.status; then
+ { { echo "$as_me:$LINENO: error: source directory already configured; run \"make distclean\" there first" >&5
+echo "$as_me: error: source directory already configured; run \"make distclean\" there first" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+fi
+# test whether we have cygpath
+if test -z "$CYGPATH_W"; then
+ if (cygpath --version) >/dev/null 2>/dev/null; then
+ CYGPATH_W='cygpath -w'
+ else
+ CYGPATH_W=echo
+ fi
+fi
-LIBPAM_VERSION_MAJOR=0
-LIBPAM_VERSION_MINOR=79
+# Define the identity of the package.
+ PACKAGE="Linux-PAM"
+ VERSION=0.99.7.1
-cat >>confdefs.h <<\_ACEOF
-#define LIBPAM_VERSION_MAJOR 1
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE "$PACKAGE"
_ACEOF
-cat >>confdefs.h <<\_ACEOF
-#define LIBPAM_VERSION_MINOR 1
+
+cat >>confdefs.h <<_ACEOF
+#define VERSION "$VERSION"
_ACEOF
+# Some tools Automake needs.
+ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"}
+AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"}
-LOCALSRCDIR=`/bin/pwd` ;
-LOCALOBJDIR=`/bin/pwd` ;
-OS=`uname|sed -e 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/'`
+AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"}
-CONF_CFLAGS= ;
-MKDIR="mkdir -p" ;
+AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"}
-SHLIBMODE=755 ;
-MANMODE=644 ;
-USESONAME=yes ;
-SOSWITCH="-Wl,-soname -Wl," ;
-NEEDSONAME=yes ;
-LDCONFIG=/sbin/ldconfig ;
+MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}gcc; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_CC+set}" = set; then
+install_sh=${install_sh-"\$(SHELL) $am_aux_dir/install-sh"}
+
+# Installed binaries are usually stripped using `strip' when the user
+# run `make install-strip'. However `strip' might not be the right
+# tool to use in cross-compilation environments, therefore Automake
+# will honor the `STRIP' environment variable to overrule this program.
+if test "$cross_compiling" != no; then
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
+set dummy ${ac_tool_prefix}strip; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_STRIP+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
+ if test -n "$STRIP"; then
+ ac_cv_prog_STRIP="$STRIP" # Let the user override the test.
else
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
@@ -1375,37 +2419,39 @@ do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_CC="${ac_tool_prefix}gcc"
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_STRIP="${ac_tool_prefix}strip"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
fi
fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- echo "$as_me:$LINENO: result: $CC" >&5
-echo "${ECHO_T}$CC" >&6
+STRIP=$ac_cv_prog_STRIP
+if test -n "$STRIP"; then
+ { echo "$as_me:$LINENO: result: $STRIP" >&5
+echo "${ECHO_T}$STRIP" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
+
fi
-if test -z "$ac_cv_prog_CC"; then
- ac_ct_CC=$CC
- # Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
+if test -z "$ac_cv_prog_STRIP"; then
+ ac_ct_STRIP=$STRIP
+ # Extract the first word of "strip", so it can be a program name with args.
+set dummy strip; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+ if test -n "$ac_ct_STRIP"; then
+ ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test.
else
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
@@ -1413,36 +2459,310 @@ do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_ac_ct_CC="gcc"
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_STRIP="strip"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
fi
fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
-echo "${ECHO_T}$ac_ct_CC" >&6
+ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP
+if test -n "$ac_ct_STRIP"; then
+ { echo "$as_me:$LINENO: result: $ac_ct_STRIP" >&5
+echo "${ECHO_T}$ac_ct_STRIP" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
- CC=$ac_ct_CC
+ if test "x$ac_ct_STRIP" = x; then
+ STRIP=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&5
+echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&2;}
+ac_tool_warned=yes ;;
+esac
+ STRIP=$ac_ct_STRIP
+ fi
else
- CC="$ac_cv_prog_CC"
+ STRIP="$ac_cv_prog_STRIP"
fi
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}cc; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+fi
+INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
+
+# We need awk for the "check" target. The system "awk" is bad on
+# some platforms.
+# Always define AMTAR for backward compatibility.
+
+AMTAR=${AMTAR-"${am_missing_run}tar"}
+
+am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'
+
+
+
+
+
+
+ac_config_headers="$ac_config_headers config.h"
+
+# Make sure we can run config.sub.
+$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 ||
+ { { echo "$as_me:$LINENO: error: cannot run $SHELL $ac_aux_dir/config.sub" >&5
+echo "$as_me: error: cannot run $SHELL $ac_aux_dir/config.sub" >&2;}
+ { (exit 1); exit 1; }; }
+
+{ echo "$as_me:$LINENO: checking build system type" >&5
+echo $ECHO_N "checking build system type... $ECHO_C" >&6; }
+if test "${ac_cv_build+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_build_alias=$build_alias
+test "x$ac_build_alias" = x &&
+ ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"`
+test "x$ac_build_alias" = x &&
+ { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5
+echo "$as_me: error: cannot guess build type; you must specify one" >&2;}
+ { (exit 1); exit 1; }; }
+ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` ||
+ { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&5
+echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&2;}
+ { (exit 1); exit 1; }; }
+
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_build" >&5
+echo "${ECHO_T}$ac_cv_build" >&6; }
+case $ac_cv_build in
+*-*-*) ;;
+*) { { echo "$as_me:$LINENO: error: invalid value of canonical build" >&5
+echo "$as_me: error: invalid value of canonical build" >&2;}
+ { (exit 1); exit 1; }; };;
+esac
+build=$ac_cv_build
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_build
+shift
+build_cpu=$1
+build_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+build_os=$*
+IFS=$ac_save_IFS
+case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac
+
+
+{ echo "$as_me:$LINENO: checking host system type" >&5
+echo $ECHO_N "checking host system type... $ECHO_C" >&6; }
+if test "${ac_cv_host+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test "x$host_alias" = x; then
+ ac_cv_host=$ac_cv_build
+else
+ ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` ||
+ { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&5
+echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_host" >&5
+echo "${ECHO_T}$ac_cv_host" >&6; }
+case $ac_cv_host in
+*-*-*) ;;
+*) { { echo "$as_me:$LINENO: error: invalid value of canonical host" >&5
+echo "$as_me: error: invalid value of canonical host" >&2;}
+ { (exit 1); exit 1; }; };;
+esac
+host=$ac_cv_host
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_host
+shift
+host_cpu=$1
+host_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+host_os=$*
+IFS=$ac_save_IFS
+case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac
+
+
+
+
+
+
+
+
+test "${prefix}" = "NONE" && prefix="/usr"
+if test ${prefix} = '/usr'
+then
+ if test ${sysconfdir} = '${prefix}/etc'
+ then
+ sysconfdir="/etc"
+ fi
+ if test ${libdir} = '${exec_prefix}/lib'
+ then
+ libdir="/lib"
+ fi
+ if test ${sbindir} = '${exec_prefix}/sbin'
+ then
+ sbindir="/sbin"
+ fi
+ if test ${mandir} = '${prefix}/man'
+ then
+ mandir='${prefix}/share/man'
+ fi
+ if test ${includedir} = '${prefix}/include'
+ then
+ includedir="${prefix}/include/security"
+ fi
+fi
+
+# Check whether --enable-static-modules was given.
+if test "${enable_static_modules+set}" = set; then
+ enableval=$enable_static_modules; STATIC_MODULES=$enableval
+else
+ STATIC_MODULES=no
+fi
+
+if test "$STATIC_MODULES" != "no" ; then
+ CFLAGS="$CFLAGS -DPAM_STATIC"
+ # Check whether --enable-static was given.
+if test "${enable_static+set}" = set; then
+ enableval=$enable_static; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_static=yes ;;
+ no) enable_static=no ;;
+ *)
+ enable_static=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_static=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac
+else
+ enable_static=yes
+fi
+
+
+ # Check whether --enable-shared was given.
+if test "${enable_shared+set}" = set; then
+ enableval=$enable_shared; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_shared=yes ;;
+ no) enable_shared=no ;;
+ *)
+ enable_shared=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_shared=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac
+else
+ enable_shared=no
+fi
+
+
+else
+# per default don't build static libraries
+ # Check whether --enable-static was given.
+if test "${enable_static+set}" = set; then
+ enableval=$enable_static; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_static=yes ;;
+ no) enable_static=no ;;
+ *)
+ enable_static=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_static=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac
+else
+ enable_static=no
+fi
+
+
+ # Check whether --enable-shared was given.
+if test "${enable_shared+set}" = set; then
+ enableval=$enable_shared; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_shared=yes ;;
+ no) enable_shared=no ;;
+ *)
+ enable_shared=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_shared=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac
+else
+ enable_shared=yes
+fi
+
+
+fi
+ if test "$STATIC_MODULES" != "no"; then
+ STATIC_MODULES_TRUE=
+ STATIC_MODULES_FALSE='#'
+else
+ STATIC_MODULES_TRUE='#'
+ STATIC_MODULES_FALSE=
+fi
+
+
+
+cat >>confdefs.h <<\_ACEOF
+#define _GNU_SOURCE 1
+_ACEOF
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}gcc; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
if test "${ac_cv_prog_CC+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -1455,32 +2775,34 @@ do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_CC="${ac_tool_prefix}cc"
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_CC="${ac_tool_prefix}gcc"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
fi
fi
CC=$ac_cv_prog_CC
if test -n "$CC"; then
- echo "$as_me:$LINENO: result: $CC" >&5
-echo "${ECHO_T}$CC" >&6
+ { echo "$as_me:$LINENO: result: $CC" >&5
+echo "${ECHO_T}$CC" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
+
fi
if test -z "$ac_cv_prog_CC"; then
ac_ct_CC=$CC
- # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+ # Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -1493,36 +2815,91 @@ do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_ac_ct_CC="cc"
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_CC="gcc"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
fi
fi
ac_ct_CC=$ac_cv_prog_ac_ct_CC
if test -n "$ac_ct_CC"; then
- echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
-echo "${ECHO_T}$ac_ct_CC" >&6
+ { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
+echo "${ECHO_T}$ac_ct_CC" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
- CC=$ac_ct_CC
+ if test "x$ac_ct_CC" = x; then
+ CC=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&5
+echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&2;}
+ac_tool_warned=yes ;;
+esac
+ CC=$ac_ct_CC
+ fi
else
CC="$ac_cv_prog_CC"
fi
+if test -z "$CC"; then
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}cc; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_CC+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_CC="${ac_tool_prefix}cc"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { echo "$as_me:$LINENO: result: $CC" >&5
+echo "${ECHO_T}$CC" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+ fi
fi
if test -z "$CC"; then
# Extract the first word of "cc", so it can be a program name with args.
set dummy cc; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
if test "${ac_cv_prog_CC+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -1536,7 +2913,7 @@ do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
ac_prog_rejected=yes
continue
@@ -1547,6 +2924,7 @@ do
fi
done
done
+IFS=$as_save_IFS
if test $ac_prog_rejected = yes; then
# We found a bogon in the path, so make sure we never use it.
@@ -1564,22 +2942,23 @@ fi
fi
CC=$ac_cv_prog_CC
if test -n "$CC"; then
- echo "$as_me:$LINENO: result: $CC" >&5
-echo "${ECHO_T}$CC" >&6
+ { echo "$as_me:$LINENO: result: $CC" >&5
+echo "${ECHO_T}$CC" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
+
fi
if test -z "$CC"; then
if test -n "$ac_tool_prefix"; then
- for ac_prog in cl
+ for ac_prog in cl.exe
do
# Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
set dummy $ac_tool_prefix$ac_prog; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
if test "${ac_cv_prog_CC+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -1592,36 +2971,38 @@ do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
fi
fi
CC=$ac_cv_prog_CC
if test -n "$CC"; then
- echo "$as_me:$LINENO: result: $CC" >&5
-echo "${ECHO_T}$CC" >&6
+ { echo "$as_me:$LINENO: result: $CC" >&5
+echo "${ECHO_T}$CC" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
+
test -n "$CC" && break
done
fi
if test -z "$CC"; then
ac_ct_CC=$CC
- for ac_prog in cl
+ for ac_prog in cl.exe
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -1634,29 +3015,45 @@ do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_prog_ac_ct_CC="$ac_prog"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
fi
fi
ac_ct_CC=$ac_cv_prog_ac_ct_CC
if test -n "$ac_ct_CC"; then
- echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
-echo "${ECHO_T}$ac_ct_CC" >&6
+ { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
+echo "${ECHO_T}$ac_ct_CC" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
+
test -n "$ac_ct_CC" && break
done
- CC=$ac_ct_CC
+ if test "x$ac_ct_CC" = x; then
+ CC=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&5
+echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&2;}
+ac_tool_warned=yes ;;
+esac
+ CC=$ac_ct_CC
+ fi
fi
fi
@@ -1669,21 +3066,35 @@ See \`config.log' for more details." >&2;}
{ (exit 1); exit 1; }; }
# Provide some information about the compiler.
-echo "$as_me:$LINENO:" \
- "checking for C compiler version" >&5
+echo "$as_me:$LINENO: checking for C compiler version" >&5
ac_compiler=`set X $ac_compile; echo $2`
-{ (eval echo "$as_me:$LINENO: \"$ac_compiler --version </dev/null >&5\"") >&5
- (eval $ac_compiler --version </dev/null >&5) 2>&5
+{ (ac_try="$ac_compiler --version >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compiler --version >&5") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }
-{ (eval echo "$as_me:$LINENO: \"$ac_compiler -v </dev/null >&5\"") >&5
- (eval $ac_compiler -v </dev/null >&5) 2>&5
+{ (ac_try="$ac_compiler -v >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compiler -v >&5") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }
-{ (eval echo "$as_me:$LINENO: \"$ac_compiler -V </dev/null >&5\"") >&5
- (eval $ac_compiler -V </dev/null >&5) 2>&5
+{ (ac_try="$ac_compiler -V >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compiler -V >&5") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }
@@ -1708,47 +3119,77 @@ ac_clean_files="$ac_clean_files a.out a.exe b.out"
# Try to create an executable without -o first, disregard a.out.
# It will help us diagnose broken compilers, and finding out an intuition
# of exeext.
-echo "$as_me:$LINENO: checking for C compiler default output file name" >&5
-echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for C compiler default output file name" >&5
+echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6; }
ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
-if { (eval echo "$as_me:$LINENO: \"$ac_link_default\"") >&5
- (eval $ac_link_default) 2>&5
+#
+# List of possible output files, starting from the most likely.
+# The algorithm is not robust to junk in `.', hence go to wildcards (a.*)
+# only as a last resort. b.out is created by i960 compilers.
+ac_files='a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out'
+#
+# The IRIX 6 linker writes into existing files which may not be
+# executable, retaining their permissions. Remove them first so a
+# subsequent execution test works.
+ac_rmfiles=
+for ac_file in $ac_files
+do
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;;
+ * ) ac_rmfiles="$ac_rmfiles $ac_file";;
+ esac
+done
+rm -f $ac_rmfiles
+
+if { (ac_try="$ac_link_default"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link_default") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; then
- # Find the output, starting from the most likely. This scheme is
-# not robust to junk in `.', hence go to wildcards (a.*) only as a last
-# resort.
-
-# Be careful to initialize this variable, since it used to be cached.
-# Otherwise an old cache value of `no' led to `EXEEXT = no' in a Makefile.
-ac_cv_exeext=
-# b.out is created by i960 compilers.
-for ac_file in a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out
+ # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
+# So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
+# in a Makefile. We should not override ac_cv_exeext if it was cached,
+# so that the user can short-circuit this test for compilers unknown to
+# Autoconf.
+for ac_file in $ac_files ''
do
test -f "$ac_file" || continue
case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj )
- ;;
- conftest.$ac_ext )
- # This is the source file.
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj )
;;
[ab].out )
# We found the default executable, but exeext='' is most
# certainly right.
break;;
*.* )
- ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
- # FIXME: I believe we export ac_cv_exeext for Libtool,
- # but it would be cool to find out if it's true. Does anybody
- # maintain Libtool? --akim.
- export ac_cv_exeext
+ if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no;
+ then :; else
+ ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+ fi
+ # We set ac_cv_exeext here because the later test for it is not
+ # safe: cross compilers may not add the suffix if given an `-o'
+ # argument, so we may need to know it at that point already.
+ # Even if this section looks crufty: it has the advantage of
+ # actually working.
break;;
* )
break;;
esac
done
+test "$ac_cv_exeext" = no && ac_cv_exeext=
+
else
+ ac_file=''
+fi
+
+{ echo "$as_me:$LINENO: result: $ac_file" >&5
+echo "${ECHO_T}$ac_file" >&6; }
+if test -z "$ac_file"; then
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
@@ -1760,19 +3201,21 @@ See \`config.log' for more details." >&2;}
fi
ac_exeext=$ac_cv_exeext
-echo "$as_me:$LINENO: result: $ac_file" >&5
-echo "${ECHO_T}$ac_file" >&6
-# Check the compiler produces executables we can run. If not, either
+# Check that the compiler produces executables we can run. If not, either
# the compiler is broken, or we cross compile.
-echo "$as_me:$LINENO: checking whether the C compiler works" >&5
-echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking whether the C compiler works" >&5
+echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6; }
# FIXME: These cross compiler hacks should be removed for Autoconf 3.0
# If not cross compiling, check that we can run a simple program.
if test "$cross_compiling" != yes; then
if { ac_try='./$ac_file'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
@@ -1791,22 +3234,27 @@ See \`config.log' for more details." >&2;}
fi
fi
fi
-echo "$as_me:$LINENO: result: yes" >&5
-echo "${ECHO_T}yes" >&6
+{ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
rm -f a.out a.exe conftest$ac_cv_exeext b.out
ac_clean_files=$ac_clean_files_save
-# Check the compiler produces executables we can run. If not, either
+# Check that the compiler produces executables we can run. If not, either
# the compiler is broken, or we cross compile.
-echo "$as_me:$LINENO: checking whether we are cross compiling" >&5
-echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6
-echo "$as_me:$LINENO: result: $cross_compiling" >&5
-echo "${ECHO_T}$cross_compiling" >&6
-
-echo "$as_me:$LINENO: checking for suffix of executables" >&5
-echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
+{ echo "$as_me:$LINENO: checking whether we are cross compiling" >&5
+echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6; }
+{ echo "$as_me:$LINENO: result: $cross_compiling" >&5
+echo "${ECHO_T}$cross_compiling" >&6; }
+
+{ echo "$as_me:$LINENO: checking for suffix of executables" >&5
+echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6; }
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; then
@@ -1817,9 +3265,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
for ac_file in conftest.exe conftest conftest.*; do
test -f "$ac_file" || continue
case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) ;;
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;;
*.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
- export ac_cv_exeext
break;;
* ) break;;
esac
@@ -1833,14 +3280,14 @@ See \`config.log' for more details." >&2;}
fi
rm -f conftest$ac_cv_exeext
-echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5
-echo "${ECHO_T}$ac_cv_exeext" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5
+echo "${ECHO_T}$ac_cv_exeext" >&6; }
rm -f conftest.$ac_ext
EXEEXT=$ac_cv_exeext
ac_exeext=$EXEEXT
-echo "$as_me:$LINENO: checking for suffix of object files" >&5
-echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for suffix of object files" >&5
+echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6; }
if test "${ac_cv_objext+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -1860,14 +3307,20 @@ main ()
}
_ACEOF
rm -f conftest.o conftest.obj
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; then
- for ac_file in `(ls conftest.o conftest.obj; ls conftest.*) 2>/dev/null`; do
+ for ac_file in conftest.o conftest.obj conftest.*; do
+ test -f "$ac_file" || continue;
case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg ) ;;
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf ) ;;
*) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
break;;
esac
@@ -1885,12 +3338,12 @@ fi
rm -f conftest.$ac_cv_objext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: $ac_cv_objext" >&5
-echo "${ECHO_T}$ac_cv_objext" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_objext" >&5
+echo "${ECHO_T}$ac_cv_objext" >&6; }
OBJEXT=$ac_cv_objext
ac_objext=$OBJEXT
-echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5
-echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5
+echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6; }
if test "${ac_cv_c_compiler_gnu+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -1913,50 +3366,49 @@ main ()
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_compiler_gnu=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_compiler_gnu=no
+ ac_compiler_gnu=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
ac_cv_c_compiler_gnu=$ac_compiler_gnu
fi
-echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5
-echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5
+echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6; }
GCC=`test $ac_compiler_gnu = yes && echo yes`
ac_test_CFLAGS=${CFLAGS+set}
ac_save_CFLAGS=$CFLAGS
-CFLAGS="-g"
-echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5
-echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5
+echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6; }
if test "${ac_cv_prog_cc_g+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- cat >conftest.$ac_ext <<_ACEOF
+ ac_save_c_werror_flag=$ac_c_werror_flag
+ ac_c_werror_flag=yes
+ ac_cv_prog_cc_g=no
+ CFLAGS="-g"
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
@@ -1972,38 +3424,118 @@ main ()
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_prog_cc_g=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ CFLAGS=""
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ :
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_c_werror_flag=$ac_save_c_werror_flag
+ CFLAGS="-g"
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_cv_prog_cc_g=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_prog_cc_g=no
+
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ ac_c_werror_flag=$ac_save_c_werror_flag
fi
-echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5
-echo "${ECHO_T}$ac_cv_prog_cc_g" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5
+echo "${ECHO_T}$ac_cv_prog_cc_g" >&6; }
if test "$ac_test_CFLAGS" = set; then
CFLAGS=$ac_save_CFLAGS
elif test $ac_cv_prog_cc_g = yes; then
@@ -2019,12 +3551,12 @@ else
CFLAGS=
fi
fi
-echo "$as_me:$LINENO: checking for $CC option to accept ANSI C" >&5
-echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6
-if test "${ac_cv_prog_cc_stdc+set}" = set; then
+{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5
+echo $ECHO_N "checking for $CC option to accept ISO C89... $ECHO_C" >&6; }
+if test "${ac_cv_prog_cc_c89+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_cv_prog_cc_stdc=no
+ ac_cv_prog_cc_c89=no
ac_save_CC=$CC
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
@@ -2058,12 +3590,17 @@ static char *f (char * (*g) (char **, int), char **p, ...)
/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has
function prototypes and stuff, but not '\xHH' hex character constants.
These don't provoke an error unfortunately, instead are silently treated
- as 'x'. The following induces an error, until -std1 is added to get
+ as 'x'. The following induces an error, until -std is added to get
proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an
array size at least. It's necessary to write '\x00'==0 to get something
- that's true only with -std1. */
+ that's true only with -std. */
int osf4_cc_array ['\x00' == 0 ? 1 : -1];
+/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
+ inside strings and character constants. */
+#define FOO(x) 'x'
+int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
+
int test (int i, double x);
struct s1 {int (*f) (int a);};
struct s2 {int (*f) (double a);};
@@ -2078,217 +3615,239 @@ return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
return 0;
}
_ACEOF
-# Don't try gcc -ansi; that turns off useful extensions and
-# breaks some systems' header files.
-# AIX -qlanglvl=ansi
-# Ultrix and OSF/1 -std1
-# HP-UX 10.20 and later -Ae
-# HP-UX older versions -Aa -D_HPUX_SOURCE
-# SVR4 -Xc -D__EXTENSIONS__
-for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
+ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
do
CC="$ac_save_CC $ac_arg"
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_prog_cc_stdc=$ac_arg
-break
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_prog_cc_c89=$ac_arg
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
+
fi
-rm -f conftest.err conftest.$ac_objext
+
+rm -f core conftest.err conftest.$ac_objext
+ test "x$ac_cv_prog_cc_c89" != "xno" && break
done
-rm -f conftest.$ac_ext conftest.$ac_objext
+rm -f conftest.$ac_ext
CC=$ac_save_CC
fi
-
-case "x$ac_cv_prog_cc_stdc" in
- x|xno)
- echo "$as_me:$LINENO: result: none needed" >&5
-echo "${ECHO_T}none needed" >&6 ;;
+# AC_CACHE_VAL
+case "x$ac_cv_prog_cc_c89" in
+ x)
+ { echo "$as_me:$LINENO: result: none needed" >&5
+echo "${ECHO_T}none needed" >&6; } ;;
+ xno)
+ { echo "$as_me:$LINENO: result: unsupported" >&5
+echo "${ECHO_T}unsupported" >&6; } ;;
*)
- echo "$as_me:$LINENO: result: $ac_cv_prog_cc_stdc" >&5
-echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6
- CC="$CC $ac_cv_prog_cc_stdc" ;;
+ CC="$CC $ac_cv_prog_cc_c89"
+ { echo "$as_me:$LINENO: result: $ac_cv_prog_cc_c89" >&5
+echo "${ECHO_T}$ac_cv_prog_cc_c89" >&6; } ;;
esac
-# Some people use a C++ compiler to compile C. Since we use `exit',
-# in C++ we need to declare it. In case someone uses the same compiler
-# for both compiling C and C++ we need to have the C++ compiler decide
-# the declaration of exit, since it's the most demanding environment.
-cat >conftest.$ac_ext <<_ACEOF
-#ifndef __cplusplus
- choke me
-#endif
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- for ac_declaration in \
- '' \
- 'extern "C" void std::exit (int) throw (); using std::exit;' \
- 'extern "C" void std::exit (int); using std::exit;' \
- 'extern "C" void exit (int) throw ();' \
- 'extern "C" void exit (int);' \
- 'void exit (int);'
-do
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_declaration
-#include <stdlib.h>
-int
-main ()
-{
-exit (42);
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- :
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-continue
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+DEPDIR="${am__leading_dot}deps"
+
+ac_config_commands="$ac_config_commands depfiles"
+
+
+am_make=${MAKE-make}
+cat > confinc << 'END'
+am__doit:
+ @echo done
+.PHONY: am__doit
+END
+# If we don't find an include directive, just comment out the code.
+{ echo "$as_me:$LINENO: checking for style of include used by $am_make" >&5
+echo $ECHO_N "checking for style of include used by $am_make... $ECHO_C" >&6; }
+am__include="#"
+am__quote=
+_am_result=none
+# First try GNU make style include.
+echo "include confinc" > confmf
+# We grep out `Entering directory' and `Leaving directory'
+# messages which can occur if `w' ends up in MAKEFLAGS.
+# In particular we don't look at `^make:' because GNU make might
+# be invoked under some other name (usually "gmake"), in which
+# case it prints its new name instead of `make'.
+if test "`$am_make -s -f confmf 2> /dev/null | grep -v 'ing directory'`" = "done"; then
+ am__include=include
+ am__quote=
+ _am_result=GNU
+fi
+# Now try BSD make style include.
+if test "$am__include" = "#"; then
+ echo '.include "confinc"' > confmf
+ if test "`$am_make -s -f confmf 2> /dev/null`" = "done"; then
+ am__include=.include
+ am__quote="\""
+ _am_result=BSD
+ fi
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_declaration
-int
-main ()
-{
-exit (42);
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- break
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
+
+{ echo "$as_me:$LINENO: result: $_am_result" >&5
+echo "${ECHO_T}$_am_result" >&6; }
+rm -f confinc confmf
+
+# Check whether --enable-dependency-tracking was given.
+if test "${enable_dependency_tracking+set}" = set; then
+ enableval=$enable_dependency_tracking;
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-done
-rm -f conftest*
-if test -n "$ac_declaration"; then
- echo '#ifdef __cplusplus' >>confdefs.h
- echo $ac_declaration >>confdefs.h
- echo '#endif' >>confdefs.h
+
+if test "x$enable_dependency_tracking" != xno; then
+ am_depcomp="$ac_aux_dir/depcomp"
+ AMDEPBACKSLASH='\'
+fi
+ if test "x$enable_dependency_tracking" != xno; then
+ AMDEP_TRUE=
+ AMDEP_FALSE='#'
+else
+ AMDEP_TRUE='#'
+ AMDEP_FALSE=
fi
+
+
+depcc="$CC" am_compiler_list=
+
+{ echo "$as_me:$LINENO: checking dependency style of $depcc" >&5
+echo $ECHO_N "checking dependency style of $depcc... $ECHO_C" >&6; }
+if test "${am_cv_CC_dependencies_compiler_type+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
+ if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+ # We make a subdir and do the tests there. Otherwise we can end up
+ # making bogus files that we don't know about and never remove. For
+ # instance it was reported that on HP-UX the gcc test will end up
+ # making a dummy file named `D' -- because `-MD' means `put the output
+ # in D'.
+ mkdir conftest.dir
+ # Copy depcomp to subdir because otherwise we won't find it if we're
+ # using a relative directory.
+ cp "$am_depcomp" conftest.dir
+ cd conftest.dir
+ # We will build objects and dependencies in a subdirectory because
+ # it helps to detect inapplicable dependency modes. For instance
+ # both Tru64's cc and ICC support -MD to output dependencies as a
+ # side effect of compilation, but ICC will put the dependencies in
+ # the current directory while Tru64 will put them in the object
+ # directory.
+ mkdir sub
+
+ am_cv_CC_dependencies_compiler_type=none
+ if test "$am_compiler_list" = ""; then
+ am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp`
+ fi
+ for depmode in $am_compiler_list; do
+ # Setup a source with many dependencies, because some compilers
+ # like to wrap large dependency lists on column 80 (with \), and
+ # we should not choose a depcomp mode which is confused by this.
+ #
+ # We need to recreate these files for each test, as the compiler may
+ # overwrite some of them when testing with obscure command lines.
+ # This happens at least with the AIX C compiler.
+ : > sub/conftest.c
+ for i in 1 2 3 4 5 6; do
+ echo '#include "conftst'$i'.h"' >> sub/conftest.c
+ # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with
+ # Solaris 8's {/usr,}/bin/sh.
+ touch sub/conftst$i.h
+ done
+ echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+ case $depmode in
+ nosideeffect)
+ # after this tag, mechanisms are not by side-effect, so they'll
+ # only be used when explicitly requested
+ if test "x$enable_dependency_tracking" = xyes; then
+ continue
+ else
+ break
+ fi
+ ;;
+ none) break ;;
+ esac
+ # We check with `-c' and `-o' for the sake of the "dashmstdout"
+ # mode. It turns out that the SunPro C++ compiler does not properly
+ # handle `-M -o', and we need to detect this.
+ if depmode=$depmode \
+ source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \
+ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+ $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \
+ >/dev/null 2>conftest.err &&
+ grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 &&
+ ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+ # icc doesn't choke on unknown options, it will just issue warnings
+ # or remarks (even with -Werror). So we grep stderr for any message
+ # that says an option was ignored or not supported.
+ # When given -MP, icc 7.0 and 7.1 complain thusly:
+ # icc: Command line warning: ignoring option '-M'; no argument required
+ # The diagnosis changed in icc 8.0:
+ # icc: Command line remark: option '-MP' not supported
+ if (grep 'ignoring option' conftest.err ||
+ grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+ am_cv_CC_dependencies_compiler_type=$depmode
+ break
+ fi
+ fi
+ done
+ cd ..
+ rm -rf conftest.dir
+else
+ am_cv_CC_dependencies_compiler_type=none
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+fi
+{ echo "$as_me:$LINENO: result: $am_cv_CC_dependencies_compiler_type" >&5
+echo "${ECHO_T}$am_cv_CC_dependencies_compiler_type" >&6; }
+CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type
+
+ if
+ test "x$enable_dependency_tracking" != xno \
+ && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then
+ am__fastdepCC_TRUE=
+ am__fastdepCC_FALSE='#'
+else
+ am__fastdepCC_TRUE='#'
+ am__fastdepCC_FALSE=
+fi
+
for ac_prog in 'bison -y' byacc
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
if test "${ac_cv_prog_YACC+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -2301,25 +3860,27 @@ do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_prog_YACC="$ac_prog"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
fi
fi
YACC=$ac_cv_prog_YACC
if test -n "$YACC"; then
- echo "$as_me:$LINENO: result: $YACC" >&5
-echo "${ECHO_T}$YACC" >&6
+ { echo "$as_me:$LINENO: result: $YACC" >&5
+echo "${ECHO_T}$YACC" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
+
test -n "$YACC" && break
done
test -n "$YACC" || YACC="yacc"
@@ -2329,8 +3890,8 @@ for ac_prog in flex lex
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
if test "${ac_cv_prog_LEX+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -2343,253 +3904,182 @@ do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_prog_LEX="$ac_prog"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
fi
fi
LEX=$ac_cv_prog_LEX
if test -n "$LEX"; then
- echo "$as_me:$LINENO: result: $LEX" >&5
-echo "${ECHO_T}$LEX" >&6
+ { echo "$as_me:$LINENO: result: $LEX" >&5
+echo "${ECHO_T}$LEX" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
+
test -n "$LEX" && break
done
test -n "$LEX" || LEX=":"
-if test -z "$LEXLIB"
-then
- echo "$as_me:$LINENO: checking for yywrap in -lfl" >&5
-echo $ECHO_N "checking for yywrap in -lfl... $ECHO_C" >&6
-if test "${ac_cv_lib_fl_yywrap+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lfl $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
+if test "x$LEX" != "x:"; then
+ cat >conftest.l <<_ACEOF
+%%
+a { ECHO; }
+b { REJECT; }
+c { yymore (); }
+d { yyless (1); }
+e { yyless (input () != 0); }
+f { unput (yytext[0]); }
+. { BEGIN INITIAL; }
+%%
+#ifdef YYTEXT_POINTER
+extern char *yytext;
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char yywrap ();
int
-main ()
+main (void)
{
-yywrap ();
- ;
- return 0;
+ return ! yylex () + ! yywrap ();
}
_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+{ (ac_try="$LEX conftest.l"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$LEX conftest.l") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_fl_yywrap=yes
+ (exit $ac_status); }
+{ echo "$as_me:$LINENO: checking lex output file root" >&5
+echo $ECHO_N "checking lex output file root... $ECHO_C" >&6; }
+if test "${ac_cv_prog_lex_root+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_fl_yywrap=no
+if test -f lex.yy.c; then
+ ac_cv_prog_lex_root=lex.yy
+elif test -f lexyy.c; then
+ ac_cv_prog_lex_root=lexyy
+else
+ { { echo "$as_me:$LINENO: error: cannot find output from $LEX; giving up" >&5
+echo "$as_me: error: cannot find output from $LEX; giving up" >&2;}
+ { (exit 1); exit 1; }; }
fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_fl_yywrap" >&5
-echo "${ECHO_T}$ac_cv_lib_fl_yywrap" >&6
-if test $ac_cv_lib_fl_yywrap = yes; then
- LEXLIB="-lfl"
-else
- echo "$as_me:$LINENO: checking for yywrap in -ll" >&5
-echo $ECHO_N "checking for yywrap in -ll... $ECHO_C" >&6
-if test "${ac_cv_lib_l_yywrap+set}" = set; then
+{ echo "$as_me:$LINENO: result: $ac_cv_prog_lex_root" >&5
+echo "${ECHO_T}$ac_cv_prog_lex_root" >&6; }
+LEX_OUTPUT_ROOT=$ac_cv_prog_lex_root
+
+if test -z "${LEXLIB+set}"; then
+ { echo "$as_me:$LINENO: checking lex library" >&5
+echo $ECHO_N "checking lex library... $ECHO_C" >&6; }
+if test "${ac_cv_lib_lex+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-ll $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char yywrap ();
-int
-main ()
-{
-yywrap ();
- ;
- return 0;
-}
+ ac_save_LIBS=$LIBS
+ ac_cv_lib_lex='none needed'
+ for ac_lib in '' -lfl -ll; do
+ LIBS="$ac_lib $ac_save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+`cat $LEX_OUTPUT_ROOT.c`
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_l_yywrap=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_lex=$ac_lib
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_l_yywrap=no
-fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_l_yywrap" >&5
-echo "${ECHO_T}$ac_cv_lib_l_yywrap" >&6
-if test $ac_cv_lib_l_yywrap = yes; then
- LEXLIB="-ll"
-fi
fi
-fi
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ test "$ac_cv_lib_lex" != 'none needed' && break
+ done
+ LIBS=$ac_save_LIBS
-if test "x$LEX" != "x:"; then
- echo "$as_me:$LINENO: checking lex output file root" >&5
-echo $ECHO_N "checking lex output file root... $ECHO_C" >&6
-if test "${ac_cv_prog_lex_root+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- # The minimal lex program is just a single line: %%. But some broken lexes
-# (Solaris, I think it was) want two %% lines, so accommodate them.
-cat >conftest.l <<_ACEOF
-%%
-%%
-_ACEOF
-{ (eval echo "$as_me:$LINENO: \"$LEX conftest.l\"") >&5
- (eval $LEX conftest.l) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }
-if test -f lex.yy.c; then
- ac_cv_prog_lex_root=lex.yy
-elif test -f lexyy.c; then
- ac_cv_prog_lex_root=lexyy
-else
- { { echo "$as_me:$LINENO: error: cannot find output from $LEX; giving up" >&5
-echo "$as_me: error: cannot find output from $LEX; giving up" >&2;}
- { (exit 1); exit 1; }; }
fi
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_lex" >&5
+echo "${ECHO_T}$ac_cv_lib_lex" >&6; }
+ test "$ac_cv_lib_lex" != 'none needed' && LEXLIB=$ac_cv_lib_lex
fi
-echo "$as_me:$LINENO: result: $ac_cv_prog_lex_root" >&5
-echo "${ECHO_T}$ac_cv_prog_lex_root" >&6
-rm -f conftest.l
-LEX_OUTPUT_ROOT=$ac_cv_prog_lex_root
-echo "$as_me:$LINENO: checking whether yytext is a pointer" >&5
-echo $ECHO_N "checking whether yytext is a pointer... $ECHO_C" >&6
+
+{ echo "$as_me:$LINENO: checking whether yytext is a pointer" >&5
+echo $ECHO_N "checking whether yytext is a pointer... $ECHO_C" >&6; }
if test "${ac_cv_prog_lex_yytext_pointer+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
# POSIX says lex can declare yytext either as a pointer or an array; the
-# default is implementation-dependent. Figure out which it is, since
+# default is implementation-dependent. Figure out which it is, since
# not all implementations provide the %pointer and %array declarations.
ac_cv_prog_lex_yytext_pointer=no
-echo 'extern char *yytext;' >>$LEX_OUTPUT_ROOT.c
ac_save_LIBS=$LIBS
-LIBS="$LIBS $LEXLIB"
+LIBS="$LEXLIB $ac_save_LIBS"
cat >conftest.$ac_ext <<_ACEOF
+#define YYTEXT_POINTER 1
`cat $LEX_OUTPUT_ROOT.c`
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
ac_cv_prog_lex_yytext_pointer=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
+
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_save_LIBS
-rm -f "${LEX_OUTPUT_ROOT}.c"
fi
-echo "$as_me:$LINENO: result: $ac_cv_prog_lex_yytext_pointer" >&5
-echo "${ECHO_T}$ac_cv_prog_lex_yytext_pointer" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_prog_lex_yytext_pointer" >&5
+echo "${ECHO_T}$ac_cv_prog_lex_yytext_pointer" >&6; }
if test $ac_cv_prog_lex_yytext_pointer = yes; then
cat >>confdefs.h <<\_ACEOF
@@ -2597,33 +4087,12 @@ cat >>confdefs.h <<\_ACEOF
_ACEOF
fi
+rm -f conftest.l $LEX_OUTPUT_ROOT.c
fi
-ac_aux_dir=
-for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
- if test -f $ac_dir/install-sh; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/install-sh -c"
- break
- elif test -f $ac_dir/install.sh; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/install.sh -c"
- break
- elif test -f $ac_dir/shtool; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/shtool install -c"
- break
- fi
-done
-if test -z "$ac_aux_dir"; then
- { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5
-echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;}
- { (exit 1); exit 1; }; }
+if test "$LEX" = :; then
+ LEX=${am_missing_run}flex
fi
-ac_config_guess="$SHELL $ac_aux_dir/config.guess"
-ac_config_sub="$SHELL $ac_aux_dir/config.sub"
-ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure.
-
# Find a good install program. We prefer a C program (faster),
# so one script is as good as another. But avoid the broken or
# incompatible versions:
@@ -2637,8 +4106,8 @@ ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure.
# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
# OS/2's system install, which has a completely different semantic
# ./install, which can be erroneously created by make from ./install.sh.
-echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5
-echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5
+echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6; }
if test -z "$INSTALL"; then
if test "${ac_cv_path_install+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -2660,7 +4129,7 @@ case $as_dir/ in
# by default.
for ac_prog in ginstall scoinst install; do
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then
+ if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then
if test $ac_prog = install &&
grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
# AIX install. It has an incompatible calling convention.
@@ -2679,21 +4148,22 @@ case $as_dir/ in
;;
esac
done
+IFS=$as_save_IFS
fi
if test "${ac_cv_path_install+set}" = set; then
INSTALL=$ac_cv_path_install
else
- # As a last resort, use the slow shell script. We don't cache a
- # path for INSTALL within a source directory, because that will
+ # As a last resort, use the slow shell script. Don't cache a
+ # value for INSTALL within a source directory, because that will
# break other packages using the cache if that directory is
- # removed, or if the path is relative.
+ # removed, or if the value is a relative name.
INSTALL=$ac_install_sh
fi
fi
-echo "$as_me:$LINENO: result: $INSTALL" >&5
-echo "${ECHO_T}$INSTALL" >&6
+{ echo "$as_me:$LINENO: result: $INSTALL" >&5
+echo "${ECHO_T}$INSTALL" >&6; }
# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
# It thinks the first close brace ends the variable substitution.
@@ -2703,239 +4173,877 @@ test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}'
test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
-echo "$as_me:$LINENO: checking whether ln -s works" >&5
-echo $ECHO_N "checking whether ln -s works... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking whether ln -s works" >&5
+echo $ECHO_N "checking whether ln -s works... $ECHO_C" >&6; }
LN_S=$as_ln_s
if test "$LN_S" = "ln -s"; then
- echo "$as_me:$LINENO: result: yes" >&5
-echo "${ECHO_T}yes" >&6
+ { echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
else
- echo "$as_me:$LINENO: result: no, using $LN_S" >&5
-echo "${ECHO_T}no, using $LN_S" >&6
+ { echo "$as_me:$LINENO: result: no, using $LN_S" >&5
+echo "${ECHO_T}no, using $LN_S" >&6; }
fi
-echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \$(MAKE)" >&5
-echo $ECHO_N "checking whether ${MAKE-make} sets \$(MAKE)... $ECHO_C" >&6
-set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y,:./+-,___p_,'`
-if eval "test \"\${ac_cv_prog_make_${ac_make}_set+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \$(MAKE)" >&5
+echo $ECHO_N "checking whether ${MAKE-make} sets \$(MAKE)... $ECHO_C" >&6; }
+set x ${MAKE-make}; ac_make=`echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
+if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.make <<\_ACEOF
+SHELL = /bin/sh
all:
- @echo 'ac_maketemp="$(MAKE)"'
+ @echo '@@@%%%=$(MAKE)=@@@%%%'
_ACEOF
# GNU make sometimes prints "make[1]: Entering...", which would confuse us.
-eval `${MAKE-make} -f conftest.make 2>/dev/null | grep temp=`
-if test -n "$ac_maketemp"; then
- eval ac_cv_prog_make_${ac_make}_set=yes
-else
- eval ac_cv_prog_make_${ac_make}_set=no
-fi
+case `${MAKE-make} -f conftest.make 2>/dev/null` in
+ *@@@%%%=?*=@@@%%%*)
+ eval ac_cv_prog_make_${ac_make}_set=yes;;
+ *)
+ eval ac_cv_prog_make_${ac_make}_set=no;;
+esac
rm -f conftest.make
fi
-if eval "test \"`echo '$ac_cv_prog_make_'${ac_make}_set`\" = yes"; then
- echo "$as_me:$LINENO: result: yes" >&5
-echo "${ECHO_T}yes" >&6
+if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then
+ { echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
SET_MAKE=
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
SET_MAKE="MAKE=${MAKE-make}"
fi
+# Check whether --enable-fast-install was given.
+if test "${enable_fast_install+set}" = set; then
+ enableval=$enable_fast_install; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_fast_install=yes ;;
+ no) enable_fast_install=no ;;
+ *)
+ enable_fast_install=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_fast_install=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac
+else
+ enable_fast_install=yes
+fi
-# Check whether --enable-debug or --disable-debug was given.
-if test "${enable_debug+set}" = set; then
- enableval="$enable_debug"
- WITH_DEBUG=yes ; cat >>confdefs.h <<\_ACEOF
-#define DEBUG 1
-_ACEOF
-
+{ echo "$as_me:$LINENO: checking for a sed that does not truncate output" >&5
+echo $ECHO_N "checking for a sed that does not truncate output... $ECHO_C" >&6; }
+if test "${lt_cv_path_SED+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- WITH_DEBUG=no
-fi;
+ # Loop through the user's path and test for sed and gsed.
+# Then use that list of sed's as ones to test for truncation.
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for lt_ac_prog in sed gsed; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then
+ lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext"
+ fi
+ done
+ done
+done
+lt_ac_max=0
+lt_ac_count=0
+# Add /usr/xpg4/bin/sed as it is typically found on Solaris
+# along with /bin/sed that truncates output.
+for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do
+ test ! -f $lt_ac_sed && continue
+ cat /dev/null > conftest.in
+ lt_ac_count=0
+ echo $ECHO_N "0123456789$ECHO_C" >conftest.in
+ # Check for GNU sed and select it if it is found.
+ if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then
+ lt_cv_path_SED=$lt_ac_sed
+ break
+ fi
+ while true; do
+ cat conftest.in conftest.in >conftest.tmp
+ mv conftest.tmp conftest.in
+ cp conftest.in conftest.nl
+ echo >>conftest.nl
+ $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break
+ cmp -s conftest.out conftest.nl || break
+ # 10000 chars as input seems more than enough
+ test $lt_ac_count -gt 10 && break
+ lt_ac_count=`expr $lt_ac_count + 1`
+ if test $lt_ac_count -gt $lt_ac_max; then
+ lt_ac_max=$lt_ac_count
+ lt_cv_path_SED=$lt_ac_sed
+ fi
+ done
+done
+fi
-# Check whether --enable-memory-debug or --disable-memory-debug was given.
-if test "${enable_memory_debug+set}" = set; then
- enableval="$enable_memory_debug"
- WITH_MEMORY_DEBUG=yes ; cat >>confdefs.h <<\_ACEOF
-#define MEMORY_DEBUG 1
-_ACEOF
+SED=$lt_cv_path_SED
+{ echo "$as_me:$LINENO: result: $SED" >&5
+echo "${ECHO_T}$SED" >&6; }
+{ echo "$as_me:$LINENO: checking for grep that handles long lines and -e" >&5
+echo $ECHO_N "checking for grep that handles long lines and -e... $ECHO_C" >&6; }
+if test "${ac_cv_path_GREP+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- WITH_MEMORY_DEBUG=no
-fi;
+ # Extract the first word of "grep ggrep" to use in msg output
+if test -z "$GREP"; then
+set dummy grep ggrep; ac_prog_name=$2
+if test "${ac_cv_path_GREP+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_path_GREP_found=false
+# Loop through the user's path and test for each of PROGNAME-LIST
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_prog in grep ggrep; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext"
+ { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue
+ # Check for GNU ac_path_GREP and select it if it is found.
+ # Check for GNU $ac_path_GREP
+case `"$ac_path_GREP" --version 2>&1` in
+*GNU*)
+ ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;;
+*)
+ ac_count=0
+ echo $ECHO_N "0123456789$ECHO_C" >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ echo 'GREP' >> "conftest.nl"
+ "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ ac_count=`expr $ac_count + 1`
+ if test $ac_count -gt ${ac_path_GREP_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_GREP="$ac_path_GREP"
+ ac_path_GREP_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
-# Check whether --enable-libdebug or --disable-libdebug was given.
-if test "${enable_libdebug+set}" = set; then
- enableval="$enable_libdebug"
- WITH_LIBDEBUG=yes ; cat >>confdefs.h <<\_ACEOF
-#define WITH_LIBDEBUG 1
-_ACEOF
+ $ac_path_GREP_found && break 3
+ done
+done
-else
- WITH_LIBDEBUG=no
-fi;
+done
+IFS=$as_save_IFS
-# Check whether --enable-prelude or --disable-prelude was given.
-if test "${enable_prelude+set}" = set; then
- enableval="$enable_prelude"
- WITH_PRELUDE=yes ; cat >>confdefs.h <<\_ACEOF
-#define WITH_PRELUDE 1
-_ACEOF
+fi
+
+GREP="$ac_cv_path_GREP"
+if test -z "$GREP"; then
+ { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5
+echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;}
+ { (exit 1); exit 1; }; }
+fi
else
- WITH_PRELUDE=no
-fi;
+ ac_cv_path_GREP=$GREP
+fi
-# Check whether --enable-fakeroot or --disable-fakeroot was given.
-if test "${enable_fakeroot+set}" = set; then
- enableval="$enable_fakeroot"
- FAKEROOT=$enableval
-fi;
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_path_GREP" >&5
+echo "${ECHO_T}$ac_cv_path_GREP" >&6; }
+ GREP="$ac_cv_path_GREP"
-# Check whether --enable-securedir or --disable-securedir was given.
-if test "${enable_securedir+set}" = set; then
- enableval="$enable_securedir"
- SECUREDIR=$enableval
+{ echo "$as_me:$LINENO: checking for egrep" >&5
+echo $ECHO_N "checking for egrep... $ECHO_C" >&6; }
+if test "${ac_cv_path_EGREP+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- SECUREDIR=$libdir/security
-fi;
+ if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
+ then ac_cv_path_EGREP="$GREP -E"
+ else
+ # Extract the first word of "egrep" to use in msg output
+if test -z "$EGREP"; then
+set dummy egrep; ac_prog_name=$2
+if test "${ac_cv_path_EGREP+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_path_EGREP_found=false
+# Loop through the user's path and test for each of PROGNAME-LIST
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_prog in egrep; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
+ { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue
+ # Check for GNU ac_path_EGREP and select it if it is found.
+ # Check for GNU $ac_path_EGREP
+case `"$ac_path_EGREP" --version 2>&1` in
+*GNU*)
+ ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
+*)
+ ac_count=0
+ echo $ECHO_N "0123456789$ECHO_C" >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ echo 'EGREP' >> "conftest.nl"
+ "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ ac_count=`expr $ac_count + 1`
+ if test $ac_count -gt ${ac_path_EGREP_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_EGREP="$ac_path_EGREP"
+ ac_path_EGREP_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
-# Check whether --enable-isadir or --disable-isadir was given.
-if test "${enable_isadir+set}" = set; then
- enableval="$enable_isadir"
- ISA=$enableval
-else
- ISA=../../`basename $libdir`/security
-fi;
-unset mylibdirbase
+ $ac_path_EGREP_found && break 3
+ done
+done
-cat >>confdefs.h <<_ACEOF
-#define _PAM_ISA "$ISA"
-_ACEOF
+done
+IFS=$as_save_IFS
-echo "$as_me:$LINENO: result: Defining \$ISA to \\"$ISA\\"." >&5
-echo "${ECHO_T}Defining \$ISA to \\"$ISA\\"." >&6
-# Check whether --enable-sconfigdir or --disable-sconfigdir was given.
-if test "${enable_sconfigdir+set}" = set; then
- enableval="$enable_sconfigdir"
- SCONFIGDIR=$enableval
+fi
+
+EGREP="$ac_cv_path_EGREP"
+if test -z "$EGREP"; then
+ { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5
+echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
else
- SCONFIGDIR=$sysconfdir/security
-fi;
+ ac_cv_path_EGREP=$EGREP
+fi
+
+
+ fi
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_path_EGREP" >&5
+echo "${ECHO_T}$ac_cv_path_EGREP" >&6; }
+ EGREP="$ac_cv_path_EGREP"
+
-# Check whether --enable-suplementedir or --disable-suplementedir was given.
-if test "${enable_suplementedir+set}" = set; then
- enableval="$enable_suplementedir"
- SUPLEMENTED=$enableval
+# Check whether --with-gnu-ld was given.
+if test "${with_gnu_ld+set}" = set; then
+ withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes
else
- SUPLEMENTED=$sbindir
-fi;
+ with_gnu_ld=no
+fi
+ac_prog=ld
+if test "$GCC" = yes; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ { echo "$as_me:$LINENO: checking for ld used by $CC" >&5
+echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; }
+ case $host in
+ *-*-mingw*)
+ # gcc leaves a trailing carriage return which upsets mingw
+ ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+ *)
+ ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+ esac
+ case $ac_prog in
+ # Accept absolute paths.
+ [\\/]* | ?:[\\/]*)
+ re_direlt='/[^/][^/]*/\.\./'
+ # Canonicalize the pathname of ld
+ ac_prog=`echo $ac_prog| $SED 's%\\\\%/%g'`
+ while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do
+ ac_prog=`echo $ac_prog| $SED "s%$re_direlt%/%"`
+ done
+ test -z "$LD" && LD="$ac_prog"
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test "$with_gnu_ld" = yes; then
+ { echo "$as_me:$LINENO: checking for GNU ld" >&5
+echo $ECHO_N "checking for GNU ld... $ECHO_C" >&6; }
+else
+ { echo "$as_me:$LINENO: checking for non-GNU ld" >&5
+echo $ECHO_N "checking for non-GNU ld... $ECHO_C" >&6; }
+fi
+if test "${lt_cv_path_LD+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -z "$LD"; then
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+ lt_cv_path_LD="$ac_dir/$ac_prog"
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some variants of GNU ld only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ case `"$lt_cv_path_LD" -v 2>&1 </dev/null` in
+ *GNU* | *'with BFD'*)
+ test "$with_gnu_ld" != no && break
+ ;;
+ *)
+ test "$with_gnu_ld" != yes && break
+ ;;
+ esac
+ fi
+ done
+ IFS="$lt_save_ifs"
+else
+ lt_cv_path_LD="$LD" # Let the user override the test with a path.
+fi
+fi
-# Check whether --enable-includedir or --disable-includedir was given.
-if test "${enable_includedir+set}" = set; then
- enableval="$enable_includedir"
- INCLUDEDIR=$enableval
+LD="$lt_cv_path_LD"
+if test -n "$LD"; then
+ { echo "$as_me:$LINENO: result: $LD" >&5
+echo "${ECHO_T}$LD" >&6; }
else
- INCLUDEDIR=/usr/include
-fi;
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+test -z "$LD" && { { echo "$as_me:$LINENO: error: no acceptable ld found in \$PATH" >&5
+echo "$as_me: error: no acceptable ld found in \$PATH" >&2;}
+ { (exit 1); exit 1; }; }
+{ echo "$as_me:$LINENO: checking if the linker ($LD) is GNU ld" >&5
+echo $ECHO_N "checking if the linker ($LD) is GNU ld... $ECHO_C" >&6; }
+if test "${lt_cv_prog_gnu_ld+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ # I'd rather use --version here, but apparently some GNU lds only accept -v.
+case `$LD -v 2>&1 </dev/null` in
+*GNU* | *'with BFD'*)
+ lt_cv_prog_gnu_ld=yes
+ ;;
+*)
+ lt_cv_prog_gnu_ld=no
+ ;;
+esac
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_prog_gnu_ld" >&5
+echo "${ECHO_T}$lt_cv_prog_gnu_ld" >&6; }
+with_gnu_ld=$lt_cv_prog_gnu_ld
-# Check whether --enable-docdir or --disable-docdir was given.
-if test "${enable_docdir+set}" = set; then
- enableval="$enable_docdir"
- DOCDIR=$enableval
+{ echo "$as_me:$LINENO: checking for $LD option to reload object files" >&5
+echo $ECHO_N "checking for $LD option to reload object files... $ECHO_C" >&6; }
+if test "${lt_cv_ld_reload_flag+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- DOCDIR=/usr/share/doc/pam
-fi;
+ lt_cv_ld_reload_flag='-r'
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_ld_reload_flag" >&5
+echo "${ECHO_T}$lt_cv_ld_reload_flag" >&6; }
+reload_flag=$lt_cv_ld_reload_flag
+case $reload_flag in
+"" | " "*) ;;
+*) reload_flag=" $reload_flag" ;;
+esac
+reload_cmds='$LD$reload_flag -o $output$reload_objs'
+case $host_os in
+ darwin*)
+ if test "$GCC" = yes; then
+ reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs'
+ else
+ reload_cmds='$LD$reload_flag -o $output$reload_objs'
+ fi
+ ;;
+esac
+{ echo "$as_me:$LINENO: checking for BSD-compatible nm" >&5
+echo $ECHO_N "checking for BSD-compatible nm... $ECHO_C" >&6; }
+if test "${lt_cv_path_NM+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$NM"; then
+ # Let the user override the test.
+ lt_cv_path_NM="$NM"
+else
+ lt_nm_to_check="${ac_tool_prefix}nm"
+ if test -n "$ac_tool_prefix" && test "$build" = "$host"; then
+ lt_nm_to_check="$lt_nm_to_check nm"
+ fi
+ for lt_tmp_nm in $lt_nm_to_check; do
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ tmp_nm="$ac_dir/$lt_tmp_nm"
+ if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then
+ # Check to see if the nm accepts a BSD-compat flag.
+ # Adding the `sed 1q' prevents false positives on HP-UX, which says:
+ # nm: unknown option "B" ignored
+ # Tru64's nm complains that /dev/null is an invalid object file
+ case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in
+ */dev/null* | *'Invalid file or object type'*)
+ lt_cv_path_NM="$tmp_nm -B"
+ break
+ ;;
+ *)
+ case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in
+ */dev/null*)
+ lt_cv_path_NM="$tmp_nm -p"
+ break
+ ;;
+ *)
+ lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but
+ continue # so that we can try to find one that supports BSD flags
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ done
+ IFS="$lt_save_ifs"
+ done
+ test -z "$lt_cv_path_NM" && lt_cv_path_NM=nm
+fi
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_path_NM" >&5
+echo "${ECHO_T}$lt_cv_path_NM" >&6; }
+NM="$lt_cv_path_NM"
-# Check whether --enable-mandir or --disable-mandir was given.
-if test "${enable_mandir+set}" = set; then
- enableval="$enable_mandir"
- MANDIR=$enableval
+{ echo "$as_me:$LINENO: checking how to recognise dependent libraries" >&5
+echo $ECHO_N "checking how to recognise dependent libraries... $ECHO_C" >&6; }
+if test "${lt_cv_deplibs_check_method+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- MANDIR=/usr/share/man
-fi;
+ lt_cv_file_magic_cmd='$MAGIC_CMD'
+lt_cv_file_magic_test_file=
+lt_cv_deplibs_check_method='unknown'
+# Need to set the preceding variable on all platforms that support
+# interlibrary dependencies.
+# 'none' -- dependencies not supported.
+# `unknown' -- same as none, but documents that we really don't know.
+# 'pass_all' -- all dependencies passed with no checks.
+# 'test_compile' -- check by making test program.
+# 'file_magic [[regex]]' -- check by looking for files in library path
+# which responds to the $file_magic_cmd with a given extended regex.
+# If you have `file' or equivalent on your system and you're not sure
+# whether `pass_all' will *always* work, you probably want this one.
+
+case $host_os in
+aix4* | aix5*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+beos*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+bsdi[45]*)
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)'
+ lt_cv_file_magic_cmd='/usr/bin/file -L'
+ lt_cv_file_magic_test_file=/shlib/libc.so
+ ;;
+
+cygwin*)
+ # func_win32_libid is a shell function defined in ltmain.sh
+ lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+ lt_cv_file_magic_cmd='func_win32_libid'
+ ;;
+
+mingw* | pw32*)
+ # Base MSYS/MinGW do not provide the 'file' command needed by
+ # func_win32_libid shell function, so use a weaker test based on 'objdump'.
+ lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?'
+ lt_cv_file_magic_cmd='$OBJDUMP -f'
+ ;;
+
+darwin* | rhapsody*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+freebsd* | kfreebsd*-gnu | dragonfly*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then
+ case $host_cpu in
+ i*86 )
+ # Not sure whether the presence of OpenBSD here was a mistake.
+ # Let's accept both of them until this is cleared up.
+ lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library'
+ lt_cv_file_magic_cmd=/usr/bin/file
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
+ ;;
+ esac
+ else
+ lt_cv_deplibs_check_method=pass_all
+ fi
+ ;;
+
+gnu*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+hpux10.20* | hpux11*)
+ lt_cv_file_magic_cmd=/usr/bin/file
+ case $host_cpu in
+ ia64*)
+ lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64'
+ lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
+ ;;
+ hppa*64*)
+ lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]'
+ lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
+ ;;
+ *)
+ lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9].[0-9]) shared library'
+ lt_cv_file_magic_test_file=/usr/lib/libc.sl
+ ;;
+ esac
+ ;;
+
+interix3*)
+ # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$'
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $LD in
+ *-32|*"-32 ") libmagic=32-bit;;
+ *-n32|*"-n32 ") libmagic=N32;;
+ *-64|*"-64 ") libmagic=64-bit;;
+ *) libmagic=never-match;;
+ esac
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+# This must be Linux ELF.
+linux*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
-# Check whether --enable-pamlocking or --disable-pamlocking was given.
-if test "${enable_pamlocking+set}" = set; then
- enableval="$enable_pamlocking"
- WITH_PAMLOCKING=yes ; cat >>confdefs.h <<\_ACEOF
-#define PAM_LOCKING 1
-_ACEOF
+netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$'
+ fi
+ ;;
-else
- WITH_PAMLOCKING=no
-fi;
+newos6*)
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)'
+ lt_cv_file_magic_cmd=/usr/bin/file
+ lt_cv_file_magic_test_file=/usr/lib/libnls.so
+ ;;
+nto-qnx*)
+ lt_cv_deplibs_check_method=unknown
+ ;;
-# Check whether --enable-uglyhack or --disable-uglyhack was given.
-if test "${enable_uglyhack+set}" = set; then
- enableval="$enable_uglyhack"
- cat >>confdefs.h <<\_ACEOF
-#define UGLY_HACK_FOR_PRIOR_BEHAVIOR_SUPPORT 1
-_ACEOF
+openbsd*)
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$'
+ fi
+ ;;
-fi;
+osf3* | osf4* | osf5*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
-# Check whether --enable-read-both-confs or --disable-read-both-confs was given.
-if test "${enable_read_both_confs+set}" = set; then
- enableval="$enable_read_both_confs"
- cat >>confdefs.h <<\_ACEOF
-#define PAM_READ_BOTH_CONFS 1
-_ACEOF
+solaris*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+sysv4 | sysv4.3*)
+ case $host_vendor in
+ motorola)
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]'
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*`
+ ;;
+ ncr)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ sequent)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )'
+ ;;
+ sni)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib"
+ lt_cv_file_magic_test_file=/lib/libc.so
+ ;;
+ siemens)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ pc)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ esac
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+esac
-fi;
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_deplibs_check_method" >&5
+echo "${ECHO_T}$lt_cv_deplibs_check_method" >&6; }
+file_magic_cmd=$lt_cv_file_magic_cmd
+deplibs_check_method=$lt_cv_deplibs_check_method
+test -z "$deplibs_check_method" && deplibs_check_method=unknown
+
+
+
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+# Check whether --enable-libtool-lock was given.
+if test "${enable_libtool_lock+set}" = set; then
+ enableval=$enable_libtool_lock;
+fi
+test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
+
+# Some flags need to be propagated to the compiler or linker for good
+# libtool support.
+case $host in
+ia64-*-hpux*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *ELF-32*)
+ HPUX_IA64_MODE="32"
+ ;;
+ *ELF-64*)
+ HPUX_IA64_MODE="64"
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+*-*-irix6*)
+ # Find out which ABI we are using.
+ echo '#line 4870 "configure"' > conftest.$ac_ext
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -melf32bsmip"
+ ;;
+ *N32*)
+ LD="${LD-ld} -melf32bmipn32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -melf64bmip"
+ ;;
+ esac
+ else
+ case `/usr/bin/file conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -32"
+ ;;
+ *N32*)
+ LD="${LD-ld} -n32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -64"
+ ;;
+ esac
+ fi
+ fi
+ rm -rf conftest*
+ ;;
-# Check whether --enable-static-libpam or --disable-static-libpam was given.
-if test "${enable_static_libpam+set}" = set; then
- enableval="$enable_static_libpam"
- STATIC_LIBPAM=yes
+x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*|s390*-*linux*|sparc*-*linux*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ case `/usr/bin/file conftest.o` in
+ *32-bit*)
+ case $host in
+ x86_64-*linux*)
+ LD="${LD-ld} -m elf_i386"
+ ;;
+ ppc64-*linux*|powerpc64-*linux*)
+ LD="${LD-ld} -m elf32ppclinux"
+ ;;
+ s390x-*linux*)
+ LD="${LD-ld} -m elf_s390"
+ ;;
+ sparc64-*linux*)
+ LD="${LD-ld} -m elf32_sparc"
+ ;;
+ esac
+ ;;
+ *64-bit*)
+ case $host in
+ x86_64-*linux*)
+ LD="${LD-ld} -m elf_x86_64"
+ ;;
+ ppc*-*linux*|powerpc*-*linux*)
+ LD="${LD-ld} -m elf64ppc"
+ ;;
+ s390*-*linux*)
+ LD="${LD-ld} -m elf64_s390"
+ ;;
+ sparc*-*linux*)
+ LD="${LD-ld} -m elf64_sparc"
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+
+*-*-sco3.2v5*)
+ # On SCO OpenServer 5, we need -belf to get full-featured binaries.
+ SAVE_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS -belf"
+ { echo "$as_me:$LINENO: checking whether the C compiler needs -belf" >&5
+echo $ECHO_N "checking whether the C compiler needs -belf... $ECHO_C" >&6; }
+if test "${lt_cv_cc_needs_belf+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- STATIC_LIBPAM=no
-fi;
+ ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+int
+main ()
+{
-# Check whether --enable-dynamic-libpam or --disable-dynamic-libpam was given.
-if test "${enable_dynamic_libpam+set}" = set; then
- enableval="$enable_dynamic_libpam"
- DYNAMIC_LIBPAM=no
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ lt_cv_cc_needs_belf=yes
else
- DYNAMIC_LIBPAM=yes
-fi;
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+ lt_cv_cc_needs_belf=no
+fi
-DYNAMIC=-DPAM_DYNAMIC
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_cc_needs_belf" >&5
+echo "${ECHO_T}$lt_cv_cc_needs_belf" >&6; }
+ if test x"$lt_cv_cc_needs_belf" != x"yes"; then
+ # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
+ CFLAGS="$SAVE_CFLAGS"
+ fi
+ ;;
+sparc*-*solaris*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ case `/usr/bin/file conftest.o` in
+ *64-bit*)
+ case $lt_cv_prog_gnu_ld in
+ yes*) LD="${LD-ld} -m elf64_sparc" ;;
+ *) LD="${LD-ld} -64" ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
-# Check whether --enable-static-modules or --disable-static-modules was given.
-if test "${enable_static_modules+set}" = set; then
- enableval="$enable_static_modules"
- STATIC=-DPAM_STATIC
-fi;
+esac
-# Check whether --enable-lckpwdf or --disable-lckpwdf was given.
-if test "${enable_lckpwdf+set}" = set; then
- enableval="$enable_lckpwdf"
- WITH_LCKPWDF=no
-else
- WITH_LCKPWDF=yes
-fi;
+need_locks="$enable_libtool_lock"
ac_ext=c
@@ -2943,8 +5051,8 @@ ac_cpp='$CPP $CPPFLAGS'
ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
ac_compiler_gnu=$ac_cv_c_compiler_gnu
-echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5
-echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5
+echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6; }
# On Suns, sometimes $CPP names a directory.
if test -n "$CPP" && test -d "$CPP"; then
CPP=
@@ -2978,24 +5086,22 @@ cat >>conftest.$ac_ext <<_ACEOF
#endif
Syntax error
_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
:
else
echo "$as_me: failed program was:" >&5
@@ -3004,9 +5110,10 @@ sed 's/^/| /' conftest.$ac_ext >&5
# Broken: fails on valid input.
continue
fi
+
rm -f conftest.err conftest.$ac_ext
- # OK, works on sane cases. Now check whether non-existent headers
+ # OK, works on sane cases. Now check whether nonexistent headers
# can be detected and how.
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
@@ -3016,24 +5123,22 @@ cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <ac_nonexistent.h>
_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
# Broken: success on invalid input.
continue
else
@@ -3044,6 +5149,7 @@ sed 's/^/| /' conftest.$ac_ext >&5
ac_preproc_ok=:
break
fi
+
rm -f conftest.err conftest.$ac_ext
done
@@ -3061,8 +5167,8 @@ fi
else
ac_cv_prog_CPP=$CPP
fi
-echo "$as_me:$LINENO: result: $CPP" >&5
-echo "${ECHO_T}$CPP" >&6
+{ echo "$as_me:$LINENO: result: $CPP" >&5
+echo "${ECHO_T}$CPP" >&6; }
ac_preproc_ok=false
for ac_c_preproc_warn_flag in '' yes
do
@@ -3085,24 +5191,22 @@ cat >>conftest.$ac_ext <<_ACEOF
#endif
Syntax error
_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
:
else
echo "$as_me: failed program was:" >&5
@@ -3111,9 +5215,10 @@ sed 's/^/| /' conftest.$ac_ext >&5
# Broken: fails on valid input.
continue
fi
+
rm -f conftest.err conftest.$ac_ext
- # OK, works on sane cases. Now check whether non-existent headers
+ # OK, works on sane cases. Now check whether nonexistent headers
# can be detected and how.
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
@@ -3123,24 +5228,22 @@ cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <ac_nonexistent.h>
_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
# Broken: success on invalid input.
continue
else
@@ -3151,6 +5254,7 @@ sed 's/^/| /' conftest.$ac_ext >&5
ac_preproc_ok=:
break
fi
+
rm -f conftest.err conftest.$ac_ext
done
@@ -3173,23 +5277,8 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $
ac_compiler_gnu=$ac_cv_c_compiler_gnu
-echo "$as_me:$LINENO: checking for egrep" >&5
-echo $ECHO_N "checking for egrep... $ECHO_C" >&6
-if test "${ac_cv_prog_egrep+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if echo a | (grep -E '(a|b)') >/dev/null 2>&1
- then ac_cv_prog_egrep='grep -E'
- else ac_cv_prog_egrep='egrep'
- fi
-fi
-echo "$as_me:$LINENO: result: $ac_cv_prog_egrep" >&5
-echo "${ECHO_T}$ac_cv_prog_egrep" >&6
- EGREP=$ac_cv_prog_egrep
-
-
-echo "$as_me:$LINENO: checking for ANSI C header files" >&5
-echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for ANSI C header files" >&5
+echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6; }
if test "${ac_cv_header_stdc+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -3213,35 +5302,31 @@ main ()
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_cv_header_stdc=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_header_stdc=no
+ ac_cv_header_stdc=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
if test $ac_cv_header_stdc = yes; then
# SunOS 4.x string.h does not declare mem*, contrary to ANSI.
@@ -3297,6 +5382,7 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <ctype.h>
+#include <stdlib.h>
#if ((' ' & 0x0FF) == 0x020)
# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
@@ -3316,18 +5402,27 @@ main ()
for (i = 0; i < 256; i++)
if (XOR (islower (i), ISLOWER (i))
|| toupper (i) != TOUPPER (i))
- exit(2);
- exit (0);
+ return 2;
+ return 0;
}
_ACEOF
rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
@@ -3340,12 +5435,14 @@ sed 's/^/| /' conftest.$ac_ext >&5
( exit $ac_status )
ac_cv_header_stdc=no
fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
fi
+
+
fi
fi
-echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5
-echo "${ECHO_T}$ac_cv_header_stdc" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5
+echo "${ECHO_T}$ac_cv_header_stdc" >&6; }
if test $ac_cv_header_stdc = yes; then
cat >>confdefs.h <<\_ACEOF
@@ -3368,9 +5465,9 @@ for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
inttypes.h stdint.h unistd.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
@@ -3384,38 +5481,35 @@ $ac_includes_default
#include <$ac_header>
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
eval "$as_ac_Header=yes"
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-eval "$as_ac_Header=no"
+ eval "$as_ac_Header=no"
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
if test `eval echo '${'$as_ac_Header'}'` = yes; then
cat >>confdefs.h <<_ACEOF
#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
@@ -3427,21 +5521,22 @@ done
-for ac_header in paths.h
+for ac_header in dlfcn.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ { echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
else
# Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -3452,41 +5547,37 @@ $ac_includes_default
#include <$ac_header>
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_header_compiler=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_header_compiler=no
+ ac_header_compiler=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -3495,24 +5586,22 @@ cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <$ac_header>
_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
ac_header_preproc=yes
else
echo "$as_me: failed program was:" >&5
@@ -3520,9 +5609,10 @@ sed 's/^/| /' conftest.$ac_ext >&5
ac_header_preproc=no
fi
+
rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
# So? What about this header?
case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
@@ -3546,25 +5636,19 @@ echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\
echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
{ echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
+
;;
esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
eval "$as_ac_Header=\$ac_header_preproc"
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
fi
if test `eval echo '${'$as_ac_Header'}'` = yes; then
@@ -3576,17 +5660,159 @@ fi
done
+ac_ext=cpp
+ac_cpp='$CXXCPP $CPPFLAGS'
+ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_cxx_compiler_gnu
+if test -z "$CXX"; then
+ if test -n "$CCC"; then
+ CXX=$CCC
+ else
+ if test -n "$ac_tool_prefix"; then
+ for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC
+ do
+ # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_CXX+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$CXX"; then
+ ac_cv_prog_CXX="$CXX" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_CXX="$ac_tool_prefix$ac_prog"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+CXX=$ac_cv_prog_CXX
+if test -n "$CXX"; then
+ { echo "$as_me:$LINENO: result: $CXX" >&5
+echo "${ECHO_T}$CXX" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
-# Check whether --with-mailspool or --without-mailspool was given.
-if test "${with_mailspool+set}" = set; then
- withval="$with_mailspool"
- with_mailspool=${withval}
-fi;
-if test x$with_mailspool != x ; then
- pam_mail_spool="\"$with_mailspool\""
+
+ test -n "$CXX" && break
+ done
+fi
+if test -z "$CXX"; then
+ ac_ct_CXX=$CXX
+ for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_ac_ct_CXX+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- if test "$cross_compiling" = yes; then
- pam_mail_spool="\"/var/spool/mail\""
+ if test -n "$ac_ct_CXX"; then
+ ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_CXX="$ac_prog"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CXX=$ac_cv_prog_ac_ct_CXX
+if test -n "$ac_ct_CXX"; then
+ { echo "$as_me:$LINENO: result: $ac_ct_CXX" >&5
+echo "${ECHO_T}$ac_ct_CXX" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+ test -n "$ac_ct_CXX" && break
+done
+
+ if test "x$ac_ct_CXX" = x; then
+ CXX="g++"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&5
+echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&2;}
+ac_tool_warned=yes ;;
+esac
+ CXX=$ac_ct_CXX
+ fi
+fi
+
+ fi
+fi
+# Provide some information about the compiler.
+echo "$as_me:$LINENO: checking for C++ compiler version" >&5
+ac_compiler=`set X $ac_compile; echo $2`
+{ (ac_try="$ac_compiler --version >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compiler --version >&5") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+{ (ac_try="$ac_compiler -v >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compiler -v >&5") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+{ (ac_try="$ac_compiler -V >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compiler -V >&5") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+
+{ echo "$as_me:$LINENO: checking whether we are using the GNU C++ compiler" >&5
+echo $ECHO_N "checking whether we are using the GNU C++ compiler... $ECHO_C" >&6; }
+if test "${ac_cv_cxx_compiler_gnu+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
@@ -3595,189 +5821,3915 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-#include <paths.h>
-int main() {
-#ifdef _PATH_MAILDIR
-exit(0);
-#else
-exit(1);
+int
+main ()
+{
+#ifndef __GNUC__
+ choke me
#endif
+
+ ;
+ return 0;
}
_ACEOF
-rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- pam_mail_spool="_PATH_MAILDIR"
+ (exit $ac_status); } && {
+ test -z "$ac_cxx_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_compiler_gnu=yes
else
- echo "$as_me: program exited with status $ac_status" >&5
-echo "$as_me: failed program was:" >&5
+ echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-( exit $ac_status )
-pam_mail_spool="\"/var/spool/mail\""
-fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
-fi
+ ac_compiler_gnu=no
fi
-cat >>confdefs.h <<_ACEOF
-#define PAM_PATH_MAILDIR $pam_mail_spool
-_ACEOF
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_cxx_compiler_gnu=$ac_compiler_gnu
-echo "$as_me:$LINENO: checking for __libc_sched_setscheduler in -lc" >&5
-echo $ECHO_N "checking for __libc_sched_setscheduler in -lc... $ECHO_C" >&6
-if test "${ac_cv_lib_c___libc_sched_setscheduler+set}" = set; then
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_cxx_compiler_gnu" >&5
+echo "${ECHO_T}$ac_cv_cxx_compiler_gnu" >&6; }
+GXX=`test $ac_compiler_gnu = yes && echo yes`
+ac_test_CXXFLAGS=${CXXFLAGS+set}
+ac_save_CXXFLAGS=$CXXFLAGS
+{ echo "$as_me:$LINENO: checking whether $CXX accepts -g" >&5
+echo $ECHO_N "checking whether $CXX accepts -g... $ECHO_C" >&6; }
+if test "${ac_cv_prog_cxx_g+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lc $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
+ ac_save_cxx_werror_flag=$ac_cxx_werror_flag
+ ac_cxx_werror_flag=yes
+ ac_cv_prog_cxx_g=no
+ CXXFLAGS="-g"
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char __libc_sched_setscheduler ();
int
main ()
{
-__libc_sched_setscheduler ();
+
;
return 0;
}
_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_cxx_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_prog_cxx_g=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ CXXFLAGS=""
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_cxx_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ :
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cxx_werror_flag=$ac_save_cxx_werror_flag
+ CXXFLAGS="-g"
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_c___libc_sched_setscheduler=yes
+ (exit $ac_status); } && {
+ test -z "$ac_cxx_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_prog_cxx_g=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_c___libc_sched_setscheduler=no
+
fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ ac_cxx_werror_flag=$ac_save_cxx_werror_flag
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_prog_cxx_g" >&5
+echo "${ECHO_T}$ac_cv_prog_cxx_g" >&6; }
+if test "$ac_test_CXXFLAGS" = set; then
+ CXXFLAGS=$ac_save_CXXFLAGS
+elif test $ac_cv_prog_cxx_g = yes; then
+ if test "$GXX" = yes; then
+ CXXFLAGS="-g -O2"
+ else
+ CXXFLAGS="-g"
+ fi
+else
+ if test "$GXX" = yes; then
+ CXXFLAGS="-O2"
+ else
+ CXXFLAGS=
+ fi
+fi
+ac_ext=cpp
+ac_cpp='$CXXCPP $CPPFLAGS'
+ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_cxx_compiler_gnu
+
+depcc="$CXX" am_compiler_list=
+
+{ echo "$as_me:$LINENO: checking dependency style of $depcc" >&5
+echo $ECHO_N "checking dependency style of $depcc... $ECHO_C" >&6; }
+if test "${am_cv_CXX_dependencies_compiler_type+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+ # We make a subdir and do the tests there. Otherwise we can end up
+ # making bogus files that we don't know about and never remove. For
+ # instance it was reported that on HP-UX the gcc test will end up
+ # making a dummy file named `D' -- because `-MD' means `put the output
+ # in D'.
+ mkdir conftest.dir
+ # Copy depcomp to subdir because otherwise we won't find it if we're
+ # using a relative directory.
+ cp "$am_depcomp" conftest.dir
+ cd conftest.dir
+ # We will build objects and dependencies in a subdirectory because
+ # it helps to detect inapplicable dependency modes. For instance
+ # both Tru64's cc and ICC support -MD to output dependencies as a
+ # side effect of compilation, but ICC will put the dependencies in
+ # the current directory while Tru64 will put them in the object
+ # directory.
+ mkdir sub
+
+ am_cv_CXX_dependencies_compiler_type=none
+ if test "$am_compiler_list" = ""; then
+ am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp`
+ fi
+ for depmode in $am_compiler_list; do
+ # Setup a source with many dependencies, because some compilers
+ # like to wrap large dependency lists on column 80 (with \), and
+ # we should not choose a depcomp mode which is confused by this.
+ #
+ # We need to recreate these files for each test, as the compiler may
+ # overwrite some of them when testing with obscure command lines.
+ # This happens at least with the AIX C compiler.
+ : > sub/conftest.c
+ for i in 1 2 3 4 5 6; do
+ echo '#include "conftst'$i'.h"' >> sub/conftest.c
+ # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with
+ # Solaris 8's {/usr,}/bin/sh.
+ touch sub/conftst$i.h
+ done
+ echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+ case $depmode in
+ nosideeffect)
+ # after this tag, mechanisms are not by side-effect, so they'll
+ # only be used when explicitly requested
+ if test "x$enable_dependency_tracking" = xyes; then
+ continue
+ else
+ break
+ fi
+ ;;
+ none) break ;;
+ esac
+ # We check with `-c' and `-o' for the sake of the "dashmstdout"
+ # mode. It turns out that the SunPro C++ compiler does not properly
+ # handle `-M -o', and we need to detect this.
+ if depmode=$depmode \
+ source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \
+ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+ $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \
+ >/dev/null 2>conftest.err &&
+ grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 &&
+ ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+ # icc doesn't choke on unknown options, it will just issue warnings
+ # or remarks (even with -Werror). So we grep stderr for any message
+ # that says an option was ignored or not supported.
+ # When given -MP, icc 7.0 and 7.1 complain thusly:
+ # icc: Command line warning: ignoring option '-M'; no argument required
+ # The diagnosis changed in icc 8.0:
+ # icc: Command line remark: option '-MP' not supported
+ if (grep 'ignoring option' conftest.err ||
+ grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+ am_cv_CXX_dependencies_compiler_type=$depmode
+ break
+ fi
+ fi
+ done
+
+ cd ..
+ rm -rf conftest.dir
+else
+ am_cv_CXX_dependencies_compiler_type=none
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_c___libc_sched_setscheduler" >&5
-echo "${ECHO_T}$ac_cv_lib_c___libc_sched_setscheduler" >&6
-if test $ac_cv_lib_c___libc_sched_setscheduler = yes; then
- PAM_NEEDS_LIBC=
+
+fi
+{ echo "$as_me:$LINENO: result: $am_cv_CXX_dependencies_compiler_type" >&5
+echo "${ECHO_T}$am_cv_CXX_dependencies_compiler_type" >&6; }
+CXXDEPMODE=depmode=$am_cv_CXX_dependencies_compiler_type
+
+ if
+ test "x$enable_dependency_tracking" != xno \
+ && test "$am_cv_CXX_dependencies_compiler_type" = gcc3; then
+ am__fastdepCXX_TRUE=
+ am__fastdepCXX_FALSE='#'
else
- PAM_NEEDS_LIBC=-lc
+ am__fastdepCXX_TRUE='#'
+ am__fastdepCXX_FALSE=
fi
-echo "$as_me:$LINENO: checking for lckpwdf in -lc" >&5
-echo $ECHO_N "checking for lckpwdf in -lc... $ECHO_C" >&6
-if test "${ac_cv_lib_c_lckpwdf+set}" = set; then
+
+if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
+ ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
+ (test "X$CXX" != "Xg++"))) ; then
+ ac_ext=cpp
+ac_cpp='$CXXCPP $CPPFLAGS'
+ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_cxx_compiler_gnu
+{ echo "$as_me:$LINENO: checking how to run the C++ preprocessor" >&5
+echo $ECHO_N "checking how to run the C++ preprocessor... $ECHO_C" >&6; }
+if test -z "$CXXCPP"; then
+ if test "${ac_cv_prog_CXXCPP+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lc $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
+ # Double quotes because CXXCPP needs to be expanded
+ for CXXCPP in "$CXX -E" "/lib/cpp"
+ do
+ ac_preproc_ok=false
+for ac_cxx_preproc_warn_flag in '' yes
+do
+ # Use a header file that comes with gcc, so configuring glibc
+ # with a fresh cross-compiler works.
+ # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ # <limits.h> exists even on freestanding compilers.
+ # On the NeXT, cc -E runs the code through the compiler's parser,
+ # not just through cpp. "Syntax error" is here to catch this case.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+ Syntax error
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" ||
+ test ! -s conftest.err
+ }; then
+ :
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ # Broken: fails on valid input.
+continue
+fi
+
+rm -f conftest.err conftest.$ac_ext
+
+ # OK, works on sane cases. Now check whether nonexistent headers
+ # can be detected and how.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <ac_nonexistent.h>
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" ||
+ test ! -s conftest.err
+ }; then
+ # Broken: success on invalid input.
+continue
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+
+rm -f conftest.err conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then
+ break
+fi
+
+ done
+ ac_cv_prog_CXXCPP=$CXXCPP
+
+fi
+ CXXCPP=$ac_cv_prog_CXXCPP
+else
+ ac_cv_prog_CXXCPP=$CXXCPP
+fi
+{ echo "$as_me:$LINENO: result: $CXXCPP" >&5
+echo "${ECHO_T}$CXXCPP" >&6; }
+ac_preproc_ok=false
+for ac_cxx_preproc_warn_flag in '' yes
+do
+ # Use a header file that comes with gcc, so configuring glibc
+ # with a fresh cross-compiler works.
+ # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ # <limits.h> exists even on freestanding compilers.
+ # On the NeXT, cc -E runs the code through the compiler's parser,
+ # not just through cpp. "Syntax error" is here to catch this case.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+ Syntax error
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" ||
+ test ! -s conftest.err
+ }; then
+ :
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ # Broken: fails on valid input.
+continue
+fi
+
+rm -f conftest.err conftest.$ac_ext
+
+ # OK, works on sane cases. Now check whether nonexistent headers
+ # can be detected and how.
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
+#include <ac_nonexistent.h>
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" ||
+ test ! -s conftest.err
+ }; then
+ # Broken: success on invalid input.
+continue
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+
+rm -f conftest.err conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then
+ :
+else
+ { { echo "$as_me:$LINENO: error: C++ preprocessor \"$CXXCPP\" fails sanity check
+See \`config.log' for more details." >&5
+echo "$as_me: error: C++ preprocessor \"$CXXCPP\" fails sanity check
+See \`config.log' for more details." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+ac_ext=cpp
+ac_cpp='$CXXCPP $CPPFLAGS'
+ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_cxx_compiler_gnu
+
+fi
+
+
+ac_ext=f
+ac_compile='$F77 -c $FFLAGS conftest.$ac_ext >&5'
+ac_link='$F77 -o conftest$ac_exeext $FFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_f77_compiler_gnu
+if test -n "$ac_tool_prefix"; then
+ for ac_prog in g77 xlf f77 frt pgf77 cf77 fort77 fl32 af77 xlf90 f90 pgf90 pghpf epcf90 gfortran g95 xlf95 f95 fort ifort ifc efc pgf95 lf95 ftn
+ do
+ # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_F77+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$F77"; then
+ ac_cv_prog_F77="$F77" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_F77="$ac_tool_prefix$ac_prog"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+F77=$ac_cv_prog_F77
+if test -n "$F77"; then
+ { echo "$as_me:$LINENO: result: $F77" >&5
+echo "${ECHO_T}$F77" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+ test -n "$F77" && break
+ done
+fi
+if test -z "$F77"; then
+ ac_ct_F77=$F77
+ for ac_prog in g77 xlf f77 frt pgf77 cf77 fort77 fl32 af77 xlf90 f90 pgf90 pghpf epcf90 gfortran g95 xlf95 f95 fort ifort ifc efc pgf95 lf95 ftn
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_ac_ct_F77+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$ac_ct_F77"; then
+ ac_cv_prog_ac_ct_F77="$ac_ct_F77" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_F77="$ac_prog"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_F77=$ac_cv_prog_ac_ct_F77
+if test -n "$ac_ct_F77"; then
+ { echo "$as_me:$LINENO: result: $ac_ct_F77" >&5
+echo "${ECHO_T}$ac_ct_F77" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+ test -n "$ac_ct_F77" && break
+done
+
+ if test "x$ac_ct_F77" = x; then
+ F77=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&5
+echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&2;}
+ac_tool_warned=yes ;;
+esac
+ F77=$ac_ct_F77
+ fi
+fi
+
+
+# Provide some information about the compiler.
+echo "$as_me:$LINENO: checking for Fortran 77 compiler version" >&5
+ac_compiler=`set X $ac_compile; echo $2`
+{ (ac_try="$ac_compiler --version >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compiler --version >&5") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+{ (ac_try="$ac_compiler -v >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compiler -v >&5") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+{ (ac_try="$ac_compiler -V >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compiler -V >&5") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+rm -f a.out
+
+# If we don't use `.F' as extension, the preprocessor is not run on the
+# input file. (Note that this only needs to work for GNU compilers.)
+ac_save_ext=$ac_ext
+ac_ext=F
+{ echo "$as_me:$LINENO: checking whether we are using the GNU Fortran 77 compiler" >&5
+echo $ECHO_N "checking whether we are using the GNU Fortran 77 compiler... $ECHO_C" >&6; }
+if test "${ac_cv_f77_compiler_gnu+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+ program main
+#ifndef __GNUC__
+ choke me
+#endif
+
+ end
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_f77_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_compiler_gnu=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_compiler_gnu=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_f77_compiler_gnu=$ac_compiler_gnu
+
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_f77_compiler_gnu" >&5
+echo "${ECHO_T}$ac_cv_f77_compiler_gnu" >&6; }
+ac_ext=$ac_save_ext
+ac_test_FFLAGS=${FFLAGS+set}
+ac_save_FFLAGS=$FFLAGS
+FFLAGS=
+{ echo "$as_me:$LINENO: checking whether $F77 accepts -g" >&5
+echo $ECHO_N "checking whether $F77 accepts -g... $ECHO_C" >&6; }
+if test "${ac_cv_prog_f77_g+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ FFLAGS=-g
+cat >conftest.$ac_ext <<_ACEOF
+ program main
+
+ end
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_f77_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_prog_f77_g=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_prog_f77_g=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_prog_f77_g" >&5
+echo "${ECHO_T}$ac_cv_prog_f77_g" >&6; }
+if test "$ac_test_FFLAGS" = set; then
+ FFLAGS=$ac_save_FFLAGS
+elif test $ac_cv_prog_f77_g = yes; then
+ if test "x$ac_cv_f77_compiler_gnu" = xyes; then
+ FFLAGS="-g -O2"
+ else
+ FFLAGS="-g"
+ fi
+else
+ if test "x$ac_cv_f77_compiler_gnu" = xyes; then
+ FFLAGS="-O2"
+ else
+ FFLAGS=
+ fi
+fi
+
+G77=`test $ac_compiler_gnu = yes && echo yes`
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+
+# Autoconf 2.13's AC_OBJEXT and AC_EXEEXT macros only works for C compilers!
+
+# find the maximum length of command line arguments
+{ echo "$as_me:$LINENO: checking the maximum length of command line arguments" >&5
+echo $ECHO_N "checking the maximum length of command line arguments... $ECHO_C" >&6; }
+if test "${lt_cv_sys_max_cmd_len+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ i=0
+ teststring="ABCD"
+
+ case $build_os in
+ msdosdjgpp*)
+ # On DJGPP, this test can blow up pretty badly due to problems in libc
+ # (any single argument exceeding 2000 bytes causes a buffer overrun
+ # during glob expansion). Even if it were fixed, the result of this
+ # check would be larger than it should be.
+ lt_cv_sys_max_cmd_len=12288; # 12K is about right
+ ;;
+
+ gnu*)
+ # Under GNU Hurd, this test is not required because there is
+ # no limit to the length of command line arguments.
+ # Libtool will interpret -1 as no limit whatsoever
+ lt_cv_sys_max_cmd_len=-1;
+ ;;
+
+ cygwin* | mingw*)
+ # On Win9x/ME, this test blows up -- it succeeds, but takes
+ # about 5 minutes as the teststring grows exponentially.
+ # Worse, since 9x/ME are not pre-emptively multitasking,
+ # you end up with a "frozen" computer, even though with patience
+ # the test eventually succeeds (with a max line length of 256k).
+ # Instead, let's just punt: use the minimum linelength reported by
+ # all of the supported platforms: 8192 (on NT/2K/XP).
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ amigaos*)
+ # On AmigaOS with pdksh, this test takes hours, literally.
+ # So we just punt and use a minimum line length of 8192.
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ netbsd* | freebsd* | openbsd* | darwin* | dragonfly*)
+ # This has been around since 386BSD, at least. Likely further.
+ if test -x /sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
+ elif test -x /usr/sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax`
+ else
+ lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs
+ fi
+ # And add a safety zone
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+ ;;
+
+ interix*)
+ # We know the value 262144 and hardcode it with a safety zone (like BSD)
+ lt_cv_sys_max_cmd_len=196608
+ ;;
+
+ osf*)
+ # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
+ # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
+ # nice to cause kernel panics so lets avoid the loop below.
+ # First set a reasonable default.
+ lt_cv_sys_max_cmd_len=16384
+ #
+ if test -x /sbin/sysconfig; then
+ case `/sbin/sysconfig -q proc exec_disable_arg_limit` in
+ *1*) lt_cv_sys_max_cmd_len=-1 ;;
+ esac
+ fi
+ ;;
+ sco3.2v5*)
+ lt_cv_sys_max_cmd_len=102400
+ ;;
+ sysv5* | sco5v6* | sysv4.2uw2*)
+ kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
+ if test -n "$kargmax"; then
+ lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'`
+ else
+ lt_cv_sys_max_cmd_len=32768
+ fi
+ ;;
+ *)
+ # If test is not a shell built-in, we'll probably end up computing a
+ # maximum length that is only half of the actual maximum length, but
+ # we can't tell.
+ SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
+ while (test "X"`$SHELL $0 --fallback-echo "X$teststring" 2>/dev/null` \
+ = "XX$teststring") >/dev/null 2>&1 &&
+ new_result=`expr "X$teststring" : ".*" 2>&1` &&
+ lt_cv_sys_max_cmd_len=$new_result &&
+ test $i != 17 # 1/2 MB should be enough
+ do
+ i=`expr $i + 1`
+ teststring=$teststring$teststring
+ done
+ teststring=
+ # Add a significant safety factor because C++ compilers can tack on massive
+ # amounts of additional arguments before passing them to the linker.
+ # It appears as though 1/2 is a usable value.
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2`
+ ;;
+ esac
+
+fi
+
+if test -n $lt_cv_sys_max_cmd_len ; then
+ { echo "$as_me:$LINENO: result: $lt_cv_sys_max_cmd_len" >&5
+echo "${ECHO_T}$lt_cv_sys_max_cmd_len" >&6; }
+else
+ { echo "$as_me:$LINENO: result: none" >&5
+echo "${ECHO_T}none" >&6; }
+fi
+
+
+
+
+# Check for command to grab the raw symbol name followed by C symbol from nm.
+{ echo "$as_me:$LINENO: checking command to parse $NM output from $compiler object" >&5
+echo $ECHO_N "checking command to parse $NM output from $compiler object... $ECHO_C" >&6; }
+if test "${lt_cv_sys_global_symbol_pipe+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+# These are sane defaults that work on at least a few old systems.
+# [They come from Ultrix. What could be older than Ultrix?!! ;)]
+
+# Character class describing NM global symbol codes.
+symcode='[BCDEGRST]'
+
+# Regexp to match symbols that can be accessed directly from C.
+sympat='\([_A-Za-z][_A-Za-z0-9]*\)'
+
+# Transform an extracted symbol line into a proper C declaration
+lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^. .* \(.*\)$/extern int \1;/p'"
+
+# Transform an extracted symbol line into symbol name and symbol address
+lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'"
+
+# Define system-specific variables.
+case $host_os in
+aix*)
+ symcode='[BCDT]'
+ ;;
+cygwin* | mingw* | pw32*)
+ symcode='[ABCDGISTW]'
+ ;;
+hpux*) # Its linker distinguishes data from code symbols
+ if test "$host_cpu" = ia64; then
+ symcode='[ABCDEGRST]'
+ fi
+ lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
+ lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'"
+ ;;
+linux*)
+ if test "$host_cpu" = ia64; then
+ symcode='[ABCDGIRSTW]'
+ lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
+ lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'"
+ fi
+ ;;
+irix* | nonstopux*)
+ symcode='[BCDEGRST]'
+ ;;
+osf*)
+ symcode='[BCDEGQRST]'
+ ;;
+solaris*)
+ symcode='[BDRT]'
+ ;;
+sco3.2v5*)
+ symcode='[DT]'
+ ;;
+sysv4.2uw2*)
+ symcode='[DT]'
+ ;;
+sysv5* | sco5v6* | unixware* | OpenUNIX*)
+ symcode='[ABDT]'
+ ;;
+sysv4)
+ symcode='[DFNSTU]'
+ ;;
+esac
+
+# Handle CRLF in mingw tool chain
+opt_cr=
+case $build_os in
+mingw*)
+ opt_cr=`echo 'x\{0,1\}' | tr x '\015'` # option cr in regexp
+ ;;
+esac
+
+# If we're using GNU nm, then use its standard symbol codes.
+case `$NM -V 2>&1` in
+*GNU* | *'with BFD'*)
+ symcode='[ABCDGIRSTW]' ;;
+esac
+
+# Try without a prefix undercore, then with it.
+for ac_symprfx in "" "_"; do
+
+ # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol.
+ symxfrm="\\1 $ac_symprfx\\2 \\2"
-/* Override any gcc2 internal prototype to avoid an error. */
+ # Write the raw and C identifiers.
+ lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
+
+ # Check to see that the pipe works correctly.
+ pipe_works=no
+
+ rm -f conftest*
+ cat > conftest.$ac_ext <<EOF
#ifdef __cplusplus
-extern "C"
+extern "C" {
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char lckpwdf ();
+char nm_test_var;
+void nm_test_func(){}
+#ifdef __cplusplus
+}
+#endif
+int main(){nm_test_var='a';nm_test_func();return(0);}
+EOF
+
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ # Now try to grab the symbols.
+ nlist=conftest.nm
+ if { (eval echo "$as_me:$LINENO: \"$NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist\"") >&5
+ (eval $NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && test -s "$nlist"; then
+ # Try sorting and uniquifying the output.
+ if sort "$nlist" | uniq > "$nlist"T; then
+ mv -f "$nlist"T "$nlist"
+ else
+ rm -f "$nlist"T
+ fi
+
+ # Make sure that we snagged all the symbols we need.
+ if grep ' nm_test_var$' "$nlist" >/dev/null; then
+ if grep ' nm_test_func$' "$nlist" >/dev/null; then
+ cat <<EOF > conftest.$ac_ext
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+EOF
+ # Now generate the symbol file.
+ eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | grep -v main >> conftest.$ac_ext'
+
+ cat <<EOF >> conftest.$ac_ext
+#if defined (__STDC__) && __STDC__
+# define lt_ptr_t void *
+#else
+# define lt_ptr_t char *
+# define const
+#endif
+
+/* The mapping between symbol names and symbols. */
+const struct {
+ const char *name;
+ lt_ptr_t address;
+}
+lt_preloaded_symbols[] =
+{
+EOF
+ $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (lt_ptr_t) \&\2},/" < "$nlist" | grep -v main >> conftest.$ac_ext
+ cat <<\EOF >> conftest.$ac_ext
+ {0, (lt_ptr_t) 0}
+};
+
+#ifdef __cplusplus
+}
+#endif
+EOF
+ # Now try linking the two files.
+ mv conftest.$ac_objext conftstm.$ac_objext
+ lt_save_LIBS="$LIBS"
+ lt_save_CFLAGS="$CFLAGS"
+ LIBS="conftstm.$ac_objext"
+ CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag"
+ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && test -s conftest${ac_exeext}; then
+ pipe_works=yes
+ fi
+ LIBS="$lt_save_LIBS"
+ CFLAGS="$lt_save_CFLAGS"
+ else
+ echo "cannot find nm_test_func in $nlist" >&5
+ fi
+ else
+ echo "cannot find nm_test_var in $nlist" >&5
+ fi
+ else
+ echo "cannot run $lt_cv_sys_global_symbol_pipe" >&5
+ fi
+ else
+ echo "$progname: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ fi
+ rm -f conftest* conftst*
+
+ # Do not use the global_symbol_pipe unless it works.
+ if test "$pipe_works" = yes; then
+ break
+ else
+ lt_cv_sys_global_symbol_pipe=
+ fi
+done
+
+fi
+
+if test -z "$lt_cv_sys_global_symbol_pipe"; then
+ lt_cv_sys_global_symbol_to_cdecl=
+fi
+if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then
+ { echo "$as_me:$LINENO: result: failed" >&5
+echo "${ECHO_T}failed" >&6; }
+else
+ { echo "$as_me:$LINENO: result: ok" >&5
+echo "${ECHO_T}ok" >&6; }
+fi
+
+{ echo "$as_me:$LINENO: checking for objdir" >&5
+echo $ECHO_N "checking for objdir... $ECHO_C" >&6; }
+if test "${lt_cv_objdir+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ rm -f .libs 2>/dev/null
+mkdir .libs 2>/dev/null
+if test -d .libs; then
+ lt_cv_objdir=.libs
+else
+ # MS-DOS does not allow filenames that begin with a dot.
+ lt_cv_objdir=_libs
+fi
+rmdir .libs 2>/dev/null
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_objdir" >&5
+echo "${ECHO_T}$lt_cv_objdir" >&6; }
+objdir=$lt_cv_objdir
+
+
+
+
+
+case $host_os in
+aix3*)
+ # AIX sometimes has problems with the GCC collect2 program. For some
+ # reason, if we set the COLLECT_NAMES environment variable, the problems
+ # vanish in a puff of smoke.
+ if test "X${COLLECT_NAMES+set}" != Xset; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+ fi
+ ;;
+esac
+
+# Sed substitution that helps us do robust quoting. It backslashifies
+# metacharacters that are still active within double-quoted strings.
+Xsed='sed -e 1s/^X//'
+sed_quote_subst='s/\([\\"\\`$\\\\]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\([\\"\\`\\\\]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+
+# Constants:
+rm="rm -f"
+
+# Global variables:
+default_ofile=libtool
+can_build_shared=yes
+
+# All known linkers require a `.a' archive for static linking (except MSVC,
+# which needs '.lib').
+libext=a
+ltmain="$ac_aux_dir/ltmain.sh"
+ofile="$default_ofile"
+with_gnu_ld="$lt_cv_prog_gnu_ld"
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}ar", so it can be a program name with args.
+set dummy ${ac_tool_prefix}ar; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_AR+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$AR"; then
+ ac_cv_prog_AR="$AR" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_AR="${ac_tool_prefix}ar"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+AR=$ac_cv_prog_AR
+if test -n "$AR"; then
+ { echo "$as_me:$LINENO: result: $AR" >&5
+echo "${ECHO_T}$AR" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_AR"; then
+ ac_ct_AR=$AR
+ # Extract the first word of "ar", so it can be a program name with args.
+set dummy ar; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_ac_ct_AR+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$ac_ct_AR"; then
+ ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_AR="ar"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_AR=$ac_cv_prog_ac_ct_AR
+if test -n "$ac_ct_AR"; then
+ { echo "$as_me:$LINENO: result: $ac_ct_AR" >&5
+echo "${ECHO_T}$ac_ct_AR" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+ if test "x$ac_ct_AR" = x; then
+ AR="false"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&5
+echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&2;}
+ac_tool_warned=yes ;;
+esac
+ AR=$ac_ct_AR
+ fi
+else
+ AR="$ac_cv_prog_AR"
+fi
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args.
+set dummy ${ac_tool_prefix}ranlib; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_RANLIB+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$RANLIB"; then
+ ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+RANLIB=$ac_cv_prog_RANLIB
+if test -n "$RANLIB"; then
+ { echo "$as_me:$LINENO: result: $RANLIB" >&5
+echo "${ECHO_T}$RANLIB" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_RANLIB"; then
+ ac_ct_RANLIB=$RANLIB
+ # Extract the first word of "ranlib", so it can be a program name with args.
+set dummy ranlib; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$ac_ct_RANLIB"; then
+ ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_RANLIB="ranlib"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB
+if test -n "$ac_ct_RANLIB"; then
+ { echo "$as_me:$LINENO: result: $ac_ct_RANLIB" >&5
+echo "${ECHO_T}$ac_ct_RANLIB" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+ if test "x$ac_ct_RANLIB" = x; then
+ RANLIB=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&5
+echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&2;}
+ac_tool_warned=yes ;;
+esac
+ RANLIB=$ac_ct_RANLIB
+ fi
+else
+ RANLIB="$ac_cv_prog_RANLIB"
+fi
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
+set dummy ${ac_tool_prefix}strip; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_STRIP+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$STRIP"; then
+ ac_cv_prog_STRIP="$STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_STRIP="${ac_tool_prefix}strip"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+STRIP=$ac_cv_prog_STRIP
+if test -n "$STRIP"; then
+ { echo "$as_me:$LINENO: result: $STRIP" >&5
+echo "${ECHO_T}$STRIP" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_STRIP"; then
+ ac_ct_STRIP=$STRIP
+ # Extract the first word of "strip", so it can be a program name with args.
+set dummy strip; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -n "$ac_ct_STRIP"; then
+ ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_STRIP="strip"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP
+if test -n "$ac_ct_STRIP"; then
+ { echo "$as_me:$LINENO: result: $ac_ct_STRIP" >&5
+echo "${ECHO_T}$ac_ct_STRIP" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+ if test "x$ac_ct_STRIP" = x; then
+ STRIP=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&5
+echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+whose name does not start with the host triplet. If you think this
+configuration is useful to you, please write to autoconf@gnu.org." >&2;}
+ac_tool_warned=yes ;;
+esac
+ STRIP=$ac_ct_STRIP
+ fi
+else
+ STRIP="$ac_cv_prog_STRIP"
+fi
+
+
+old_CC="$CC"
+old_CFLAGS="$CFLAGS"
+
+# Set sane defaults for various variables
+test -z "$AR" && AR=ar
+test -z "$AR_FLAGS" && AR_FLAGS=cru
+test -z "$AS" && AS=as
+test -z "$CC" && CC=cc
+test -z "$LTCC" && LTCC=$CC
+test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+test -z "$LD" && LD=ld
+test -z "$LN_S" && LN_S="ln -s"
+test -z "$MAGIC_CMD" && MAGIC_CMD=file
+test -z "$NM" && NM=nm
+test -z "$SED" && SED=sed
+test -z "$OBJDUMP" && OBJDUMP=objdump
+test -z "$RANLIB" && RANLIB=:
+test -z "$STRIP" && STRIP=:
+test -z "$ac_objext" && ac_objext=o
+
+# Determine commands to create old-style static archives.
+old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs'
+old_postinstall_cmds='chmod 644 $oldlib'
+old_postuninstall_cmds=
+
+if test -n "$RANLIB"; then
+ case $host_os in
+ openbsd*)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib"
+ ;;
+ *)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib"
+ ;;
+ esac
+ old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib"
+fi
+
+for cc_temp in $compiler""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+
+
+# Only perform the check for file, if the check method requires it
+case $deplibs_check_method in
+file_magic*)
+ if test "$file_magic_cmd" = '$MAGIC_CMD'; then
+ { echo "$as_me:$LINENO: checking for ${ac_tool_prefix}file" >&5
+echo $ECHO_N "checking for ${ac_tool_prefix}file... $ECHO_C" >&6; }
+if test "${lt_cv_path_MAGIC_CMD+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ case $MAGIC_CMD in
+[\\/*] | ?:[\\/]*)
+ lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
+ ;;
+*)
+ lt_save_MAGIC_CMD="$MAGIC_CMD"
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ ac_dummy="/usr/bin$PATH_SEPARATOR$PATH"
+ for ac_dir in $ac_dummy; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f $ac_dir/${ac_tool_prefix}file; then
+ lt_cv_path_MAGIC_CMD="$ac_dir/${ac_tool_prefix}file"
+ if test -n "$file_magic_test_file"; then
+ case $deplibs_check_method in
+ "file_magic "*)
+ file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+ MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+ if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+ $EGREP "$file_magic_regex" > /dev/null; then
+ :
+ else
+ cat <<EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such. This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem. Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+EOF
+ fi ;;
+ esac
+ fi
+ break
+ fi
+ done
+ IFS="$lt_save_ifs"
+ MAGIC_CMD="$lt_save_MAGIC_CMD"
+ ;;
+esac
+fi
+
+MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+if test -n "$MAGIC_CMD"; then
+ { echo "$as_me:$LINENO: result: $MAGIC_CMD" >&5
+echo "${ECHO_T}$MAGIC_CMD" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+if test -z "$lt_cv_path_MAGIC_CMD"; then
+ if test -n "$ac_tool_prefix"; then
+ { echo "$as_me:$LINENO: checking for file" >&5
+echo $ECHO_N "checking for file... $ECHO_C" >&6; }
+if test "${lt_cv_path_MAGIC_CMD+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ case $MAGIC_CMD in
+[\\/*] | ?:[\\/]*)
+ lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
+ ;;
+*)
+ lt_save_MAGIC_CMD="$MAGIC_CMD"
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ ac_dummy="/usr/bin$PATH_SEPARATOR$PATH"
+ for ac_dir in $ac_dummy; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f $ac_dir/file; then
+ lt_cv_path_MAGIC_CMD="$ac_dir/file"
+ if test -n "$file_magic_test_file"; then
+ case $deplibs_check_method in
+ "file_magic "*)
+ file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+ MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+ if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+ $EGREP "$file_magic_regex" > /dev/null; then
+ :
+ else
+ cat <<EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such. This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem. Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+EOF
+ fi ;;
+ esac
+ fi
+ break
+ fi
+ done
+ IFS="$lt_save_ifs"
+ MAGIC_CMD="$lt_save_MAGIC_CMD"
+ ;;
+esac
+fi
+
+MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+if test -n "$MAGIC_CMD"; then
+ { echo "$as_me:$LINENO: result: $MAGIC_CMD" >&5
+echo "${ECHO_T}$MAGIC_CMD" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+ else
+ MAGIC_CMD=:
+ fi
+fi
+
+ fi
+ ;;
+esac
+
+enable_dlopen=no
+enable_win32_dll=no
+
+# Check whether --enable-libtool-lock was given.
+if test "${enable_libtool_lock+set}" = set; then
+ enableval=$enable_libtool_lock;
+fi
+
+test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
+
+
+# Check whether --with-pic was given.
+if test "${with_pic+set}" = set; then
+ withval=$with_pic; pic_mode="$withval"
+else
+ pic_mode=default
+fi
+
+test -z "$pic_mode" && pic_mode=default
+
+# Use C for the default configuration in the libtool script
+tagname=
+lt_save_CC="$CC"
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+# Source file extension for C test sources.
+ac_ext=c
+
+# Object file extension for compiled C test sources.
+objext=o
+objext=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="int some_variable = 0;\n"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='int main(){return(0);}\n'
+
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+
+# save warnings/boilerplate of simple test code
+ac_outfile=conftest.$ac_objext
+printf "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$rm conftest*
+
+ac_outfile=conftest.$ac_objext
+printf "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$rm conftest*
+
+
+
+lt_prog_compiler_no_builtin_flag=
+
+if test "$GCC" = yes; then
+ lt_prog_compiler_no_builtin_flag=' -fno-builtin'
+
+
+{ echo "$as_me:$LINENO: checking if $compiler supports -fno-rtti -fno-exceptions" >&5
+echo $ECHO_N "checking if $compiler supports -fno-rtti -fno-exceptions... $ECHO_C" >&6; }
+if test "${lt_cv_prog_compiler_rtti_exceptions+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_cv_prog_compiler_rtti_exceptions=no
+ ac_outfile=conftest.$ac_objext
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="-fno-rtti -fno-exceptions"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:7596: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&5
+ echo "$as_me:7600: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_rtti_exceptions=yes
+ fi
+ fi
+ $rm conftest*
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_rtti_exceptions" >&5
+echo "${ECHO_T}$lt_cv_prog_compiler_rtti_exceptions" >&6; }
+
+if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then
+ lt_prog_compiler_no_builtin_flag="$lt_prog_compiler_no_builtin_flag -fno-rtti -fno-exceptions"
+else
+ :
+fi
+
+fi
+
+lt_prog_compiler_wl=
+lt_prog_compiler_pic=
+lt_prog_compiler_static=
+
+{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5
+echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; }
+
+ if test "$GCC" = yes; then
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_static='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static='-Bstatic'
+ fi
+ ;;
+
+ amigaos*)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the `-m68020' flag to GCC prevents building anything better,
+ # like `-m68040'.
+ lt_prog_compiler_pic='-m68020 -resident32 -malways-restore-a4'
+ ;;
+
+ beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+
+ mingw* | pw32* | os2*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ lt_prog_compiler_pic='-DDLL_EXPORT'
+ ;;
+
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ lt_prog_compiler_pic='-fno-common'
+ ;;
+
+ interix3*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+
+ msdosdjgpp*)
+ # Just because we use GCC doesn't mean we suddenly get shared libraries
+ # on systems that don't support them.
+ lt_prog_compiler_can_build_shared=no
+ enable_shared=no
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ lt_prog_compiler_pic=-Kconform_pic
+ fi
+ ;;
+
+ hpux*)
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic='-fPIC'
+ ;;
+ esac
+ ;;
+
+ *)
+ lt_prog_compiler_pic='-fPIC'
+ ;;
+ esac
+ else
+ # PORTME Check for flag to pass linker flags through the system compiler.
+ case $host_os in
+ aix*)
+ lt_prog_compiler_wl='-Wl,'
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static='-Bstatic'
+ else
+ lt_prog_compiler_static='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+ darwin*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ case $cc_basename in
+ xlc*)
+ lt_prog_compiler_pic='-qnocommon'
+ lt_prog_compiler_wl='-Wl,'
+ ;;
+ esac
+ ;;
+
+ mingw* | pw32* | os2*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ lt_prog_compiler_pic='-DDLL_EXPORT'
+ ;;
+
+ hpux9* | hpux10* | hpux11*)
+ lt_prog_compiler_wl='-Wl,'
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic='+Z'
+ ;;
+ esac
+ # Is there a better lt_prog_compiler_static that works with the bundled CC?
+ lt_prog_compiler_static='${wl}-a ${wl}archive'
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ lt_prog_compiler_wl='-Wl,'
+ # PIC (with -KPIC) is the default.
+ lt_prog_compiler_static='-non_shared'
+ ;;
+
+ newsos6)
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ linux*)
+ case $cc_basename in
+ icc* | ecc*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-static'
+ ;;
+ pgcc* | pgf77* | pgf90* | pgf95*)
+ # Portland Group compilers (*not* the Pentium gcc compiler,
+ # which looks to be a dead project)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fpic'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+ ccc*)
+ lt_prog_compiler_wl='-Wl,'
+ # All Alpha code is PIC.
+ lt_prog_compiler_static='-non_shared'
+ ;;
+ esac
+ ;;
+
+ osf3* | osf4* | osf5*)
+ lt_prog_compiler_wl='-Wl,'
+ # All OSF/1 code is PIC.
+ lt_prog_compiler_static='-non_shared'
+ ;;
+
+ solaris*)
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ case $cc_basename in
+ f77* | f90* | f95*)
+ lt_prog_compiler_wl='-Qoption ld ';;
+ *)
+ lt_prog_compiler_wl='-Wl,';;
+ esac
+ ;;
+
+ sunos4*)
+ lt_prog_compiler_wl='-Qoption ld '
+ lt_prog_compiler_pic='-PIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ sysv4 | sysv4.2uw2* | sysv4.3*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec ;then
+ lt_prog_compiler_pic='-Kconform_pic'
+ lt_prog_compiler_static='-Bstatic'
+ fi
+ ;;
+
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ unicos*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_can_build_shared=no
+ ;;
+
+ uts4*)
+ lt_prog_compiler_pic='-pic'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ *)
+ lt_prog_compiler_can_build_shared=no
+ ;;
+ esac
+ fi
+
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic" >&5
+echo "${ECHO_T}$lt_prog_compiler_pic" >&6; }
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$lt_prog_compiler_pic"; then
+
+{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5
+echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic works... $ECHO_C" >&6; }
+if test "${lt_prog_compiler_pic_works+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_prog_compiler_pic_works=no
+ ac_outfile=conftest.$ac_objext
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="$lt_prog_compiler_pic -DPIC"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:7864: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&5
+ echo "$as_me:7868: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ lt_prog_compiler_pic_works=yes
+ fi
+ fi
+ $rm conftest*
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works" >&5
+echo "${ECHO_T}$lt_prog_compiler_pic_works" >&6; }
+
+if test x"$lt_prog_compiler_pic_works" = xyes; then
+ case $lt_prog_compiler_pic in
+ "" | " "*) ;;
+ *) lt_prog_compiler_pic=" $lt_prog_compiler_pic" ;;
+ esac
+else
+ lt_prog_compiler_pic=
+ lt_prog_compiler_can_build_shared=no
+fi
+
+fi
+case $host_os in
+ # For platforms which do not support PIC, -DPIC is meaningless:
+ *djgpp*)
+ lt_prog_compiler_pic=
+ ;;
+ *)
+ lt_prog_compiler_pic="$lt_prog_compiler_pic -DPIC"
+ ;;
+esac
+
+#
+# Check to make sure the static flag actually works.
+#
+wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\"
+{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5
+echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; }
+if test "${lt_prog_compiler_static_works+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_prog_compiler_static_works=no
+ save_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS $lt_tmp_static_flag"
+ printf "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&5
+ $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ lt_prog_compiler_static_works=yes
+ fi
+ else
+ lt_prog_compiler_static_works=yes
+ fi
+ fi
+ $rm conftest*
+ LDFLAGS="$save_LDFLAGS"
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works" >&5
+echo "${ECHO_T}$lt_prog_compiler_static_works" >&6; }
+
+if test x"$lt_prog_compiler_static_works" = xyes; then
+ :
+else
+ lt_prog_compiler_static=
+fi
+
+
+{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5
+echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; }
+if test "${lt_cv_prog_compiler_c_o+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_cv_prog_compiler_c_o=no
+ $rm -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:7968: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&5
+ echo "$as_me:7972: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_c_o=yes
+ fi
+ fi
+ chmod u+w . 2>&5
+ $rm conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files
+ $rm out/* && rmdir out
+ cd ..
+ rmdir conftest
+ $rm conftest*
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o" >&5
+echo "${ECHO_T}$lt_cv_prog_compiler_c_o" >&6; }
+
+
+hard_links="nottested"
+if test "$lt_cv_prog_compiler_c_o" = no && test "$need_locks" != no; then
+ # do not overwrite the value of need_locks provided by the user
+ { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5
+echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; }
+ hard_links=yes
+ $rm conftest*
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ touch conftest.a
+ ln conftest.a conftest.b 2>&5 || hard_links=no
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ { echo "$as_me:$LINENO: result: $hard_links" >&5
+echo "${ECHO_T}$hard_links" >&6; }
+ if test "$hard_links" = no; then
+ { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5
+echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;}
+ need_locks=warn
+ fi
+else
+ need_locks=no
+fi
+
+{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5
+echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; }
+
+ runpath_var=
+ allow_undefined_flag=
+ enable_shared_with_static_runtimes=no
+ archive_cmds=
+ archive_expsym_cmds=
+ old_archive_From_new_cmds=
+ old_archive_from_expsyms_cmds=
+ export_dynamic_flag_spec=
+ whole_archive_flag_spec=
+ thread_safe_flag_spec=
+ hardcode_libdir_flag_spec=
+ hardcode_libdir_flag_spec_ld=
+ hardcode_libdir_separator=
+ hardcode_direct=no
+ hardcode_minus_L=no
+ hardcode_shlibpath_var=unsupported
+ link_all_deplibs=unknown
+ hardcode_automatic=no
+ module_cmds=
+ module_expsym_cmds=
+ always_export_symbols=no
+ export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ # include_expsyms should be a list of space-separated symbols to be *always*
+ # included in the symbol list
+ include_expsyms=
+ # exclude_expsyms can be an extended regexp of symbols to exclude
+ # it will be wrapped by ` (' and `)$', so one must not match beginning or
+ # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
+ # as well as any symbol that contains `d'.
+ exclude_expsyms="_GLOBAL_OFFSET_TABLE_"
+ # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+ # platforms (ab)use it in PIC code, but their linkers get confused if
+ # the symbol is explicitly referenced. Since portable code cannot
+ # rely on this symbol name, it's probably fine to never include it in
+ # preloaded symbol tables.
+ extract_expsyms_cmds=
+ # Just being paranoid about ensuring that cc_basename is set.
+ for cc_temp in $compiler""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+
+ case $host_os in
+ cygwin* | mingw* | pw32*)
+ # FIXME: the MSVC++ port hasn't been tested in a loooong time
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ if test "$GCC" != yes; then
+ with_gnu_ld=no
+ fi
+ ;;
+ interix*)
+ # we just hope/assume this is gcc and not c89 (= MSVC++)
+ with_gnu_ld=yes
+ ;;
+ openbsd*)
+ with_gnu_ld=no
+ ;;
+ esac
+
+ ld_shlibs=yes
+ if test "$with_gnu_ld" = yes; then
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ wlarc='${wl}'
+
+ # Set some defaults for GNU ld with shared library support. These
+ # are reset later if shared libraries are not supported. Putting them
+ # here allows them to be overridden if necessary.
+ runpath_var=LD_RUN_PATH
+ hardcode_libdir_flag_spec='${wl}--rpath ${wl}$libdir'
+ export_dynamic_flag_spec='${wl}--export-dynamic'
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then
+ whole_archive_flag_spec="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ else
+ whole_archive_flag_spec=
+ fi
+ supports_anon_versioning=no
+ case `$LD -v 2>/dev/null` in
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11
+ *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
+ *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
+ *\ 2.11.*) ;; # other 2.11 versions
+ *) supports_anon_versioning=yes ;;
+ esac
+
+ # See if GNU ld supports shared libraries.
+ case $host_os in
+ aix3* | aix4* | aix5*)
+ # On AIX/PPC, the GNU linker is very broken
+ if test "$host_cpu" != ia64; then
+ ld_shlibs=no
+ cat <<EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.9.1, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support. If you
+*** really care for shared libraries, you may want to modify your PATH
+*** so that a non-GNU linker is found, and then restart.
+
+EOF
+ fi
+ ;;
+
+ amigaos*)
+ archive_cmds='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+
+ # Samuel A. Falvo II <kc5tja@dolphin.openprojects.net> reports
+ # that the semantics of dynamic libraries on AmigaOS, at least up
+ # to version 4, is to share data among multiple programs linked
+ # with the same dynamic library. Since this doesn't match the
+ # behavior of shared libraries on other platforms, we can't use
+ # them.
+ ld_shlibs=no
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ allow_undefined_flag=unsupported
+ # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ archive_cmds='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ cygwin* | mingw* | pw32*)
+ # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless,
+ # as there is no search path for DLLs.
+ hardcode_libdir_flag_spec='-L$libdir'
+ allow_undefined_flag=unsupported
+ always_export_symbols=no
+ enable_shared_with_static_runtimes=yes
+ export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols'
+
+ if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file (1st line
+ # is EXPORTS), use it as is; otherwise, prepend...
+ archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ interix3*)
+ hardcode_direct=no
+ hardcode_shlibpath_var=no
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ export_dynamic_flag_spec='${wl}-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ archive_expsym_cmds='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+
+ linux*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ tmp_addflag=
+ case $cc_basename,$host_cpu in
+ pgcc*) # Portland Group C compiler
+ whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag'
+ ;;
+ pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers
+ whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag -Mnomain' ;;
+ ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64
+ tmp_addflag=' -i_dynamic' ;;
+ efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64
+ tmp_addflag=' -i_dynamic -nofor_main' ;;
+ ifc* | ifort*) # Intel Fortran compiler
+ tmp_addflag=' -nofor_main' ;;
+ esac
+ archive_cmds='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+
+ if test $supports_anon_versioning = yes; then
+ archive_expsym_cmds='$echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ $echo "local: *; };" >> $output_objdir/$libname.ver~
+ $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+ fi
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
+ wlarc=
+ else
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ fi
+ ;;
+
+ solaris*)
+ if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then
+ ld_shlibs=no
+ cat <<EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+EOF
+ elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+ case `$LD -v 2>&1` in
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*)
+ ld_shlibs=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
+*** reliably create shared libraries on SCO systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.16.91.0.3 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ ;;
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`'
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ esac
+ ;;
+
+ sunos4*)
+ archive_cmds='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ wlarc=
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ esac
+
+ if test "$ld_shlibs" = no; then
+ runpath_var=
+ hardcode_libdir_flag_spec=
+ export_dynamic_flag_spec=
+ whole_archive_flag_spec=
+ fi
+ else
+ # PORTME fill in a description of your system's linker (not GNU ld)
+ case $host_os in
+ aix3*)
+ allow_undefined_flag=unsupported
+ always_export_symbols=yes
+ archive_expsym_cmds='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
+ # Note: this linker hardcodes the directories in LIBPATH if there
+ # are no directories specified by -L.
+ hardcode_minus_L=yes
+ if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then
+ # Neither direct hardcoding nor static linking is supported with a
+ # broken collect2.
+ hardcode_direct=unsupported
+ fi
+ ;;
+
+ aix4* | aix5*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=""
+ else
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to AIX nm, but means don't demangle with GNU nm
+ if $NM -V 2>&1 | grep 'GNU' > /dev/null; then
+ export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols'
+ else
+ export_symbols_cmds='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols'
+ fi
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[23]|aix4.[23].*|aix5*)
+ for ld_flag in $LDFLAGS; do
+ if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+ aix_use_runtimelinking=yes
+ break
+ fi
+ done
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ archive_cmds=''
+ hardcode_direct=yes
+ hardcode_libdir_separator=':'
+ link_all_deplibs=yes
+
+ if test "$GCC" = yes; then
+ case $host_os in aix4.[012]|aix4.[012].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" && \
+ strings "$collect2name" | grep resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ hardcode_direct=yes
+ else
+ # We have old collect2
+ hardcode_direct=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ hardcode_minus_L=yes
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_libdir_separator=
+ fi
+ ;;
+ esac
+ shared_flag='-shared'
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag="$shared_flag "'${wl}-G'
+ fi
+ else
+ # not using gcc
+ if test "$host_cpu" = ia64; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag='${wl}-G'
+ else
+ shared_flag='${wl}-bM:SRE'
+ fi
+ fi
+ fi
+
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to export.
+ always_export_symbols=yes
+ if test "$aix_use_runtimelinking" = yes; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ allow_undefined_flag='-berok'
+ # Determine the default libpath from the value encoded in an empty executable.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
int
main ()
{
-lckpwdf ();
+
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+
+aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+# Check for a 64-bit object if we didn't find anything.
+if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`; fi
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+
+ hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+ archive_expsym_cmds="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ else
+ if test "$host_cpu" = ia64; then
+ hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib'
+ allow_undefined_flag="-z nodefs"
+ archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an empty executable.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_c_lckpwdf=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+
+aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+# Check for a 64-bit object if we didn't find anything.
+if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`; fi
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_c_lckpwdf=no
+
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_c_lckpwdf" >&5
-echo "${ECHO_T}$ac_cv_lib_c_lckpwdf" >&6
-if test $ac_cv_lib_c_lckpwdf = yes; then
- HAVE_LCKPWDF=yes
+if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+
+ hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ no_undefined_flag=' ${wl}-bernotok'
+ allow_undefined_flag=' ${wl}-berok'
+ # Exported symbols can be pulled into shared objects from archives
+ whole_archive_flag_spec='$convenience'
+ archive_cmds_need_lc=yes
+ # This is similar to how AIX traditionally builds its shared libraries.
+ archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+ fi
+ fi
+ ;;
+
+ amigaos*)
+ archive_cmds='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ # see comment about different semantics on the GNU ld section
+ ld_shlibs=no
+ ;;
+
+ bsdi[45]*)
+ export_dynamic_flag_spec=-rdynamic
+ ;;
+
+ cygwin* | mingw* | pw32*)
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ hardcode_libdir_flag_spec=' '
+ allow_undefined_flag=unsupported
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=".dll"
+ # FIXME: Setting linknames here is a bad hack.
+ archive_cmds='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames='
+ # The linker will automatically build a .lib file if we build a DLL.
+ old_archive_From_new_cmds='true'
+ # FIXME: Should let the user specify the lib program.
+ old_archive_cmds='lib /OUT:$oldlib$oldobjs$old_deplibs'
+ fix_srcfile_path='`cygpath -w "$srcfile"`'
+ enable_shared_with_static_runtimes=yes
+ ;;
+
+ darwin* | rhapsody*)
+ case $host_os in
+ rhapsody* | darwin1.[012])
+ allow_undefined_flag='${wl}-undefined ${wl}suppress'
+ ;;
+ *) # Darwin 1.3 on
+ if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then
+ allow_undefined_flag='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ else
+ case ${MACOSX_DEPLOYMENT_TARGET} in
+ 10.[012])
+ allow_undefined_flag='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ ;;
+ 10.*)
+ allow_undefined_flag='${wl}-undefined ${wl}dynamic_lookup'
+ ;;
+ esac
+ fi
+ ;;
+ esac
+ archive_cmds_need_lc=no
+ hardcode_direct=no
+ hardcode_automatic=yes
+ hardcode_shlibpath_var=unsupported
+ whole_archive_flag_spec=''
+ link_all_deplibs=yes
+ if test "$GCC" = yes ; then
+ output_verbose_link_cmd='echo'
+ archive_cmds='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
+ module_cmds='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ else
+ case $cc_basename in
+ xlc*)
+ output_verbose_link_cmd='echo'
+ archive_cmds='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring'
+ module_cmds='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ ;;
+ *)
+ ld_shlibs=no
+ ;;
+ esac
+ fi
+ ;;
+
+ dgux*)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_shlibpath_var=no
+ ;;
+
+ freebsd1*)
+ ld_shlibs=no
+ ;;
+
+ # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+ # support. Future versions do this automatically, but an explicit c++rt0.o
+ # does not break anything, and helps significantly (at the cost of a little
+ # extra space).
+ freebsd2.2*)
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+ freebsd2*)
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=yes
+ hardcode_minus_L=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+ freebsd* | kfreebsd*-gnu | dragonfly*)
+ archive_cmds='$CC -shared -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ hpux9*)
+ if test "$GCC" = yes; then
+ archive_cmds='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ else
+ archive_cmds='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ fi
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+ hardcode_direct=yes
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ export_dynamic_flag_spec='${wl}-E'
+ ;;
+
+ hpux10*)
+ if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+
+ hardcode_direct=yes
+ export_dynamic_flag_spec='${wl}-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ fi
+ ;;
+
+ hpux11*)
+ if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ else
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ fi
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ hardcode_libdir_flag_spec_ld='+b $libdir'
+ hardcode_direct=no
+ hardcode_shlibpath_var=no
+ ;;
+ *)
+ hardcode_direct=yes
+ export_dynamic_flag_spec='${wl}-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ ;;
+ esac
+ fi
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ if test "$GCC" = yes; then
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ hardcode_libdir_flag_spec_ld='-rpath $libdir'
+ fi
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ link_all_deplibs=yes
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
+ else
+ archive_cmds='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF
+ fi
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ newsos6)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=yes
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ hardcode_shlibpath_var=no
+ ;;
+
+ openbsd*)
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols'
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ export_dynamic_flag_spec='${wl}-E'
+ else
+ case $host_os in
+ openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*)
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec='-R$libdir'
+ ;;
+ *)
+ archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ ;;
+ esac
+ fi
+ ;;
+
+ os2*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ allow_undefined_flag=unsupported
+ archive_cmds='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+ old_archive_From_new_cmds='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
+ ;;
+
+ osf3*)
+ if test "$GCC" = yes; then
+ allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ allow_undefined_flag=' -expect_unresolved \*'
+ archive_cmds='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ fi
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ ;;
+
+ osf4* | osf5*) # as osf3* with the addition of -msym flag
+ if test "$GCC" = yes; then
+ allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ else
+ allow_undefined_flag=' -expect_unresolved \*'
+ archive_cmds='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ archive_expsym_cmds='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~
+ $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp'
+
+ # Both c and cxx compiler support -rpath directly
+ hardcode_libdir_flag_spec='-rpath $libdir'
+ fi
+ hardcode_libdir_separator=:
+ ;;
+
+ solaris*)
+ no_undefined_flag=' -z text'
+ if test "$GCC" = yes; then
+ wlarc='${wl}'
+ archive_cmds='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp'
+ else
+ wlarc=''
+ archive_cmds='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ archive_expsym_cmds='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp'
+ fi
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_shlibpath_var=no
+ case $host_os in
+ solaris2.[0-5] | solaris2.[0-5].*) ;;
+ *)
+ # The compiler driver will combine linker options so we
+ # cannot just pass the convience library names through
+ # without $wl, iff we do not link with $LD.
+ # Luckily, gcc supports the same syntax we need for Sun Studio.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ case $wlarc in
+ '')
+ whole_archive_flag_spec='-z allextract$convenience -z defaultextract' ;;
+ *)
+ whole_archive_flag_spec='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;;
+ esac ;;
+ esac
+ link_all_deplibs=yes
+ ;;
+
+ sunos4*)
+ if test "x$host_vendor" = xsequent; then
+ # Use $CC to link under sequent, because it throws in some extra .o
+ # files that make .init and .fini sections work.
+ archive_cmds='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_direct=yes
+ hardcode_minus_L=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ sysv4)
+ case $host_vendor in
+ sni)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=yes # is this really true???
+ ;;
+ siemens)
+ ## LD is ld it makes a PLAMLIB
+ ## CC just makes a GrossModule.
+ archive_cmds='$LD -G -o $lib $libobjs $deplibs $linker_flags'
+ reload_cmds='$CC -r -o $output$reload_objs'
+ hardcode_direct=no
+ ;;
+ motorola)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=no #Motorola manual says yes, but my tests say they lie
+ ;;
+ esac
+ runpath_var='LD_RUN_PATH'
+ hardcode_shlibpath_var=no
+ ;;
+
+ sysv4.3*)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_shlibpath_var=no
+ export_dynamic_flag_spec='-Bexport'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_shlibpath_var=no
+ runpath_var=LD_RUN_PATH
+ hardcode_runpath_var=yes
+ ld_shlibs=yes
+ fi
+ ;;
+
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*)
+ no_undefined_flag='${wl}-z,text'
+ archive_cmds_need_lc=no
+ hardcode_shlibpath_var=no
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We can NOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ no_undefined_flag='${wl}-z,text'
+ allow_undefined_flag='${wl}-z,nodefs'
+ archive_cmds_need_lc=no
+ hardcode_shlibpath_var=no
+ hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
+ hardcode_libdir_separator=':'
+ link_all_deplibs=yes
+ export_dynamic_flag_spec='${wl}-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ archive_cmds='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ uts4*)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_shlibpath_var=no
+ ;;
+
+ *)
+ ld_shlibs=no
+ ;;
+ esac
+ fi
+
+{ echo "$as_me:$LINENO: result: $ld_shlibs" >&5
+echo "${ECHO_T}$ld_shlibs" >&6; }
+test "$ld_shlibs" = no && can_build_shared=no
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$archive_cmds_need_lc" in
+x|xyes)
+ # Assume -lc should be added
+ archive_cmds_need_lc=yes
+
+ if test "$enable_shared" = yes && test "$GCC" = yes; then
+ case $archive_cmds in
+ *'~'*)
+ # FIXME: we may have to deal with multi-command sequences.
+ ;;
+ '$CC '*)
+ # Test whether the compiler implicitly links with -lc since on some
+ # systems, -lgcc has to come before -lc. If gcc already passes -lc
+ # to ld, don't add -lc before -lgcc.
+ { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5
+echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; }
+ $rm conftest*
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } 2>conftest.err; then
+ soname=conftest
+ lib=conftest
+ libobjs=conftest.$ac_objext
+ deplibs=
+ wl=$lt_prog_compiler_wl
+ pic_flag=$lt_prog_compiler_pic
+ compiler_flags=-v
+ linker_flags=-v
+ verstring=
+ output_objdir=.
+ libname=conftest
+ lt_save_allow_undefined_flag=$allow_undefined_flag
+ allow_undefined_flag=
+ if { (eval echo "$as_me:$LINENO: \"$archive_cmds 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5
+ (eval $archive_cmds 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+ then
+ archive_cmds_need_lc=no
+ else
+ archive_cmds_need_lc=yes
+ fi
+ allow_undefined_flag=$lt_save_allow_undefined_flag
+ else
+ cat conftest.err 1>&5
+ fi
+ $rm conftest*
+ { echo "$as_me:$LINENO: result: $archive_cmds_need_lc" >&5
+echo "${ECHO_T}$archive_cmds_need_lc" >&6; }
+ ;;
+ esac
+ fi
+ ;;
+esac
+
+{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5
+echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; }
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=".so"
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+if test "$GCC" = yes; then
+ sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then
+ # if the path contains ";" then we assume it to be the separator
+ # otherwise default to the standard path separator (i.e. ":") - it is
+ # assumed that no part of a normal pathname contains ";" but that should
+ # okay in the real world where ";" in dirpaths is itself problematic.
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
else
- HAVE_LCKPWDF=no
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+case $host_os in
+aix3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
+ shlibpath_var=LIBPATH
+
+ # AIX 3 has no versioning support, so we append a major version to the name.
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+
+aix4* | aix5*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ hardcode_into_libs=yes
+ if test "$host_cpu" = ia64; then
+ # AIX 5 supports IA64
+ library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ else
+ # With GCC up to 2.95.x, collect2 would create an import file
+ # for dependence libraries. The import file would start with
+ # the line `#! .'. This would cause the generated library to
+ # depend on `.', always an invalid library. This was fixed in
+ # development snapshots of GCC prior to 3.0.
+ case $host_os in
+ aix4 | aix4.[01] | aix4.[01].*)
+ if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+ echo ' yes '
+ echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then
+ :
+ else
+ can_build_shared=no
+ fi
+ ;;
+ esac
+ # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
+ # soname into executable. Probably we can add versioning support to
+ # collect2, so additional links can be useful in future.
+ if test "$aix_use_runtimelinking" = yes; then
+ # If using run time linking (on AIX 4.2 or later) use lib<name>.so
+ # instead of lib<name>.a to let people know that these are not
+ # typical AIX shared libraries.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ else
+ # We preserve .a as extension for shared libraries through AIX4.2
+ # and later when we are not doing run time linking.
+ library_names_spec='${libname}${release}.a $libname.a'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ fi
+ shlibpath_var=LIBPATH
+ fi
+ ;;
+
+amigaos*)
+ library_names_spec='$libname.ixlibrary $libname.a'
+ # Create ${libname}_ixlibrary.a entries in /sys/libs.
+ finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+ ;;
+
+beos*)
+ library_names_spec='${libname}${shared_ext}'
+ dynamic_linker="$host_os ld.so"
+ shlibpath_var=LIBRARY_PATH
+ ;;
+
+bsdi[45]*)
+ version_type=linux
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+ # the default ld.so.conf also contains /usr/contrib/lib and
+ # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+ # libtool to hard-code these into programs
+ ;;
+
+cygwin* | mingw* | pw32*)
+ version_type=windows
+ shrext_cmds=".dll"
+ need_version=no
+ need_lib_prefix=no
+
+ case $GCC,$host_os in
+ yes,cygwin* | yes,mingw* | yes,pw32*)
+ library_names_spec='$libname.dll.a'
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \${file}`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $rm \$dlpath'
+ shlibpath_overrides_runpath=yes
+
+ case $host_os in
+ cygwin*)
+ # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+ soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
+ ;;
+ mingw*)
+ # MinGW DLLs use traditional 'lib' prefix
+ soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then
+ # It is most probably a Windows format PATH printed by
+ # mingw gcc, but we are running on Cygwin. Gcc prints its search
+ # path with ; separators, and with drive letters. We can handle the
+ # drive letters (cygwin fileutils understands them), so leave them,
+ # especially as we might pass files found there to a mingw objdump,
+ # which wouldn't understand a cygwinified path. Ahh.
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+ ;;
+ pw32*)
+ # pw32 DLLs use 'pw' prefix rather than 'lib'
+ library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ ;;
+ esac
+ ;;
+
+ *)
+ library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib'
+ ;;
+ esac
+ dynamic_linker='Win32 ld.exe'
+ # FIXME: first we should search . and the directory the executable is in
+ shlibpath_var=PATH
+ ;;
+
+darwin* | rhapsody*)
+ dynamic_linker="$host_os dyld"
+ version_type=darwin
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${versuffix}$shared_ext ${libname}${release}${major}$shared_ext ${libname}$shared_ext'
+ soname_spec='${libname}${release}${major}$shared_ext'
+ shlibpath_overrides_runpath=yes
+ shlibpath_var=DYLD_LIBRARY_PATH
+ shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+ # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same.
+ if test "$GCC" = yes; then
+ sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"`
+ else
+ sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib'
+ fi
+ sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+ ;;
+
+dgux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+freebsd1*)
+ dynamic_linker=no
+ ;;
+
+kfreebsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='GNU ld.so'
+ ;;
+
+freebsd* | dragonfly*)
+ # DragonFly does not have aout. When/if they implement a new
+ # versioning mechanism, adjust this.
+ if test -x /usr/bin/objformat; then
+ objformat=`/usr/bin/objformat`
+ else
+ case $host_os in
+ freebsd[123]*) objformat=aout ;;
+ *) objformat=elf ;;
+ esac
+ fi
+ version_type=freebsd-$objformat
+ case $version_type in
+ freebsd-elf*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ need_version=no
+ need_lib_prefix=no
+ ;;
+ freebsd-*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
+ need_version=yes
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_os in
+ freebsd2*)
+ shlibpath_overrides_runpath=yes
+ ;;
+ freebsd3.[01]* | freebsdelf3.[01]*)
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
+ freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+ freebsd*) # from 4.6 on
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ esac
+ ;;
+
+gnu*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ ;;
+
+hpux9* | hpux10* | hpux11*)
+ # Give a soname corresponding to the major version so that dld.sl refuses to
+ # link against other versions.
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ case $host_cpu in
+ ia64*)
+ shrext_cmds='.so'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.so"
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ if test "X$HPUX_IA64_MODE" = X32; then
+ sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+ else
+ sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+ fi
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ hppa*64*)
+ shrext_cmds='.sl'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ *)
+ shrext_cmds='.sl'
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=SHLIB_PATH
+ shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+ esac
+ # HP-UX runs *really* slowly unless shared libraries are mode 555.
+ postinstall_cmds='chmod 555 $lib'
+ ;;
+
+interix3*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $host_os in
+ nonstopux*) version_type=nonstopux ;;
+ *)
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ version_type=linux
+ else
+ version_type=irix
+ fi ;;
+ esac
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
+ case $host_os in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in # libtool.m4 will add one of these switches to LD
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+ libsuff= shlibsuff= libmagic=32-bit;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+ libsuff=32 shlibsuff=N32 libmagic=N32;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+ libsuff=64 shlibsuff=64 libmagic=64-bit;;
+ *) libsuff= shlibsuff= libmagic=never-match;;
+ esac
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+ sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+ hardcode_into_libs=yes
+ ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+ dynamic_linker=no
+ ;;
+
+# This must be Linux ELF.
+linux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ # Append ld.so.conf contents to the search path
+ if test -f /etc/ld.so.conf; then
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ fi
+
+ # We used to test for /lib/ld.so.1 and disable shared libraries on
+ # powerpc, because MkLinux only supported shared libraries with the
+ # GNU dynamic linker. Since this was broken with cross compilers,
+ # most powerpc-linux boxes support dynamic linking these days and
+ # people can always --disable-shared, the test was removed, and we
+ # assume the GNU/Linux dynamic linker is in use.
+ dynamic_linker='GNU/Linux ld.so'
+ ;;
+
+knetbsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='GNU ld.so'
+ ;;
+
+netbsd*)
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ dynamic_linker='NetBSD (a.out) ld.so'
+ else
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='NetBSD ld.elf_so'
+ fi
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+
+newsos6)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+nto-qnx*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+openbsd*)
+ version_type=sunos
+ sys_lib_dlsearch_path_spec="/usr/lib"
+ need_lib_prefix=no
+ # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
+ case $host_os in
+ openbsd3.3 | openbsd3.3.*) need_version=yes ;;
+ *) need_version=no ;;
+ esac
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ case $host_os in
+ openbsd2.[89] | openbsd2.[89].*)
+ shlibpath_overrides_runpath=no
+ ;;
+ *)
+ shlibpath_overrides_runpath=yes
+ ;;
+ esac
+ else
+ shlibpath_overrides_runpath=yes
+ fi
+ ;;
+
+os2*)
+ libname_spec='$name'
+ shrext_cmds=".dll"
+ need_lib_prefix=no
+ library_names_spec='$libname${shared_ext} $libname.a'
+ dynamic_linker='OS/2 ld.exe'
+ shlibpath_var=LIBPATH
+ ;;
+
+osf3* | osf4* | osf5*)
+ version_type=osf
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+ sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+ ;;
+
+solaris*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ # ldd complains unless libraries are executable
+ postinstall_cmds='chmod +x $lib'
+ ;;
+
+sunos4*)
+ version_type=sunos
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ if test "$with_gnu_ld" = yes; then
+ need_lib_prefix=no
+ fi
+ need_version=yes
+ ;;
+
+sysv4 | sysv4.3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_vendor in
+ sni)
+ shlibpath_overrides_runpath=no
+ need_lib_prefix=no
+ export_dynamic_flag_spec='${wl}-Blargedynsym'
+ runpath_var=LD_RUN_PATH
+ ;;
+ siemens)
+ need_lib_prefix=no
+ ;;
+ motorola)
+ need_lib_prefix=no
+ need_version=no
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+ ;;
+ esac
+ ;;
+
+sysv4*MP*)
+ if test -d /usr/nec ;then
+ version_type=linux
+ library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
+ soname_spec='$libname${shared_ext}.$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ fi
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ version_type=freebsd-elf
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ if test "$with_gnu_ld" = yes; then
+ sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+ shlibpath_overrides_runpath=no
+ else
+ sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+ shlibpath_overrides_runpath=yes
+ case $host_os in
+ sco3.2v5*)
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+ ;;
+ esac
+ fi
+ sys_lib_dlsearch_path_spec='/usr/lib'
+ ;;
+
+uts4*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+*)
+ dynamic_linker=no
+ ;;
+esac
+{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5
+echo "${ECHO_T}$dynamic_linker" >&6; }
+test "$dynamic_linker" = no && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test "$GCC" = yes; then
+ variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5
+echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; }
+hardcode_action=
+if test -n "$hardcode_libdir_flag_spec" || \
+ test -n "$runpath_var" || \
+ test "X$hardcode_automatic" = "Xyes" ; then
+
+ # We can hardcode non-existant directories.
+ if test "$hardcode_direct" != no &&
+ # If the only mechanism to avoid hardcoding is shlibpath_var, we
+ # have to relink, otherwise we might link with an installed library
+ # when we should be linking with a yet-to-be-installed one
+ ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, )" != no &&
+ test "$hardcode_minus_L" != no; then
+ # Linking always hardcodes the temporary library directory.
+ hardcode_action=relink
+ else
+ # We can link without hardcoding, and we can hardcode nonexisting dirs.
+ hardcode_action=immediate
+ fi
+else
+ # We cannot hardcode anything, or else we can only hardcode existing
+ # directories.
+ hardcode_action=unsupported
+fi
+{ echo "$as_me:$LINENO: result: $hardcode_action" >&5
+echo "${ECHO_T}$hardcode_action" >&6; }
+
+if test "$hardcode_action" = relink; then
+ # Fast installation is not supported
+ enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+ test "$enable_shared" = no; then
+ # Fast installation is not necessary
+ enable_fast_install=needless
+fi
+
+striplib=
+old_striplib=
+{ echo "$as_me:$LINENO: checking whether stripping libraries is possible" >&5
+echo $ECHO_N "checking whether stripping libraries is possible... $ECHO_C" >&6; }
+if test -n "$STRIP" && $STRIP -V 2>&1 | grep "GNU strip" >/dev/null; then
+ test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
+ test -z "$striplib" && striplib="$STRIP --strip-unneeded"
+ { echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
+else
+# FIXME - insert some real tests, host_os isn't really good enough
+ case $host_os in
+ darwin*)
+ if test -n "$STRIP" ; then
+ striplib="$STRIP -x"
+ { echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
+ else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+ ;;
+ *)
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+ ;;
+ esac
fi
+if test "x$enable_dlopen" != xyes; then
+ enable_dlopen=unknown
+ enable_dlopen_self=unknown
+ enable_dlopen_self_static=unknown
+else
+ lt_cv_dlopen=no
+ lt_cv_dlopen_libs=
+
+ case $host_os in
+ beos*)
+ lt_cv_dlopen="load_add_on"
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+ ;;
+ mingw* | pw32*)
+ lt_cv_dlopen="LoadLibrary"
+ lt_cv_dlopen_libs=
+ ;;
-echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5
-echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6
+ cygwin*)
+ lt_cv_dlopen="dlopen"
+ lt_cv_dlopen_libs=
+ ;;
+
+ darwin*)
+ # if libdl is installed we need to link against it
+ { echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5
+echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6; }
if test "${ac_cv_lib_dl_dlopen+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -3790,144 +9742,157 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
char dlopen ();
int
main ()
{
-dlopen ();
+return dlopen ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
ac_cv_lib_dl_dlopen=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_dl_dlopen=no
+ ac_cv_lib_dl_dlopen=no
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5
-echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5
+echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6; }
if test $ac_cv_lib_dl_dlopen = yes; then
- LIBDL=-ldl
-fi
+ lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"
+else
+ lt_cv_dlopen="dyld"
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+fi
-echo "$as_me:$LINENO: checking for FascistCheck in -lcrack" >&5
-echo $ECHO_N "checking for FascistCheck in -lcrack... $ECHO_C" >&6
-if test "${ac_cv_lib_crack_FascistCheck+set}" = set; then
+ ;;
+
+ *)
+ { echo "$as_me:$LINENO: checking for shl_load" >&5
+echo $ECHO_N "checking for shl_load... $ECHO_C" >&6; }
+if test "${ac_cv_func_shl_load+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lcrack $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
+/* Define shl_load to an innocuous variant, in case <limits.h> declares shl_load.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define shl_load innocuous_shl_load
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char shl_load (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
-/* Override any gcc2 internal prototype to avoid an error. */
+#undef shl_load
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char FascistCheck ();
+char shl_load ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_shl_load || defined __stub___shl_load
+choke me
+#endif
+
int
main ()
{
-FascistCheck ();
+return shl_load ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_crack_FascistCheck=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_func_shl_load=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_crack_FascistCheck=no
+ ac_cv_func_shl_load=no
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_crack_FascistCheck" >&5
-echo "${ECHO_T}$ac_cv_lib_crack_FascistCheck" >&6
-if test $ac_cv_lib_crack_FascistCheck = yes; then
- HAVE_LIBCRACK=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBCRACK 1
-_ACEOF
-
+{ echo "$as_me:$LINENO: result: $ac_cv_func_shl_load" >&5
+echo "${ECHO_T}$ac_cv_func_shl_load" >&6; }
+if test $ac_cv_func_shl_load = yes; then
+ lt_cv_dlopen="shl_load"
else
- HAVE_LIBCRACK=no
-fi
-
-
-
-echo "$as_me:$LINENO: checking for crypt in -lcrypt" >&5
-echo $ECHO_N "checking for crypt in -lcrypt... $ECHO_C" >&6
-if test "${ac_cv_lib_crypt_crypt+set}" = set; then
+ { echo "$as_me:$LINENO: checking for shl_load in -ldld" >&5
+echo $ECHO_N "checking for shl_load in -ldld... $ECHO_C" >&6; }
+if test "${ac_cv_lib_dld_shl_load+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
ac_check_lib_save_LIBS=$LIBS
-LIBS="-lcrypt $LIBS"
+LIBS="-ldld $LIBS"
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -3935,147 +9900,147 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char crypt ();
+char shl_load ();
int
main ()
{
-crypt ();
+return shl_load ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_crypt_crypt=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_dld_shl_load=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_crypt_crypt=no
+ ac_cv_lib_dld_shl_load=no
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_crypt_crypt" >&5
-echo "${ECHO_T}$ac_cv_lib_crypt_crypt" >&6
-if test $ac_cv_lib_crypt_crypt = yes; then
- HAVE_LIBCRYPT=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBCRYPT 1
-_ACEOF
-
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_dld_shl_load" >&5
+echo "${ECHO_T}$ac_cv_lib_dld_shl_load" >&6; }
+if test $ac_cv_lib_dld_shl_load = yes; then
+ lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-dld"
else
- HAVE_LIBCRYPT=no
-fi
-
-
-echo "$as_me:$LINENO: checking for logwtmp in -lutil" >&5
-echo $ECHO_N "checking for logwtmp in -lutil... $ECHO_C" >&6
-if test "${ac_cv_lib_util_logwtmp+set}" = set; then
+ { echo "$as_me:$LINENO: checking for dlopen" >&5
+echo $ECHO_N "checking for dlopen... $ECHO_C" >&6; }
+if test "${ac_cv_func_dlopen+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lutil $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
+/* Define dlopen to an innocuous variant, in case <limits.h> declares dlopen.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define dlopen innocuous_dlopen
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char dlopen (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef dlopen
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char logwtmp ();
+char dlopen ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_dlopen || defined __stub___dlopen
+choke me
+#endif
+
int
main ()
{
-logwtmp ();
+return dlopen ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_util_logwtmp=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_func_dlopen=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_util_logwtmp=no
+ ac_cv_func_dlopen=no
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_util_logwtmp" >&5
-echo "${ECHO_T}$ac_cv_lib_util_logwtmp" >&6
-if test $ac_cv_lib_util_logwtmp = yes; then
- HAVE_LIBUTIL=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBUTIL 1
-_ACEOF
-
+{ echo "$as_me:$LINENO: result: $ac_cv_func_dlopen" >&5
+echo "${ECHO_T}$ac_cv_func_dlopen" >&6; }
+if test $ac_cv_func_dlopen = yes; then
+ lt_cv_dlopen="dlopen"
else
- HAVE_LIBUTIL=no
-fi
-
-
-echo "$as_me:$LINENO: checking for dbm_store in -lndbm" >&5
-echo $ECHO_N "checking for dbm_store in -lndbm... $ECHO_C" >&6
-if test "${ac_cv_lib_ndbm_dbm_store+set}" = set; then
+ { echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5
+echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6; }
+if test "${ac_cv_lib_dl_dlopen+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
ac_check_lib_save_LIBS=$LIBS
-LIBS="-lndbm $LIBS"
+LIBS="-ldl $LIBS"
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -4083,73 +10048,63 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char dbm_store ();
+char dlopen ();
int
main ()
{
-dbm_store ();
+return dlopen ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_ndbm_dbm_store=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_dl_dlopen=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_ndbm_dbm_store=no
+ ac_cv_lib_dl_dlopen=no
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_ndbm_dbm_store" >&5
-echo "${ECHO_T}$ac_cv_lib_ndbm_dbm_store" >&6
-if test $ac_cv_lib_ndbm_dbm_store = yes; then
- HAVE_LIBNDBM=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBNDBM 1
-_ACEOF
-
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5
+echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6; }
+if test $ac_cv_lib_dl_dlopen = yes; then
+ lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"
else
- HAVE_LIBNDBM=no
-fi
-
-
-echo "$as_me:$LINENO: checking for dbm_store in -ldb" >&5
-echo $ECHO_N "checking for dbm_store in -ldb... $ECHO_C" >&6
-if test "${ac_cv_lib_db_dbm_store+set}" = set; then
+ { echo "$as_me:$LINENO: checking for dlopen in -lsvld" >&5
+echo $ECHO_N "checking for dlopen in -lsvld... $ECHO_C" >&6; }
+if test "${ac_cv_lib_svld_dlopen+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
ac_check_lib_save_LIBS=$LIBS
-LIBS="-ldb $LIBS"
+LIBS="-lsvld $LIBS"
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -4157,73 +10112,63 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char dbm_store ();
+char dlopen ();
int
main ()
{
-dbm_store ();
+return dlopen ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_db_dbm_store=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_svld_dlopen=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_db_dbm_store=no
+ ac_cv_lib_svld_dlopen=no
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_db_dbm_store" >&5
-echo "${ECHO_T}$ac_cv_lib_db_dbm_store" >&6
-if test $ac_cv_lib_db_dbm_store = yes; then
- HAVE_LIBDB=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBDB 1
-_ACEOF
-
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_svld_dlopen" >&5
+echo "${ECHO_T}$ac_cv_lib_svld_dlopen" >&6; }
+if test $ac_cv_lib_svld_dlopen = yes; then
+ lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"
else
- HAVE_LIBDB=no
-fi
-
-if test x$HAVE_LIBDB != xyes ; then
- echo "$as_me:$LINENO: checking for db_create in -ldb" >&5
-echo $ECHO_N "checking for db_create in -ldb... $ECHO_C" >&6
-if test "${ac_cv_lib_db_db_create+set}" = set; then
+ { echo "$as_me:$LINENO: checking for dld_link in -ldld" >&5
+echo $ECHO_N "checking for dld_link in -ldld... $ECHO_C" >&6; }
+if test "${ac_cv_lib_dld_dld_link+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
ac_check_lib_save_LIBS=$LIBS
-LIBS="-ldb $LIBS"
+LIBS="-ldld $LIBS"
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -4231,457 +10176,9969 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char db_create ();
+char dld_link ();
int
main ()
{
-db_create ();
+return dld_link ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_db_db_create=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_dld_dld_link=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_db_db_create=no
+ ac_cv_lib_dld_dld_link=no
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_db_db_create" >&5
-echo "${ECHO_T}$ac_cv_lib_db_db_create" >&6
-if test $ac_cv_lib_db_db_create = yes; then
- HAVE_LIBDB=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBDB 1
-_ACEOF
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_dld_dld_link" >&5
+echo "${ECHO_T}$ac_cv_lib_dld_dld_link" >&6; }
+if test $ac_cv_lib_dld_dld_link = yes; then
+ lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld"
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+ ;;
+ esac
+
+ if test "x$lt_cv_dlopen" != xno; then
+ enable_dlopen=yes
+ else
+ enable_dlopen=no
+ fi
+
+ case $lt_cv_dlopen in
+ dlopen)
+ save_CPPFLAGS="$CPPFLAGS"
+ test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
+
+ save_LDFLAGS="$LDFLAGS"
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
+
+ save_LIBS="$LIBS"
+ LIBS="$lt_cv_dlopen_libs $LIBS"
+
+ { echo "$as_me:$LINENO: checking whether a program can dlopen itself" >&5
+echo $ECHO_N "checking whether a program can dlopen itself... $ECHO_C" >&6; }
+if test "${lt_cv_dlopen_self+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test "$cross_compiling" = yes; then :
+ lt_cv_dlopen_self=cross
else
- HAVE_LIBDB=no
+ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+ lt_status=$lt_dlunknown
+ cat > conftest.$ac_ext <<EOF
+#line 10276 "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LT_DLGLOBAL RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+# define LT_DLGLOBAL DL_GLOBAL
+# else
+# define LT_DLGLOBAL 0
+# endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+ find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+# ifdef RTLD_LAZY
+# define LT_DLLAZY_OR_NOW RTLD_LAZY
+# else
+# ifdef DL_LAZY
+# define LT_DLLAZY_OR_NOW DL_LAZY
+# else
+# ifdef RTLD_NOW
+# define LT_DLLAZY_OR_NOW RTLD_NOW
+# else
+# ifdef DL_NOW
+# define LT_DLLAZY_OR_NOW DL_NOW
+# else
+# define LT_DLLAZY_OR_NOW 0
+# endif
+# endif
+# endif
+# endif
+#endif
+
+#ifdef __cplusplus
+extern "C" void exit (int);
+#endif
+
+void fnord() { int i=42;}
+int main ()
+{
+ void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+ int status = $lt_dlunknown;
+
+ if (self)
+ {
+ if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
+ else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ /* dlclose (self); */
+ }
+ else
+ puts (dlerror ());
+
+ exit (status);
+}
+EOF
+ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && test -s conftest${ac_exeext} 2>/dev/null; then
+ (./conftest; exit; ) >&5 2>/dev/null
+ lt_status=$?
+ case x$lt_status in
+ x$lt_dlno_uscore) lt_cv_dlopen_self=yes ;;
+ x$lt_dlneed_uscore) lt_cv_dlopen_self=yes ;;
+ x$lt_dlunknown|x*) lt_cv_dlopen_self=no ;;
+ esac
+ else :
+ # compilation failed
+ lt_cv_dlopen_self=no
+ fi
fi
+rm -fr conftest*
+
fi
+{ echo "$as_me:$LINENO: result: $lt_cv_dlopen_self" >&5
+echo "${ECHO_T}$lt_cv_dlopen_self" >&6; }
-echo "$as_me:$LINENO: checking for yylex in -lfl" >&5
-echo $ECHO_N "checking for yylex in -lfl... $ECHO_C" >&6
-if test "${ac_cv_lib_fl_yylex+set}" = set; then
+ if test "x$lt_cv_dlopen_self" = xyes; then
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
+ { echo "$as_me:$LINENO: checking whether a statically linked program can dlopen itself" >&5
+echo $ECHO_N "checking whether a statically linked program can dlopen itself... $ECHO_C" >&6; }
+if test "${lt_cv_dlopen_self_static+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lfl HAVE_LIBFL=no $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
+ if test "$cross_compiling" = yes; then :
+ lt_cv_dlopen_self_static=cross
+else
+ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+ lt_status=$lt_dlunknown
+ cat > conftest.$ac_ext <<EOF
+#line 10376 "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LT_DLGLOBAL RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+# define LT_DLGLOBAL DL_GLOBAL
+# else
+# define LT_DLGLOBAL 0
+# endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+ find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+# ifdef RTLD_LAZY
+# define LT_DLLAZY_OR_NOW RTLD_LAZY
+# else
+# ifdef DL_LAZY
+# define LT_DLLAZY_OR_NOW DL_LAZY
+# else
+# ifdef RTLD_NOW
+# define LT_DLLAZY_OR_NOW RTLD_NOW
+# else
+# ifdef DL_NOW
+# define LT_DLLAZY_OR_NOW DL_NOW
+# else
+# define LT_DLLAZY_OR_NOW 0
+# endif
+# endif
+# endif
+# endif
+#endif
+
+#ifdef __cplusplus
+extern "C" void exit (int);
+#endif
+
+void fnord() { int i=42;}
+int main ()
+{
+ void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+ int status = $lt_dlunknown;
+
+ if (self)
+ {
+ if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
+ else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ /* dlclose (self); */
+ }
+ else
+ puts (dlerror ());
+
+ exit (status);
+}
+EOF
+ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && test -s conftest${ac_exeext} 2>/dev/null; then
+ (./conftest; exit; ) >&5 2>/dev/null
+ lt_status=$?
+ case x$lt_status in
+ x$lt_dlno_uscore) lt_cv_dlopen_self_static=yes ;;
+ x$lt_dlneed_uscore) lt_cv_dlopen_self_static=yes ;;
+ x$lt_dlunknown|x*) lt_cv_dlopen_self_static=no ;;
+ esac
+ else :
+ # compilation failed
+ lt_cv_dlopen_self_static=no
+ fi
+fi
+rm -fr conftest*
+
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_dlopen_self_static" >&5
+echo "${ECHO_T}$lt_cv_dlopen_self_static" >&6; }
+ fi
+
+ CPPFLAGS="$save_CPPFLAGS"
+ LDFLAGS="$save_LDFLAGS"
+ LIBS="$save_LIBS"
+ ;;
+ esac
+
+ case $lt_cv_dlopen_self in
+ yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
+ *) enable_dlopen_self=unknown ;;
+ esac
+
+ case $lt_cv_dlopen_self_static in
+ yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
+ *) enable_dlopen_self_static=unknown ;;
+ esac
+fi
+
+
+# Report which library types will actually be built
+{ echo "$as_me:$LINENO: checking if libtool supports shared libraries" >&5
+echo $ECHO_N "checking if libtool supports shared libraries... $ECHO_C" >&6; }
+{ echo "$as_me:$LINENO: result: $can_build_shared" >&5
+echo "${ECHO_T}$can_build_shared" >&6; }
+
+{ echo "$as_me:$LINENO: checking whether to build shared libraries" >&5
+echo $ECHO_N "checking whether to build shared libraries... $ECHO_C" >&6; }
+test "$can_build_shared" = "no" && enable_shared=no
+
+# On AIX, shared libraries and static libraries use the same namespace, and
+# are all built from PIC.
+case $host_os in
+aix3*)
+ test "$enable_shared" = yes && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+
+aix4* | aix5*)
+ if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+ test "$enable_shared" = yes && enable_static=no
+ fi
+ ;;
+esac
+{ echo "$as_me:$LINENO: result: $enable_shared" >&5
+echo "${ECHO_T}$enable_shared" >&6; }
+
+{ echo "$as_me:$LINENO: checking whether to build static libraries" >&5
+echo $ECHO_N "checking whether to build static libraries... $ECHO_C" >&6; }
+# Make sure either enable_shared or enable_static is yes.
+test "$enable_shared" = yes || enable_static=yes
+{ echo "$as_me:$LINENO: result: $enable_static" >&5
+echo "${ECHO_T}$enable_static" >&6; }
+
+# The else clause should only fire when bootstrapping the
+# libtool distribution, otherwise you forgot to ship ltmain.sh
+# with your package, and you will get complaints that there are
+# no rules to generate ltmain.sh.
+if test -f "$ltmain"; then
+ # See if we are running on zsh, and set the options which allow our commands through
+ # without removal of \ escapes.
+ if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+ fi
+ # Now quote all the things that may contain metacharacters while being
+ # careful not to overquote the AC_SUBSTed values. We take copies of the
+ # variables and quote the copies for generation of the libtool script.
+ for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \
+ SED SHELL STRIP \
+ libname_spec library_names_spec soname_spec extract_expsyms_cmds \
+ old_striplib striplib file_magic_cmd finish_cmds finish_eval \
+ deplibs_check_method reload_flag reload_cmds need_locks \
+ lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \
+ lt_cv_sys_global_symbol_to_c_name_address \
+ sys_lib_search_path_spec sys_lib_dlsearch_path_spec \
+ old_postinstall_cmds old_postuninstall_cmds \
+ compiler \
+ CC \
+ LD \
+ lt_prog_compiler_wl \
+ lt_prog_compiler_pic \
+ lt_prog_compiler_static \
+ lt_prog_compiler_no_builtin_flag \
+ export_dynamic_flag_spec \
+ thread_safe_flag_spec \
+ whole_archive_flag_spec \
+ enable_shared_with_static_runtimes \
+ old_archive_cmds \
+ old_archive_from_new_cmds \
+ predep_objects \
+ postdep_objects \
+ predeps \
+ postdeps \
+ compiler_lib_search_path \
+ archive_cmds \
+ archive_expsym_cmds \
+ postinstall_cmds \
+ postuninstall_cmds \
+ old_archive_from_expsyms_cmds \
+ allow_undefined_flag \
+ no_undefined_flag \
+ export_symbols_cmds \
+ hardcode_libdir_flag_spec \
+ hardcode_libdir_flag_spec_ld \
+ hardcode_libdir_separator \
+ hardcode_automatic \
+ module_cmds \
+ module_expsym_cmds \
+ lt_cv_prog_compiler_c_o \
+ exclude_expsyms \
+ include_expsyms; do
+
+ case $var in
+ old_archive_cmds | \
+ old_archive_from_new_cmds | \
+ archive_cmds | \
+ archive_expsym_cmds | \
+ module_cmds | \
+ module_expsym_cmds | \
+ old_archive_from_expsyms_cmds | \
+ export_symbols_cmds | \
+ extract_expsyms_cmds | reload_cmds | finish_cmds | \
+ postinstall_cmds | postuninstall_cmds | \
+ old_postinstall_cmds | old_postuninstall_cmds | \
+ sys_lib_search_path_spec | sys_lib_dlsearch_path_spec)
+ # Double-quote double-evaled strings.
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\""
+ ;;
+ *)
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\""
+ ;;
+ esac
+ done
+
+ case $lt_echo in
+ *'\$0 --fallback-echo"')
+ lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'`
+ ;;
+ esac
+
+cfgfile="${ofile}T"
+ trap "$rm \"$cfgfile\"; exit 1" 1 2 15
+ $rm -f "$cfgfile"
+ { echo "$as_me:$LINENO: creating $ofile" >&5
+echo "$as_me: creating $ofile" >&6;}
+
+ cat <<__EOF__ >> "$cfgfile"
+#! $SHELL
+
+# `$echo "$cfgfile" | sed 's%^.*/%%'` - Provide generalized library-building support services.
+# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP)
+# NOTE: Changes made to this file will be lost: look at ltmain.sh.
+#
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001
+# Free Software Foundation, Inc.
+#
+# This file is part of GNU Libtool:
+# Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# A sed program that does not truncate output.
+SED=$lt_SED
+
+# Sed that helps us avoid accidentally triggering echo(1) options like -n.
+Xsed="$SED -e 1s/^X//"
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+# The names of the tagged configurations supported by this script.
+available_tags=
+
+# ### BEGIN LIBTOOL CONFIG
+
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+
+# Shell to use when invoking shell scripts.
+SHELL=$lt_SHELL
+
+# Whether or not to build shared libraries.
+build_libtool_libs=$enable_shared
+
+# Whether or not to build static libraries.
+build_old_libs=$enable_static
+
+# Whether or not to add -lc for building shared libraries.
+build_libtool_need_lc=$archive_cmds_need_lc
+
+# Whether or not to disallow shared libs when runtime libs are static
+allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes
+
+# Whether or not to optimize for fast installation.
+fast_install=$enable_fast_install
+
+# The host system.
+host_alias=$host_alias
+host=$host
+host_os=$host_os
+
+# The build system.
+build_alias=$build_alias
+build=$build
+build_os=$build_os
+
+# An echo program that does not interpret backslashes.
+echo=$lt_echo
+
+# The archiver.
+AR=$lt_AR
+AR_FLAGS=$lt_AR_FLAGS
+
+# A C compiler.
+LTCC=$lt_LTCC
+
+# LTCC compiler flags.
+LTCFLAGS=$lt_LTCFLAGS
+
+# A language-specific compiler.
+CC=$lt_compiler
+
+# Is the compiler the GNU C compiler?
+with_gcc=$GCC
+
+# An ERE matcher.
+EGREP=$lt_EGREP
+
+# The linker used to build libraries.
+LD=$lt_LD
+
+# Whether we need hard or soft links.
+LN_S=$lt_LN_S
+
+# A BSD-compatible nm program.
+NM=$lt_NM
+
+# A symbol stripping program
+STRIP=$lt_STRIP
+
+# Used to examine libraries when file_magic_cmd begins "file"
+MAGIC_CMD=$MAGIC_CMD
+
+# Used on cygwin: DLL creation program.
+DLLTOOL="$DLLTOOL"
+
+# Used on cygwin: object dumper.
+OBJDUMP="$OBJDUMP"
+
+# Used on cygwin: assembler.
+AS="$AS"
+
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
+
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag
+reload_cmds=$lt_reload_cmds
+
+# How to pass a linker flag through the compiler.
+wl=$lt_lt_prog_compiler_wl
+
+# Object file suffix (normally "o").
+objext="$ac_objext"
+
+# Old archive suffix (normally "a").
+libext="$libext"
+
+# Shared library suffix (normally ".so").
+shrext_cmds='$shrext_cmds'
+
+# Executable file suffix (normally "").
+exeext="$exeext"
+
+# Additional compiler flags for building library objects.
+pic_flag=$lt_lt_prog_compiler_pic
+pic_mode=$pic_mode
+
+# What is the maximum length of a command?
+max_cmd_len=$lt_cv_sys_max_cmd_len
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$lt_lt_cv_prog_compiler_c_o
+
+# Must we lock files when doing compilation?
+need_locks=$lt_need_locks
+
+# Do we need the lib prefix for modules?
+need_lib_prefix=$need_lib_prefix
+
+# Do we need a version for libraries?
+need_version=$need_version
+
+# Whether dlopen is supported.
+dlopen_support=$enable_dlopen
+
+# Whether dlopen of programs is supported.
+dlopen_self=$enable_dlopen_self
+
+# Whether dlopen of statically linked programs is supported.
+dlopen_self_static=$enable_dlopen_self_static
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$lt_lt_prog_compiler_static
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$lt_export_dynamic_flag_spec
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$lt_whole_archive_flag_spec
+
+# Compiler flag to generate thread-safe objects.
+thread_safe_flag_spec=$lt_thread_safe_flag_spec
+
+# Library versioning type.
+version_type=$version_type
+
+# Format of library name prefix.
+libname_spec=$lt_libname_spec
+
+# List of archive names. First name is the real one, the rest are links.
+# The last name is the one that the linker finds with -lNAME.
+library_names_spec=$lt_library_names_spec
+
+# The coded name of the library, if different from the real name.
+soname_spec=$lt_soname_spec
+
+# Commands used to build and install an old-style archive.
+RANLIB=$lt_RANLIB
+old_archive_cmds=$lt_old_archive_cmds
+old_postinstall_cmds=$lt_old_postinstall_cmds
+old_postuninstall_cmds=$lt_old_postuninstall_cmds
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$lt_old_archive_from_new_cmds
+
+# Create a temporary old-style archive to link instead of a shared archive.
+old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds
+
+# Commands used to build and install a shared archive.
+archive_cmds=$lt_archive_cmds
+archive_expsym_cmds=$lt_archive_expsym_cmds
+postinstall_cmds=$lt_postinstall_cmds
+postuninstall_cmds=$lt_postuninstall_cmds
+
+# Commands used to build a loadable module (assumed same as above if empty)
+module_cmds=$lt_module_cmds
+module_expsym_cmds=$lt_module_expsym_cmds
+
+# Commands to strip libraries.
+old_striplib=$lt_old_striplib
+striplib=$lt_striplib
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predep_objects=$lt_predep_objects
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdep_objects=$lt_postdep_objects
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predeps=$lt_predeps
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdeps=$lt_postdeps
+
+# The library search path used internally by the compiler when linking
+# a shared library.
+compiler_lib_search_path=$lt_compiler_lib_search_path
+
+# Method to check whether dependent libraries are shared objects.
+deplibs_check_method=$lt_deplibs_check_method
+
+# Command to use when deplibs_check_method == file_magic.
+file_magic_cmd=$lt_file_magic_cmd
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$lt_allow_undefined_flag
+
+# Flag that forces no undefined symbols.
+no_undefined_flag=$lt_no_undefined_flag
+
+# Commands used to finish a libtool library installation in a directory.
+finish_cmds=$lt_finish_cmds
+
+# Same as above, but a single script fragment to be evaled but not shown.
+finish_eval=$lt_finish_eval
+
+# Take the output of nm and produce a listing of raw symbols and C names.
+global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe
+
+# Transform the output of nm in a proper C declaration
+global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl
+
+# Transform the output of nm in a C name address pair
+global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
+
+# This is the shared library runtime path variable.
+runpath_var=$runpath_var
+
+# This is the shared library path variable.
+shlibpath_var=$shlibpath_var
+
+# Is shlibpath searched before the hard-coded library search path?
+shlibpath_overrides_runpath=$shlibpath_overrides_runpath
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$hardcode_action
+
+# Whether we should hardcode library paths into libraries.
+hardcode_into_libs=$hardcode_into_libs
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist.
+hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec
+
+# If ld is used when linking, flag to hardcode \$libdir into
+# a binary during linking. This must work even if \$libdir does
+# not exist.
+hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld
+
+# Whether we need a single -rpath flag with a separated argument.
+hardcode_libdir_separator=$lt_hardcode_libdir_separator
+
+# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the
+# resulting binary.
+hardcode_direct=$hardcode_direct
+
+# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
+# resulting binary.
+hardcode_minus_L=$hardcode_minus_L
+
+# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into
+# the resulting binary.
+hardcode_shlibpath_var=$hardcode_shlibpath_var
+
+# Set to yes if building a shared library automatically hardcodes DIR into the library
+# and all subsequent libraries and executables linked against it.
+hardcode_automatic=$hardcode_automatic
+
+# Variables whose values should be saved in libtool wrapper scripts and
+# restored at relink time.
+variables_saved_for_relink="$variables_saved_for_relink"
+
+# Whether libtool must link a program against all its dependency libraries.
+link_all_deplibs=$link_all_deplibs
+
+# Compile-time system search path for libraries
+sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
+
+# Run-time system search path for libraries
+sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec
+
+# Fix the shell variable \$srcfile for the compiler.
+fix_srcfile_path="$fix_srcfile_path"
+
+# Set to yes if exported symbols are required.
+always_export_symbols=$always_export_symbols
+
+# The commands to list exported symbols.
+export_symbols_cmds=$lt_export_symbols_cmds
+
+# The commands to extract the exported symbol list from a shared archive.
+extract_expsyms_cmds=$lt_extract_expsyms_cmds
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$lt_exclude_expsyms
+
+# Symbols that must always be exported.
+include_expsyms=$lt_include_expsyms
+
+# ### END LIBTOOL CONFIG
+
+__EOF__
+
+
+ case $host_os in
+ aix3*)
+ cat <<\EOF >> "$cfgfile"
+
+# AIX sometimes has problems with the GCC collect2 program. For some
+# reason, if we set the COLLECT_NAMES environment variable, the problems
+# vanish in a puff of smoke.
+if test "X${COLLECT_NAMES+set}" != Xset; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+fi
+EOF
+ ;;
+ esac
+
+ # We use sed instead of cat because bash on DJGPP gets confused if
+ # if finds mixed CR/LF and LF-only lines. Since sed operates in
+ # text mode, it properly converts lines to CR/LF. This bash problem
+ # is reportedly fixed, but why not run on old versions too?
+ sed '$q' "$ltmain" >> "$cfgfile" || (rm -f "$cfgfile"; exit 1)
+
+ mv -f "$cfgfile" "$ofile" || \
+ (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
+ chmod +x "$ofile"
+
+else
+ # If there is no Makefile yet, we rely on a make rule to execute
+ # `config.status --recheck' to rerun these tests and create the
+ # libtool script then.
+ ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'`
+ if test -f "$ltmain_in"; then
+ test -f Makefile && make "$ltmain"
+ fi
+fi
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+CC="$lt_save_CC"
+
+
+# Check whether --with-tags was given.
+if test "${with_tags+set}" = set; then
+ withval=$with_tags; tagnames="$withval"
+fi
+
+
+if test -f "$ltmain" && test -n "$tagnames"; then
+ if test ! -f "${ofile}"; then
+ { echo "$as_me:$LINENO: WARNING: output file \`$ofile' does not exist" >&5
+echo "$as_me: WARNING: output file \`$ofile' does not exist" >&2;}
+ fi
+
+ if test -z "$LTCC"; then
+ eval "`$SHELL ${ofile} --config | grep '^LTCC='`"
+ if test -z "$LTCC"; then
+ { echo "$as_me:$LINENO: WARNING: output file \`$ofile' does not look like a libtool script" >&5
+echo "$as_me: WARNING: output file \`$ofile' does not look like a libtool script" >&2;}
+ else
+ { echo "$as_me:$LINENO: WARNING: using \`LTCC=$LTCC', extracted from \`$ofile'" >&5
+echo "$as_me: WARNING: using \`LTCC=$LTCC', extracted from \`$ofile'" >&2;}
+ fi
+ fi
+ if test -z "$LTCFLAGS"; then
+ eval "`$SHELL ${ofile} --config | grep '^LTCFLAGS='`"
+ fi
+
+ # Extract list of available tagged configurations in $ofile.
+ # Note that this assumes the entire list is on one line.
+ available_tags=`grep "^available_tags=" "${ofile}" | $SED -e 's/available_tags=\(.*$\)/\1/' -e 's/\"//g'`
+
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for tagname in $tagnames; do
+ IFS="$lt_save_ifs"
+ # Check whether tagname contains only valid characters
+ case `$echo "X$tagname" | $Xsed -e 's:[-_ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890,/]::g'` in
+ "") ;;
+ *) { { echo "$as_me:$LINENO: error: invalid tag name: $tagname" >&5
+echo "$as_me: error: invalid tag name: $tagname" >&2;}
+ { (exit 1); exit 1; }; }
+ ;;
+ esac
+
+ if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "${ofile}" > /dev/null
+ then
+ { { echo "$as_me:$LINENO: error: tag name \"$tagname\" already exists" >&5
+echo "$as_me: error: tag name \"$tagname\" already exists" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+
+ # Update the list of available tags.
+ if test -n "$tagname"; then
+ echo appending configuration tag \"$tagname\" to $ofile
+
+ case $tagname in
+ CXX)
+ if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
+ ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
+ (test "X$CXX" != "Xg++"))) ; then
+ ac_ext=cpp
+ac_cpp='$CXXCPP $CPPFLAGS'
+ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_cxx_compiler_gnu
+
+
+
+
+archive_cmds_need_lc_CXX=no
+allow_undefined_flag_CXX=
+always_export_symbols_CXX=no
+archive_expsym_cmds_CXX=
+export_dynamic_flag_spec_CXX=
+hardcode_direct_CXX=no
+hardcode_libdir_flag_spec_CXX=
+hardcode_libdir_flag_spec_ld_CXX=
+hardcode_libdir_separator_CXX=
+hardcode_minus_L_CXX=no
+hardcode_shlibpath_var_CXX=unsupported
+hardcode_automatic_CXX=no
+module_cmds_CXX=
+module_expsym_cmds_CXX=
+link_all_deplibs_CXX=unknown
+old_archive_cmds_CXX=$old_archive_cmds
+no_undefined_flag_CXX=
+whole_archive_flag_spec_CXX=
+enable_shared_with_static_runtimes_CXX=no
+
+# Dependencies to place before and after the object being linked:
+predep_objects_CXX=
+postdep_objects_CXX=
+predeps_CXX=
+postdeps_CXX=
+compiler_lib_search_path_CXX=
+
+# Source file extension for C++ test sources.
+ac_ext=cpp
+
+# Object file extension for compiled C++ test sources.
+objext=o
+objext_CXX=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="int some_variable = 0;\n"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='int main(int, char *[]) { return(0); }\n'
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+
+# save warnings/boilerplate of simple test code
+ac_outfile=conftest.$ac_objext
+printf "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$rm conftest*
+
+ac_outfile=conftest.$ac_objext
+printf "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$rm conftest*
+
+
+# Allow CC to be a program name with arguments.
+lt_save_CC=$CC
+lt_save_LD=$LD
+lt_save_GCC=$GCC
+GCC=$GXX
+lt_save_with_gnu_ld=$with_gnu_ld
+lt_save_path_LD=$lt_cv_path_LD
+if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then
+ lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx
+else
+ $as_unset lt_cv_prog_gnu_ld
+fi
+if test -n "${lt_cv_path_LDCXX+set}"; then
+ lt_cv_path_LD=$lt_cv_path_LDCXX
+else
+ $as_unset lt_cv_path_LD
+fi
+test -z "${LDCXX+set}" || LD=$LDCXX
+CC=${CXX-"c++"}
+compiler=$CC
+compiler_CXX=$CC
+for cc_temp in $compiler""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+
+
+# We don't want -fno-exception wen compiling C++ code, so set the
+# no_builtin_flag separately
+if test "$GXX" = yes; then
+ lt_prog_compiler_no_builtin_flag_CXX=' -fno-builtin'
+else
+ lt_prog_compiler_no_builtin_flag_CXX=
+fi
+
+if test "$GXX" = yes; then
+ # Set up default GNU C++ configuration
+
+
+# Check whether --with-gnu-ld was given.
+if test "${with_gnu_ld+set}" = set; then
+ withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes
+else
+ with_gnu_ld=no
+fi
+
+ac_prog=ld
+if test "$GCC" = yes; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ { echo "$as_me:$LINENO: checking for ld used by $CC" >&5
+echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; }
+ case $host in
+ *-*-mingw*)
+ # gcc leaves a trailing carriage return which upsets mingw
+ ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+ *)
+ ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+ esac
+ case $ac_prog in
+ # Accept absolute paths.
+ [\\/]* | ?:[\\/]*)
+ re_direlt='/[^/][^/]*/\.\./'
+ # Canonicalize the pathname of ld
+ ac_prog=`echo $ac_prog| $SED 's%\\\\%/%g'`
+ while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do
+ ac_prog=`echo $ac_prog| $SED "s%$re_direlt%/%"`
+ done
+ test -z "$LD" && LD="$ac_prog"
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test "$with_gnu_ld" = yes; then
+ { echo "$as_me:$LINENO: checking for GNU ld" >&5
+echo $ECHO_N "checking for GNU ld... $ECHO_C" >&6; }
+else
+ { echo "$as_me:$LINENO: checking for non-GNU ld" >&5
+echo $ECHO_N "checking for non-GNU ld... $ECHO_C" >&6; }
+fi
+if test "${lt_cv_path_LD+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -z "$LD"; then
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+ lt_cv_path_LD="$ac_dir/$ac_prog"
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some variants of GNU ld only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ case `"$lt_cv_path_LD" -v 2>&1 </dev/null` in
+ *GNU* | *'with BFD'*)
+ test "$with_gnu_ld" != no && break
+ ;;
+ *)
+ test "$with_gnu_ld" != yes && break
+ ;;
+ esac
+ fi
+ done
+ IFS="$lt_save_ifs"
+else
+ lt_cv_path_LD="$LD" # Let the user override the test with a path.
+fi
+fi
+
+LD="$lt_cv_path_LD"
+if test -n "$LD"; then
+ { echo "$as_me:$LINENO: result: $LD" >&5
+echo "${ECHO_T}$LD" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+test -z "$LD" && { { echo "$as_me:$LINENO: error: no acceptable ld found in \$PATH" >&5
+echo "$as_me: error: no acceptable ld found in \$PATH" >&2;}
+ { (exit 1); exit 1; }; }
+{ echo "$as_me:$LINENO: checking if the linker ($LD) is GNU ld" >&5
+echo $ECHO_N "checking if the linker ($LD) is GNU ld... $ECHO_C" >&6; }
+if test "${lt_cv_prog_gnu_ld+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ # I'd rather use --version here, but apparently some GNU lds only accept -v.
+case `$LD -v 2>&1 </dev/null` in
+*GNU* | *'with BFD'*)
+ lt_cv_prog_gnu_ld=yes
+ ;;
+*)
+ lt_cv_prog_gnu_ld=no
+ ;;
+esac
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_prog_gnu_ld" >&5
+echo "${ECHO_T}$lt_cv_prog_gnu_ld" >&6; }
+with_gnu_ld=$lt_cv_prog_gnu_ld
+
+
+
+ # Check if GNU C++ uses GNU ld as the underlying linker, since the
+ # archiving commands below assume that GNU ld is being used.
+ if test "$with_gnu_ld" = yes; then
+ archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+
+ hardcode_libdir_flag_spec_CXX='${wl}--rpath ${wl}$libdir'
+ export_dynamic_flag_spec_CXX='${wl}--export-dynamic'
+
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to
+ # investigate it a little bit more. (MM)
+ wlarc='${wl}'
+
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if eval "`$CC -print-prog-name=ld` --help 2>&1" | \
+ grep 'no-whole-archive' > /dev/null; then
+ whole_archive_flag_spec_CXX="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ else
+ whole_archive_flag_spec_CXX=
+ fi
+ else
+ with_gnu_ld=no
+ wlarc=
+
+ # A generic and very simple default shared library creation
+ # command for GNU C++ for the case where it uses the native
+ # linker, instead of GNU ld. If possible, this setting should
+ # overridden to take advantage of the native linker features on
+ # the platform it is being used on.
+ archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+ fi
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"'
+
+else
+ GXX=no
+ with_gnu_ld=no
+ wlarc=
+fi
+
+# PORTME: fill in a description of your system's C++ link characteristics
+{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5
+echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; }
+ld_shlibs_CXX=yes
+case $host_os in
+ aix3*)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ aix4* | aix5*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=""
+ else
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[23]|aix4.[23].*|aix5*)
+ for ld_flag in $LDFLAGS; do
+ case $ld_flag in
+ *-brtl*)
+ aix_use_runtimelinking=yes
+ break
+ ;;
+ esac
+ done
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ archive_cmds_CXX=''
+ hardcode_direct_CXX=yes
+ hardcode_libdir_separator_CXX=':'
+ link_all_deplibs_CXX=yes
+
+ if test "$GXX" = yes; then
+ case $host_os in aix4.[012]|aix4.[012].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" && \
+ strings "$collect2name" | grep resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ hardcode_direct_CXX=yes
+ else
+ # We have old collect2
+ hardcode_direct_CXX=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ hardcode_minus_L_CXX=yes
+ hardcode_libdir_flag_spec_CXX='-L$libdir'
+ hardcode_libdir_separator_CXX=
+ fi
+ ;;
+ esac
+ shared_flag='-shared'
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag="$shared_flag "'${wl}-G'
+ fi
+ else
+ # not using gcc
+ if test "$host_cpu" = ia64; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag='${wl}-G'
+ else
+ shared_flag='${wl}-bM:SRE'
+ fi
+ fi
+ fi
+
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to export.
+ always_export_symbols_CXX=yes
+ if test "$aix_use_runtimelinking" = yes; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ allow_undefined_flag_CXX='-berok'
+ # Determine the default libpath from the value encoded in an empty executable.
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char yylex ();
int
main ()
{
-yylex ();
+
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_fl_yylex=yes
+ (exit $ac_status); } && {
+ test -z "$ac_cxx_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+
+aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+# Check for a 64-bit object if we didn't find anything.
+if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`; fi
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_fl_yylex=no
-fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_fl_yylex" >&5
-echo "${ECHO_T}$ac_cv_lib_fl_yylex" >&6
-if test $ac_cv_lib_fl_yylex = yes; then
- yyterminate
-else
- HAVE_LIBFL=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBFL 1
-_ACEOF
fi
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
-echo "$as_me:$LINENO: checking for yp_maplist in -lnsl" >&5
-echo $ECHO_N "checking for yp_maplist in -lnsl... $ECHO_C" >&6
-if test "${ac_cv_lib_nsl_yp_maplist+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lnsl $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
+ hardcode_libdir_flag_spec_CXX='${wl}-blibpath:$libdir:'"$aix_libpath"
+
+ archive_expsym_cmds_CXX="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ else
+ if test "$host_cpu" = ia64; then
+ hardcode_libdir_flag_spec_CXX='${wl}-R $libdir:/usr/lib:/lib'
+ allow_undefined_flag_CXX="-z nodefs"
+ archive_expsym_cmds_CXX="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an empty executable.
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char yp_maplist ();
int
main ()
{
-yp_maplist ();
+
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_cxx_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+
+aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+# Check for a 64-bit object if we didn't find anything.
+if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`; fi
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+
+ hardcode_libdir_flag_spec_CXX='${wl}-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ no_undefined_flag_CXX=' ${wl}-bernotok'
+ allow_undefined_flag_CXX=' ${wl}-berok'
+ # Exported symbols can be pulled into shared objects from archives
+ whole_archive_flag_spec_CXX='$convenience'
+ archive_cmds_need_lc_CXX=yes
+ # This is similar to how AIX traditionally builds its shared libraries.
+ archive_expsym_cmds_CXX="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+ fi
+ fi
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ allow_undefined_flag_CXX=unsupported
+ # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ archive_cmds_CXX='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ else
+ ld_shlibs_CXX=no
+ fi
+ ;;
+
+ chorus*)
+ case $cc_basename in
+ *)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ esac
+ ;;
+
+ cygwin* | mingw* | pw32*)
+ # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, CXX) is actually meaningless,
+ # as there is no search path for DLLs.
+ hardcode_libdir_flag_spec_CXX='-L$libdir'
+ allow_undefined_flag_CXX=unsupported
+ always_export_symbols_CXX=no
+ enable_shared_with_static_runtimes_CXX=yes
+
+ if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
+ archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file (1st line
+ # is EXPORTS), use it as is; otherwise, prepend...
+ archive_expsym_cmds_CXX='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ ld_shlibs_CXX=no
+ fi
+ ;;
+ darwin* | rhapsody*)
+ case $host_os in
+ rhapsody* | darwin1.[012])
+ allow_undefined_flag_CXX='${wl}-undefined ${wl}suppress'
+ ;;
+ *) # Darwin 1.3 on
+ if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then
+ allow_undefined_flag_CXX='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ else
+ case ${MACOSX_DEPLOYMENT_TARGET} in
+ 10.[012])
+ allow_undefined_flag_CXX='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ ;;
+ 10.*)
+ allow_undefined_flag_CXX='${wl}-undefined ${wl}dynamic_lookup'
+ ;;
+ esac
+ fi
+ ;;
+ esac
+ archive_cmds_need_lc_CXX=no
+ hardcode_direct_CXX=no
+ hardcode_automatic_CXX=yes
+ hardcode_shlibpath_var_CXX=unsupported
+ whole_archive_flag_spec_CXX=''
+ link_all_deplibs_CXX=yes
+
+ if test "$GXX" = yes ; then
+ lt_int_apple_cc_single_mod=no
+ output_verbose_link_cmd='echo'
+ if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then
+ lt_int_apple_cc_single_mod=yes
+ fi
+ if test "X$lt_int_apple_cc_single_mod" = Xyes ; then
+ archive_cmds_CXX='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
+ else
+ archive_cmds_CXX='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
+ fi
+ module_cmds_CXX='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ if test "X$lt_int_apple_cc_single_mod" = Xyes ; then
+ archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ else
+ archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ fi
+ module_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ else
+ case $cc_basename in
+ xlc*)
+ output_verbose_link_cmd='echo'
+ archive_cmds_CXX='$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring'
+ module_cmds_CXX='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ module_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ ;;
+ *)
+ ld_shlibs_CXX=no
+ ;;
+ esac
+ fi
+ ;;
+
+ dgux*)
+ case $cc_basename in
+ ec++*)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ ghcx*)
+ # Green Hills C++ Compiler
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ esac
+ ;;
+ freebsd[12]*)
+ # C++ shared libraries reported to be fairly broken before switch to ELF
+ ld_shlibs_CXX=no
+ ;;
+ freebsd-elf*)
+ archive_cmds_need_lc_CXX=no
+ ;;
+ freebsd* | kfreebsd*-gnu | dragonfly*)
+ # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF
+ # conventions
+ ld_shlibs_CXX=yes
+ ;;
+ gnu*)
+ ;;
+ hpux9*)
+ hardcode_libdir_flag_spec_CXX='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator_CXX=:
+ export_dynamic_flag_spec_CXX='${wl}-E'
+ hardcode_direct_CXX=yes
+ hardcode_minus_L_CXX=yes # Not in the search PATH,
+ # but as the default
+ # location of the library.
+
+ case $cc_basename in
+ CC*)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ aCC*)
+ archive_cmds_CXX='$rm $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "[-]L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+ ;;
+ *)
+ if test "$GXX" = yes; then
+ archive_cmds_CXX='$rm $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ else
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ fi
+ ;;
+ esac
+ ;;
+ hpux10*|hpux11*)
+ if test $with_gnu_ld = no; then
+ hardcode_libdir_flag_spec_CXX='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator_CXX=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ hardcode_libdir_flag_spec_ld_CXX='+b $libdir'
+ ;;
+ *)
+ export_dynamic_flag_spec_CXX='${wl}-E'
+ ;;
+ esac
+ fi
+ case $host_cpu in
+ hppa*64*|ia64*)
+ hardcode_direct_CXX=no
+ hardcode_shlibpath_var_CXX=no
+ ;;
+ *)
+ hardcode_direct_CXX=yes
+ hardcode_minus_L_CXX=yes # Not in the search PATH,
+ # but as the default
+ # location of the library.
+ ;;
+ esac
+
+ case $cc_basename in
+ CC*)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ aCC*)
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ *)
+ archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ esac
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+ ;;
+ *)
+ if test "$GXX" = yes; then
+ if test $with_gnu_ld = no; then
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ *)
+ archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ esac
+ fi
+ else
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ fi
+ ;;
+ esac
+ ;;
+ interix3*)
+ hardcode_direct_CXX=no
+ hardcode_shlibpath_var_CXX=no
+ hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir'
+ export_dynamic_flag_spec_CXX='${wl}-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ archive_cmds_CXX='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ archive_expsym_cmds_CXX='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+ irix5* | irix6*)
+ case $cc_basename in
+ CC*)
+ # SGI C++
+ archive_cmds_CXX='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+
+ # Archives containing C++ object files must be created using
+ # "CC -ar", where "CC" is the IRIX C++ compiler. This is
+ # necessary to make sure instantiated templates are included
+ # in the archive.
+ old_archive_cmds_CXX='$CC -ar -WR,-u -o $oldlib $oldobjs'
+ ;;
+ *)
+ if test "$GXX" = yes; then
+ if test "$with_gnu_ld" = no; then
+ archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` -o $lib'
+ fi
+ fi
+ link_all_deplibs_CXX=yes
+ ;;
+ esac
+ hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator_CXX=:
+ ;;
+ linux*)
+ case $cc_basename in
+ KCC*)
+ # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+ # KCC will only create a shared library if the output file
+ # ends with ".so" (or ".sl" for HP-UX), so rename the library
+ # to its proper name (with version) after linking.
+ archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+ archive_expsym_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib'
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | grep "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+
+ hardcode_libdir_flag_spec_CXX='${wl}--rpath,$libdir'
+ export_dynamic_flag_spec_CXX='${wl}--export-dynamic'
+
+ # Archives containing C++ object files must be created using
+ # "CC -Bstatic", where "CC" is the KAI C++ compiler.
+ old_archive_cmds_CXX='$CC -Bstatic -o $oldlib $oldobjs'
+ ;;
+ icpc*)
+ # Intel C++
+ with_gnu_ld=yes
+ # version 8.0 and above of icpc choke on multiply defined symbols
+ # if we add $predep_objects and $postdep_objects, however 7.1 and
+ # earlier do not add the objects themselves.
+ case `$CC -V 2>&1` in
+ *"Version 7."*)
+ archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ ;;
+ *) # Version 8.0 or newer
+ tmp_idyn=
+ case $host_cpu in
+ ia64*) tmp_idyn=' -i_dynamic';;
+ esac
+ archive_cmds_CXX='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds_CXX='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ ;;
+ esac
+ archive_cmds_need_lc_CXX=no
+ hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir'
+ export_dynamic_flag_spec_CXX='${wl}--export-dynamic'
+ whole_archive_flag_spec_CXX='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+ ;;
+ pgCC*)
+ # Portland Group C++ compiler
+ archive_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
+ archive_expsym_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
+
+ hardcode_libdir_flag_spec_CXX='${wl}--rpath ${wl}$libdir'
+ export_dynamic_flag_spec_CXX='${wl}--export-dynamic'
+ whole_archive_flag_spec_CXX='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
+ ;;
+ cxx*)
+ # Compaq C++
+ archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols'
+
+ runpath_var=LD_RUN_PATH
+ hardcode_libdir_flag_spec_CXX='-rpath $libdir'
+ hardcode_libdir_separator_CXX=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+ ;;
+ esac
+ ;;
+ lynxos*)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ m88k*)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ mvs*)
+ case $cc_basename in
+ cxx*)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ esac
+ ;;
+ netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ archive_cmds_CXX='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags'
+ wlarc=
+ hardcode_libdir_flag_spec_CXX='-R$libdir'
+ hardcode_direct_CXX=yes
+ hardcode_shlibpath_var_CXX=no
+ fi
+ # Workaround some broken pre-1.5 toolchains
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"'
+ ;;
+ openbsd2*)
+ # C++ shared libraries are fairly broken
+ ld_shlibs_CXX=no
+ ;;
+ openbsd*)
+ hardcode_direct_CXX=yes
+ hardcode_shlibpath_var_CXX=no
+ archive_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+ hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir'
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ archive_expsym_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib'
+ export_dynamic_flag_spec_CXX='${wl}-E'
+ whole_archive_flag_spec_CXX="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ fi
+ output_verbose_link_cmd='echo'
+ ;;
+ osf3*)
+ case $cc_basename in
+ KCC*)
+ # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+ # KCC will only create a shared library if the output file
+ # ends with ".so" (or ".sl" for HP-UX), so rename the library
+ # to its proper name (with version) after linking.
+ archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+
+ hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir'
+ hardcode_libdir_separator_CXX=:
+
+ # Archives containing C++ object files must be created using
+ # "CC -Bstatic", where "CC" is the KAI C++ compiler.
+ old_archive_cmds_CXX='$CC -Bstatic -o $oldlib $oldobjs'
+
+ ;;
+ RCC*)
+ # Rational C++ 2.4.1
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ cxx*)
+ allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds_CXX='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && echo ${wl}-set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+
+ hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator_CXX=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+ ;;
+ *)
+ if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+ allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds_CXX='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+
+ hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator_CXX=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"'
+
+ else
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ fi
+ ;;
+ esac
+ ;;
+ osf4* | osf5*)
+ case $cc_basename in
+ KCC*)
+ # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+ # KCC will only create a shared library if the output file
+ # ends with ".so" (or ".sl" for HP-UX), so rename the library
+ # to its proper name (with version) after linking.
+ archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+
+ hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir'
+ hardcode_libdir_separator_CXX=:
+
+ # Archives containing C++ object files must be created using
+ # the KAI C++ compiler.
+ old_archive_cmds_CXX='$CC -o $oldlib $oldobjs'
+ ;;
+ RCC*)
+ # Rational C++ 2.4.1
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ cxx*)
+ allow_undefined_flag_CXX=' -expect_unresolved \*'
+ archive_cmds_CXX='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ archive_expsym_cmds_CXX='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~
+ echo "-hidden">> $lib.exp~
+ $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname -Wl,-input -Wl,$lib.exp `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~
+ $rm $lib.exp'
+
+ hardcode_libdir_flag_spec_CXX='-rpath $libdir'
+ hardcode_libdir_separator_CXX=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list'
+ ;;
+ *)
+ if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+ allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds_CXX='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+
+ hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator_CXX=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"'
+
+ else
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ fi
+ ;;
+ esac
+ ;;
+ psos*)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ sunos4*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.x
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ lcc*)
+ # Lucid
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ esac
+ ;;
+ solaris*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.2, 5.x and Centerline C++
+ archive_cmds_need_lc_CXX=yes
+ no_undefined_flag_CXX=' -zdefs'
+ archive_cmds_CXX='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ archive_expsym_cmds_CXX='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp'
+
+ hardcode_libdir_flag_spec_CXX='-R$libdir'
+ hardcode_shlibpath_var_CXX=no
+ case $host_os in
+ solaris2.[0-5] | solaris2.[0-5].*) ;;
+ *)
+ # The C++ compiler is used as linker so we must use $wl
+ # flag to pass the commands to the underlying system
+ # linker. We must also pass each convience library through
+ # to the system linker between allextract/defaultextract.
+ # The C++ compiler will combine linker options so we
+ # cannot just pass the convience library names through
+ # without $wl.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ whole_archive_flag_spec_CXX='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract'
+ ;;
+ esac
+ link_all_deplibs_CXX=yes
+
+ output_verbose_link_cmd='echo'
+
+ # Archives containing C++ object files must be created using
+ # "CC -xar", where "CC" is the Sun C++ compiler. This is
+ # necessary to make sure instantiated templates are included
+ # in the archive.
+ old_archive_cmds_CXX='$CC -xar -o $oldlib $oldobjs'
+ ;;
+ gcx*)
+ # Green Hills C++ Compiler
+ archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+
+ # The C++ compiler must be used to create the archive.
+ old_archive_cmds_CXX='$CC $LDFLAGS -archive -o $oldlib $oldobjs'
+ ;;
+ *)
+ # GNU C++ compiler with Solaris linker
+ if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+ no_undefined_flag_CXX=' ${wl}-z ${wl}defs'
+ if $CC --version | grep -v '^2\.7' > /dev/null; then
+ archive_cmds_CXX='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+ archive_expsym_cmds_CXX='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp'
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd="$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\""
+ else
+ # g++ 2.7 appears to require `-G' NOT `-shared' on this
+ # platform.
+ archive_cmds_CXX='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+ archive_expsym_cmds_CXX='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp'
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd="$CC -G $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\""
+ fi
+
+ hardcode_libdir_flag_spec_CXX='${wl}-R $wl$libdir'
+ fi
+ ;;
+ esac
+ ;;
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*)
+ no_undefined_flag_CXX='${wl}-z,text'
+ archive_cmds_need_lc_CXX=no
+ hardcode_shlibpath_var_CXX=no
+ runpath_var='LD_RUN_PATH'
+
+ case $cc_basename in
+ CC*)
+ archive_cmds_CXX='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_CXX='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ archive_cmds_CXX='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_CXX='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ ;;
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We can NOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ # For security reasons, it is highly recommended that you always
+ # use absolute paths for naming shared libraries, and exclude the
+ # DT_RUNPATH tag from executables and libraries. But doing so
+ # requires that you compile everything twice, which is a pain.
+ # So that behaviour is only enabled if SCOABSPATH is set to a
+ # non-empty value in the environment. Most likely only useful for
+ # creating official distributions of packages.
+ # This is a hack until libtool officially supports absolute path
+ # names for shared libraries.
+ no_undefined_flag_CXX='${wl}-z,text'
+ allow_undefined_flag_CXX='${wl}-z,nodefs'
+ archive_cmds_need_lc_CXX=no
+ hardcode_shlibpath_var_CXX=no
+ hardcode_libdir_flag_spec_CXX='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
+ hardcode_libdir_separator_CXX=':'
+ link_all_deplibs_CXX=yes
+ export_dynamic_flag_spec_CXX='${wl}-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ case $cc_basename in
+ CC*)
+ archive_cmds_CXX='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_CXX='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ archive_cmds_CXX='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_CXX='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ ;;
+ tandem*)
+ case $cc_basename in
+ NCC*)
+ # NonStop-UX NCC 3.20
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ esac
+ ;;
+ vxworks*)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ ld_shlibs_CXX=no
+ ;;
+esac
+{ echo "$as_me:$LINENO: result: $ld_shlibs_CXX" >&5
+echo "${ECHO_T}$ld_shlibs_CXX" >&6; }
+test "$ld_shlibs_CXX" = no && can_build_shared=no
+
+GCC_CXX="$GXX"
+LD_CXX="$LD"
+
+
+cat > conftest.$ac_ext <<EOF
+class Foo
+{
+public:
+ Foo (void) { a = 0; }
+private:
+ int a;
+};
+EOF
+
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); }; then
+ # Parse the compiler output and extract the necessary
+ # objects, libraries and library flags.
+
+ # Sentinel used to keep track of whether or not we are before
+ # the conftest object file.
+ pre_test_object_deps_done=no
+
+ # The `*' in the case matches for architectures that use `case' in
+ # $output_verbose_cmd can trigger glob expansion during the loop
+ # eval without this substitution.
+ output_verbose_link_cmd=`$echo "X$output_verbose_link_cmd" | $Xsed -e "$no_glob_subst"`
+
+ for p in `eval $output_verbose_link_cmd`; do
+ case $p in
+
+ -L* | -R* | -l*)
+ # Some compilers place space between "-{L,R}" and the path.
+ # Remove the space.
+ if test $p = "-L" \
+ || test $p = "-R"; then
+ prev=$p
+ continue
+ else
+ prev=
+ fi
+
+ if test "$pre_test_object_deps_done" = no; then
+ case $p in
+ -L* | -R*)
+ # Internal compiler library paths should come after those
+ # provided the user. The postdeps already come after the
+ # user supplied libs so there is no need to process them.
+ if test -z "$compiler_lib_search_path_CXX"; then
+ compiler_lib_search_path_CXX="${prev}${p}"
+ else
+ compiler_lib_search_path_CXX="${compiler_lib_search_path_CXX} ${prev}${p}"
+ fi
+ ;;
+ # The "-l" case would never come before the object being
+ # linked, so don't bother handling this case.
+ esac
+ else
+ if test -z "$postdeps_CXX"; then
+ postdeps_CXX="${prev}${p}"
+ else
+ postdeps_CXX="${postdeps_CXX} ${prev}${p}"
+ fi
+ fi
+ ;;
+
+ *.$objext)
+ # This assumes that the test object file only shows up
+ # once in the compiler output.
+ if test "$p" = "conftest.$objext"; then
+ pre_test_object_deps_done=yes
+ continue
+ fi
+
+ if test "$pre_test_object_deps_done" = no; then
+ if test -z "$predep_objects_CXX"; then
+ predep_objects_CXX="$p"
+ else
+ predep_objects_CXX="$predep_objects_CXX $p"
+ fi
+ else
+ if test -z "$postdep_objects_CXX"; then
+ postdep_objects_CXX="$p"
+ else
+ postdep_objects_CXX="$postdep_objects_CXX $p"
+ fi
+ fi
+ ;;
+
+ *) ;; # Ignore the rest.
+
+ esac
+ done
+
+ # Clean up.
+ rm -f a.out a.exe
+else
+ echo "libtool.m4: error: problem compiling CXX test program"
+fi
+
+$rm -f confest.$objext
+
+# PORTME: override above test on systems where it is broken
+case $host_os in
+interix3*)
+ # Interix 3.5 installs completely hosed .la files for C++, so rather than
+ # hack all around it, let's just trust "g++" to DTRT.
+ predep_objects_CXX=
+ postdep_objects_CXX=
+ postdeps_CXX=
+ ;;
+
+solaris*)
+ case $cc_basename in
+ CC*)
+ # Adding this requires a known-good setup of shared libraries for
+ # Sun compiler versions before 5.6, else PIC objects from an old
+ # archive will be linked into the output, leading to subtle bugs.
+ postdeps_CXX='-lCstd -lCrun'
+ ;;
+ esac
+ ;;
+esac
+
+
+case " $postdeps_CXX " in
+*" -lc "*) archive_cmds_need_lc_CXX=no ;;
+esac
+
+lt_prog_compiler_wl_CXX=
+lt_prog_compiler_pic_CXX=
+lt_prog_compiler_static_CXX=
+
+{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5
+echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; }
+
+ # C++ specific cases for pic, static, wl, etc.
+ if test "$GXX" = yes; then
+ lt_prog_compiler_wl_CXX='-Wl,'
+ lt_prog_compiler_static_CXX='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static_CXX='-Bstatic'
+ fi
+ ;;
+ amigaos*)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the `-m68020' flag to GCC prevents building anything better,
+ # like `-m68040'.
+ lt_prog_compiler_pic_CXX='-m68020 -resident32 -malways-restore-a4'
+ ;;
+ beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+ mingw* | os2* | pw32*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ lt_prog_compiler_pic_CXX='-DDLL_EXPORT'
+ ;;
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ lt_prog_compiler_pic_CXX='-fno-common'
+ ;;
+ *djgpp*)
+ # DJGPP does not support shared libraries at all
+ lt_prog_compiler_pic_CXX=
+ ;;
+ interix3*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ lt_prog_compiler_pic_CXX=-Kconform_pic
+ fi
+ ;;
+ hpux*)
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ ;;
+ *)
+ lt_prog_compiler_pic_CXX='-fPIC'
+ ;;
+ esac
+ ;;
+ *)
+ lt_prog_compiler_pic_CXX='-fPIC'
+ ;;
+ esac
+ else
+ case $host_os in
+ aix4* | aix5*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static_CXX='-Bstatic'
+ else
+ lt_prog_compiler_static_CXX='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+ chorus*)
+ case $cc_basename in
+ cxch68*)
+ # Green Hills C++ Compiler
+ # _LT_AC_TAGVAR(lt_prog_compiler_static, CXX)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a"
+ ;;
+ esac
+ ;;
+ darwin*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ case $cc_basename in
+ xlc*)
+ lt_prog_compiler_pic_CXX='-qnocommon'
+ lt_prog_compiler_wl_CXX='-Wl,'
+ ;;
+ esac
+ ;;
+ dgux*)
+ case $cc_basename in
+ ec++*)
+ lt_prog_compiler_pic_CXX='-KPIC'
+ ;;
+ ghcx*)
+ # Green Hills C++ Compiler
+ lt_prog_compiler_pic_CXX='-pic'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ freebsd* | kfreebsd*-gnu | dragonfly*)
+ # FreeBSD uses GNU C++
+ ;;
+ hpux9* | hpux10* | hpux11*)
+ case $cc_basename in
+ CC*)
+ lt_prog_compiler_wl_CXX='-Wl,'
+ lt_prog_compiler_static_CXX='${wl}-a ${wl}archive'
+ if test "$host_cpu" != ia64; then
+ lt_prog_compiler_pic_CXX='+Z'
+ fi
+ ;;
+ aCC*)
+ lt_prog_compiler_wl_CXX='-Wl,'
+ lt_prog_compiler_static_CXX='${wl}-a ${wl}archive'
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic_CXX='+Z'
+ ;;
+ esac
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ interix*)
+ # This is c89, which is MS Visual C++ (no shared libs)
+ # Anyone wants to do a port?
+ ;;
+ irix5* | irix6* | nonstopux*)
+ case $cc_basename in
+ CC*)
+ lt_prog_compiler_wl_CXX='-Wl,'
+ lt_prog_compiler_static_CXX='-non_shared'
+ # CC pic flag -KPIC is the default.
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ linux*)
+ case $cc_basename in
+ KCC*)
+ # KAI C++ Compiler
+ lt_prog_compiler_wl_CXX='--backend -Wl,'
+ lt_prog_compiler_pic_CXX='-fPIC'
+ ;;
+ icpc* | ecpc*)
+ # Intel C++
+ lt_prog_compiler_wl_CXX='-Wl,'
+ lt_prog_compiler_pic_CXX='-KPIC'
+ lt_prog_compiler_static_CXX='-static'
+ ;;
+ pgCC*)
+ # Portland Group C++ compiler.
+ lt_prog_compiler_wl_CXX='-Wl,'
+ lt_prog_compiler_pic_CXX='-fpic'
+ lt_prog_compiler_static_CXX='-Bstatic'
+ ;;
+ cxx*)
+ # Compaq C++
+ # Make sure the PIC flag is empty. It appears that all Alpha
+ # Linux and Compaq Tru64 Unix objects are PIC.
+ lt_prog_compiler_pic_CXX=
+ lt_prog_compiler_static_CXX='-non_shared'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ lynxos*)
+ ;;
+ m88k*)
+ ;;
+ mvs*)
+ case $cc_basename in
+ cxx*)
+ lt_prog_compiler_pic_CXX='-W c,exportall'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ netbsd*)
+ ;;
+ osf3* | osf4* | osf5*)
+ case $cc_basename in
+ KCC*)
+ lt_prog_compiler_wl_CXX='--backend -Wl,'
+ ;;
+ RCC*)
+ # Rational C++ 2.4.1
+ lt_prog_compiler_pic_CXX='-pic'
+ ;;
+ cxx*)
+ # Digital/Compaq C++
+ lt_prog_compiler_wl_CXX='-Wl,'
+ # Make sure the PIC flag is empty. It appears that all Alpha
+ # Linux and Compaq Tru64 Unix objects are PIC.
+ lt_prog_compiler_pic_CXX=
+ lt_prog_compiler_static_CXX='-non_shared'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ psos*)
+ ;;
+ solaris*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.2, 5.x and Centerline C++
+ lt_prog_compiler_pic_CXX='-KPIC'
+ lt_prog_compiler_static_CXX='-Bstatic'
+ lt_prog_compiler_wl_CXX='-Qoption ld '
+ ;;
+ gcx*)
+ # Green Hills C++ Compiler
+ lt_prog_compiler_pic_CXX='-PIC'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ sunos4*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.x
+ lt_prog_compiler_pic_CXX='-pic'
+ lt_prog_compiler_static_CXX='-Bstatic'
+ ;;
+ lcc*)
+ # Lucid
+ lt_prog_compiler_pic_CXX='-pic'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ tandem*)
+ case $cc_basename in
+ NCC*)
+ # NonStop-UX NCC 3.20
+ lt_prog_compiler_pic_CXX='-KPIC'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ case $cc_basename in
+ CC*)
+ lt_prog_compiler_wl_CXX='-Wl,'
+ lt_prog_compiler_pic_CXX='-KPIC'
+ lt_prog_compiler_static_CXX='-Bstatic'
+ ;;
+ esac
+ ;;
+ vxworks*)
+ ;;
+ *)
+ lt_prog_compiler_can_build_shared_CXX=no
+ ;;
+ esac
+ fi
+
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_CXX" >&5
+echo "${ECHO_T}$lt_prog_compiler_pic_CXX" >&6; }
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$lt_prog_compiler_pic_CXX"; then
+
+{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works" >&5
+echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works... $ECHO_C" >&6; }
+if test "${lt_prog_compiler_pic_works_CXX+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_prog_compiler_pic_works_CXX=no
+ ac_outfile=conftest.$ac_objext
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="$lt_prog_compiler_pic_CXX -DPIC"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:12712: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&5
+ echo "$as_me:12716: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ lt_prog_compiler_pic_works_CXX=yes
+ fi
+ fi
+ $rm conftest*
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_CXX" >&5
+echo "${ECHO_T}$lt_prog_compiler_pic_works_CXX" >&6; }
+
+if test x"$lt_prog_compiler_pic_works_CXX" = xyes; then
+ case $lt_prog_compiler_pic_CXX in
+ "" | " "*) ;;
+ *) lt_prog_compiler_pic_CXX=" $lt_prog_compiler_pic_CXX" ;;
+ esac
+else
+ lt_prog_compiler_pic_CXX=
+ lt_prog_compiler_can_build_shared_CXX=no
+fi
+
+fi
+case $host_os in
+ # For platforms which do not support PIC, -DPIC is meaningless:
+ *djgpp*)
+ lt_prog_compiler_pic_CXX=
+ ;;
+ *)
+ lt_prog_compiler_pic_CXX="$lt_prog_compiler_pic_CXX -DPIC"
+ ;;
+esac
+
+#
+# Check to make sure the static flag actually works.
+#
+wl=$lt_prog_compiler_wl_CXX eval lt_tmp_static_flag=\"$lt_prog_compiler_static_CXX\"
+{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5
+echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; }
+if test "${lt_prog_compiler_static_works_CXX+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_prog_compiler_static_works_CXX=no
+ save_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS $lt_tmp_static_flag"
+ printf "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&5
+ $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ lt_prog_compiler_static_works_CXX=yes
+ fi
+ else
+ lt_prog_compiler_static_works_CXX=yes
+ fi
+ fi
+ $rm conftest*
+ LDFLAGS="$save_LDFLAGS"
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_CXX" >&5
+echo "${ECHO_T}$lt_prog_compiler_static_works_CXX" >&6; }
+
+if test x"$lt_prog_compiler_static_works_CXX" = xyes; then
+ :
+else
+ lt_prog_compiler_static_CXX=
+fi
+
+
+{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5
+echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; }
+if test "${lt_cv_prog_compiler_c_o_CXX+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_cv_prog_compiler_c_o_CXX=no
+ $rm -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:12816: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&5
+ echo "$as_me:12820: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_c_o_CXX=yes
+ fi
+ fi
+ chmod u+w . 2>&5
+ $rm conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files
+ $rm out/* && rmdir out
+ cd ..
+ rmdir conftest
+ $rm conftest*
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_CXX" >&5
+echo "${ECHO_T}$lt_cv_prog_compiler_c_o_CXX" >&6; }
+
+
+hard_links="nottested"
+if test "$lt_cv_prog_compiler_c_o_CXX" = no && test "$need_locks" != no; then
+ # do not overwrite the value of need_locks provided by the user
+ { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5
+echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; }
+ hard_links=yes
+ $rm conftest*
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ touch conftest.a
+ ln conftest.a conftest.b 2>&5 || hard_links=no
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ { echo "$as_me:$LINENO: result: $hard_links" >&5
+echo "${ECHO_T}$hard_links" >&6; }
+ if test "$hard_links" = no; then
+ { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5
+echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;}
+ need_locks=warn
+ fi
+else
+ need_locks=no
+fi
+
+{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5
+echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; }
+
+ export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ case $host_os in
+ aix4* | aix5*)
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to AIX nm, but means don't demangle with GNU nm
+ if $NM -V 2>&1 | grep 'GNU' > /dev/null; then
+ export_symbols_cmds_CXX='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols'
+ else
+ export_symbols_cmds_CXX='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols'
+ fi
+ ;;
+ pw32*)
+ export_symbols_cmds_CXX="$ltdll_cmds"
+ ;;
+ cygwin* | mingw*)
+ export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/;/^.* __nm__/s/^.* __nm__\([^ ]*\) [^ ]*/\1 DATA/;/^I /d;/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols'
+ ;;
+ *)
+ export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ ;;
+ esac
+
+{ echo "$as_me:$LINENO: result: $ld_shlibs_CXX" >&5
+echo "${ECHO_T}$ld_shlibs_CXX" >&6; }
+test "$ld_shlibs_CXX" = no && can_build_shared=no
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$archive_cmds_need_lc_CXX" in
+x|xyes)
+ # Assume -lc should be added
+ archive_cmds_need_lc_CXX=yes
+
+ if test "$enable_shared" = yes && test "$GCC" = yes; then
+ case $archive_cmds_CXX in
+ *'~'*)
+ # FIXME: we may have to deal with multi-command sequences.
+ ;;
+ '$CC '*)
+ # Test whether the compiler implicitly links with -lc since on some
+ # systems, -lgcc has to come before -lc. If gcc already passes -lc
+ # to ld, don't add -lc before -lgcc.
+ { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5
+echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; }
+ $rm conftest*
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_nsl_yp_maplist=yes
+ (exit $ac_status); } 2>conftest.err; then
+ soname=conftest
+ lib=conftest
+ libobjs=conftest.$ac_objext
+ deplibs=
+ wl=$lt_prog_compiler_wl_CXX
+ pic_flag=$lt_prog_compiler_pic_CXX
+ compiler_flags=-v
+ linker_flags=-v
+ verstring=
+ output_objdir=.
+ libname=conftest
+ lt_save_allow_undefined_flag=$allow_undefined_flag_CXX
+ allow_undefined_flag_CXX=
+ if { (eval echo "$as_me:$LINENO: \"$archive_cmds_CXX 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5
+ (eval $archive_cmds_CXX 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+ then
+ archive_cmds_need_lc_CXX=no
+ else
+ archive_cmds_need_lc_CXX=yes
+ fi
+ allow_undefined_flag_CXX=$lt_save_allow_undefined_flag
+ else
+ cat conftest.err 1>&5
+ fi
+ $rm conftest*
+ { echo "$as_me:$LINENO: result: $archive_cmds_need_lc_CXX" >&5
+echo "${ECHO_T}$archive_cmds_need_lc_CXX" >&6; }
+ ;;
+ esac
+ fi
+ ;;
+esac
+
+{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5
+echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; }
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=".so"
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+if test "$GCC" = yes; then
+ sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then
+ # if the path contains ";" then we assume it to be the separator
+ # otherwise default to the standard path separator (i.e. ":") - it is
+ # assumed that no part of a normal pathname contains ";" but that should
+ # okay in the real world where ";" in dirpaths is itself problematic.
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+else
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+case $host_os in
+aix3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
+ shlibpath_var=LIBPATH
+
+ # AIX 3 has no versioning support, so we append a major version to the name.
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+
+aix4* | aix5*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ hardcode_into_libs=yes
+ if test "$host_cpu" = ia64; then
+ # AIX 5 supports IA64
+ library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ else
+ # With GCC up to 2.95.x, collect2 would create an import file
+ # for dependence libraries. The import file would start with
+ # the line `#! .'. This would cause the generated library to
+ # depend on `.', always an invalid library. This was fixed in
+ # development snapshots of GCC prior to 3.0.
+ case $host_os in
+ aix4 | aix4.[01] | aix4.[01].*)
+ if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+ echo ' yes '
+ echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then
+ :
+ else
+ can_build_shared=no
+ fi
+ ;;
+ esac
+ # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
+ # soname into executable. Probably we can add versioning support to
+ # collect2, so additional links can be useful in future.
+ if test "$aix_use_runtimelinking" = yes; then
+ # If using run time linking (on AIX 4.2 or later) use lib<name>.so
+ # instead of lib<name>.a to let people know that these are not
+ # typical AIX shared libraries.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ else
+ # We preserve .a as extension for shared libraries through AIX4.2
+ # and later when we are not doing run time linking.
+ library_names_spec='${libname}${release}.a $libname.a'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ fi
+ shlibpath_var=LIBPATH
+ fi
+ ;;
+
+amigaos*)
+ library_names_spec='$libname.ixlibrary $libname.a'
+ # Create ${libname}_ixlibrary.a entries in /sys/libs.
+ finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+ ;;
+
+beos*)
+ library_names_spec='${libname}${shared_ext}'
+ dynamic_linker="$host_os ld.so"
+ shlibpath_var=LIBRARY_PATH
+ ;;
+
+bsdi[45]*)
+ version_type=linux
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+ # the default ld.so.conf also contains /usr/contrib/lib and
+ # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+ # libtool to hard-code these into programs
+ ;;
+
+cygwin* | mingw* | pw32*)
+ version_type=windows
+ shrext_cmds=".dll"
+ need_version=no
+ need_lib_prefix=no
+
+ case $GCC,$host_os in
+ yes,cygwin* | yes,mingw* | yes,pw32*)
+ library_names_spec='$libname.dll.a'
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \${file}`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $rm \$dlpath'
+ shlibpath_overrides_runpath=yes
+
+ case $host_os in
+ cygwin*)
+ # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+ soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
+ ;;
+ mingw*)
+ # MinGW DLLs use traditional 'lib' prefix
+ soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then
+ # It is most probably a Windows format PATH printed by
+ # mingw gcc, but we are running on Cygwin. Gcc prints its search
+ # path with ; separators, and with drive letters. We can handle the
+ # drive letters (cygwin fileutils understands them), so leave them,
+ # especially as we might pass files found there to a mingw objdump,
+ # which wouldn't understand a cygwinified path. Ahh.
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+ ;;
+ pw32*)
+ # pw32 DLLs use 'pw' prefix rather than 'lib'
+ library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ ;;
+ esac
+ ;;
+
+ *)
+ library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib'
+ ;;
+ esac
+ dynamic_linker='Win32 ld.exe'
+ # FIXME: first we should search . and the directory the executable is in
+ shlibpath_var=PATH
+ ;;
+
+darwin* | rhapsody*)
+ dynamic_linker="$host_os dyld"
+ version_type=darwin
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${versuffix}$shared_ext ${libname}${release}${major}$shared_ext ${libname}$shared_ext'
+ soname_spec='${libname}${release}${major}$shared_ext'
+ shlibpath_overrides_runpath=yes
+ shlibpath_var=DYLD_LIBRARY_PATH
+ shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+ # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same.
+ if test "$GCC" = yes; then
+ sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"`
+ else
+ sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib'
+ fi
+ sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+ ;;
+
+dgux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+freebsd1*)
+ dynamic_linker=no
+ ;;
+
+kfreebsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='GNU ld.so'
+ ;;
+
+freebsd* | dragonfly*)
+ # DragonFly does not have aout. When/if they implement a new
+ # versioning mechanism, adjust this.
+ if test -x /usr/bin/objformat; then
+ objformat=`/usr/bin/objformat`
+ else
+ case $host_os in
+ freebsd[123]*) objformat=aout ;;
+ *) objformat=elf ;;
+ esac
+ fi
+ version_type=freebsd-$objformat
+ case $version_type in
+ freebsd-elf*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ need_version=no
+ need_lib_prefix=no
+ ;;
+ freebsd-*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
+ need_version=yes
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_os in
+ freebsd2*)
+ shlibpath_overrides_runpath=yes
+ ;;
+ freebsd3.[01]* | freebsdelf3.[01]*)
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
+ freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+ freebsd*) # from 4.6 on
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ esac
+ ;;
+
+gnu*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ ;;
+
+hpux9* | hpux10* | hpux11*)
+ # Give a soname corresponding to the major version so that dld.sl refuses to
+ # link against other versions.
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ case $host_cpu in
+ ia64*)
+ shrext_cmds='.so'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.so"
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ if test "X$HPUX_IA64_MODE" = X32; then
+ sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+ else
+ sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+ fi
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ hppa*64*)
+ shrext_cmds='.sl'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ *)
+ shrext_cmds='.sl'
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=SHLIB_PATH
+ shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+ esac
+ # HP-UX runs *really* slowly unless shared libraries are mode 555.
+ postinstall_cmds='chmod 555 $lib'
+ ;;
+
+interix3*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $host_os in
+ nonstopux*) version_type=nonstopux ;;
+ *)
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ version_type=linux
+ else
+ version_type=irix
+ fi ;;
+ esac
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
+ case $host_os in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in # libtool.m4 will add one of these switches to LD
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+ libsuff= shlibsuff= libmagic=32-bit;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+ libsuff=32 shlibsuff=N32 libmagic=N32;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+ libsuff=64 shlibsuff=64 libmagic=64-bit;;
+ *) libsuff= shlibsuff= libmagic=never-match;;
+ esac
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+ sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+ hardcode_into_libs=yes
+ ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+ dynamic_linker=no
+ ;;
+
+# This must be Linux ELF.
+linux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ # Append ld.so.conf contents to the search path
+ if test -f /etc/ld.so.conf; then
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ fi
+
+ # We used to test for /lib/ld.so.1 and disable shared libraries on
+ # powerpc, because MkLinux only supported shared libraries with the
+ # GNU dynamic linker. Since this was broken with cross compilers,
+ # most powerpc-linux boxes support dynamic linking these days and
+ # people can always --disable-shared, the test was removed, and we
+ # assume the GNU/Linux dynamic linker is in use.
+ dynamic_linker='GNU/Linux ld.so'
+ ;;
+
+knetbsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='GNU ld.so'
+ ;;
+
+netbsd*)
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ dynamic_linker='NetBSD (a.out) ld.so'
+ else
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='NetBSD ld.elf_so'
+ fi
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+
+newsos6)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+nto-qnx*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+openbsd*)
+ version_type=sunos
+ sys_lib_dlsearch_path_spec="/usr/lib"
+ need_lib_prefix=no
+ # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
+ case $host_os in
+ openbsd3.3 | openbsd3.3.*) need_version=yes ;;
+ *) need_version=no ;;
+ esac
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ case $host_os in
+ openbsd2.[89] | openbsd2.[89].*)
+ shlibpath_overrides_runpath=no
+ ;;
+ *)
+ shlibpath_overrides_runpath=yes
+ ;;
+ esac
+ else
+ shlibpath_overrides_runpath=yes
+ fi
+ ;;
+
+os2*)
+ libname_spec='$name'
+ shrext_cmds=".dll"
+ need_lib_prefix=no
+ library_names_spec='$libname${shared_ext} $libname.a'
+ dynamic_linker='OS/2 ld.exe'
+ shlibpath_var=LIBPATH
+ ;;
+
+osf3* | osf4* | osf5*)
+ version_type=osf
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+ sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+ ;;
+
+solaris*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ # ldd complains unless libraries are executable
+ postinstall_cmds='chmod +x $lib'
+ ;;
+
+sunos4*)
+ version_type=sunos
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ if test "$with_gnu_ld" = yes; then
+ need_lib_prefix=no
+ fi
+ need_version=yes
+ ;;
+
+sysv4 | sysv4.3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_vendor in
+ sni)
+ shlibpath_overrides_runpath=no
+ need_lib_prefix=no
+ export_dynamic_flag_spec='${wl}-Blargedynsym'
+ runpath_var=LD_RUN_PATH
+ ;;
+ siemens)
+ need_lib_prefix=no
+ ;;
+ motorola)
+ need_lib_prefix=no
+ need_version=no
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+ ;;
+ esac
+ ;;
+
+sysv4*MP*)
+ if test -d /usr/nec ;then
+ version_type=linux
+ library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
+ soname_spec='$libname${shared_ext}.$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ fi
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ version_type=freebsd-elf
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ if test "$with_gnu_ld" = yes; then
+ sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+ shlibpath_overrides_runpath=no
+ else
+ sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+ shlibpath_overrides_runpath=yes
+ case $host_os in
+ sco3.2v5*)
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+ ;;
+ esac
+ fi
+ sys_lib_dlsearch_path_spec='/usr/lib'
+ ;;
+
+uts4*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+*)
+ dynamic_linker=no
+ ;;
+esac
+{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5
+echo "${ECHO_T}$dynamic_linker" >&6; }
+test "$dynamic_linker" = no && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test "$GCC" = yes; then
+ variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5
+echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; }
+hardcode_action_CXX=
+if test -n "$hardcode_libdir_flag_spec_CXX" || \
+ test -n "$runpath_var_CXX" || \
+ test "X$hardcode_automatic_CXX" = "Xyes" ; then
+
+ # We can hardcode non-existant directories.
+ if test "$hardcode_direct_CXX" != no &&
+ # If the only mechanism to avoid hardcoding is shlibpath_var, we
+ # have to relink, otherwise we might link with an installed library
+ # when we should be linking with a yet-to-be-installed one
+ ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, CXX)" != no &&
+ test "$hardcode_minus_L_CXX" != no; then
+ # Linking always hardcodes the temporary library directory.
+ hardcode_action_CXX=relink
+ else
+ # We can link without hardcoding, and we can hardcode nonexisting dirs.
+ hardcode_action_CXX=immediate
+ fi
+else
+ # We cannot hardcode anything, or else we can only hardcode existing
+ # directories.
+ hardcode_action_CXX=unsupported
+fi
+{ echo "$as_me:$LINENO: result: $hardcode_action_CXX" >&5
+echo "${ECHO_T}$hardcode_action_CXX" >&6; }
+
+if test "$hardcode_action_CXX" = relink; then
+ # Fast installation is not supported
+ enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+ test "$enable_shared" = no; then
+ # Fast installation is not necessary
+ enable_fast_install=needless
+fi
+
+
+# The else clause should only fire when bootstrapping the
+# libtool distribution, otherwise you forgot to ship ltmain.sh
+# with your package, and you will get complaints that there are
+# no rules to generate ltmain.sh.
+if test -f "$ltmain"; then
+ # See if we are running on zsh, and set the options which allow our commands through
+ # without removal of \ escapes.
+ if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+ fi
+ # Now quote all the things that may contain metacharacters while being
+ # careful not to overquote the AC_SUBSTed values. We take copies of the
+ # variables and quote the copies for generation of the libtool script.
+ for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \
+ SED SHELL STRIP \
+ libname_spec library_names_spec soname_spec extract_expsyms_cmds \
+ old_striplib striplib file_magic_cmd finish_cmds finish_eval \
+ deplibs_check_method reload_flag reload_cmds need_locks \
+ lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \
+ lt_cv_sys_global_symbol_to_c_name_address \
+ sys_lib_search_path_spec sys_lib_dlsearch_path_spec \
+ old_postinstall_cmds old_postuninstall_cmds \
+ compiler_CXX \
+ CC_CXX \
+ LD_CXX \
+ lt_prog_compiler_wl_CXX \
+ lt_prog_compiler_pic_CXX \
+ lt_prog_compiler_static_CXX \
+ lt_prog_compiler_no_builtin_flag_CXX \
+ export_dynamic_flag_spec_CXX \
+ thread_safe_flag_spec_CXX \
+ whole_archive_flag_spec_CXX \
+ enable_shared_with_static_runtimes_CXX \
+ old_archive_cmds_CXX \
+ old_archive_from_new_cmds_CXX \
+ predep_objects_CXX \
+ postdep_objects_CXX \
+ predeps_CXX \
+ postdeps_CXX \
+ compiler_lib_search_path_CXX \
+ archive_cmds_CXX \
+ archive_expsym_cmds_CXX \
+ postinstall_cmds_CXX \
+ postuninstall_cmds_CXX \
+ old_archive_from_expsyms_cmds_CXX \
+ allow_undefined_flag_CXX \
+ no_undefined_flag_CXX \
+ export_symbols_cmds_CXX \
+ hardcode_libdir_flag_spec_CXX \
+ hardcode_libdir_flag_spec_ld_CXX \
+ hardcode_libdir_separator_CXX \
+ hardcode_automatic_CXX \
+ module_cmds_CXX \
+ module_expsym_cmds_CXX \
+ lt_cv_prog_compiler_c_o_CXX \
+ exclude_expsyms_CXX \
+ include_expsyms_CXX; do
+
+ case $var in
+ old_archive_cmds_CXX | \
+ old_archive_from_new_cmds_CXX | \
+ archive_cmds_CXX | \
+ archive_expsym_cmds_CXX | \
+ module_cmds_CXX | \
+ module_expsym_cmds_CXX | \
+ old_archive_from_expsyms_cmds_CXX | \
+ export_symbols_cmds_CXX | \
+ extract_expsyms_cmds | reload_cmds | finish_cmds | \
+ postinstall_cmds | postuninstall_cmds | \
+ old_postinstall_cmds | old_postuninstall_cmds | \
+ sys_lib_search_path_spec | sys_lib_dlsearch_path_spec)
+ # Double-quote double-evaled strings.
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\""
+ ;;
+ *)
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\""
+ ;;
+ esac
+ done
+
+ case $lt_echo in
+ *'\$0 --fallback-echo"')
+ lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'`
+ ;;
+ esac
+
+cfgfile="$ofile"
+
+ cat <<__EOF__ >> "$cfgfile"
+# ### BEGIN LIBTOOL TAG CONFIG: $tagname
+
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+
+# Shell to use when invoking shell scripts.
+SHELL=$lt_SHELL
+
+# Whether or not to build shared libraries.
+build_libtool_libs=$enable_shared
+
+# Whether or not to build static libraries.
+build_old_libs=$enable_static
+
+# Whether or not to add -lc for building shared libraries.
+build_libtool_need_lc=$archive_cmds_need_lc_CXX
+
+# Whether or not to disallow shared libs when runtime libs are static
+allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_CXX
+
+# Whether or not to optimize for fast installation.
+fast_install=$enable_fast_install
+
+# The host system.
+host_alias=$host_alias
+host=$host
+host_os=$host_os
+
+# The build system.
+build_alias=$build_alias
+build=$build
+build_os=$build_os
+
+# An echo program that does not interpret backslashes.
+echo=$lt_echo
+
+# The archiver.
+AR=$lt_AR
+AR_FLAGS=$lt_AR_FLAGS
+
+# A C compiler.
+LTCC=$lt_LTCC
+
+# LTCC compiler flags.
+LTCFLAGS=$lt_LTCFLAGS
+
+# A language-specific compiler.
+CC=$lt_compiler_CXX
+
+# Is the compiler the GNU C compiler?
+with_gcc=$GCC_CXX
+
+# An ERE matcher.
+EGREP=$lt_EGREP
+
+# The linker used to build libraries.
+LD=$lt_LD_CXX
+
+# Whether we need hard or soft links.
+LN_S=$lt_LN_S
+
+# A BSD-compatible nm program.
+NM=$lt_NM
+
+# A symbol stripping program
+STRIP=$lt_STRIP
+
+# Used to examine libraries when file_magic_cmd begins "file"
+MAGIC_CMD=$MAGIC_CMD
+
+# Used on cygwin: DLL creation program.
+DLLTOOL="$DLLTOOL"
+
+# Used on cygwin: object dumper.
+OBJDUMP="$OBJDUMP"
+
+# Used on cygwin: assembler.
+AS="$AS"
+
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
+
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag
+reload_cmds=$lt_reload_cmds
+
+# How to pass a linker flag through the compiler.
+wl=$lt_lt_prog_compiler_wl_CXX
+
+# Object file suffix (normally "o").
+objext="$ac_objext"
+
+# Old archive suffix (normally "a").
+libext="$libext"
+
+# Shared library suffix (normally ".so").
+shrext_cmds='$shrext_cmds'
+
+# Executable file suffix (normally "").
+exeext="$exeext"
+
+# Additional compiler flags for building library objects.
+pic_flag=$lt_lt_prog_compiler_pic_CXX
+pic_mode=$pic_mode
+
+# What is the maximum length of a command?
+max_cmd_len=$lt_cv_sys_max_cmd_len
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$lt_lt_cv_prog_compiler_c_o_CXX
+
+# Must we lock files when doing compilation?
+need_locks=$lt_need_locks
+
+# Do we need the lib prefix for modules?
+need_lib_prefix=$need_lib_prefix
+
+# Do we need a version for libraries?
+need_version=$need_version
+
+# Whether dlopen is supported.
+dlopen_support=$enable_dlopen
+
+# Whether dlopen of programs is supported.
+dlopen_self=$enable_dlopen_self
+
+# Whether dlopen of statically linked programs is supported.
+dlopen_self_static=$enable_dlopen_self_static
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$lt_lt_prog_compiler_static_CXX
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_CXX
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_CXX
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$lt_whole_archive_flag_spec_CXX
+
+# Compiler flag to generate thread-safe objects.
+thread_safe_flag_spec=$lt_thread_safe_flag_spec_CXX
+
+# Library versioning type.
+version_type=$version_type
+
+# Format of library name prefix.
+libname_spec=$lt_libname_spec
+
+# List of archive names. First name is the real one, the rest are links.
+# The last name is the one that the linker finds with -lNAME.
+library_names_spec=$lt_library_names_spec
+
+# The coded name of the library, if different from the real name.
+soname_spec=$lt_soname_spec
+
+# Commands used to build and install an old-style archive.
+RANLIB=$lt_RANLIB
+old_archive_cmds=$lt_old_archive_cmds_CXX
+old_postinstall_cmds=$lt_old_postinstall_cmds
+old_postuninstall_cmds=$lt_old_postuninstall_cmds
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_CXX
+
+# Create a temporary old-style archive to link instead of a shared archive.
+old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_CXX
+
+# Commands used to build and install a shared archive.
+archive_cmds=$lt_archive_cmds_CXX
+archive_expsym_cmds=$lt_archive_expsym_cmds_CXX
+postinstall_cmds=$lt_postinstall_cmds
+postuninstall_cmds=$lt_postuninstall_cmds
+
+# Commands used to build a loadable module (assumed same as above if empty)
+module_cmds=$lt_module_cmds_CXX
+module_expsym_cmds=$lt_module_expsym_cmds_CXX
+
+# Commands to strip libraries.
+old_striplib=$lt_old_striplib
+striplib=$lt_striplib
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predep_objects=$lt_predep_objects_CXX
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdep_objects=$lt_postdep_objects_CXX
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predeps=$lt_predeps_CXX
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdeps=$lt_postdeps_CXX
+
+# The library search path used internally by the compiler when linking
+# a shared library.
+compiler_lib_search_path=$lt_compiler_lib_search_path_CXX
+
+# Method to check whether dependent libraries are shared objects.
+deplibs_check_method=$lt_deplibs_check_method
+
+# Command to use when deplibs_check_method == file_magic.
+file_magic_cmd=$lt_file_magic_cmd
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$lt_allow_undefined_flag_CXX
+
+# Flag that forces no undefined symbols.
+no_undefined_flag=$lt_no_undefined_flag_CXX
+
+# Commands used to finish a libtool library installation in a directory.
+finish_cmds=$lt_finish_cmds
+
+# Same as above, but a single script fragment to be evaled but not shown.
+finish_eval=$lt_finish_eval
+
+# Take the output of nm and produce a listing of raw symbols and C names.
+global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe
+
+# Transform the output of nm in a proper C declaration
+global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl
+
+# Transform the output of nm in a C name address pair
+global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
+
+# This is the shared library runtime path variable.
+runpath_var=$runpath_var
+
+# This is the shared library path variable.
+shlibpath_var=$shlibpath_var
+
+# Is shlibpath searched before the hard-coded library search path?
+shlibpath_overrides_runpath=$shlibpath_overrides_runpath
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$hardcode_action_CXX
+
+# Whether we should hardcode library paths into libraries.
+hardcode_into_libs=$hardcode_into_libs
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist.
+hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_CXX
+
+# If ld is used when linking, flag to hardcode \$libdir into
+# a binary during linking. This must work even if \$libdir does
+# not exist.
+hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_CXX
+
+# Whether we need a single -rpath flag with a separated argument.
+hardcode_libdir_separator=$lt_hardcode_libdir_separator_CXX
+
+# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the
+# resulting binary.
+hardcode_direct=$hardcode_direct_CXX
+
+# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
+# resulting binary.
+hardcode_minus_L=$hardcode_minus_L_CXX
+
+# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into
+# the resulting binary.
+hardcode_shlibpath_var=$hardcode_shlibpath_var_CXX
+
+# Set to yes if building a shared library automatically hardcodes DIR into the library
+# and all subsequent libraries and executables linked against it.
+hardcode_automatic=$hardcode_automatic_CXX
+
+# Variables whose values should be saved in libtool wrapper scripts and
+# restored at relink time.
+variables_saved_for_relink="$variables_saved_for_relink"
+
+# Whether libtool must link a program against all its dependency libraries.
+link_all_deplibs=$link_all_deplibs_CXX
+
+# Compile-time system search path for libraries
+sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
+
+# Run-time system search path for libraries
+sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec
+
+# Fix the shell variable \$srcfile for the compiler.
+fix_srcfile_path="$fix_srcfile_path_CXX"
+
+# Set to yes if exported symbols are required.
+always_export_symbols=$always_export_symbols_CXX
+
+# The commands to list exported symbols.
+export_symbols_cmds=$lt_export_symbols_cmds_CXX
+
+# The commands to extract the exported symbol list from a shared archive.
+extract_expsyms_cmds=$lt_extract_expsyms_cmds
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$lt_exclude_expsyms_CXX
+
+# Symbols that must always be exported.
+include_expsyms=$lt_include_expsyms_CXX
+
+# ### END LIBTOOL TAG CONFIG: $tagname
+
+__EOF__
+
+
+else
+ # If there is no Makefile yet, we rely on a make rule to execute
+ # `config.status --recheck' to rerun these tests and create the
+ # libtool script then.
+ ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'`
+ if test -f "$ltmain_in"; then
+ test -f Makefile && make "$ltmain"
+ fi
+fi
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+CC=$lt_save_CC
+LDCXX=$LD
+LD=$lt_save_LD
+GCC=$lt_save_GCC
+with_gnu_ldcxx=$with_gnu_ld
+with_gnu_ld=$lt_save_with_gnu_ld
+lt_cv_path_LDCXX=$lt_cv_path_LD
+lt_cv_path_LD=$lt_save_path_LD
+lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld
+lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld
+
+ else
+ tagname=""
+ fi
+ ;;
+
+ F77)
+ if test -n "$F77" && test "X$F77" != "Xno"; then
+
+ac_ext=f
+ac_compile='$F77 -c $FFLAGS conftest.$ac_ext >&5'
+ac_link='$F77 -o conftest$ac_exeext $FFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_f77_compiler_gnu
+
+
+archive_cmds_need_lc_F77=no
+allow_undefined_flag_F77=
+always_export_symbols_F77=no
+archive_expsym_cmds_F77=
+export_dynamic_flag_spec_F77=
+hardcode_direct_F77=no
+hardcode_libdir_flag_spec_F77=
+hardcode_libdir_flag_spec_ld_F77=
+hardcode_libdir_separator_F77=
+hardcode_minus_L_F77=no
+hardcode_automatic_F77=no
+module_cmds_F77=
+module_expsym_cmds_F77=
+link_all_deplibs_F77=unknown
+old_archive_cmds_F77=$old_archive_cmds
+no_undefined_flag_F77=
+whole_archive_flag_spec_F77=
+enable_shared_with_static_runtimes_F77=no
+
+# Source file extension for f77 test sources.
+ac_ext=f
+
+# Object file extension for compiled f77 test sources.
+objext=o
+objext_F77=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code=" subroutine t\n return\n end\n"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code=" program t\n end\n"
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+
+# save warnings/boilerplate of simple test code
+ac_outfile=conftest.$ac_objext
+printf "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$rm conftest*
+
+ac_outfile=conftest.$ac_objext
+printf "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$rm conftest*
+
+
+# Allow CC to be a program name with arguments.
+lt_save_CC="$CC"
+CC=${F77-"f77"}
+compiler=$CC
+compiler_F77=$CC
+for cc_temp in $compiler""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+
+
+{ echo "$as_me:$LINENO: checking if libtool supports shared libraries" >&5
+echo $ECHO_N "checking if libtool supports shared libraries... $ECHO_C" >&6; }
+{ echo "$as_me:$LINENO: result: $can_build_shared" >&5
+echo "${ECHO_T}$can_build_shared" >&6; }
+
+{ echo "$as_me:$LINENO: checking whether to build shared libraries" >&5
+echo $ECHO_N "checking whether to build shared libraries... $ECHO_C" >&6; }
+test "$can_build_shared" = "no" && enable_shared=no
+
+# On AIX, shared libraries and static libraries use the same namespace, and
+# are all built from PIC.
+case $host_os in
+aix3*)
+ test "$enable_shared" = yes && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+aix4* | aix5*)
+ if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+ test "$enable_shared" = yes && enable_static=no
+ fi
+ ;;
+esac
+{ echo "$as_me:$LINENO: result: $enable_shared" >&5
+echo "${ECHO_T}$enable_shared" >&6; }
+
+{ echo "$as_me:$LINENO: checking whether to build static libraries" >&5
+echo $ECHO_N "checking whether to build static libraries... $ECHO_C" >&6; }
+# Make sure either enable_shared or enable_static is yes.
+test "$enable_shared" = yes || enable_static=yes
+{ echo "$as_me:$LINENO: result: $enable_static" >&5
+echo "${ECHO_T}$enable_static" >&6; }
+
+GCC_F77="$G77"
+LD_F77="$LD"
+
+lt_prog_compiler_wl_F77=
+lt_prog_compiler_pic_F77=
+lt_prog_compiler_static_F77=
+
+{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5
+echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; }
+
+ if test "$GCC" = yes; then
+ lt_prog_compiler_wl_F77='-Wl,'
+ lt_prog_compiler_static_F77='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static_F77='-Bstatic'
+ fi
+ ;;
+
+ amigaos*)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the `-m68020' flag to GCC prevents building anything better,
+ # like `-m68040'.
+ lt_prog_compiler_pic_F77='-m68020 -resident32 -malways-restore-a4'
+ ;;
+
+ beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+
+ mingw* | pw32* | os2*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ lt_prog_compiler_pic_F77='-DDLL_EXPORT'
+ ;;
+
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ lt_prog_compiler_pic_F77='-fno-common'
+ ;;
+
+ interix3*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+
+ msdosdjgpp*)
+ # Just because we use GCC doesn't mean we suddenly get shared libraries
+ # on systems that don't support them.
+ lt_prog_compiler_can_build_shared_F77=no
+ enable_shared=no
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ lt_prog_compiler_pic_F77=-Kconform_pic
+ fi
+ ;;
+
+ hpux*)
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic_F77='-fPIC'
+ ;;
+ esac
+ ;;
+
+ *)
+ lt_prog_compiler_pic_F77='-fPIC'
+ ;;
+ esac
+ else
+ # PORTME Check for flag to pass linker flags through the system compiler.
+ case $host_os in
+ aix*)
+ lt_prog_compiler_wl_F77='-Wl,'
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static_F77='-Bstatic'
+ else
+ lt_prog_compiler_static_F77='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+ darwin*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ case $cc_basename in
+ xlc*)
+ lt_prog_compiler_pic_F77='-qnocommon'
+ lt_prog_compiler_wl_F77='-Wl,'
+ ;;
+ esac
+ ;;
+
+ mingw* | pw32* | os2*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ lt_prog_compiler_pic_F77='-DDLL_EXPORT'
+ ;;
+
+ hpux9* | hpux10* | hpux11*)
+ lt_prog_compiler_wl_F77='-Wl,'
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic_F77='+Z'
+ ;;
+ esac
+ # Is there a better lt_prog_compiler_static that works with the bundled CC?
+ lt_prog_compiler_static_F77='${wl}-a ${wl}archive'
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ lt_prog_compiler_wl_F77='-Wl,'
+ # PIC (with -KPIC) is the default.
+ lt_prog_compiler_static_F77='-non_shared'
+ ;;
+
+ newsos6)
+ lt_prog_compiler_pic_F77='-KPIC'
+ lt_prog_compiler_static_F77='-Bstatic'
+ ;;
+
+ linux*)
+ case $cc_basename in
+ icc* | ecc*)
+ lt_prog_compiler_wl_F77='-Wl,'
+ lt_prog_compiler_pic_F77='-KPIC'
+ lt_prog_compiler_static_F77='-static'
+ ;;
+ pgcc* | pgf77* | pgf90* | pgf95*)
+ # Portland Group compilers (*not* the Pentium gcc compiler,
+ # which looks to be a dead project)
+ lt_prog_compiler_wl_F77='-Wl,'
+ lt_prog_compiler_pic_F77='-fpic'
+ lt_prog_compiler_static_F77='-Bstatic'
+ ;;
+ ccc*)
+ lt_prog_compiler_wl_F77='-Wl,'
+ # All Alpha code is PIC.
+ lt_prog_compiler_static_F77='-non_shared'
+ ;;
+ esac
+ ;;
+
+ osf3* | osf4* | osf5*)
+ lt_prog_compiler_wl_F77='-Wl,'
+ # All OSF/1 code is PIC.
+ lt_prog_compiler_static_F77='-non_shared'
+ ;;
+
+ solaris*)
+ lt_prog_compiler_pic_F77='-KPIC'
+ lt_prog_compiler_static_F77='-Bstatic'
+ case $cc_basename in
+ f77* | f90* | f95*)
+ lt_prog_compiler_wl_F77='-Qoption ld ';;
+ *)
+ lt_prog_compiler_wl_F77='-Wl,';;
+ esac
+ ;;
+
+ sunos4*)
+ lt_prog_compiler_wl_F77='-Qoption ld '
+ lt_prog_compiler_pic_F77='-PIC'
+ lt_prog_compiler_static_F77='-Bstatic'
+ ;;
+
+ sysv4 | sysv4.2uw2* | sysv4.3*)
+ lt_prog_compiler_wl_F77='-Wl,'
+ lt_prog_compiler_pic_F77='-KPIC'
+ lt_prog_compiler_static_F77='-Bstatic'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec ;then
+ lt_prog_compiler_pic_F77='-Kconform_pic'
+ lt_prog_compiler_static_F77='-Bstatic'
+ fi
+ ;;
+
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ lt_prog_compiler_wl_F77='-Wl,'
+ lt_prog_compiler_pic_F77='-KPIC'
+ lt_prog_compiler_static_F77='-Bstatic'
+ ;;
+
+ unicos*)
+ lt_prog_compiler_wl_F77='-Wl,'
+ lt_prog_compiler_can_build_shared_F77=no
+ ;;
+
+ uts4*)
+ lt_prog_compiler_pic_F77='-pic'
+ lt_prog_compiler_static_F77='-Bstatic'
+ ;;
+
+ *)
+ lt_prog_compiler_can_build_shared_F77=no
+ ;;
+ esac
+ fi
+
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_F77" >&5
+echo "${ECHO_T}$lt_prog_compiler_pic_F77" >&6; }
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$lt_prog_compiler_pic_F77"; then
+
+{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_F77 works" >&5
+echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_F77 works... $ECHO_C" >&6; }
+if test "${lt_prog_compiler_pic_works_F77+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_prog_compiler_pic_works_F77=no
+ ac_outfile=conftest.$ac_objext
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="$lt_prog_compiler_pic_F77"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:14386: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&5
+ echo "$as_me:14390: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ lt_prog_compiler_pic_works_F77=yes
+ fi
+ fi
+ $rm conftest*
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_F77" >&5
+echo "${ECHO_T}$lt_prog_compiler_pic_works_F77" >&6; }
+
+if test x"$lt_prog_compiler_pic_works_F77" = xyes; then
+ case $lt_prog_compiler_pic_F77 in
+ "" | " "*) ;;
+ *) lt_prog_compiler_pic_F77=" $lt_prog_compiler_pic_F77" ;;
+ esac
+else
+ lt_prog_compiler_pic_F77=
+ lt_prog_compiler_can_build_shared_F77=no
+fi
+
+fi
+case $host_os in
+ # For platforms which do not support PIC, -DPIC is meaningless:
+ *djgpp*)
+ lt_prog_compiler_pic_F77=
+ ;;
+ *)
+ lt_prog_compiler_pic_F77="$lt_prog_compiler_pic_F77"
+ ;;
+esac
+
+#
+# Check to make sure the static flag actually works.
+#
+wl=$lt_prog_compiler_wl_F77 eval lt_tmp_static_flag=\"$lt_prog_compiler_static_F77\"
+{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5
+echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; }
+if test "${lt_prog_compiler_static_works_F77+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_prog_compiler_static_works_F77=no
+ save_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS $lt_tmp_static_flag"
+ printf "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&5
+ $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ lt_prog_compiler_static_works_F77=yes
+ fi
+ else
+ lt_prog_compiler_static_works_F77=yes
+ fi
+ fi
+ $rm conftest*
+ LDFLAGS="$save_LDFLAGS"
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_F77" >&5
+echo "${ECHO_T}$lt_prog_compiler_static_works_F77" >&6; }
+
+if test x"$lt_prog_compiler_static_works_F77" = xyes; then
+ :
+else
+ lt_prog_compiler_static_F77=
+fi
+
+
+{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5
+echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; }
+if test "${lt_cv_prog_compiler_c_o_F77+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_cv_prog_compiler_c_o_F77=no
+ $rm -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:14490: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&5
+ echo "$as_me:14494: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_c_o_F77=yes
+ fi
+ fi
+ chmod u+w . 2>&5
+ $rm conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files
+ $rm out/* && rmdir out
+ cd ..
+ rmdir conftest
+ $rm conftest*
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_F77" >&5
+echo "${ECHO_T}$lt_cv_prog_compiler_c_o_F77" >&6; }
+
+
+hard_links="nottested"
+if test "$lt_cv_prog_compiler_c_o_F77" = no && test "$need_locks" != no; then
+ # do not overwrite the value of need_locks provided by the user
+ { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5
+echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; }
+ hard_links=yes
+ $rm conftest*
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ touch conftest.a
+ ln conftest.a conftest.b 2>&5 || hard_links=no
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ { echo "$as_me:$LINENO: result: $hard_links" >&5
+echo "${ECHO_T}$hard_links" >&6; }
+ if test "$hard_links" = no; then
+ { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5
+echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;}
+ need_locks=warn
+ fi
+else
+ need_locks=no
+fi
+
+{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5
+echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; }
+
+ runpath_var=
+ allow_undefined_flag_F77=
+ enable_shared_with_static_runtimes_F77=no
+ archive_cmds_F77=
+ archive_expsym_cmds_F77=
+ old_archive_From_new_cmds_F77=
+ old_archive_from_expsyms_cmds_F77=
+ export_dynamic_flag_spec_F77=
+ whole_archive_flag_spec_F77=
+ thread_safe_flag_spec_F77=
+ hardcode_libdir_flag_spec_F77=
+ hardcode_libdir_flag_spec_ld_F77=
+ hardcode_libdir_separator_F77=
+ hardcode_direct_F77=no
+ hardcode_minus_L_F77=no
+ hardcode_shlibpath_var_F77=unsupported
+ link_all_deplibs_F77=unknown
+ hardcode_automatic_F77=no
+ module_cmds_F77=
+ module_expsym_cmds_F77=
+ always_export_symbols_F77=no
+ export_symbols_cmds_F77='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ # include_expsyms should be a list of space-separated symbols to be *always*
+ # included in the symbol list
+ include_expsyms_F77=
+ # exclude_expsyms can be an extended regexp of symbols to exclude
+ # it will be wrapped by ` (' and `)$', so one must not match beginning or
+ # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
+ # as well as any symbol that contains `d'.
+ exclude_expsyms_F77="_GLOBAL_OFFSET_TABLE_"
+ # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+ # platforms (ab)use it in PIC code, but their linkers get confused if
+ # the symbol is explicitly referenced. Since portable code cannot
+ # rely on this symbol name, it's probably fine to never include it in
+ # preloaded symbol tables.
+ extract_expsyms_cmds=
+ # Just being paranoid about ensuring that cc_basename is set.
+ for cc_temp in $compiler""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+
+ case $host_os in
+ cygwin* | mingw* | pw32*)
+ # FIXME: the MSVC++ port hasn't been tested in a loooong time
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ if test "$GCC" != yes; then
+ with_gnu_ld=no
+ fi
+ ;;
+ interix*)
+ # we just hope/assume this is gcc and not c89 (= MSVC++)
+ with_gnu_ld=yes
+ ;;
+ openbsd*)
+ with_gnu_ld=no
+ ;;
+ esac
+
+ ld_shlibs_F77=yes
+ if test "$with_gnu_ld" = yes; then
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ wlarc='${wl}'
+
+ # Set some defaults for GNU ld with shared library support. These
+ # are reset later if shared libraries are not supported. Putting them
+ # here allows them to be overridden if necessary.
+ runpath_var=LD_RUN_PATH
+ hardcode_libdir_flag_spec_F77='${wl}--rpath ${wl}$libdir'
+ export_dynamic_flag_spec_F77='${wl}--export-dynamic'
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then
+ whole_archive_flag_spec_F77="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ else
+ whole_archive_flag_spec_F77=
+ fi
+ supports_anon_versioning=no
+ case `$LD -v 2>/dev/null` in
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11
+ *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
+ *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
+ *\ 2.11.*) ;; # other 2.11 versions
+ *) supports_anon_versioning=yes ;;
+ esac
+
+ # See if GNU ld supports shared libraries.
+ case $host_os in
+ aix3* | aix4* | aix5*)
+ # On AIX/PPC, the GNU linker is very broken
+ if test "$host_cpu" != ia64; then
+ ld_shlibs_F77=no
+ cat <<EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.9.1, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support. If you
+*** really care for shared libraries, you may want to modify your PATH
+*** so that a non-GNU linker is found, and then restart.
+
+EOF
+ fi
+ ;;
+
+ amigaos*)
+ archive_cmds_F77='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ hardcode_libdir_flag_spec_F77='-L$libdir'
+ hardcode_minus_L_F77=yes
+
+ # Samuel A. Falvo II <kc5tja@dolphin.openprojects.net> reports
+ # that the semantics of dynamic libraries on AmigaOS, at least up
+ # to version 4, is to share data among multiple programs linked
+ # with the same dynamic library. Since this doesn't match the
+ # behavior of shared libraries on other platforms, we can't use
+ # them.
+ ld_shlibs_F77=no
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ allow_undefined_flag_F77=unsupported
+ # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ archive_cmds_F77='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ else
+ ld_shlibs_F77=no
+ fi
+ ;;
+
+ cygwin* | mingw* | pw32*)
+ # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, F77) is actually meaningless,
+ # as there is no search path for DLLs.
+ hardcode_libdir_flag_spec_F77='-L$libdir'
+ allow_undefined_flag_F77=unsupported
+ always_export_symbols_F77=no
+ enable_shared_with_static_runtimes_F77=yes
+ export_symbols_cmds_F77='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols'
+
+ if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
+ archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file (1st line
+ # is EXPORTS), use it as is; otherwise, prepend...
+ archive_expsym_cmds_F77='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ ld_shlibs_F77=no
+ fi
+ ;;
+
+ interix3*)
+ hardcode_direct_F77=no
+ hardcode_shlibpath_var_F77=no
+ hardcode_libdir_flag_spec_F77='${wl}-rpath,$libdir'
+ export_dynamic_flag_spec_F77='${wl}-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ archive_cmds_F77='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ archive_expsym_cmds_F77='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+
+ linux*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ tmp_addflag=
+ case $cc_basename,$host_cpu in
+ pgcc*) # Portland Group C compiler
+ whole_archive_flag_spec_F77='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag'
+ ;;
+ pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers
+ whole_archive_flag_spec_F77='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag -Mnomain' ;;
+ ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64
+ tmp_addflag=' -i_dynamic' ;;
+ efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64
+ tmp_addflag=' -i_dynamic -nofor_main' ;;
+ ifc* | ifort*) # Intel Fortran compiler
+ tmp_addflag=' -nofor_main' ;;
+ esac
+ archive_cmds_F77='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+
+ if test $supports_anon_versioning = yes; then
+ archive_expsym_cmds_F77='$echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ $echo "local: *; };" >> $output_objdir/$libname.ver~
+ $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+ fi
+ else
+ ld_shlibs_F77=no
+ fi
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ archive_cmds_F77='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
+ wlarc=
+ else
+ archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ fi
+ ;;
+
+ solaris*)
+ if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then
+ ld_shlibs_F77=no
+ cat <<EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+EOF
+ elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs_F77=no
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+ case `$LD -v 2>&1` in
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*)
+ ld_shlibs_F77=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
+*** reliably create shared libraries on SCO systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.16.91.0.3 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ ;;
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ hardcode_libdir_flag_spec_F77='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`'
+ archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib'
+ archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib'
+ else
+ ld_shlibs_F77=no
+ fi
+ ;;
+ esac
+ ;;
+
+ sunos4*)
+ archive_cmds_F77='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ wlarc=
+ hardcode_direct_F77=yes
+ hardcode_shlibpath_var_F77=no
+ ;;
+
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs_F77=no
+ fi
+ ;;
+ esac
+
+ if test "$ld_shlibs_F77" = no; then
+ runpath_var=
+ hardcode_libdir_flag_spec_F77=
+ export_dynamic_flag_spec_F77=
+ whole_archive_flag_spec_F77=
+ fi
+ else
+ # PORTME fill in a description of your system's linker (not GNU ld)
+ case $host_os in
+ aix3*)
+ allow_undefined_flag_F77=unsupported
+ always_export_symbols_F77=yes
+ archive_expsym_cmds_F77='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
+ # Note: this linker hardcodes the directories in LIBPATH if there
+ # are no directories specified by -L.
+ hardcode_minus_L_F77=yes
+ if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then
+ # Neither direct hardcoding nor static linking is supported with a
+ # broken collect2.
+ hardcode_direct_F77=unsupported
+ fi
+ ;;
+
+ aix4* | aix5*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=""
+ else
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to AIX nm, but means don't demangle with GNU nm
+ if $NM -V 2>&1 | grep 'GNU' > /dev/null; then
+ export_symbols_cmds_F77='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols'
+ else
+ export_symbols_cmds_F77='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols'
+ fi
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[23]|aix4.[23].*|aix5*)
+ for ld_flag in $LDFLAGS; do
+ if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+ aix_use_runtimelinking=yes
+ break
+ fi
+ done
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ archive_cmds_F77=''
+ hardcode_direct_F77=yes
+ hardcode_libdir_separator_F77=':'
+ link_all_deplibs_F77=yes
+
+ if test "$GCC" = yes; then
+ case $host_os in aix4.[012]|aix4.[012].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" && \
+ strings "$collect2name" | grep resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ hardcode_direct_F77=yes
+ else
+ # We have old collect2
+ hardcode_direct_F77=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ hardcode_minus_L_F77=yes
+ hardcode_libdir_flag_spec_F77='-L$libdir'
+ hardcode_libdir_separator_F77=
+ fi
+ ;;
+ esac
+ shared_flag='-shared'
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag="$shared_flag "'${wl}-G'
+ fi
+ else
+ # not using gcc
+ if test "$host_cpu" = ia64; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag='${wl}-G'
+ else
+ shared_flag='${wl}-bM:SRE'
+ fi
+ fi
+ fi
+
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to export.
+ always_export_symbols_F77=yes
+ if test "$aix_use_runtimelinking" = yes; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ allow_undefined_flag_F77='-berok'
+ # Determine the default libpath from the value encoded in an empty executable.
+ cat >conftest.$ac_ext <<_ACEOF
+ program main
+
+ end
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_f77_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+
+aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+# Check for a 64-bit object if we didn't find anything.
+if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`; fi
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_nsl_yp_maplist=no
+
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_nsl_yp_maplist" >&5
-echo "${ECHO_T}$ac_cv_lib_nsl_yp_maplist" >&6
-if test $ac_cv_lib_nsl_yp_maplist = yes; then
- HAVE_LIBNSL=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBNSL 1
+if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+
+ hardcode_libdir_flag_spec_F77='${wl}-blibpath:$libdir:'"$aix_libpath"
+ archive_expsym_cmds_F77="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ else
+ if test "$host_cpu" = ia64; then
+ hardcode_libdir_flag_spec_F77='${wl}-R $libdir:/usr/lib:/lib'
+ allow_undefined_flag_F77="-z nodefs"
+ archive_expsym_cmds_F77="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an empty executable.
+ cat >conftest.$ac_ext <<_ACEOF
+ program main
+
+ end
_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_f77_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+
+aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+# Check for a 64-bit object if we didn't find anything.
+if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`; fi
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+
+ hardcode_libdir_flag_spec_F77='${wl}-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ no_undefined_flag_F77=' ${wl}-bernotok'
+ allow_undefined_flag_F77=' ${wl}-berok'
+ # Exported symbols can be pulled into shared objects from archives
+ whole_archive_flag_spec_F77='$convenience'
+ archive_cmds_need_lc_F77=yes
+ # This is similar to how AIX traditionally builds its shared libraries.
+ archive_expsym_cmds_F77="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+ fi
+ fi
+ ;;
+
+ amigaos*)
+ archive_cmds_F77='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ hardcode_libdir_flag_spec_F77='-L$libdir'
+ hardcode_minus_L_F77=yes
+ # see comment about different semantics on the GNU ld section
+ ld_shlibs_F77=no
+ ;;
+
+ bsdi[45]*)
+ export_dynamic_flag_spec_F77=-rdynamic
+ ;;
+
+ cygwin* | mingw* | pw32*)
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ hardcode_libdir_flag_spec_F77=' '
+ allow_undefined_flag_F77=unsupported
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=".dll"
+ # FIXME: Setting linknames here is a bad hack.
+ archive_cmds_F77='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames='
+ # The linker will automatically build a .lib file if we build a DLL.
+ old_archive_From_new_cmds_F77='true'
+ # FIXME: Should let the user specify the lib program.
+ old_archive_cmds_F77='lib /OUT:$oldlib$oldobjs$old_deplibs'
+ fix_srcfile_path_F77='`cygpath -w "$srcfile"`'
+ enable_shared_with_static_runtimes_F77=yes
+ ;;
+
+ darwin* | rhapsody*)
+ case $host_os in
+ rhapsody* | darwin1.[012])
+ allow_undefined_flag_F77='${wl}-undefined ${wl}suppress'
+ ;;
+ *) # Darwin 1.3 on
+ if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then
+ allow_undefined_flag_F77='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ else
+ case ${MACOSX_DEPLOYMENT_TARGET} in
+ 10.[012])
+ allow_undefined_flag_F77='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ ;;
+ 10.*)
+ allow_undefined_flag_F77='${wl}-undefined ${wl}dynamic_lookup'
+ ;;
+ esac
+ fi
+ ;;
+ esac
+ archive_cmds_need_lc_F77=no
+ hardcode_direct_F77=no
+ hardcode_automatic_F77=yes
+ hardcode_shlibpath_var_F77=unsupported
+ whole_archive_flag_spec_F77=''
+ link_all_deplibs_F77=yes
+ if test "$GCC" = yes ; then
+ output_verbose_link_cmd='echo'
+ archive_cmds_F77='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
+ module_cmds_F77='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ module_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ else
+ case $cc_basename in
+ xlc*)
+ output_verbose_link_cmd='echo'
+ archive_cmds_F77='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring'
+ module_cmds_F77='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ module_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ ;;
+ *)
+ ld_shlibs_F77=no
+ ;;
+ esac
+ fi
+ ;;
+
+ dgux*)
+ archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec_F77='-L$libdir'
+ hardcode_shlibpath_var_F77=no
+ ;;
+
+ freebsd1*)
+ ld_shlibs_F77=no
+ ;;
+
+ # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+ # support. Future versions do this automatically, but an explicit c++rt0.o
+ # does not break anything, and helps significantly (at the cost of a little
+ # extra space).
+ freebsd2.2*)
+ archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+ hardcode_libdir_flag_spec_F77='-R$libdir'
+ hardcode_direct_F77=yes
+ hardcode_shlibpath_var_F77=no
+ ;;
+
+ # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+ freebsd2*)
+ archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct_F77=yes
+ hardcode_minus_L_F77=yes
+ hardcode_shlibpath_var_F77=no
+ ;;
+
+ # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+ freebsd* | kfreebsd*-gnu | dragonfly*)
+ archive_cmds_F77='$CC -shared -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec_F77='-R$libdir'
+ hardcode_direct_F77=yes
+ hardcode_shlibpath_var_F77=no
+ ;;
+
+ hpux9*)
+ if test "$GCC" = yes; then
+ archive_cmds_F77='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ else
+ archive_cmds_F77='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ fi
+ hardcode_libdir_flag_spec_F77='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator_F77=:
+ hardcode_direct_F77=yes
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L_F77=yes
+ export_dynamic_flag_spec_F77='${wl}-E'
+ ;;
+
+ hpux10*)
+ if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ archive_cmds_F77='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds_F77='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec_F77='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator_F77=:
+
+ hardcode_direct_F77=yes
+ export_dynamic_flag_spec_F77='${wl}-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L_F77=yes
+ fi
+ ;;
+
+ hpux11*)
+ if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds_F77='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds_F77='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ archive_cmds_F77='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ else
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds_F77='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds_F77='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ archive_cmds_F77='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ fi
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec_F77='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator_F77=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ hardcode_libdir_flag_spec_ld_F77='+b $libdir'
+ hardcode_direct_F77=no
+ hardcode_shlibpath_var_F77=no
+ ;;
+ *)
+ hardcode_direct_F77=yes
+ export_dynamic_flag_spec_F77='${wl}-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L_F77=yes
+ ;;
+ esac
+ fi
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ if test "$GCC" = yes; then
+ archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ archive_cmds_F77='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ hardcode_libdir_flag_spec_ld_F77='-rpath $libdir'
+ fi
+ hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator_F77=:
+ link_all_deplibs_F77=yes
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
+ else
+ archive_cmds_F77='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF
+ fi
+ hardcode_libdir_flag_spec_F77='-R$libdir'
+ hardcode_direct_F77=yes
+ hardcode_shlibpath_var_F77=no
+ ;;
+
+ newsos6)
+ archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct_F77=yes
+ hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator_F77=:
+ hardcode_shlibpath_var_F77=no
+ ;;
+
+ openbsd*)
+ hardcode_direct_F77=yes
+ hardcode_shlibpath_var_F77=no
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ archive_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols'
+ hardcode_libdir_flag_spec_F77='${wl}-rpath,$libdir'
+ export_dynamic_flag_spec_F77='${wl}-E'
+ else
+ case $host_os in
+ openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*)
+ archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec_F77='-R$libdir'
+ ;;
+ *)
+ archive_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec_F77='${wl}-rpath,$libdir'
+ ;;
+ esac
+ fi
+ ;;
+
+ os2*)
+ hardcode_libdir_flag_spec_F77='-L$libdir'
+ hardcode_minus_L_F77=yes
+ allow_undefined_flag_F77=unsupported
+ archive_cmds_F77='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+ old_archive_From_new_cmds_F77='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
+ ;;
+
+ osf3*)
+ if test "$GCC" = yes; then
+ allow_undefined_flag_F77=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds_F77='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ allow_undefined_flag_F77=' -expect_unresolved \*'
+ archive_cmds_F77='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ fi
+ hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator_F77=:
+ ;;
+
+ osf4* | osf5*) # as osf3* with the addition of -msym flag
+ if test "$GCC" = yes; then
+ allow_undefined_flag_F77=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds_F77='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir'
+ else
+ allow_undefined_flag_F77=' -expect_unresolved \*'
+ archive_cmds_F77='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ archive_expsym_cmds_F77='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~
+ $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp'
+
+ # Both c and cxx compiler support -rpath directly
+ hardcode_libdir_flag_spec_F77='-rpath $libdir'
+ fi
+ hardcode_libdir_separator_F77=:
+ ;;
+
+ solaris*)
+ no_undefined_flag_F77=' -z text'
+ if test "$GCC" = yes; then
+ wlarc='${wl}'
+ archive_cmds_F77='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_F77='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp'
+ else
+ wlarc=''
+ archive_cmds_F77='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ archive_expsym_cmds_F77='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp'
+ fi
+ hardcode_libdir_flag_spec_F77='-R$libdir'
+ hardcode_shlibpath_var_F77=no
+ case $host_os in
+ solaris2.[0-5] | solaris2.[0-5].*) ;;
+ *)
+ # The compiler driver will combine linker options so we
+ # cannot just pass the convience library names through
+ # without $wl, iff we do not link with $LD.
+ # Luckily, gcc supports the same syntax we need for Sun Studio.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ case $wlarc in
+ '')
+ whole_archive_flag_spec_F77='-z allextract$convenience -z defaultextract' ;;
+ *)
+ whole_archive_flag_spec_F77='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;;
+ esac ;;
+ esac
+ link_all_deplibs_F77=yes
+ ;;
+
+ sunos4*)
+ if test "x$host_vendor" = xsequent; then
+ # Use $CC to link under sequent, because it throws in some extra .o
+ # files that make .init and .fini sections work.
+ archive_cmds_F77='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds_F77='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ hardcode_libdir_flag_spec_F77='-L$libdir'
+ hardcode_direct_F77=yes
+ hardcode_minus_L_F77=yes
+ hardcode_shlibpath_var_F77=no
+ ;;
+
+ sysv4)
+ case $host_vendor in
+ sni)
+ archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct_F77=yes # is this really true???
+ ;;
+ siemens)
+ ## LD is ld it makes a PLAMLIB
+ ## CC just makes a GrossModule.
+ archive_cmds_F77='$LD -G -o $lib $libobjs $deplibs $linker_flags'
+ reload_cmds_F77='$CC -r -o $output$reload_objs'
+ hardcode_direct_F77=no
+ ;;
+ motorola)
+ archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct_F77=no #Motorola manual says yes, but my tests say they lie
+ ;;
+ esac
+ runpath_var='LD_RUN_PATH'
+ hardcode_shlibpath_var_F77=no
+ ;;
+
+ sysv4.3*)
+ archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_shlibpath_var_F77=no
+ export_dynamic_flag_spec_F77='-Bexport'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_shlibpath_var_F77=no
+ runpath_var=LD_RUN_PATH
+ hardcode_runpath_var=yes
+ ld_shlibs_F77=yes
+ fi
+ ;;
+
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*)
+ no_undefined_flag_F77='${wl}-z,text'
+ archive_cmds_need_lc_F77=no
+ hardcode_shlibpath_var_F77=no
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ archive_cmds_F77='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_F77='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds_F77='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_F77='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We can NOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ no_undefined_flag_F77='${wl}-z,text'
+ allow_undefined_flag_F77='${wl}-z,nodefs'
+ archive_cmds_need_lc_F77=no
+ hardcode_shlibpath_var_F77=no
+ hardcode_libdir_flag_spec_F77='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
+ hardcode_libdir_separator_F77=':'
+ link_all_deplibs_F77=yes
+ export_dynamic_flag_spec_F77='${wl}-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ archive_cmds_F77='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_F77='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds_F77='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_F77='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ uts4*)
+ archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec_F77='-L$libdir'
+ hardcode_shlibpath_var_F77=no
+ ;;
+
+ *)
+ ld_shlibs_F77=no
+ ;;
+ esac
+ fi
+
+{ echo "$as_me:$LINENO: result: $ld_shlibs_F77" >&5
+echo "${ECHO_T}$ld_shlibs_F77" >&6; }
+test "$ld_shlibs_F77" = no && can_build_shared=no
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$archive_cmds_need_lc_F77" in
+x|xyes)
+ # Assume -lc should be added
+ archive_cmds_need_lc_F77=yes
+
+ if test "$enable_shared" = yes && test "$GCC" = yes; then
+ case $archive_cmds_F77 in
+ *'~'*)
+ # FIXME: we may have to deal with multi-command sequences.
+ ;;
+ '$CC '*)
+ # Test whether the compiler implicitly links with -lc since on some
+ # systems, -lgcc has to come before -lc. If gcc already passes -lc
+ # to ld, don't add -lc before -lgcc.
+ { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5
+echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; }
+ $rm conftest*
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } 2>conftest.err; then
+ soname=conftest
+ lib=conftest
+ libobjs=conftest.$ac_objext
+ deplibs=
+ wl=$lt_prog_compiler_wl_F77
+ pic_flag=$lt_prog_compiler_pic_F77
+ compiler_flags=-v
+ linker_flags=-v
+ verstring=
+ output_objdir=.
+ libname=conftest
+ lt_save_allow_undefined_flag=$allow_undefined_flag_F77
+ allow_undefined_flag_F77=
+ if { (eval echo "$as_me:$LINENO: \"$archive_cmds_F77 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5
+ (eval $archive_cmds_F77 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+ then
+ archive_cmds_need_lc_F77=no
+ else
+ archive_cmds_need_lc_F77=yes
+ fi
+ allow_undefined_flag_F77=$lt_save_allow_undefined_flag
+ else
+ cat conftest.err 1>&5
+ fi
+ $rm conftest*
+ { echo "$as_me:$LINENO: result: $archive_cmds_need_lc_F77" >&5
+echo "${ECHO_T}$archive_cmds_need_lc_F77" >&6; }
+ ;;
+ esac
+ fi
+ ;;
+esac
+
+{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5
+echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; }
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=".so"
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+if test "$GCC" = yes; then
+ sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then
+ # if the path contains ";" then we assume it to be the separator
+ # otherwise default to the standard path separator (i.e. ":") - it is
+ # assumed that no part of a normal pathname contains ";" but that should
+ # okay in the real world where ";" in dirpaths is itself problematic.
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+else
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+case $host_os in
+aix3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
+ shlibpath_var=LIBPATH
+
+ # AIX 3 has no versioning support, so we append a major version to the name.
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+
+aix4* | aix5*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ hardcode_into_libs=yes
+ if test "$host_cpu" = ia64; then
+ # AIX 5 supports IA64
+ library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ else
+ # With GCC up to 2.95.x, collect2 would create an import file
+ # for dependence libraries. The import file would start with
+ # the line `#! .'. This would cause the generated library to
+ # depend on `.', always an invalid library. This was fixed in
+ # development snapshots of GCC prior to 3.0.
+ case $host_os in
+ aix4 | aix4.[01] | aix4.[01].*)
+ if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+ echo ' yes '
+ echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then
+ :
+ else
+ can_build_shared=no
+ fi
+ ;;
+ esac
+ # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
+ # soname into executable. Probably we can add versioning support to
+ # collect2, so additional links can be useful in future.
+ if test "$aix_use_runtimelinking" = yes; then
+ # If using run time linking (on AIX 4.2 or later) use lib<name>.so
+ # instead of lib<name>.a to let people know that these are not
+ # typical AIX shared libraries.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ else
+ # We preserve .a as extension for shared libraries through AIX4.2
+ # and later when we are not doing run time linking.
+ library_names_spec='${libname}${release}.a $libname.a'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ fi
+ shlibpath_var=LIBPATH
+ fi
+ ;;
+
+amigaos*)
+ library_names_spec='$libname.ixlibrary $libname.a'
+ # Create ${libname}_ixlibrary.a entries in /sys/libs.
+ finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+ ;;
+
+beos*)
+ library_names_spec='${libname}${shared_ext}'
+ dynamic_linker="$host_os ld.so"
+ shlibpath_var=LIBRARY_PATH
+ ;;
+
+bsdi[45]*)
+ version_type=linux
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+ # the default ld.so.conf also contains /usr/contrib/lib and
+ # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+ # libtool to hard-code these into programs
+ ;;
+
+cygwin* | mingw* | pw32*)
+ version_type=windows
+ shrext_cmds=".dll"
+ need_version=no
+ need_lib_prefix=no
+
+ case $GCC,$host_os in
+ yes,cygwin* | yes,mingw* | yes,pw32*)
+ library_names_spec='$libname.dll.a'
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \${file}`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $rm \$dlpath'
+ shlibpath_overrides_runpath=yes
+
+ case $host_os in
+ cygwin*)
+ # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+ soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
+ ;;
+ mingw*)
+ # MinGW DLLs use traditional 'lib' prefix
+ soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then
+ # It is most probably a Windows format PATH printed by
+ # mingw gcc, but we are running on Cygwin. Gcc prints its search
+ # path with ; separators, and with drive letters. We can handle the
+ # drive letters (cygwin fileutils understands them), so leave them,
+ # especially as we might pass files found there to a mingw objdump,
+ # which wouldn't understand a cygwinified path. Ahh.
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+ ;;
+ pw32*)
+ # pw32 DLLs use 'pw' prefix rather than 'lib'
+ library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ ;;
+ esac
+ ;;
+
+ *)
+ library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib'
+ ;;
+ esac
+ dynamic_linker='Win32 ld.exe'
+ # FIXME: first we should search . and the directory the executable is in
+ shlibpath_var=PATH
+ ;;
+
+darwin* | rhapsody*)
+ dynamic_linker="$host_os dyld"
+ version_type=darwin
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${versuffix}$shared_ext ${libname}${release}${major}$shared_ext ${libname}$shared_ext'
+ soname_spec='${libname}${release}${major}$shared_ext'
+ shlibpath_overrides_runpath=yes
+ shlibpath_var=DYLD_LIBRARY_PATH
+ shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+ # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same.
+ if test "$GCC" = yes; then
+ sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"`
+ else
+ sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib'
+ fi
+ sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+ ;;
+
+dgux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+freebsd1*)
+ dynamic_linker=no
+ ;;
+
+kfreebsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='GNU ld.so'
+ ;;
+
+freebsd* | dragonfly*)
+ # DragonFly does not have aout. When/if they implement a new
+ # versioning mechanism, adjust this.
+ if test -x /usr/bin/objformat; then
+ objformat=`/usr/bin/objformat`
+ else
+ case $host_os in
+ freebsd[123]*) objformat=aout ;;
+ *) objformat=elf ;;
+ esac
+ fi
+ version_type=freebsd-$objformat
+ case $version_type in
+ freebsd-elf*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ need_version=no
+ need_lib_prefix=no
+ ;;
+ freebsd-*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
+ need_version=yes
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_os in
+ freebsd2*)
+ shlibpath_overrides_runpath=yes
+ ;;
+ freebsd3.[01]* | freebsdelf3.[01]*)
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
+ freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+ freebsd*) # from 4.6 on
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ esac
+ ;;
+
+gnu*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ ;;
+
+hpux9* | hpux10* | hpux11*)
+ # Give a soname corresponding to the major version so that dld.sl refuses to
+ # link against other versions.
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ case $host_cpu in
+ ia64*)
+ shrext_cmds='.so'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.so"
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ if test "X$HPUX_IA64_MODE" = X32; then
+ sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+ else
+ sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+ fi
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ hppa*64*)
+ shrext_cmds='.sl'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ *)
+ shrext_cmds='.sl'
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=SHLIB_PATH
+ shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+ esac
+ # HP-UX runs *really* slowly unless shared libraries are mode 555.
+ postinstall_cmds='chmod 555 $lib'
+ ;;
+
+interix3*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $host_os in
+ nonstopux*) version_type=nonstopux ;;
+ *)
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ version_type=linux
+ else
+ version_type=irix
+ fi ;;
+ esac
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
+ case $host_os in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in # libtool.m4 will add one of these switches to LD
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+ libsuff= shlibsuff= libmagic=32-bit;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+ libsuff=32 shlibsuff=N32 libmagic=N32;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+ libsuff=64 shlibsuff=64 libmagic=64-bit;;
+ *) libsuff= shlibsuff= libmagic=never-match;;
+ esac
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+ sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+ hardcode_into_libs=yes
+ ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+ dynamic_linker=no
+ ;;
+
+# This must be Linux ELF.
+linux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ # Append ld.so.conf contents to the search path
+ if test -f /etc/ld.so.conf; then
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ fi
+
+ # We used to test for /lib/ld.so.1 and disable shared libraries on
+ # powerpc, because MkLinux only supported shared libraries with the
+ # GNU dynamic linker. Since this was broken with cross compilers,
+ # most powerpc-linux boxes support dynamic linking these days and
+ # people can always --disable-shared, the test was removed, and we
+ # assume the GNU/Linux dynamic linker is in use.
+ dynamic_linker='GNU/Linux ld.so'
+ ;;
+
+knetbsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='GNU ld.so'
+ ;;
+
+netbsd*)
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ dynamic_linker='NetBSD (a.out) ld.so'
+ else
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='NetBSD ld.elf_so'
+ fi
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+
+newsos6)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+nto-qnx*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+openbsd*)
+ version_type=sunos
+ sys_lib_dlsearch_path_spec="/usr/lib"
+ need_lib_prefix=no
+ # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
+ case $host_os in
+ openbsd3.3 | openbsd3.3.*) need_version=yes ;;
+ *) need_version=no ;;
+ esac
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ case $host_os in
+ openbsd2.[89] | openbsd2.[89].*)
+ shlibpath_overrides_runpath=no
+ ;;
+ *)
+ shlibpath_overrides_runpath=yes
+ ;;
+ esac
+ else
+ shlibpath_overrides_runpath=yes
+ fi
+ ;;
+
+os2*)
+ libname_spec='$name'
+ shrext_cmds=".dll"
+ need_lib_prefix=no
+ library_names_spec='$libname${shared_ext} $libname.a'
+ dynamic_linker='OS/2 ld.exe'
+ shlibpath_var=LIBPATH
+ ;;
+
+osf3* | osf4* | osf5*)
+ version_type=osf
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+ sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+ ;;
+
+solaris*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ # ldd complains unless libraries are executable
+ postinstall_cmds='chmod +x $lib'
+ ;;
+
+sunos4*)
+ version_type=sunos
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ if test "$with_gnu_ld" = yes; then
+ need_lib_prefix=no
+ fi
+ need_version=yes
+ ;;
+
+sysv4 | sysv4.3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_vendor in
+ sni)
+ shlibpath_overrides_runpath=no
+ need_lib_prefix=no
+ export_dynamic_flag_spec='${wl}-Blargedynsym'
+ runpath_var=LD_RUN_PATH
+ ;;
+ siemens)
+ need_lib_prefix=no
+ ;;
+ motorola)
+ need_lib_prefix=no
+ need_version=no
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+ ;;
+ esac
+ ;;
+
+sysv4*MP*)
+ if test -d /usr/nec ;then
+ version_type=linux
+ library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
+ soname_spec='$libname${shared_ext}.$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ fi
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ version_type=freebsd-elf
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ if test "$with_gnu_ld" = yes; then
+ sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+ shlibpath_overrides_runpath=no
+ else
+ sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+ shlibpath_overrides_runpath=yes
+ case $host_os in
+ sco3.2v5*)
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+ ;;
+ esac
+ fi
+ sys_lib_dlsearch_path_spec='/usr/lib'
+ ;;
+
+uts4*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+*)
+ dynamic_linker=no
+ ;;
+esac
+{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5
+echo "${ECHO_T}$dynamic_linker" >&6; }
+test "$dynamic_linker" = no && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test "$GCC" = yes; then
+ variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5
+echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; }
+hardcode_action_F77=
+if test -n "$hardcode_libdir_flag_spec_F77" || \
+ test -n "$runpath_var_F77" || \
+ test "X$hardcode_automatic_F77" = "Xyes" ; then
+
+ # We can hardcode non-existant directories.
+ if test "$hardcode_direct_F77" != no &&
+ # If the only mechanism to avoid hardcoding is shlibpath_var, we
+ # have to relink, otherwise we might link with an installed library
+ # when we should be linking with a yet-to-be-installed one
+ ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, F77)" != no &&
+ test "$hardcode_minus_L_F77" != no; then
+ # Linking always hardcodes the temporary library directory.
+ hardcode_action_F77=relink
+ else
+ # We can link without hardcoding, and we can hardcode nonexisting dirs.
+ hardcode_action_F77=immediate
+ fi
+else
+ # We cannot hardcode anything, or else we can only hardcode existing
+ # directories.
+ hardcode_action_F77=unsupported
+fi
+{ echo "$as_me:$LINENO: result: $hardcode_action_F77" >&5
+echo "${ECHO_T}$hardcode_action_F77" >&6; }
+
+if test "$hardcode_action_F77" = relink; then
+ # Fast installation is not supported
+ enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+ test "$enable_shared" = no; then
+ # Fast installation is not necessary
+ enable_fast_install=needless
+fi
+
+
+# The else clause should only fire when bootstrapping the
+# libtool distribution, otherwise you forgot to ship ltmain.sh
+# with your package, and you will get complaints that there are
+# no rules to generate ltmain.sh.
+if test -f "$ltmain"; then
+ # See if we are running on zsh, and set the options which allow our commands through
+ # without removal of \ escapes.
+ if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+ fi
+ # Now quote all the things that may contain metacharacters while being
+ # careful not to overquote the AC_SUBSTed values. We take copies of the
+ # variables and quote the copies for generation of the libtool script.
+ for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \
+ SED SHELL STRIP \
+ libname_spec library_names_spec soname_spec extract_expsyms_cmds \
+ old_striplib striplib file_magic_cmd finish_cmds finish_eval \
+ deplibs_check_method reload_flag reload_cmds need_locks \
+ lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \
+ lt_cv_sys_global_symbol_to_c_name_address \
+ sys_lib_search_path_spec sys_lib_dlsearch_path_spec \
+ old_postinstall_cmds old_postuninstall_cmds \
+ compiler_F77 \
+ CC_F77 \
+ LD_F77 \
+ lt_prog_compiler_wl_F77 \
+ lt_prog_compiler_pic_F77 \
+ lt_prog_compiler_static_F77 \
+ lt_prog_compiler_no_builtin_flag_F77 \
+ export_dynamic_flag_spec_F77 \
+ thread_safe_flag_spec_F77 \
+ whole_archive_flag_spec_F77 \
+ enable_shared_with_static_runtimes_F77 \
+ old_archive_cmds_F77 \
+ old_archive_from_new_cmds_F77 \
+ predep_objects_F77 \
+ postdep_objects_F77 \
+ predeps_F77 \
+ postdeps_F77 \
+ compiler_lib_search_path_F77 \
+ archive_cmds_F77 \
+ archive_expsym_cmds_F77 \
+ postinstall_cmds_F77 \
+ postuninstall_cmds_F77 \
+ old_archive_from_expsyms_cmds_F77 \
+ allow_undefined_flag_F77 \
+ no_undefined_flag_F77 \
+ export_symbols_cmds_F77 \
+ hardcode_libdir_flag_spec_F77 \
+ hardcode_libdir_flag_spec_ld_F77 \
+ hardcode_libdir_separator_F77 \
+ hardcode_automatic_F77 \
+ module_cmds_F77 \
+ module_expsym_cmds_F77 \
+ lt_cv_prog_compiler_c_o_F77 \
+ exclude_expsyms_F77 \
+ include_expsyms_F77; do
+
+ case $var in
+ old_archive_cmds_F77 | \
+ old_archive_from_new_cmds_F77 | \
+ archive_cmds_F77 | \
+ archive_expsym_cmds_F77 | \
+ module_cmds_F77 | \
+ module_expsym_cmds_F77 | \
+ old_archive_from_expsyms_cmds_F77 | \
+ export_symbols_cmds_F77 | \
+ extract_expsyms_cmds | reload_cmds | finish_cmds | \
+ postinstall_cmds | postuninstall_cmds | \
+ old_postinstall_cmds | old_postuninstall_cmds | \
+ sys_lib_search_path_spec | sys_lib_dlsearch_path_spec)
+ # Double-quote double-evaled strings.
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\""
+ ;;
+ *)
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\""
+ ;;
+ esac
+ done
+
+ case $lt_echo in
+ *'\$0 --fallback-echo"')
+ lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'`
+ ;;
+ esac
+
+cfgfile="$ofile"
+
+ cat <<__EOF__ >> "$cfgfile"
+# ### BEGIN LIBTOOL TAG CONFIG: $tagname
+
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+
+# Shell to use when invoking shell scripts.
+SHELL=$lt_SHELL
+
+# Whether or not to build shared libraries.
+build_libtool_libs=$enable_shared
+
+# Whether or not to build static libraries.
+build_old_libs=$enable_static
+
+# Whether or not to add -lc for building shared libraries.
+build_libtool_need_lc=$archive_cmds_need_lc_F77
+
+# Whether or not to disallow shared libs when runtime libs are static
+allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_F77
+
+# Whether or not to optimize for fast installation.
+fast_install=$enable_fast_install
+
+# The host system.
+host_alias=$host_alias
+host=$host
+host_os=$host_os
+
+# The build system.
+build_alias=$build_alias
+build=$build
+build_os=$build_os
+
+# An echo program that does not interpret backslashes.
+echo=$lt_echo
+
+# The archiver.
+AR=$lt_AR
+AR_FLAGS=$lt_AR_FLAGS
+
+# A C compiler.
+LTCC=$lt_LTCC
+
+# LTCC compiler flags.
+LTCFLAGS=$lt_LTCFLAGS
+
+# A language-specific compiler.
+CC=$lt_compiler_F77
+
+# Is the compiler the GNU C compiler?
+with_gcc=$GCC_F77
+
+# An ERE matcher.
+EGREP=$lt_EGREP
+
+# The linker used to build libraries.
+LD=$lt_LD_F77
+
+# Whether we need hard or soft links.
+LN_S=$lt_LN_S
+
+# A BSD-compatible nm program.
+NM=$lt_NM
+
+# A symbol stripping program
+STRIP=$lt_STRIP
+
+# Used to examine libraries when file_magic_cmd begins "file"
+MAGIC_CMD=$MAGIC_CMD
+
+# Used on cygwin: DLL creation program.
+DLLTOOL="$DLLTOOL"
+
+# Used on cygwin: object dumper.
+OBJDUMP="$OBJDUMP"
+
+# Used on cygwin: assembler.
+AS="$AS"
+
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
+
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag
+reload_cmds=$lt_reload_cmds
+
+# How to pass a linker flag through the compiler.
+wl=$lt_lt_prog_compiler_wl_F77
+
+# Object file suffix (normally "o").
+objext="$ac_objext"
+
+# Old archive suffix (normally "a").
+libext="$libext"
+
+# Shared library suffix (normally ".so").
+shrext_cmds='$shrext_cmds'
+
+# Executable file suffix (normally "").
+exeext="$exeext"
+
+# Additional compiler flags for building library objects.
+pic_flag=$lt_lt_prog_compiler_pic_F77
+pic_mode=$pic_mode
+
+# What is the maximum length of a command?
+max_cmd_len=$lt_cv_sys_max_cmd_len
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$lt_lt_cv_prog_compiler_c_o_F77
+
+# Must we lock files when doing compilation?
+need_locks=$lt_need_locks
+
+# Do we need the lib prefix for modules?
+need_lib_prefix=$need_lib_prefix
+
+# Do we need a version for libraries?
+need_version=$need_version
+
+# Whether dlopen is supported.
+dlopen_support=$enable_dlopen
+
+# Whether dlopen of programs is supported.
+dlopen_self=$enable_dlopen_self
+
+# Whether dlopen of statically linked programs is supported.
+dlopen_self_static=$enable_dlopen_self_static
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$lt_lt_prog_compiler_static_F77
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_F77
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_F77
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$lt_whole_archive_flag_spec_F77
+
+# Compiler flag to generate thread-safe objects.
+thread_safe_flag_spec=$lt_thread_safe_flag_spec_F77
+
+# Library versioning type.
+version_type=$version_type
+
+# Format of library name prefix.
+libname_spec=$lt_libname_spec
+
+# List of archive names. First name is the real one, the rest are links.
+# The last name is the one that the linker finds with -lNAME.
+library_names_spec=$lt_library_names_spec
+
+# The coded name of the library, if different from the real name.
+soname_spec=$lt_soname_spec
+
+# Commands used to build and install an old-style archive.
+RANLIB=$lt_RANLIB
+old_archive_cmds=$lt_old_archive_cmds_F77
+old_postinstall_cmds=$lt_old_postinstall_cmds
+old_postuninstall_cmds=$lt_old_postuninstall_cmds
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_F77
+
+# Create a temporary old-style archive to link instead of a shared archive.
+old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_F77
+
+# Commands used to build and install a shared archive.
+archive_cmds=$lt_archive_cmds_F77
+archive_expsym_cmds=$lt_archive_expsym_cmds_F77
+postinstall_cmds=$lt_postinstall_cmds
+postuninstall_cmds=$lt_postuninstall_cmds
+
+# Commands used to build a loadable module (assumed same as above if empty)
+module_cmds=$lt_module_cmds_F77
+module_expsym_cmds=$lt_module_expsym_cmds_F77
+
+# Commands to strip libraries.
+old_striplib=$lt_old_striplib
+striplib=$lt_striplib
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predep_objects=$lt_predep_objects_F77
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdep_objects=$lt_postdep_objects_F77
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predeps=$lt_predeps_F77
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdeps=$lt_postdeps_F77
+
+# The library search path used internally by the compiler when linking
+# a shared library.
+compiler_lib_search_path=$lt_compiler_lib_search_path_F77
+
+# Method to check whether dependent libraries are shared objects.
+deplibs_check_method=$lt_deplibs_check_method
+
+# Command to use when deplibs_check_method == file_magic.
+file_magic_cmd=$lt_file_magic_cmd
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$lt_allow_undefined_flag_F77
+
+# Flag that forces no undefined symbols.
+no_undefined_flag=$lt_no_undefined_flag_F77
+
+# Commands used to finish a libtool library installation in a directory.
+finish_cmds=$lt_finish_cmds
+
+# Same as above, but a single script fragment to be evaled but not shown.
+finish_eval=$lt_finish_eval
+
+# Take the output of nm and produce a listing of raw symbols and C names.
+global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe
+
+# Transform the output of nm in a proper C declaration
+global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl
+
+# Transform the output of nm in a C name address pair
+global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
+
+# This is the shared library runtime path variable.
+runpath_var=$runpath_var
+
+# This is the shared library path variable.
+shlibpath_var=$shlibpath_var
+
+# Is shlibpath searched before the hard-coded library search path?
+shlibpath_overrides_runpath=$shlibpath_overrides_runpath
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$hardcode_action_F77
+
+# Whether we should hardcode library paths into libraries.
+hardcode_into_libs=$hardcode_into_libs
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist.
+hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_F77
+
+# If ld is used when linking, flag to hardcode \$libdir into
+# a binary during linking. This must work even if \$libdir does
+# not exist.
+hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_F77
+
+# Whether we need a single -rpath flag with a separated argument.
+hardcode_libdir_separator=$lt_hardcode_libdir_separator_F77
+
+# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the
+# resulting binary.
+hardcode_direct=$hardcode_direct_F77
+
+# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
+# resulting binary.
+hardcode_minus_L=$hardcode_minus_L_F77
+
+# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into
+# the resulting binary.
+hardcode_shlibpath_var=$hardcode_shlibpath_var_F77
+
+# Set to yes if building a shared library automatically hardcodes DIR into the library
+# and all subsequent libraries and executables linked against it.
+hardcode_automatic=$hardcode_automatic_F77
+
+# Variables whose values should be saved in libtool wrapper scripts and
+# restored at relink time.
+variables_saved_for_relink="$variables_saved_for_relink"
+
+# Whether libtool must link a program against all its dependency libraries.
+link_all_deplibs=$link_all_deplibs_F77
+
+# Compile-time system search path for libraries
+sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
+
+# Run-time system search path for libraries
+sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec
+
+# Fix the shell variable \$srcfile for the compiler.
+fix_srcfile_path="$fix_srcfile_path_F77"
+
+# Set to yes if exported symbols are required.
+always_export_symbols=$always_export_symbols_F77
+
+# The commands to list exported symbols.
+export_symbols_cmds=$lt_export_symbols_cmds_F77
+
+# The commands to extract the exported symbol list from a shared archive.
+extract_expsyms_cmds=$lt_extract_expsyms_cmds
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$lt_exclude_expsyms_F77
+
+# Symbols that must always be exported.
+include_expsyms=$lt_include_expsyms_F77
+
+# ### END LIBTOOL TAG CONFIG: $tagname
+
+__EOF__
+
else
- HAVE_LIBNSL=no
+ # If there is no Makefile yet, we rely on a make rule to execute
+ # `config.status --recheck' to rerun these tests and create the
+ # libtool script then.
+ ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'`
+ if test -f "$ltmain_in"; then
+ test -f Makefile && make "$ltmain"
+ fi
fi
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+CC="$lt_save_CC"
+
+ else
+ tagname=""
+ fi
+ ;;
+
+ GCJ)
+ if test -n "$GCJ" && test "X$GCJ" != "Xno"; then
+
+
+# Source file extension for Java test sources.
+ac_ext=java
+
+# Object file extension for compiled Java test sources.
+objext=o
+objext_GCJ=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="class foo {}\n"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='public class conftest { public static void main(String[] argv) {}; }\n'
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+
+# save warnings/boilerplate of simple test code
+ac_outfile=conftest.$ac_objext
+printf "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$rm conftest*
+
+ac_outfile=conftest.$ac_objext
+printf "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$rm conftest*
+
+
+# Allow CC to be a program name with arguments.
+lt_save_CC="$CC"
+CC=${GCJ-"gcj"}
+compiler=$CC
+compiler_GCJ=$CC
+for cc_temp in $compiler""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+
+
+# GCJ did not exist at the time GCC didn't implicitly link libc in.
+archive_cmds_need_lc_GCJ=no
+
+old_archive_cmds_GCJ=$old_archive_cmds
+
+
+lt_prog_compiler_no_builtin_flag_GCJ=
+
+if test "$GCC" = yes; then
+ lt_prog_compiler_no_builtin_flag_GCJ=' -fno-builtin'
+
+
+{ echo "$as_me:$LINENO: checking if $compiler supports -fno-rtti -fno-exceptions" >&5
+echo $ECHO_N "checking if $compiler supports -fno-rtti -fno-exceptions... $ECHO_C" >&6; }
+if test "${lt_cv_prog_compiler_rtti_exceptions+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_cv_prog_compiler_rtti_exceptions=no
+ ac_outfile=conftest.$ac_objext
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="-fno-rtti -fno-exceptions"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:16688: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&5
+ echo "$as_me:16692: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_rtti_exceptions=yes
+ fi
+ fi
+ $rm conftest*
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_rtti_exceptions" >&5
+echo "${ECHO_T}$lt_cv_prog_compiler_rtti_exceptions" >&6; }
+
+if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then
+ lt_prog_compiler_no_builtin_flag_GCJ="$lt_prog_compiler_no_builtin_flag_GCJ -fno-rtti -fno-exceptions"
+else
+ :
+fi
-if test $HAVE_LIBNSL = yes ; then
- pwdblibs="$pwdblibs -lnsl"
fi
-echo "$as_me:$LINENO: checking for pwdb_db_name in -lpwdb" >&5
-echo $ECHO_N "checking for pwdb_db_name in -lpwdb... $ECHO_C" >&6
-if test "${ac_cv_lib_pwdb_pwdb_db_name+set}" = set; then
+
+lt_prog_compiler_wl_GCJ=
+lt_prog_compiler_pic_GCJ=
+lt_prog_compiler_static_GCJ=
+
+{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5
+echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; }
+
+ if test "$GCC" = yes; then
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ lt_prog_compiler_static_GCJ='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static_GCJ='-Bstatic'
+ fi
+ ;;
+
+ amigaos*)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the `-m68020' flag to GCC prevents building anything better,
+ # like `-m68040'.
+ lt_prog_compiler_pic_GCJ='-m68020 -resident32 -malways-restore-a4'
+ ;;
+
+ beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+
+ mingw* | pw32* | os2*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ lt_prog_compiler_pic_GCJ='-DDLL_EXPORT'
+ ;;
+
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ lt_prog_compiler_pic_GCJ='-fno-common'
+ ;;
+
+ interix3*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+
+ msdosdjgpp*)
+ # Just because we use GCC doesn't mean we suddenly get shared libraries
+ # on systems that don't support them.
+ lt_prog_compiler_can_build_shared_GCJ=no
+ enable_shared=no
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ lt_prog_compiler_pic_GCJ=-Kconform_pic
+ fi
+ ;;
+
+ hpux*)
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic_GCJ='-fPIC'
+ ;;
+ esac
+ ;;
+
+ *)
+ lt_prog_compiler_pic_GCJ='-fPIC'
+ ;;
+ esac
+ else
+ # PORTME Check for flag to pass linker flags through the system compiler.
+ case $host_os in
+ aix*)
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static_GCJ='-Bstatic'
+ else
+ lt_prog_compiler_static_GCJ='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+ darwin*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ case $cc_basename in
+ xlc*)
+ lt_prog_compiler_pic_GCJ='-qnocommon'
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ ;;
+ esac
+ ;;
+
+ mingw* | pw32* | os2*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ lt_prog_compiler_pic_GCJ='-DDLL_EXPORT'
+ ;;
+
+ hpux9* | hpux10* | hpux11*)
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic_GCJ='+Z'
+ ;;
+ esac
+ # Is there a better lt_prog_compiler_static that works with the bundled CC?
+ lt_prog_compiler_static_GCJ='${wl}-a ${wl}archive'
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ # PIC (with -KPIC) is the default.
+ lt_prog_compiler_static_GCJ='-non_shared'
+ ;;
+
+ newsos6)
+ lt_prog_compiler_pic_GCJ='-KPIC'
+ lt_prog_compiler_static_GCJ='-Bstatic'
+ ;;
+
+ linux*)
+ case $cc_basename in
+ icc* | ecc*)
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ lt_prog_compiler_pic_GCJ='-KPIC'
+ lt_prog_compiler_static_GCJ='-static'
+ ;;
+ pgcc* | pgf77* | pgf90* | pgf95*)
+ # Portland Group compilers (*not* the Pentium gcc compiler,
+ # which looks to be a dead project)
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ lt_prog_compiler_pic_GCJ='-fpic'
+ lt_prog_compiler_static_GCJ='-Bstatic'
+ ;;
+ ccc*)
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ # All Alpha code is PIC.
+ lt_prog_compiler_static_GCJ='-non_shared'
+ ;;
+ esac
+ ;;
+
+ osf3* | osf4* | osf5*)
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ # All OSF/1 code is PIC.
+ lt_prog_compiler_static_GCJ='-non_shared'
+ ;;
+
+ solaris*)
+ lt_prog_compiler_pic_GCJ='-KPIC'
+ lt_prog_compiler_static_GCJ='-Bstatic'
+ case $cc_basename in
+ f77* | f90* | f95*)
+ lt_prog_compiler_wl_GCJ='-Qoption ld ';;
+ *)
+ lt_prog_compiler_wl_GCJ='-Wl,';;
+ esac
+ ;;
+
+ sunos4*)
+ lt_prog_compiler_wl_GCJ='-Qoption ld '
+ lt_prog_compiler_pic_GCJ='-PIC'
+ lt_prog_compiler_static_GCJ='-Bstatic'
+ ;;
+
+ sysv4 | sysv4.2uw2* | sysv4.3*)
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ lt_prog_compiler_pic_GCJ='-KPIC'
+ lt_prog_compiler_static_GCJ='-Bstatic'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec ;then
+ lt_prog_compiler_pic_GCJ='-Kconform_pic'
+ lt_prog_compiler_static_GCJ='-Bstatic'
+ fi
+ ;;
+
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ lt_prog_compiler_pic_GCJ='-KPIC'
+ lt_prog_compiler_static_GCJ='-Bstatic'
+ ;;
+
+ unicos*)
+ lt_prog_compiler_wl_GCJ='-Wl,'
+ lt_prog_compiler_can_build_shared_GCJ=no
+ ;;
+
+ uts4*)
+ lt_prog_compiler_pic_GCJ='-pic'
+ lt_prog_compiler_static_GCJ='-Bstatic'
+ ;;
+
+ *)
+ lt_prog_compiler_can_build_shared_GCJ=no
+ ;;
+ esac
+ fi
+
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_GCJ" >&5
+echo "${ECHO_T}$lt_prog_compiler_pic_GCJ" >&6; }
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$lt_prog_compiler_pic_GCJ"; then
+
+{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_GCJ works" >&5
+echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_GCJ works... $ECHO_C" >&6; }
+if test "${lt_prog_compiler_pic_works_GCJ+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lpwdb $pwdblibs $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
+ lt_prog_compiler_pic_works_GCJ=no
+ ac_outfile=conftest.$ac_objext
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="$lt_prog_compiler_pic_GCJ"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:16956: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&5
+ echo "$as_me:16960: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ lt_prog_compiler_pic_works_GCJ=yes
+ fi
+ fi
+ $rm conftest*
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_GCJ" >&5
+echo "${ECHO_T}$lt_prog_compiler_pic_works_GCJ" >&6; }
+
+if test x"$lt_prog_compiler_pic_works_GCJ" = xyes; then
+ case $lt_prog_compiler_pic_GCJ in
+ "" | " "*) ;;
+ *) lt_prog_compiler_pic_GCJ=" $lt_prog_compiler_pic_GCJ" ;;
+ esac
+else
+ lt_prog_compiler_pic_GCJ=
+ lt_prog_compiler_can_build_shared_GCJ=no
+fi
+
+fi
+case $host_os in
+ # For platforms which do not support PIC, -DPIC is meaningless:
+ *djgpp*)
+ lt_prog_compiler_pic_GCJ=
+ ;;
+ *)
+ lt_prog_compiler_pic_GCJ="$lt_prog_compiler_pic_GCJ"
+ ;;
+esac
+
+#
+# Check to make sure the static flag actually works.
+#
+wl=$lt_prog_compiler_wl_GCJ eval lt_tmp_static_flag=\"$lt_prog_compiler_static_GCJ\"
+{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5
+echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; }
+if test "${lt_prog_compiler_static_works_GCJ+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_prog_compiler_static_works_GCJ=no
+ save_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS $lt_tmp_static_flag"
+ printf "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&5
+ $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ lt_prog_compiler_static_works_GCJ=yes
+ fi
+ else
+ lt_prog_compiler_static_works_GCJ=yes
+ fi
+ fi
+ $rm conftest*
+ LDFLAGS="$save_LDFLAGS"
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_GCJ" >&5
+echo "${ECHO_T}$lt_prog_compiler_static_works_GCJ" >&6; }
+
+if test x"$lt_prog_compiler_static_works_GCJ" = xyes; then
+ :
+else
+ lt_prog_compiler_static_GCJ=
+fi
+
+
+{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5
+echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; }
+if test "${lt_cv_prog_compiler_c_o_GCJ+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ lt_cv_prog_compiler_c_o_GCJ=no
+ $rm -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:17060: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&5
+ echo "$as_me:17064: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_c_o_GCJ=yes
+ fi
+ fi
+ chmod u+w . 2>&5
+ $rm conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files
+ $rm out/* && rmdir out
+ cd ..
+ rmdir conftest
+ $rm conftest*
+
+fi
+{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_GCJ" >&5
+echo "${ECHO_T}$lt_cv_prog_compiler_c_o_GCJ" >&6; }
+
+
+hard_links="nottested"
+if test "$lt_cv_prog_compiler_c_o_GCJ" = no && test "$need_locks" != no; then
+ # do not overwrite the value of need_locks provided by the user
+ { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5
+echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; }
+ hard_links=yes
+ $rm conftest*
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ touch conftest.a
+ ln conftest.a conftest.b 2>&5 || hard_links=no
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ { echo "$as_me:$LINENO: result: $hard_links" >&5
+echo "${ECHO_T}$hard_links" >&6; }
+ if test "$hard_links" = no; then
+ { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5
+echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;}
+ need_locks=warn
+ fi
+else
+ need_locks=no
+fi
+
+{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5
+echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; }
+
+ runpath_var=
+ allow_undefined_flag_GCJ=
+ enable_shared_with_static_runtimes_GCJ=no
+ archive_cmds_GCJ=
+ archive_expsym_cmds_GCJ=
+ old_archive_From_new_cmds_GCJ=
+ old_archive_from_expsyms_cmds_GCJ=
+ export_dynamic_flag_spec_GCJ=
+ whole_archive_flag_spec_GCJ=
+ thread_safe_flag_spec_GCJ=
+ hardcode_libdir_flag_spec_GCJ=
+ hardcode_libdir_flag_spec_ld_GCJ=
+ hardcode_libdir_separator_GCJ=
+ hardcode_direct_GCJ=no
+ hardcode_minus_L_GCJ=no
+ hardcode_shlibpath_var_GCJ=unsupported
+ link_all_deplibs_GCJ=unknown
+ hardcode_automatic_GCJ=no
+ module_cmds_GCJ=
+ module_expsym_cmds_GCJ=
+ always_export_symbols_GCJ=no
+ export_symbols_cmds_GCJ='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ # include_expsyms should be a list of space-separated symbols to be *always*
+ # included in the symbol list
+ include_expsyms_GCJ=
+ # exclude_expsyms can be an extended regexp of symbols to exclude
+ # it will be wrapped by ` (' and `)$', so one must not match beginning or
+ # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
+ # as well as any symbol that contains `d'.
+ exclude_expsyms_GCJ="_GLOBAL_OFFSET_TABLE_"
+ # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+ # platforms (ab)use it in PIC code, but their linkers get confused if
+ # the symbol is explicitly referenced. Since portable code cannot
+ # rely on this symbol name, it's probably fine to never include it in
+ # preloaded symbol tables.
+ extract_expsyms_cmds=
+ # Just being paranoid about ensuring that cc_basename is set.
+ for cc_temp in $compiler""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+
+ case $host_os in
+ cygwin* | mingw* | pw32*)
+ # FIXME: the MSVC++ port hasn't been tested in a loooong time
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ if test "$GCC" != yes; then
+ with_gnu_ld=no
+ fi
+ ;;
+ interix*)
+ # we just hope/assume this is gcc and not c89 (= MSVC++)
+ with_gnu_ld=yes
+ ;;
+ openbsd*)
+ with_gnu_ld=no
+ ;;
+ esac
+
+ ld_shlibs_GCJ=yes
+ if test "$with_gnu_ld" = yes; then
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ wlarc='${wl}'
+
+ # Set some defaults for GNU ld with shared library support. These
+ # are reset later if shared libraries are not supported. Putting them
+ # here allows them to be overridden if necessary.
+ runpath_var=LD_RUN_PATH
+ hardcode_libdir_flag_spec_GCJ='${wl}--rpath ${wl}$libdir'
+ export_dynamic_flag_spec_GCJ='${wl}--export-dynamic'
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then
+ whole_archive_flag_spec_GCJ="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ else
+ whole_archive_flag_spec_GCJ=
+ fi
+ supports_anon_versioning=no
+ case `$LD -v 2>/dev/null` in
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11
+ *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
+ *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
+ *\ 2.11.*) ;; # other 2.11 versions
+ *) supports_anon_versioning=yes ;;
+ esac
+
+ # See if GNU ld supports shared libraries.
+ case $host_os in
+ aix3* | aix4* | aix5*)
+ # On AIX/PPC, the GNU linker is very broken
+ if test "$host_cpu" != ia64; then
+ ld_shlibs_GCJ=no
+ cat <<EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.9.1, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support. If you
+*** really care for shared libraries, you may want to modify your PATH
+*** so that a non-GNU linker is found, and then restart.
+
+EOF
+ fi
+ ;;
+
+ amigaos*)
+ archive_cmds_GCJ='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ hardcode_libdir_flag_spec_GCJ='-L$libdir'
+ hardcode_minus_L_GCJ=yes
+
+ # Samuel A. Falvo II <kc5tja@dolphin.openprojects.net> reports
+ # that the semantics of dynamic libraries on AmigaOS, at least up
+ # to version 4, is to share data among multiple programs linked
+ # with the same dynamic library. Since this doesn't match the
+ # behavior of shared libraries on other platforms, we can't use
+ # them.
+ ld_shlibs_GCJ=no
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ allow_undefined_flag_GCJ=unsupported
+ # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ archive_cmds_GCJ='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ else
+ ld_shlibs_GCJ=no
+ fi
+ ;;
+
+ cygwin* | mingw* | pw32*)
+ # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, GCJ) is actually meaningless,
+ # as there is no search path for DLLs.
+ hardcode_libdir_flag_spec_GCJ='-L$libdir'
+ allow_undefined_flag_GCJ=unsupported
+ always_export_symbols_GCJ=no
+ enable_shared_with_static_runtimes_GCJ=yes
+ export_symbols_cmds_GCJ='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols'
+
+ if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
+ archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file (1st line
+ # is EXPORTS), use it as is; otherwise, prepend...
+ archive_expsym_cmds_GCJ='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ ld_shlibs_GCJ=no
+ fi
+ ;;
+
+ interix3*)
+ hardcode_direct_GCJ=no
+ hardcode_shlibpath_var_GCJ=no
+ hardcode_libdir_flag_spec_GCJ='${wl}-rpath,$libdir'
+ export_dynamic_flag_spec_GCJ='${wl}-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ archive_cmds_GCJ='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ archive_expsym_cmds_GCJ='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+
+ linux*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ tmp_addflag=
+ case $cc_basename,$host_cpu in
+ pgcc*) # Portland Group C compiler
+ whole_archive_flag_spec_GCJ='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag'
+ ;;
+ pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers
+ whole_archive_flag_spec_GCJ='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag -Mnomain' ;;
+ ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64
+ tmp_addflag=' -i_dynamic' ;;
+ efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64
+ tmp_addflag=' -i_dynamic -nofor_main' ;;
+ ifc* | ifort*) # Intel Fortran compiler
+ tmp_addflag=' -nofor_main' ;;
+ esac
+ archive_cmds_GCJ='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+
+ if test $supports_anon_versioning = yes; then
+ archive_expsym_cmds_GCJ='$echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ $echo "local: *; };" >> $output_objdir/$libname.ver~
+ $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+ fi
+ else
+ ld_shlibs_GCJ=no
+ fi
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ archive_cmds_GCJ='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
+ wlarc=
+ else
+ archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ fi
+ ;;
+
+ solaris*)
+ if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then
+ ld_shlibs_GCJ=no
+ cat <<EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+EOF
+ elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs_GCJ=no
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+ case `$LD -v 2>&1` in
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*)
+ ld_shlibs_GCJ=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
+*** reliably create shared libraries on SCO systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.16.91.0.3 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ ;;
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ hardcode_libdir_flag_spec_GCJ='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`'
+ archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib'
+ archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib'
+ else
+ ld_shlibs_GCJ=no
+ fi
+ ;;
+ esac
+ ;;
+
+ sunos4*)
+ archive_cmds_GCJ='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ wlarc=
+ hardcode_direct_GCJ=yes
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs_GCJ=no
+ fi
+ ;;
+ esac
+
+ if test "$ld_shlibs_GCJ" = no; then
+ runpath_var=
+ hardcode_libdir_flag_spec_GCJ=
+ export_dynamic_flag_spec_GCJ=
+ whole_archive_flag_spec_GCJ=
+ fi
+ else
+ # PORTME fill in a description of your system's linker (not GNU ld)
+ case $host_os in
+ aix3*)
+ allow_undefined_flag_GCJ=unsupported
+ always_export_symbols_GCJ=yes
+ archive_expsym_cmds_GCJ='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
+ # Note: this linker hardcodes the directories in LIBPATH if there
+ # are no directories specified by -L.
+ hardcode_minus_L_GCJ=yes
+ if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then
+ # Neither direct hardcoding nor static linking is supported with a
+ # broken collect2.
+ hardcode_direct_GCJ=unsupported
+ fi
+ ;;
+
+ aix4* | aix5*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=""
+ else
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to AIX nm, but means don't demangle with GNU nm
+ if $NM -V 2>&1 | grep 'GNU' > /dev/null; then
+ export_symbols_cmds_GCJ='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols'
+ else
+ export_symbols_cmds_GCJ='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols'
+ fi
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[23]|aix4.[23].*|aix5*)
+ for ld_flag in $LDFLAGS; do
+ if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+ aix_use_runtimelinking=yes
+ break
+ fi
+ done
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ archive_cmds_GCJ=''
+ hardcode_direct_GCJ=yes
+ hardcode_libdir_separator_GCJ=':'
+ link_all_deplibs_GCJ=yes
+
+ if test "$GCC" = yes; then
+ case $host_os in aix4.[012]|aix4.[012].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" && \
+ strings "$collect2name" | grep resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ hardcode_direct_GCJ=yes
+ else
+ # We have old collect2
+ hardcode_direct_GCJ=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ hardcode_minus_L_GCJ=yes
+ hardcode_libdir_flag_spec_GCJ='-L$libdir'
+ hardcode_libdir_separator_GCJ=
+ fi
+ ;;
+ esac
+ shared_flag='-shared'
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag="$shared_flag "'${wl}-G'
+ fi
+ else
+ # not using gcc
+ if test "$host_cpu" = ia64; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag='${wl}-G'
+ else
+ shared_flag='${wl}-bM:SRE'
+ fi
+ fi
+ fi
+
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to export.
+ always_export_symbols_GCJ=yes
+ if test "$aix_use_runtimelinking" = yes; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ allow_undefined_flag_GCJ='-berok'
+ # Determine the default libpath from the value encoded in an empty executable.
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char pwdb_db_name ();
int
main ()
{
-pwdb_db_name ();
+
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+
+aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+# Check for a 64-bit object if we didn't find anything.
+if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`; fi
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+
+ hardcode_libdir_flag_spec_GCJ='${wl}-blibpath:$libdir:'"$aix_libpath"
+ archive_expsym_cmds_GCJ="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ else
+ if test "$host_cpu" = ia64; then
+ hardcode_libdir_flag_spec_GCJ='${wl}-R $libdir:/usr/lib:/lib'
+ allow_undefined_flag_GCJ="-z nodefs"
+ archive_expsym_cmds_GCJ="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an empty executable.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_pwdb_pwdb_db_name=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+
+aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+# Check for a 64-bit object if we didn't find anything.
+if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`; fi
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_pwdb_pwdb_db_name=no
+
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
+if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+
+ hardcode_libdir_flag_spec_GCJ='${wl}-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ no_undefined_flag_GCJ=' ${wl}-bernotok'
+ allow_undefined_flag_GCJ=' ${wl}-berok'
+ # Exported symbols can be pulled into shared objects from archives
+ whole_archive_flag_spec_GCJ='$convenience'
+ archive_cmds_need_lc_GCJ=yes
+ # This is similar to how AIX traditionally builds its shared libraries.
+ archive_expsym_cmds_GCJ="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+ fi
+ fi
+ ;;
+
+ amigaos*)
+ archive_cmds_GCJ='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ hardcode_libdir_flag_spec_GCJ='-L$libdir'
+ hardcode_minus_L_GCJ=yes
+ # see comment about different semantics on the GNU ld section
+ ld_shlibs_GCJ=no
+ ;;
+
+ bsdi[45]*)
+ export_dynamic_flag_spec_GCJ=-rdynamic
+ ;;
+
+ cygwin* | mingw* | pw32*)
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ hardcode_libdir_flag_spec_GCJ=' '
+ allow_undefined_flag_GCJ=unsupported
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=".dll"
+ # FIXME: Setting linknames here is a bad hack.
+ archive_cmds_GCJ='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames='
+ # The linker will automatically build a .lib file if we build a DLL.
+ old_archive_From_new_cmds_GCJ='true'
+ # FIXME: Should let the user specify the lib program.
+ old_archive_cmds_GCJ='lib /OUT:$oldlib$oldobjs$old_deplibs'
+ fix_srcfile_path_GCJ='`cygpath -w "$srcfile"`'
+ enable_shared_with_static_runtimes_GCJ=yes
+ ;;
+
+ darwin* | rhapsody*)
+ case $host_os in
+ rhapsody* | darwin1.[012])
+ allow_undefined_flag_GCJ='${wl}-undefined ${wl}suppress'
+ ;;
+ *) # Darwin 1.3 on
+ if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then
+ allow_undefined_flag_GCJ='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ else
+ case ${MACOSX_DEPLOYMENT_TARGET} in
+ 10.[012])
+ allow_undefined_flag_GCJ='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
+ ;;
+ 10.*)
+ allow_undefined_flag_GCJ='${wl}-undefined ${wl}dynamic_lookup'
+ ;;
+ esac
+ fi
+ ;;
+ esac
+ archive_cmds_need_lc_GCJ=no
+ hardcode_direct_GCJ=no
+ hardcode_automatic_GCJ=yes
+ hardcode_shlibpath_var_GCJ=unsupported
+ whole_archive_flag_spec_GCJ=''
+ link_all_deplibs_GCJ=yes
+ if test "$GCC" = yes ; then
+ output_verbose_link_cmd='echo'
+ archive_cmds_GCJ='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
+ module_cmds_GCJ='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ module_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ else
+ case $cc_basename in
+ xlc*)
+ output_verbose_link_cmd='echo'
+ archive_cmds_GCJ='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring'
+ module_cmds_GCJ='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
+ # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
+ archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ module_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ ;;
+ *)
+ ld_shlibs_GCJ=no
+ ;;
+ esac
+ fi
+ ;;
+
+ dgux*)
+ archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec_GCJ='-L$libdir'
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+
+ freebsd1*)
+ ld_shlibs_GCJ=no
+ ;;
+
+ # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+ # support. Future versions do this automatically, but an explicit c++rt0.o
+ # does not break anything, and helps significantly (at the cost of a little
+ # extra space).
+ freebsd2.2*)
+ archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+ hardcode_libdir_flag_spec_GCJ='-R$libdir'
+ hardcode_direct_GCJ=yes
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+
+ # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+ freebsd2*)
+ archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct_GCJ=yes
+ hardcode_minus_L_GCJ=yes
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+
+ # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+ freebsd* | kfreebsd*-gnu | dragonfly*)
+ archive_cmds_GCJ='$CC -shared -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec_GCJ='-R$libdir'
+ hardcode_direct_GCJ=yes
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+
+ hpux9*)
+ if test "$GCC" = yes; then
+ archive_cmds_GCJ='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ else
+ archive_cmds_GCJ='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ fi
+ hardcode_libdir_flag_spec_GCJ='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator_GCJ=:
+ hardcode_direct_GCJ=yes
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L_GCJ=yes
+ export_dynamic_flag_spec_GCJ='${wl}-E'
+ ;;
+
+ hpux10*)
+ if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ archive_cmds_GCJ='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds_GCJ='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec_GCJ='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator_GCJ=:
+
+ hardcode_direct_GCJ=yes
+ export_dynamic_flag_spec_GCJ='${wl}-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L_GCJ=yes
+ fi
+ ;;
+
+ hpux11*)
+ if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds_GCJ='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds_GCJ='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ archive_cmds_GCJ='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ else
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds_GCJ='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds_GCJ='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ archive_cmds_GCJ='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ fi
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec_GCJ='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator_GCJ=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ hardcode_libdir_flag_spec_ld_GCJ='+b $libdir'
+ hardcode_direct_GCJ=no
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+ *)
+ hardcode_direct_GCJ=yes
+ export_dynamic_flag_spec_GCJ='${wl}-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L_GCJ=yes
+ ;;
+ esac
+ fi
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ if test "$GCC" = yes; then
+ archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ archive_cmds_GCJ='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ hardcode_libdir_flag_spec_ld_GCJ='-rpath $libdir'
+ fi
+ hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator_GCJ=:
+ link_all_deplibs_GCJ=yes
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
+ else
+ archive_cmds_GCJ='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF
+ fi
+ hardcode_libdir_flag_spec_GCJ='-R$libdir'
+ hardcode_direct_GCJ=yes
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+
+ newsos6)
+ archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct_GCJ=yes
+ hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator_GCJ=:
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+
+ openbsd*)
+ hardcode_direct_GCJ=yes
+ hardcode_shlibpath_var_GCJ=no
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ archive_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols'
+ hardcode_libdir_flag_spec_GCJ='${wl}-rpath,$libdir'
+ export_dynamic_flag_spec_GCJ='${wl}-E'
+ else
+ case $host_os in
+ openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*)
+ archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec_GCJ='-R$libdir'
+ ;;
+ *)
+ archive_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec_GCJ='${wl}-rpath,$libdir'
+ ;;
+ esac
+ fi
+ ;;
+
+ os2*)
+ hardcode_libdir_flag_spec_GCJ='-L$libdir'
+ hardcode_minus_L_GCJ=yes
+ allow_undefined_flag_GCJ=unsupported
+ archive_cmds_GCJ='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+ old_archive_From_new_cmds_GCJ='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
+ ;;
+
+ osf3*)
+ if test "$GCC" = yes; then
+ allow_undefined_flag_GCJ=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds_GCJ='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ allow_undefined_flag_GCJ=' -expect_unresolved \*'
+ archive_cmds_GCJ='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ fi
+ hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator_GCJ=:
+ ;;
+
+ osf4* | osf5*) # as osf3* with the addition of -msym flag
+ if test "$GCC" = yes; then
+ allow_undefined_flag_GCJ=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds_GCJ='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir'
+ else
+ allow_undefined_flag_GCJ=' -expect_unresolved \*'
+ archive_cmds_GCJ='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib'
+ archive_expsym_cmds_GCJ='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~
+ $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp'
+
+ # Both c and cxx compiler support -rpath directly
+ hardcode_libdir_flag_spec_GCJ='-rpath $libdir'
+ fi
+ hardcode_libdir_separator_GCJ=:
+ ;;
+
+ solaris*)
+ no_undefined_flag_GCJ=' -z text'
+ if test "$GCC" = yes; then
+ wlarc='${wl}'
+ archive_cmds_GCJ='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_GCJ='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp'
+ else
+ wlarc=''
+ archive_cmds_GCJ='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ archive_expsym_cmds_GCJ='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+ $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp'
+ fi
+ hardcode_libdir_flag_spec_GCJ='-R$libdir'
+ hardcode_shlibpath_var_GCJ=no
+ case $host_os in
+ solaris2.[0-5] | solaris2.[0-5].*) ;;
+ *)
+ # The compiler driver will combine linker options so we
+ # cannot just pass the convience library names through
+ # without $wl, iff we do not link with $LD.
+ # Luckily, gcc supports the same syntax we need for Sun Studio.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ case $wlarc in
+ '')
+ whole_archive_flag_spec_GCJ='-z allextract$convenience -z defaultextract' ;;
+ *)
+ whole_archive_flag_spec_GCJ='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;;
+ esac ;;
+ esac
+ link_all_deplibs_GCJ=yes
+ ;;
+
+ sunos4*)
+ if test "x$host_vendor" = xsequent; then
+ # Use $CC to link under sequent, because it throws in some extra .o
+ # files that make .init and .fini sections work.
+ archive_cmds_GCJ='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds_GCJ='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ hardcode_libdir_flag_spec_GCJ='-L$libdir'
+ hardcode_direct_GCJ=yes
+ hardcode_minus_L_GCJ=yes
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+
+ sysv4)
+ case $host_vendor in
+ sni)
+ archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct_GCJ=yes # is this really true???
+ ;;
+ siemens)
+ ## LD is ld it makes a PLAMLIB
+ ## CC just makes a GrossModule.
+ archive_cmds_GCJ='$LD -G -o $lib $libobjs $deplibs $linker_flags'
+ reload_cmds_GCJ='$CC -r -o $output$reload_objs'
+ hardcode_direct_GCJ=no
+ ;;
+ motorola)
+ archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct_GCJ=no #Motorola manual says yes, but my tests say they lie
+ ;;
+ esac
+ runpath_var='LD_RUN_PATH'
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+
+ sysv4.3*)
+ archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_shlibpath_var_GCJ=no
+ export_dynamic_flag_spec_GCJ='-Bexport'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_shlibpath_var_GCJ=no
+ runpath_var=LD_RUN_PATH
+ hardcode_runpath_var=yes
+ ld_shlibs_GCJ=yes
+ fi
+ ;;
+
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*)
+ no_undefined_flag_GCJ='${wl}-z,text'
+ archive_cmds_need_lc_GCJ=no
+ hardcode_shlibpath_var_GCJ=no
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ archive_cmds_GCJ='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_GCJ='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds_GCJ='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_GCJ='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We can NOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ no_undefined_flag_GCJ='${wl}-z,text'
+ allow_undefined_flag_GCJ='${wl}-z,nodefs'
+ archive_cmds_need_lc_GCJ=no
+ hardcode_shlibpath_var_GCJ=no
+ hardcode_libdir_flag_spec_GCJ='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
+ hardcode_libdir_separator_GCJ=':'
+ link_all_deplibs_GCJ=yes
+ export_dynamic_flag_spec_GCJ='${wl}-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ archive_cmds_GCJ='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_GCJ='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds_GCJ='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds_GCJ='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ uts4*)
+ archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec_GCJ='-L$libdir'
+ hardcode_shlibpath_var_GCJ=no
+ ;;
+
+ *)
+ ld_shlibs_GCJ=no
+ ;;
+ esac
+ fi
+
+{ echo "$as_me:$LINENO: result: $ld_shlibs_GCJ" >&5
+echo "${ECHO_T}$ld_shlibs_GCJ" >&6; }
+test "$ld_shlibs_GCJ" = no && can_build_shared=no
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$archive_cmds_need_lc_GCJ" in
+x|xyes)
+ # Assume -lc should be added
+ archive_cmds_need_lc_GCJ=yes
+
+ if test "$enable_shared" = yes && test "$GCC" = yes; then
+ case $archive_cmds_GCJ in
+ *'~'*)
+ # FIXME: we may have to deal with multi-command sequences.
+ ;;
+ '$CC '*)
+ # Test whether the compiler implicitly links with -lc since on some
+ # systems, -lgcc has to come before -lc. If gcc already passes -lc
+ # to ld, don't add -lc before -lgcc.
+ { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5
+echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; }
+ $rm conftest*
+ printf "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } 2>conftest.err; then
+ soname=conftest
+ lib=conftest
+ libobjs=conftest.$ac_objext
+ deplibs=
+ wl=$lt_prog_compiler_wl_GCJ
+ pic_flag=$lt_prog_compiler_pic_GCJ
+ compiler_flags=-v
+ linker_flags=-v
+ verstring=
+ output_objdir=.
+ libname=conftest
+ lt_save_allow_undefined_flag=$allow_undefined_flag_GCJ
+ allow_undefined_flag_GCJ=
+ if { (eval echo "$as_me:$LINENO: \"$archive_cmds_GCJ 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5
+ (eval $archive_cmds_GCJ 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+ then
+ archive_cmds_need_lc_GCJ=no
+ else
+ archive_cmds_need_lc_GCJ=yes
+ fi
+ allow_undefined_flag_GCJ=$lt_save_allow_undefined_flag
+ else
+ cat conftest.err 1>&5
+ fi
+ $rm conftest*
+ { echo "$as_me:$LINENO: result: $archive_cmds_need_lc_GCJ" >&5
+echo "${ECHO_T}$archive_cmds_need_lc_GCJ" >&6; }
+ ;;
+ esac
+ fi
+ ;;
+esac
+
+{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5
+echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; }
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=".so"
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+if test "$GCC" = yes; then
+ sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then
+ # if the path contains ";" then we assume it to be the separator
+ # otherwise default to the standard path separator (i.e. ":") - it is
+ # assumed that no part of a normal pathname contains ";" but that should
+ # okay in the real world where ";" in dirpaths is itself problematic.
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+else
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+case $host_os in
+aix3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
+ shlibpath_var=LIBPATH
+
+ # AIX 3 has no versioning support, so we append a major version to the name.
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+
+aix4* | aix5*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ hardcode_into_libs=yes
+ if test "$host_cpu" = ia64; then
+ # AIX 5 supports IA64
+ library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ else
+ # With GCC up to 2.95.x, collect2 would create an import file
+ # for dependence libraries. The import file would start with
+ # the line `#! .'. This would cause the generated library to
+ # depend on `.', always an invalid library. This was fixed in
+ # development snapshots of GCC prior to 3.0.
+ case $host_os in
+ aix4 | aix4.[01] | aix4.[01].*)
+ if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+ echo ' yes '
+ echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then
+ :
+ else
+ can_build_shared=no
+ fi
+ ;;
+ esac
+ # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
+ # soname into executable. Probably we can add versioning support to
+ # collect2, so additional links can be useful in future.
+ if test "$aix_use_runtimelinking" = yes; then
+ # If using run time linking (on AIX 4.2 or later) use lib<name>.so
+ # instead of lib<name>.a to let people know that these are not
+ # typical AIX shared libraries.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ else
+ # We preserve .a as extension for shared libraries through AIX4.2
+ # and later when we are not doing run time linking.
+ library_names_spec='${libname}${release}.a $libname.a'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ fi
+ shlibpath_var=LIBPATH
+ fi
+ ;;
+
+amigaos*)
+ library_names_spec='$libname.ixlibrary $libname.a'
+ # Create ${libname}_ixlibrary.a entries in /sys/libs.
+ finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+ ;;
+
+beos*)
+ library_names_spec='${libname}${shared_ext}'
+ dynamic_linker="$host_os ld.so"
+ shlibpath_var=LIBRARY_PATH
+ ;;
+
+bsdi[45]*)
+ version_type=linux
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+ # the default ld.so.conf also contains /usr/contrib/lib and
+ # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+ # libtool to hard-code these into programs
+ ;;
+
+cygwin* | mingw* | pw32*)
+ version_type=windows
+ shrext_cmds=".dll"
+ need_version=no
+ need_lib_prefix=no
+
+ case $GCC,$host_os in
+ yes,cygwin* | yes,mingw* | yes,pw32*)
+ library_names_spec='$libname.dll.a'
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \${file}`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $rm \$dlpath'
+ shlibpath_overrides_runpath=yes
+
+ case $host_os in
+ cygwin*)
+ # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+ soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
+ ;;
+ mingw*)
+ # MinGW DLLs use traditional 'lib' prefix
+ soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
+ if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then
+ # It is most probably a Windows format PATH printed by
+ # mingw gcc, but we are running on Cygwin. Gcc prints its search
+ # path with ; separators, and with drive letters. We can handle the
+ # drive letters (cygwin fileutils understands them), so leave them,
+ # especially as we might pass files found there to a mingw objdump,
+ # which wouldn't understand a cygwinified path. Ahh.
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+ ;;
+ pw32*)
+ # pw32 DLLs use 'pw' prefix rather than 'lib'
+ library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ ;;
+ esac
+ ;;
+
+ *)
+ library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib'
+ ;;
+ esac
+ dynamic_linker='Win32 ld.exe'
+ # FIXME: first we should search . and the directory the executable is in
+ shlibpath_var=PATH
+ ;;
+
+darwin* | rhapsody*)
+ dynamic_linker="$host_os dyld"
+ version_type=darwin
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${versuffix}$shared_ext ${libname}${release}${major}$shared_ext ${libname}$shared_ext'
+ soname_spec='${libname}${release}${major}$shared_ext'
+ shlibpath_overrides_runpath=yes
+ shlibpath_var=DYLD_LIBRARY_PATH
+ shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+ # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same.
+ if test "$GCC" = yes; then
+ sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"`
+ else
+ sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib'
+ fi
+ sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+ ;;
+
+dgux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+freebsd1*)
+ dynamic_linker=no
+ ;;
+
+kfreebsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='GNU ld.so'
+ ;;
+
+freebsd* | dragonfly*)
+ # DragonFly does not have aout. When/if they implement a new
+ # versioning mechanism, adjust this.
+ if test -x /usr/bin/objformat; then
+ objformat=`/usr/bin/objformat`
+ else
+ case $host_os in
+ freebsd[123]*) objformat=aout ;;
+ *) objformat=elf ;;
+ esac
+ fi
+ version_type=freebsd-$objformat
+ case $version_type in
+ freebsd-elf*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ need_version=no
+ need_lib_prefix=no
+ ;;
+ freebsd-*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
+ need_version=yes
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_os in
+ freebsd2*)
+ shlibpath_overrides_runpath=yes
+ ;;
+ freebsd3.[01]* | freebsdelf3.[01]*)
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
+ freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+ freebsd*) # from 4.6 on
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ esac
+ ;;
+
+gnu*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ ;;
+
+hpux9* | hpux10* | hpux11*)
+ # Give a soname corresponding to the major version so that dld.sl refuses to
+ # link against other versions.
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ case $host_cpu in
+ ia64*)
+ shrext_cmds='.so'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.so"
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ if test "X$HPUX_IA64_MODE" = X32; then
+ sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+ else
+ sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+ fi
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ hppa*64*)
+ shrext_cmds='.sl'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ *)
+ shrext_cmds='.sl'
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=SHLIB_PATH
+ shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+ esac
+ # HP-UX runs *really* slowly unless shared libraries are mode 555.
+ postinstall_cmds='chmod 555 $lib'
+ ;;
+
+interix3*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $host_os in
+ nonstopux*) version_type=nonstopux ;;
+ *)
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ version_type=linux
+ else
+ version_type=irix
+ fi ;;
+ esac
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
+ case $host_os in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in # libtool.m4 will add one of these switches to LD
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+ libsuff= shlibsuff= libmagic=32-bit;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+ libsuff=32 shlibsuff=N32 libmagic=N32;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+ libsuff=64 shlibsuff=64 libmagic=64-bit;;
+ *) libsuff= shlibsuff= libmagic=never-match;;
+ esac
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+ sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+ hardcode_into_libs=yes
+ ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+ dynamic_linker=no
+ ;;
+
+# This must be Linux ELF.
+linux*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ # Append ld.so.conf contents to the search path
+ if test -f /etc/ld.so.conf; then
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ fi
+
+ # We used to test for /lib/ld.so.1 and disable shared libraries on
+ # powerpc, because MkLinux only supported shared libraries with the
+ # GNU dynamic linker. Since this was broken with cross compilers,
+ # most powerpc-linux boxes support dynamic linking these days and
+ # people can always --disable-shared, the test was removed, and we
+ # assume the GNU/Linux dynamic linker is in use.
+ dynamic_linker='GNU/Linux ld.so'
+ ;;
+
+knetbsd*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='GNU ld.so'
+ ;;
+
+netbsd*)
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ dynamic_linker='NetBSD (a.out) ld.so'
+ else
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='NetBSD ld.elf_so'
+ fi
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+
+newsos6)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+nto-qnx*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+openbsd*)
+ version_type=sunos
+ sys_lib_dlsearch_path_spec="/usr/lib"
+ need_lib_prefix=no
+ # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
+ case $host_os in
+ openbsd3.3 | openbsd3.3.*) need_version=yes ;;
+ *) need_version=no ;;
+ esac
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ case $host_os in
+ openbsd2.[89] | openbsd2.[89].*)
+ shlibpath_overrides_runpath=no
+ ;;
+ *)
+ shlibpath_overrides_runpath=yes
+ ;;
+ esac
+ else
+ shlibpath_overrides_runpath=yes
+ fi
+ ;;
+
+os2*)
+ libname_spec='$name'
+ shrext_cmds=".dll"
+ need_lib_prefix=no
+ library_names_spec='$libname${shared_ext} $libname.a'
+ dynamic_linker='OS/2 ld.exe'
+ shlibpath_var=LIBPATH
+ ;;
+
+osf3* | osf4* | osf5*)
+ version_type=osf
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+ sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+ ;;
+
+solaris*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ # ldd complains unless libraries are executable
+ postinstall_cmds='chmod +x $lib'
+ ;;
+
+sunos4*)
+ version_type=sunos
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ if test "$with_gnu_ld" = yes; then
+ need_lib_prefix=no
+ fi
+ need_version=yes
+ ;;
+
+sysv4 | sysv4.3*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_vendor in
+ sni)
+ shlibpath_overrides_runpath=no
+ need_lib_prefix=no
+ export_dynamic_flag_spec='${wl}-Blargedynsym'
+ runpath_var=LD_RUN_PATH
+ ;;
+ siemens)
+ need_lib_prefix=no
+ ;;
+ motorola)
+ need_lib_prefix=no
+ need_version=no
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+ ;;
+ esac
+ ;;
+
+sysv4*MP*)
+ if test -d /usr/nec ;then
+ version_type=linux
+ library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
+ soname_spec='$libname${shared_ext}.$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ fi
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ version_type=freebsd-elf
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ hardcode_into_libs=yes
+ if test "$with_gnu_ld" = yes; then
+ sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+ shlibpath_overrides_runpath=no
+ else
+ sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+ shlibpath_overrides_runpath=yes
+ case $host_os in
+ sco3.2v5*)
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+ ;;
+ esac
+ fi
+ sys_lib_dlsearch_path_spec='/usr/lib'
+ ;;
+
+uts4*)
+ version_type=linux
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+*)
+ dynamic_linker=no
+ ;;
+esac
+{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5
+echo "${ECHO_T}$dynamic_linker" >&6; }
+test "$dynamic_linker" = no && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test "$GCC" = yes; then
+ variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5
+echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; }
+hardcode_action_GCJ=
+if test -n "$hardcode_libdir_flag_spec_GCJ" || \
+ test -n "$runpath_var_GCJ" || \
+ test "X$hardcode_automatic_GCJ" = "Xyes" ; then
+
+ # We can hardcode non-existant directories.
+ if test "$hardcode_direct_GCJ" != no &&
+ # If the only mechanism to avoid hardcoding is shlibpath_var, we
+ # have to relink, otherwise we might link with an installed library
+ # when we should be linking with a yet-to-be-installed one
+ ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, GCJ)" != no &&
+ test "$hardcode_minus_L_GCJ" != no; then
+ # Linking always hardcodes the temporary library directory.
+ hardcode_action_GCJ=relink
+ else
+ # We can link without hardcoding, and we can hardcode nonexisting dirs.
+ hardcode_action_GCJ=immediate
+ fi
+else
+ # We cannot hardcode anything, or else we can only hardcode existing
+ # directories.
+ hardcode_action_GCJ=unsupported
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_pwdb_pwdb_db_name" >&5
-echo "${ECHO_T}$ac_cv_lib_pwdb_pwdb_db_name" >&6
-if test $ac_cv_lib_pwdb_pwdb_db_name = yes; then
- HAVE_LIBPWDB=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBPWDB 1
-_ACEOF
+{ echo "$as_me:$LINENO: result: $hardcode_action_GCJ" >&5
+echo "${ECHO_T}$hardcode_action_GCJ" >&6; }
+
+if test "$hardcode_action_GCJ" = relink; then
+ # Fast installation is not supported
+ enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+ test "$enable_shared" = no; then
+ # Fast installation is not necessary
+ enable_fast_install=needless
+fi
+
+
+# The else clause should only fire when bootstrapping the
+# libtool distribution, otherwise you forgot to ship ltmain.sh
+# with your package, and you will get complaints that there are
+# no rules to generate ltmain.sh.
+if test -f "$ltmain"; then
+ # See if we are running on zsh, and set the options which allow our commands through
+ # without removal of \ escapes.
+ if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+ fi
+ # Now quote all the things that may contain metacharacters while being
+ # careful not to overquote the AC_SUBSTed values. We take copies of the
+ # variables and quote the copies for generation of the libtool script.
+ for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \
+ SED SHELL STRIP \
+ libname_spec library_names_spec soname_spec extract_expsyms_cmds \
+ old_striplib striplib file_magic_cmd finish_cmds finish_eval \
+ deplibs_check_method reload_flag reload_cmds need_locks \
+ lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \
+ lt_cv_sys_global_symbol_to_c_name_address \
+ sys_lib_search_path_spec sys_lib_dlsearch_path_spec \
+ old_postinstall_cmds old_postuninstall_cmds \
+ compiler_GCJ \
+ CC_GCJ \
+ LD_GCJ \
+ lt_prog_compiler_wl_GCJ \
+ lt_prog_compiler_pic_GCJ \
+ lt_prog_compiler_static_GCJ \
+ lt_prog_compiler_no_builtin_flag_GCJ \
+ export_dynamic_flag_spec_GCJ \
+ thread_safe_flag_spec_GCJ \
+ whole_archive_flag_spec_GCJ \
+ enable_shared_with_static_runtimes_GCJ \
+ old_archive_cmds_GCJ \
+ old_archive_from_new_cmds_GCJ \
+ predep_objects_GCJ \
+ postdep_objects_GCJ \
+ predeps_GCJ \
+ postdeps_GCJ \
+ compiler_lib_search_path_GCJ \
+ archive_cmds_GCJ \
+ archive_expsym_cmds_GCJ \
+ postinstall_cmds_GCJ \
+ postuninstall_cmds_GCJ \
+ old_archive_from_expsyms_cmds_GCJ \
+ allow_undefined_flag_GCJ \
+ no_undefined_flag_GCJ \
+ export_symbols_cmds_GCJ \
+ hardcode_libdir_flag_spec_GCJ \
+ hardcode_libdir_flag_spec_ld_GCJ \
+ hardcode_libdir_separator_GCJ \
+ hardcode_automatic_GCJ \
+ module_cmds_GCJ \
+ module_expsym_cmds_GCJ \
+ lt_cv_prog_compiler_c_o_GCJ \
+ exclude_expsyms_GCJ \
+ include_expsyms_GCJ; do
+
+ case $var in
+ old_archive_cmds_GCJ | \
+ old_archive_from_new_cmds_GCJ | \
+ archive_cmds_GCJ | \
+ archive_expsym_cmds_GCJ | \
+ module_cmds_GCJ | \
+ module_expsym_cmds_GCJ | \
+ old_archive_from_expsyms_cmds_GCJ | \
+ export_symbols_cmds_GCJ | \
+ extract_expsyms_cmds | reload_cmds | finish_cmds | \
+ postinstall_cmds | postuninstall_cmds | \
+ old_postinstall_cmds | old_postuninstall_cmds | \
+ sys_lib_search_path_spec | sys_lib_dlsearch_path_spec)
+ # Double-quote double-evaled strings.
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\""
+ ;;
+ *)
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\""
+ ;;
+ esac
+ done
+
+ case $lt_echo in
+ *'\$0 --fallback-echo"')
+ lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'`
+ ;;
+ esac
+
+cfgfile="$ofile"
+
+ cat <<__EOF__ >> "$cfgfile"
+# ### BEGIN LIBTOOL TAG CONFIG: $tagname
+
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+
+# Shell to use when invoking shell scripts.
+SHELL=$lt_SHELL
+
+# Whether or not to build shared libraries.
+build_libtool_libs=$enable_shared
+
+# Whether or not to build static libraries.
+build_old_libs=$enable_static
+
+# Whether or not to add -lc for building shared libraries.
+build_libtool_need_lc=$archive_cmds_need_lc_GCJ
+
+# Whether or not to disallow shared libs when runtime libs are static
+allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_GCJ
+
+# Whether or not to optimize for fast installation.
+fast_install=$enable_fast_install
+
+# The host system.
+host_alias=$host_alias
+host=$host
+host_os=$host_os
+
+# The build system.
+build_alias=$build_alias
+build=$build
+build_os=$build_os
+
+# An echo program that does not interpret backslashes.
+echo=$lt_echo
+
+# The archiver.
+AR=$lt_AR
+AR_FLAGS=$lt_AR_FLAGS
+
+# A C compiler.
+LTCC=$lt_LTCC
+
+# LTCC compiler flags.
+LTCFLAGS=$lt_LTCFLAGS
+
+# A language-specific compiler.
+CC=$lt_compiler_GCJ
+
+# Is the compiler the GNU C compiler?
+with_gcc=$GCC_GCJ
+
+# An ERE matcher.
+EGREP=$lt_EGREP
+
+# The linker used to build libraries.
+LD=$lt_LD_GCJ
+
+# Whether we need hard or soft links.
+LN_S=$lt_LN_S
+
+# A BSD-compatible nm program.
+NM=$lt_NM
+
+# A symbol stripping program
+STRIP=$lt_STRIP
+
+# Used to examine libraries when file_magic_cmd begins "file"
+MAGIC_CMD=$MAGIC_CMD
+
+# Used on cygwin: DLL creation program.
+DLLTOOL="$DLLTOOL"
+
+# Used on cygwin: object dumper.
+OBJDUMP="$OBJDUMP"
+
+# Used on cygwin: assembler.
+AS="$AS"
+
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
+
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag
+reload_cmds=$lt_reload_cmds
+
+# How to pass a linker flag through the compiler.
+wl=$lt_lt_prog_compiler_wl_GCJ
+
+# Object file suffix (normally "o").
+objext="$ac_objext"
+
+# Old archive suffix (normally "a").
+libext="$libext"
+
+# Shared library suffix (normally ".so").
+shrext_cmds='$shrext_cmds'
+
+# Executable file suffix (normally "").
+exeext="$exeext"
+
+# Additional compiler flags for building library objects.
+pic_flag=$lt_lt_prog_compiler_pic_GCJ
+pic_mode=$pic_mode
+
+# What is the maximum length of a command?
+max_cmd_len=$lt_cv_sys_max_cmd_len
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$lt_lt_cv_prog_compiler_c_o_GCJ
+
+# Must we lock files when doing compilation?
+need_locks=$lt_need_locks
+
+# Do we need the lib prefix for modules?
+need_lib_prefix=$need_lib_prefix
+
+# Do we need a version for libraries?
+need_version=$need_version
+
+# Whether dlopen is supported.
+dlopen_support=$enable_dlopen
+
+# Whether dlopen of programs is supported.
+dlopen_self=$enable_dlopen_self
+
+# Whether dlopen of statically linked programs is supported.
+dlopen_self_static=$enable_dlopen_self_static
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$lt_lt_prog_compiler_static_GCJ
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_GCJ
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_GCJ
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$lt_whole_archive_flag_spec_GCJ
+
+# Compiler flag to generate thread-safe objects.
+thread_safe_flag_spec=$lt_thread_safe_flag_spec_GCJ
+
+# Library versioning type.
+version_type=$version_type
+
+# Format of library name prefix.
+libname_spec=$lt_libname_spec
+
+# List of archive names. First name is the real one, the rest are links.
+# The last name is the one that the linker finds with -lNAME.
+library_names_spec=$lt_library_names_spec
+
+# The coded name of the library, if different from the real name.
+soname_spec=$lt_soname_spec
+
+# Commands used to build and install an old-style archive.
+RANLIB=$lt_RANLIB
+old_archive_cmds=$lt_old_archive_cmds_GCJ
+old_postinstall_cmds=$lt_old_postinstall_cmds
+old_postuninstall_cmds=$lt_old_postuninstall_cmds
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_GCJ
+
+# Create a temporary old-style archive to link instead of a shared archive.
+old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_GCJ
+
+# Commands used to build and install a shared archive.
+archive_cmds=$lt_archive_cmds_GCJ
+archive_expsym_cmds=$lt_archive_expsym_cmds_GCJ
+postinstall_cmds=$lt_postinstall_cmds
+postuninstall_cmds=$lt_postuninstall_cmds
+
+# Commands used to build a loadable module (assumed same as above if empty)
+module_cmds=$lt_module_cmds_GCJ
+module_expsym_cmds=$lt_module_expsym_cmds_GCJ
+
+# Commands to strip libraries.
+old_striplib=$lt_old_striplib
+striplib=$lt_striplib
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predep_objects=$lt_predep_objects_GCJ
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdep_objects=$lt_postdep_objects_GCJ
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predeps=$lt_predeps_GCJ
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdeps=$lt_postdeps_GCJ
+
+# The library search path used internally by the compiler when linking
+# a shared library.
+compiler_lib_search_path=$lt_compiler_lib_search_path_GCJ
+
+# Method to check whether dependent libraries are shared objects.
+deplibs_check_method=$lt_deplibs_check_method
+
+# Command to use when deplibs_check_method == file_magic.
+file_magic_cmd=$lt_file_magic_cmd
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$lt_allow_undefined_flag_GCJ
+
+# Flag that forces no undefined symbols.
+no_undefined_flag=$lt_no_undefined_flag_GCJ
+
+# Commands used to finish a libtool library installation in a directory.
+finish_cmds=$lt_finish_cmds
+
+# Same as above, but a single script fragment to be evaled but not shown.
+finish_eval=$lt_finish_eval
+
+# Take the output of nm and produce a listing of raw symbols and C names.
+global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe
+
+# Transform the output of nm in a proper C declaration
+global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl
+
+# Transform the output of nm in a C name address pair
+global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
+
+# This is the shared library runtime path variable.
+runpath_var=$runpath_var
+
+# This is the shared library path variable.
+shlibpath_var=$shlibpath_var
+
+# Is shlibpath searched before the hard-coded library search path?
+shlibpath_overrides_runpath=$shlibpath_overrides_runpath
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$hardcode_action_GCJ
+
+# Whether we should hardcode library paths into libraries.
+hardcode_into_libs=$hardcode_into_libs
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist.
+hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_GCJ
+
+# If ld is used when linking, flag to hardcode \$libdir into
+# a binary during linking. This must work even if \$libdir does
+# not exist.
+hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_GCJ
+
+# Whether we need a single -rpath flag with a separated argument.
+hardcode_libdir_separator=$lt_hardcode_libdir_separator_GCJ
+
+# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the
+# resulting binary.
+hardcode_direct=$hardcode_direct_GCJ
+
+# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
+# resulting binary.
+hardcode_minus_L=$hardcode_minus_L_GCJ
+
+# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into
+# the resulting binary.
+hardcode_shlibpath_var=$hardcode_shlibpath_var_GCJ
+
+# Set to yes if building a shared library automatically hardcodes DIR into the library
+# and all subsequent libraries and executables linked against it.
+hardcode_automatic=$hardcode_automatic_GCJ
+
+# Variables whose values should be saved in libtool wrapper scripts and
+# restored at relink time.
+variables_saved_for_relink="$variables_saved_for_relink"
+
+# Whether libtool must link a program against all its dependency libraries.
+link_all_deplibs=$link_all_deplibs_GCJ
+
+# Compile-time system search path for libraries
+sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
+
+# Run-time system search path for libraries
+sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec
+
+# Fix the shell variable \$srcfile for the compiler.
+fix_srcfile_path="$fix_srcfile_path_GCJ"
+
+# Set to yes if exported symbols are required.
+always_export_symbols=$always_export_symbols_GCJ
+
+# The commands to list exported symbols.
+export_symbols_cmds=$lt_export_symbols_cmds_GCJ
+
+# The commands to extract the exported symbol list from a shared archive.
+extract_expsyms_cmds=$lt_extract_expsyms_cmds
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$lt_exclude_expsyms_GCJ
+
+# Symbols that must always be exported.
+include_expsyms=$lt_include_expsyms_GCJ
+
+# ### END LIBTOOL TAG CONFIG: $tagname
+
+__EOF__
+
else
- HAVE_LIBPWDB=no
+ # If there is no Makefile yet, we rely on a make rule to execute
+ # `config.status --recheck' to rerun these tests and create the
+ # libtool script then.
+ ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'`
+ if test -f "$ltmain_in"; then
+ test -f Makefile && make "$ltmain"
+ fi
fi
-unset pwdblibs
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+CC="$lt_save_CC"
+
+ else
+ tagname=""
+ fi
+ ;;
+
+ RC)
+
+
+# Source file extension for RC test sources.
+ac_ext=rc
+
+# Object file extension for compiled RC test sources.
+objext=o
+objext_RC=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }\n'
+
+# Code to be used in simple link tests
+lt_simple_link_test_code="$lt_simple_compile_test_code"
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+
+# save warnings/boilerplate of simple test code
+ac_outfile=conftest.$ac_objext
+printf "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$rm conftest*
+
+ac_outfile=conftest.$ac_objext
+printf "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$rm conftest*
+
+
+# Allow CC to be a program name with arguments.
+lt_save_CC="$CC"
+CC=${RC-"windres"}
+compiler=$CC
+compiler_RC=$CC
+for cc_temp in $compiler""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+
+lt_cv_prog_compiler_c_o_RC=yes
+
+# The else clause should only fire when bootstrapping the
+# libtool distribution, otherwise you forgot to ship ltmain.sh
+# with your package, and you will get complaints that there are
+# no rules to generate ltmain.sh.
+if test -f "$ltmain"; then
+ # See if we are running on zsh, and set the options which allow our commands through
+ # without removal of \ escapes.
+ if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+ fi
+ # Now quote all the things that may contain metacharacters while being
+ # careful not to overquote the AC_SUBSTed values. We take copies of the
+ # variables and quote the copies for generation of the libtool script.
+ for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \
+ SED SHELL STRIP \
+ libname_spec library_names_spec soname_spec extract_expsyms_cmds \
+ old_striplib striplib file_magic_cmd finish_cmds finish_eval \
+ deplibs_check_method reload_flag reload_cmds need_locks \
+ lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \
+ lt_cv_sys_global_symbol_to_c_name_address \
+ sys_lib_search_path_spec sys_lib_dlsearch_path_spec \
+ old_postinstall_cmds old_postuninstall_cmds \
+ compiler_RC \
+ CC_RC \
+ LD_RC \
+ lt_prog_compiler_wl_RC \
+ lt_prog_compiler_pic_RC \
+ lt_prog_compiler_static_RC \
+ lt_prog_compiler_no_builtin_flag_RC \
+ export_dynamic_flag_spec_RC \
+ thread_safe_flag_spec_RC \
+ whole_archive_flag_spec_RC \
+ enable_shared_with_static_runtimes_RC \
+ old_archive_cmds_RC \
+ old_archive_from_new_cmds_RC \
+ predep_objects_RC \
+ postdep_objects_RC \
+ predeps_RC \
+ postdeps_RC \
+ compiler_lib_search_path_RC \
+ archive_cmds_RC \
+ archive_expsym_cmds_RC \
+ postinstall_cmds_RC \
+ postuninstall_cmds_RC \
+ old_archive_from_expsyms_cmds_RC \
+ allow_undefined_flag_RC \
+ no_undefined_flag_RC \
+ export_symbols_cmds_RC \
+ hardcode_libdir_flag_spec_RC \
+ hardcode_libdir_flag_spec_ld_RC \
+ hardcode_libdir_separator_RC \
+ hardcode_automatic_RC \
+ module_cmds_RC \
+ module_expsym_cmds_RC \
+ lt_cv_prog_compiler_c_o_RC \
+ exclude_expsyms_RC \
+ include_expsyms_RC; do
+
+ case $var in
+ old_archive_cmds_RC | \
+ old_archive_from_new_cmds_RC | \
+ archive_cmds_RC | \
+ archive_expsym_cmds_RC | \
+ module_cmds_RC | \
+ module_expsym_cmds_RC | \
+ old_archive_from_expsyms_cmds_RC | \
+ export_symbols_cmds_RC | \
+ extract_expsyms_cmds | reload_cmds | finish_cmds | \
+ postinstall_cmds | postuninstall_cmds | \
+ old_postinstall_cmds | old_postuninstall_cmds | \
+ sys_lib_search_path_spec | sys_lib_dlsearch_path_spec)
+ # Double-quote double-evaled strings.
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\""
+ ;;
+ *)
+ eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\""
+ ;;
+ esac
+ done
+
+ case $lt_echo in
+ *'\$0 --fallback-echo"')
+ lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'`
+ ;;
+ esac
+
+cfgfile="$ofile"
+
+ cat <<__EOF__ >> "$cfgfile"
+# ### BEGIN LIBTOOL TAG CONFIG: $tagname
+
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+
+# Shell to use when invoking shell scripts.
+SHELL=$lt_SHELL
+
+# Whether or not to build shared libraries.
+build_libtool_libs=$enable_shared
+
+# Whether or not to build static libraries.
+build_old_libs=$enable_static
+
+# Whether or not to add -lc for building shared libraries.
+build_libtool_need_lc=$archive_cmds_need_lc_RC
+
+# Whether or not to disallow shared libs when runtime libs are static
+allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_RC
+
+# Whether or not to optimize for fast installation.
+fast_install=$enable_fast_install
+
+# The host system.
+host_alias=$host_alias
+host=$host
+host_os=$host_os
+
+# The build system.
+build_alias=$build_alias
+build=$build
+build_os=$build_os
+
+# An echo program that does not interpret backslashes.
+echo=$lt_echo
+
+# The archiver.
+AR=$lt_AR
+AR_FLAGS=$lt_AR_FLAGS
+
+# A C compiler.
+LTCC=$lt_LTCC
+
+# LTCC compiler flags.
+LTCFLAGS=$lt_LTCFLAGS
+
+# A language-specific compiler.
+CC=$lt_compiler_RC
+
+# Is the compiler the GNU C compiler?
+with_gcc=$GCC_RC
+
+# An ERE matcher.
+EGREP=$lt_EGREP
+
+# The linker used to build libraries.
+LD=$lt_LD_RC
+
+# Whether we need hard or soft links.
+LN_S=$lt_LN_S
+
+# A BSD-compatible nm program.
+NM=$lt_NM
+
+# A symbol stripping program
+STRIP=$lt_STRIP
+
+# Used to examine libraries when file_magic_cmd begins "file"
+MAGIC_CMD=$MAGIC_CMD
+
+# Used on cygwin: DLL creation program.
+DLLTOOL="$DLLTOOL"
+
+# Used on cygwin: object dumper.
+OBJDUMP="$OBJDUMP"
+
+# Used on cygwin: assembler.
+AS="$AS"
+
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
+
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag
+reload_cmds=$lt_reload_cmds
+
+# How to pass a linker flag through the compiler.
+wl=$lt_lt_prog_compiler_wl_RC
+
+# Object file suffix (normally "o").
+objext="$ac_objext"
+
+# Old archive suffix (normally "a").
+libext="$libext"
+
+# Shared library suffix (normally ".so").
+shrext_cmds='$shrext_cmds'
+
+# Executable file suffix (normally "").
+exeext="$exeext"
+
+# Additional compiler flags for building library objects.
+pic_flag=$lt_lt_prog_compiler_pic_RC
+pic_mode=$pic_mode
+
+# What is the maximum length of a command?
+max_cmd_len=$lt_cv_sys_max_cmd_len
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$lt_lt_cv_prog_compiler_c_o_RC
+
+# Must we lock files when doing compilation?
+need_locks=$lt_need_locks
+
+# Do we need the lib prefix for modules?
+need_lib_prefix=$need_lib_prefix
+
+# Do we need a version for libraries?
+need_version=$need_version
+
+# Whether dlopen is supported.
+dlopen_support=$enable_dlopen
+
+# Whether dlopen of programs is supported.
+dlopen_self=$enable_dlopen_self
+
+# Whether dlopen of statically linked programs is supported.
+dlopen_self_static=$enable_dlopen_self_static
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$lt_lt_prog_compiler_static_RC
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_RC
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_RC
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$lt_whole_archive_flag_spec_RC
+
+# Compiler flag to generate thread-safe objects.
+thread_safe_flag_spec=$lt_thread_safe_flag_spec_RC
+
+# Library versioning type.
+version_type=$version_type
+
+# Format of library name prefix.
+libname_spec=$lt_libname_spec
+
+# List of archive names. First name is the real one, the rest are links.
+# The last name is the one that the linker finds with -lNAME.
+library_names_spec=$lt_library_names_spec
+
+# The coded name of the library, if different from the real name.
+soname_spec=$lt_soname_spec
+
+# Commands used to build and install an old-style archive.
+RANLIB=$lt_RANLIB
+old_archive_cmds=$lt_old_archive_cmds_RC
+old_postinstall_cmds=$lt_old_postinstall_cmds
+old_postuninstall_cmds=$lt_old_postuninstall_cmds
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_RC
+
+# Create a temporary old-style archive to link instead of a shared archive.
+old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_RC
+
+# Commands used to build and install a shared archive.
+archive_cmds=$lt_archive_cmds_RC
+archive_expsym_cmds=$lt_archive_expsym_cmds_RC
+postinstall_cmds=$lt_postinstall_cmds
+postuninstall_cmds=$lt_postuninstall_cmds
+
+# Commands used to build a loadable module (assumed same as above if empty)
+module_cmds=$lt_module_cmds_RC
+module_expsym_cmds=$lt_module_expsym_cmds_RC
+
+# Commands to strip libraries.
+old_striplib=$lt_old_striplib
+striplib=$lt_striplib
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predep_objects=$lt_predep_objects_RC
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdep_objects=$lt_postdep_objects_RC
+
+# Dependencies to place before the objects being linked to create a
+# shared library.
+predeps=$lt_predeps_RC
+
+# Dependencies to place after the objects being linked to create a
+# shared library.
+postdeps=$lt_postdeps_RC
+
+# The library search path used internally by the compiler when linking
+# a shared library.
+compiler_lib_search_path=$lt_compiler_lib_search_path_RC
+
+# Method to check whether dependent libraries are shared objects.
+deplibs_check_method=$lt_deplibs_check_method
+
+# Command to use when deplibs_check_method == file_magic.
+file_magic_cmd=$lt_file_magic_cmd
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$lt_allow_undefined_flag_RC
+
+# Flag that forces no undefined symbols.
+no_undefined_flag=$lt_no_undefined_flag_RC
+
+# Commands used to finish a libtool library installation in a directory.
+finish_cmds=$lt_finish_cmds
+
+# Same as above, but a single script fragment to be evaled but not shown.
+finish_eval=$lt_finish_eval
+
+# Take the output of nm and produce a listing of raw symbols and C names.
+global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe
+
+# Transform the output of nm in a proper C declaration
+global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl
+
+# Transform the output of nm in a C name address pair
+global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
+
+# This is the shared library runtime path variable.
+runpath_var=$runpath_var
+
+# This is the shared library path variable.
+shlibpath_var=$shlibpath_var
+
+# Is shlibpath searched before the hard-coded library search path?
+shlibpath_overrides_runpath=$shlibpath_overrides_runpath
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$hardcode_action_RC
+
+# Whether we should hardcode library paths into libraries.
+hardcode_into_libs=$hardcode_into_libs
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist.
+hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_RC
+
+# If ld is used when linking, flag to hardcode \$libdir into
+# a binary during linking. This must work even if \$libdir does
+# not exist.
+hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_RC
+
+# Whether we need a single -rpath flag with a separated argument.
+hardcode_libdir_separator=$lt_hardcode_libdir_separator_RC
+
+# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the
+# resulting binary.
+hardcode_direct=$hardcode_direct_RC
+
+# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
+# resulting binary.
+hardcode_minus_L=$hardcode_minus_L_RC
+
+# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into
+# the resulting binary.
+hardcode_shlibpath_var=$hardcode_shlibpath_var_RC
+
+# Set to yes if building a shared library automatically hardcodes DIR into the library
+# and all subsequent libraries and executables linked against it.
+hardcode_automatic=$hardcode_automatic_RC
+
+# Variables whose values should be saved in libtool wrapper scripts and
+# restored at relink time.
+variables_saved_for_relink="$variables_saved_for_relink"
+
+# Whether libtool must link a program against all its dependency libraries.
+link_all_deplibs=$link_all_deplibs_RC
+
+# Compile-time system search path for libraries
+sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
+
+# Run-time system search path for libraries
+sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec
+
+# Fix the shell variable \$srcfile for the compiler.
+fix_srcfile_path="$fix_srcfile_path_RC"
+
+# Set to yes if exported symbols are required.
+always_export_symbols=$always_export_symbols_RC
+
+# The commands to list exported symbols.
+export_symbols_cmds=$lt_export_symbols_cmds_RC
+
+# The commands to extract the exported symbol list from a shared archive.
+extract_expsyms_cmds=$lt_extract_expsyms_cmds
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$lt_exclude_expsyms_RC
+
+# Symbols that must always be exported.
+include_expsyms=$lt_include_expsyms_RC
+
+# ### END LIBTOOL TAG CONFIG: $tagname
+
+__EOF__
+
+
+else
+ # If there is no Makefile yet, we rely on a make rule to execute
+ # `config.status --recheck' to rerun these tests and create the
+ # libtool script then.
+ ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'`
+ if test -f "$ltmain_in"; then
+ test -f Makefile && make "$ltmain"
+ fi
+fi
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+CC="$lt_save_CC"
+
+ ;;
+
+ *)
+ { { echo "$as_me:$LINENO: error: Unsupported tag name: $tagname" >&5
+echo "$as_me: error: Unsupported tag name: $tagname" >&2;}
+ { (exit 1); exit 1; }; }
+ ;;
+ esac
+
+ # Append the new tag name to the list of available tags.
+ if test -n "$tagname" ; then
+ available_tags="$available_tags $tagname"
+ fi
+ fi
+ done
+ IFS="$lt_save_ifs"
+
+ # Now substitute the updated list of available tags.
+ if eval "sed -e 's/^available_tags=.*\$/available_tags=\"$available_tags\"/' \"$ofile\" > \"${ofile}T\""; then
+ mv "${ofile}T" "$ofile"
+ chmod +x "$ofile"
+ else
+ rm -f "${ofile}T"
+ { { echo "$as_me:$LINENO: error: unable to update list of available tagged configurations." >&5
+echo "$as_me: error: unable to update list of available tagged configurations." >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+fi
+
+
+
+# This can be used to rebuild libtool when needed
+LIBTOOL_DEPS="$ac_aux_dir/ltmain.sh"
+
+# Always use our own libtool.
+LIBTOOL='$(SHELL) $(top_builddir)/libtool'
+
+# Prevent multiple expansion
-echo "$as_me:$LINENO: checking for yywrap in -lfl" >&5
-echo $ECHO_N "checking for yywrap in -lfl... $ECHO_C" >&6
-if test "${ac_cv_lib_fl_yywrap+set}" = set; then
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+if test "x$CC" != xcc; then
+ { echo "$as_me:$LINENO: checking whether $CC and cc understand -c and -o together" >&5
+echo $ECHO_N "checking whether $CC and cc understand -c and -o together... $ECHO_C" >&6; }
+else
+ { echo "$as_me:$LINENO: checking whether cc understands -c and -o together" >&5
+echo $ECHO_N "checking whether cc understands -c and -o together... $ECHO_C" >&6; }
+fi
+set dummy $CC; ac_cc=`echo $2 |
+ sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'`
+if { as_var=ac_cv_prog_cc_${ac_cc}_c_o; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lfl $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char yywrap ();
int
main ()
{
-yywrap ();
+
;
return 0;
}
_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+# Make sure it works both with $CC and with simple cc.
+# We do the test twice because some compilers refuse to overwrite an
+# existing .o file with -o, though they will create one.
+ac_try='$CC -c conftest.$ac_ext -o conftest2.$ac_objext >&5'
+rm -f conftest2.*
+if { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ test -f conftest2.$ac_objext && { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); };
+then
+ eval ac_cv_prog_cc_${ac_cc}_c_o=yes
+ if test "x$CC" != xcc; then
+ # Test first that cc exists at all.
+ if { ac_try='cc -c conftest.$ac_ext >&5'
+ { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ac_cv_lib_fl_yywrap=yes
+ ac_try='cc -c conftest.$ac_ext -o conftest2.$ac_objext >&5'
+ rm -f conftest2.*
+ if { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ test -f conftest2.$ac_objext && { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); };
+ then
+ # cc works too.
+ :
+ else
+ # cc exists but doesn't like -o.
+ eval ac_cv_prog_cc_${ac_cc}_c_o=no
+ fi
+ fi
+ fi
else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_lib_fl_yywrap=no
+ eval ac_cv_prog_cc_${ac_cc}_c_o=no
fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
+rm -f core conftest*
+
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_fl_yywrap" >&5
-echo "${ECHO_T}$ac_cv_lib_fl_yywrap" >&6
-if test $ac_cv_lib_fl_yywrap = yes; then
- HAVE_LIBFLEX=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBFLEX 1
+if eval test \$ac_cv_prog_cc_${ac_cc}_c_o = yes; then
+ { echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+
+cat >>confdefs.h <<\_ACEOF
+#define NO_MINUS_C_MINUS_O 1
_ACEOF
+fi
+
+# FIXME: we rely on the cache variable name because
+# there is no other way.
+set dummy $CC
+ac_cc=`echo $2 | sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'`
+if eval "test \"`echo '$ac_cv_prog_cc_'${ac_cc}_c_o`\" != yes"; then
+ # Losing compiler, so override with the script.
+ # FIXME: It is wrong to rewrite CC.
+ # But if we don't then we get into trouble of one sort or another.
+ # A longer-term fix would be to have automake use am__CC in this case,
+ # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)"
+ CC="$am_aux_dir/compile $CC"
+fi
+
+
+
+ { echo "$as_me:$LINENO: checking whether ld supports --as-needed" >&5
+echo $ECHO_N "checking whether ld supports --as-needed... $ECHO_C" >&6; }
+if test "${pam_cv_ld_as_needed+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat > conftest.c <<EOF
+int main (void) { return 0; }
+EOF
+ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS
+ -o conftest.o conftest.c
+ -Wl,--as-needed 1>&5'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }
+ then
+ pam_cv_ld_as_needed=yes
+ LDFLAGS="$LDFLAGS -Wl,--as-needed"
+ else
+ pam_cv_ld_as_needed=no
+ fi
+ rm -f conftest*
+fi
+{ echo "$as_me:$LINENO: result: $pam_cv_ld_as_needed" >&5
+echo "${ECHO_T}$pam_cv_ld_as_needed" >&6; }
+
+
+
+
+ { echo "$as_me:$LINENO: checking whether ld supports -O1" >&5
+echo $ECHO_N "checking whether ld supports -O1... $ECHO_C" >&6; }
+if test "${pam_cv_ld_O1+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- HAVE_LIBFLEX=no
+ cat > conftest.c <<EOF
+int main (void) { return 0; }
+EOF
+ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS
+ -o conftest.o conftest.c
+ -Wl,-O1 1>&5'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }
+ then
+ pam_cv_ld_O1=yes
+ LDFLAGS="$LDFLAGS -Wl,-O1"
+ else
+ pam_cv_ld_O1=no
+ fi
+ rm -f conftest*
fi
+{ echo "$as_me:$LINENO: result: $pam_cv_ld_O1" >&5
+echo "${ECHO_T}$pam_cv_ld_O1" >&6; }
+
-echo "$as_me:$LINENO: checking for yywrap in -ll" >&5
-echo $ECHO_N "checking for yywrap in -ll... $ECHO_C" >&6
-if test "${ac_cv_lib_l_yywrap+set}" = set; then
+
+# Check whether --enable-largefile was given.
+if test "${enable_largefile+set}" = set; then
+ enableval=$enable_largefile;
+fi
+
+if test "$enable_largefile" != no; then
+
+ { echo "$as_me:$LINENO: checking for special C compiler options needed for large files" >&5
+echo $ECHO_N "checking for special C compiler options needed for large files... $ECHO_C" >&6; }
+if test "${ac_cv_sys_largefile_CC+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-ll $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
+ ac_cv_sys_largefile_CC=no
+ if test "$GCC" != yes; then
+ ac_save_CC=$CC
+ while :; do
+ # IRIX 6.2 and later do not support large files by default,
+ # so use the C compiler's -n32 option if that helps.
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char yywrap ();
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
int
main ()
{
-yywrap ();
+
;
return 0;
}
_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+ rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext
+ CC="$CC -n32"
+ rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_l_yywrap=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_sys_largefile_CC=' -n32'; break
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_lib_l_yywrap=no
+
fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
+
+rm -f core conftest.err conftest.$ac_objext
+ break
+ done
+ CC=$ac_save_CC
+ rm -f conftest.$ac_ext
+ fi
fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_l_yywrap" >&5
-echo "${ECHO_T}$ac_cv_lib_l_yywrap" >&6
-if test $ac_cv_lib_l_yywrap = yes; then
- HAVE_LIBLEX=yes ; cat >>confdefs.h <<\_ACEOF
-#define HAVE_LIBLEX 1
-_ACEOF
+{ echo "$as_me:$LINENO: result: $ac_cv_sys_largefile_CC" >&5
+echo "${ECHO_T}$ac_cv_sys_largefile_CC" >&6; }
+ if test "$ac_cv_sys_largefile_CC" != no; then
+ CC=$CC$ac_cv_sys_largefile_CC
+ fi
+ { echo "$as_me:$LINENO: checking for _FILE_OFFSET_BITS value needed for large files" >&5
+echo $ECHO_N "checking for _FILE_OFFSET_BITS value needed for large files... $ECHO_C" >&6; }
+if test "${ac_cv_sys_file_offset_bits+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- HAVE_LIBLEX=no
-fi
+ while :; do
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+int
+main ()
+{
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_sys_file_offset_bits=no; break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#define _FILE_OFFSET_BITS 64
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+int
+main ()
+{
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_sys_file_offset_bits=64; break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+fi
-ac_header_dirent=no
-for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h; do
- as_ac_Header=`echo "ac_cv_header_dirent_$ac_hdr" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_hdr that defines DIR" >&5
-echo $ECHO_N "checking for $ac_hdr that defines DIR... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ ac_cv_sys_file_offset_bits=unknown
+ break
+done
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_sys_file_offset_bits" >&5
+echo "${ECHO_T}$ac_cv_sys_file_offset_bits" >&6; }
+case $ac_cv_sys_file_offset_bits in #(
+ no | unknown) ;;
+ *)
+cat >>confdefs.h <<_ACEOF
+#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits
+_ACEOF
+;;
+esac
+rm -f conftest*
+ if test $ac_cv_sys_file_offset_bits = unknown; then
+ { echo "$as_me:$LINENO: checking for _LARGE_FILES value needed for large files" >&5
+echo $ECHO_N "checking for _LARGE_FILES value needed for large files... $ECHO_C" >&6; }
+if test "${ac_cv_sys_large_files+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
+ while :; do
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -4689,68 +20146,177 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <sys/types.h>
-#include <$ac_hdr>
-
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
int
main ()
{
-if ((DIR *) 0)
-return 0;
+
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_sys_large_files=no; break
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#define _LARGE_FILES 1
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "$as_ac_Header=yes"
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_sys_large_files=1; break
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-eval "$as_ac_Header=no"
+
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ ac_cv_sys_large_files=unknown
+ break
+done
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_hdr" | $as_tr_cpp` 1
+{ echo "$as_me:$LINENO: result: $ac_cv_sys_large_files" >&5
+echo "${ECHO_T}$ac_cv_sys_large_files" >&6; }
+case $ac_cv_sys_large_files in #(
+ no | unknown) ;;
+ *)
+cat >>confdefs.h <<_ACEOF
+#define _LARGE_FILES $ac_cv_sys_large_files
_ACEOF
+;;
+esac
+rm -f conftest*
+ fi
+fi
-ac_header_dirent=$ac_hdr; break
+
+if eval "test x$GCC = xyes -a $CC != icc"; then
+ for flag in \
+ -W \
+ -Wall \
+ -Wbad-function-cast \
+ -Wcast-align \
+ -Wcast-qual \
+ -Wmissing-declarations \
+ -Wmissing-prototypes \
+ -Wpointer-arith \
+ -Wreturn-type \
+ -Wstrict-prototypes \
+ -Wwrite-strings \
+ -Winline \
+ -Wshadow
+ do
+ case "$CFLAGS" in
+"$flag" | "$flag "* | *" $flag" | *" $flag "* )
+ :
+ ;;
+*)
+ CFLAGS="$CFLAGS $flag"
+ ;;
+esac
+
+ done
fi
+if eval "test x$CC = xicc"; then
+ for flag in \
+ -Wall \
+ -Wmissing-prototypes \
+ -Wpointer-arith \
+ -Wreturn-type \
+ -Wstrict-prototypes \
+ -Wwrite-strings \
+ -Wshadow \
+ -Wp64 \
+ -Wdeprecated \
+ -Wuninitialized \
+ -Wmain
+ do
+ case "$CFLAGS" in
+"$flag" | "$flag "* | *" $flag" | *" $flag "* )
+ :
+ ;;
+*)
+ CFLAGS="$CFLAGS $flag"
+ ;;
+esac
-done
-# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix.
-if test $ac_header_dirent = dirent.h; then
- echo "$as_me:$LINENO: checking for library containing opendir" >&5
-echo $ECHO_N "checking for library containing opendir... $ECHO_C" >&6
-if test "${ac_cv_search_opendir+set}" = set; then
+ done
+fi
+
+
+{ echo "$as_me:$LINENO: checking for __attribute__" >&5
+echo $ECHO_N "checking for __attribute__... $ECHO_C" >&6; }
+if test "${ac_cv___attribute__+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_func_search_save_LIBS=$LIBS
-ac_cv_search_opendir=no
+
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -4758,126 +20324,846 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char opendir ();
+#include <stdlib.h>
+static void foo (void) __attribute__ ((unused));
+
+static void
+foo (void)
+{
+ exit(1);
+}
+
int
main ()
{
-opendir ();
+
+ exit (0);
+
;
return 0;
}
_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv___attribute__=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv___attribute__=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+
+if test "$ac_cv___attribute__" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define UNUSED __attribute__ ((unused))
+_ACEOF
+
+else
+ cat >>confdefs.h <<\_ACEOF
+#define UNUSED
+_ACEOF
+
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv___attribute__" >&5
+echo "${ECHO_T}$ac_cv___attribute__" >&6; }
+
+
+{ echo "$as_me:$LINENO: checking for .symver assembler directive" >&5
+echo $ECHO_N "checking for .symver assembler directive... $ECHO_C" >&6; }
+if test "${libc_cv_asm_symver_directive+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat > conftest.s <<EOF
+${libc_cv_dot_text}
+_sym:
+.symver _sym,sym@VERS
+EOF
+if ${CC-cc} -c $ASFLAGS conftest.s 1>&5 2>&5; then
+ libc_cv_asm_symver_directive=yes
+else
+ libc_cv_asm_symver_directive=no
+fi
+rm -f conftest*
+fi
+{ echo "$as_me:$LINENO: result: $libc_cv_asm_symver_directive" >&5
+echo "${ECHO_T}$libc_cv_asm_symver_directive" >&6; }
+{ echo "$as_me:$LINENO: checking for ld --version-script" >&5
+echo $ECHO_N "checking for ld --version-script... $ECHO_C" >&6; }
+if test "${libc_cv_ld_version_script_option+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test $libc_cv_asm_symver_directive = yes; then
+ cat > conftest.s <<EOF
+${libc_cv_dot_text}
+_sym:
+.symver _sym,sym@VERS
+EOF
+ cat > conftest.map <<EOF
+VERS_1 {
+ global: sym;
+};
+
+VERS_2 {
+ global: sym;
+} VERS_1;
+EOF
+ if ${CC-cc} -c $ASFLAGS conftest.s 1>&5 2>&5;
+then
+ if { ac_try='${CC-cc} $CFLAGS $LDFLAGS -shared
+ -o conftest.so conftest.o
+ -nostartfiles -nostdlib
+ -Wl,--version-script,conftest.map
+ 1>&5'
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
(eval $ac_try) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
+ (exit $ac_status); }; };
+ then
+ libc_cv_ld_version_script_option=yes
+ else
+ libc_cv_ld_version_script_option=no
+ fi
+ else
+ libc_cv_ld_version_script_option=no
+ fi
+else
+ libc_cv_ld_version_script_option=no
+fi
+rm -f conftest*
+fi
+{ echo "$as_me:$LINENO: result: $libc_cv_ld_version_script_option" >&5
+echo "${ECHO_T}$libc_cv_ld_version_script_option" >&6; }
+ if test "$libc_cv_ld_version_script_option" = "yes"; then
+ HAVE_VERSIONING_TRUE=
+ HAVE_VERSIONING_FALSE='#'
+else
+ HAVE_VERSIONING_TRUE='#'
+ HAVE_VERSIONING_FALSE=
+fi
+
+
+# Check whether --enable-pie was given.
+if test "${enable_pie+set}" = set; then
+ enableval=$enable_pie; USE_PIE=$enableval
+else
+ USE_PIE=yes
+fi
+
+
+{ echo "$as_me:$LINENO: checking for -fpie" >&5
+echo $ECHO_N "checking for -fpie... $ECHO_C" >&6; }
+if test "${libc_cv_fpie+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat > conftest.c <<EOF
+int foo;
+main () { return 0;}
+EOF
+ if test "$USE_PIE" = "yes" -a "$CC" != "icc" &&
+ { ac_try='${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -pie -fpie
+ -o conftest conftest.c 1>&5'
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
(eval $ac_try) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }
+ then
+ libc_cv_fpie=yes
+ PIE_CFLAGS="-fpie"
+ PIE_LDFLAGS="-pie"
+ else
+ libc_cv_fpie=no
+ PIE_CFLAGS=""
+ PIE_LDFLAGS=""
+ fi
+ rm -f conftest*
+fi
+{ echo "$as_me:$LINENO: result: $libc_cv_fpie" >&5
+echo "${ECHO_T}$libc_cv_fpie" >&6; }
+
+
+
+
+
+
+# Check whether --enable-prelude was given.
+if test "${enable_prelude+set}" = set; then
+ enableval=$enable_prelude; WITH_PRELUDE=$enableval
+else
+ WITH_PRELUDE=yes
+fi
+
+if test "$WITH_PRELUDE" == "yes" ; then
+
+# Check whether --with-libprelude-prefix was given.
+if test "${with_libprelude_prefix+set}" = set; then
+ withval=$with_libprelude_prefix; libprelude_config_prefix="$withval"
+else
+ libprelude_config_prefix=""
+fi
+
+
+ if test x$libprelude_config_prefix != x ; then
+ if test x${LIBPRELUDE_CONFIG+set} != xset ; then
+ LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
+ fi
+ fi
+
+ # Extract the first word of "libprelude-config", so it can be a program name with args.
+set dummy libprelude-config; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_LIBPRELUDE_CONFIG+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ case $LIBPRELUDE_CONFIG in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_LIBPRELUDE_CONFIG="$LIBPRELUDE_CONFIG" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_path_LIBPRELUDE_CONFIG="$as_dir/$ac_word$ac_exec_ext"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+ test -z "$ac_cv_path_LIBPRELUDE_CONFIG" && ac_cv_path_LIBPRELUDE_CONFIG="no"
+ ;;
+esac
+fi
+LIBPRELUDE_CONFIG=$ac_cv_path_LIBPRELUDE_CONFIG
+if test -n "$LIBPRELUDE_CONFIG"; then
+ { echo "$as_me:$LINENO: result: $LIBPRELUDE_CONFIG" >&5
+echo "${ECHO_T}$LIBPRELUDE_CONFIG" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+ min_libprelude_version=0.9.0
+ { echo "$as_me:$LINENO: checking for libprelude - version >= $min_libprelude_version" >&5
+echo $ECHO_N "checking for libprelude - version >= $min_libprelude_version... $ECHO_C" >&6; }
+ no_libprelude=""
+ if test "$LIBPRELUDE_CONFIG" = "no" ; then
+ no_libprelude=yes
+ else
+ LIBPRELUDE_CFLAGS=`$LIBPRELUDE_CONFIG $libprelude_config_args --cflags`
+ LIBPRELUDE_PTHREAD_CFLAGS=`$LIBPRELUDE_CONFIG $libprelude_config_args --pthread-cflags`
+ LIBPRELUDE_LDFLAGS=`$LIBPRELUDE_CONFIG $libprelude_config_args --ldflags`
+ LIBPRELUDE_LIBS=`$LIBPRELUDE_CONFIG $libprelude_config_args --libs`
+ LIBPRELUDE_PREFIX=`$LIBPRELUDE_CONFIG $libprelude_config_args --prefix`
+ LIBPRELUDE_CONFIG_PREFIX=`$LIBPRELUDE_CONFIG $libprelude_config_args --config-prefix`
+ libprelude_config_version=`$LIBPRELUDE_CONFIG $libprelude_config_args --version`
+
+
+ ac_save_CFLAGS="$CFLAGS"
+ ac_save_LDFLAGS="$LDFLAGS"
+ ac_save_LIBS="$LIBS"
+ CFLAGS="$CFLAGS $LIBPRELUDE_CFLAGS"
+ LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
+ LIBS="$LIBS $LIBPRELUDE_LIBS"
+ rm -f conf.libpreludetest
+ if test "$cross_compiling" = yes; then
+ echo $ac_n "cross compiling; assumed OK... $ac_c"
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <libprelude/prelude.h>
+
+int
+main ()
+{
+ system ("touch conf.libpreludetest");
+
+ if( strcmp( prelude_check_version(NULL), "$libprelude_config_version" ) )
+ {
+ printf("\n*** 'libprelude-config --version' returned %s, but LIBPRELUDE (%s)\n",
+ "$libprelude_config_version", prelude_check_version(NULL) );
+ printf("*** was found! If libprelude-config was correct, then it is best\n");
+ printf("*** to remove the old version of LIBPRELUDE. You may also be able to fix the error\n");
+ printf("*** by modifying your LD_LIBRARY_PATH enviroment variable, or by editing\n");
+ printf("*** /etc/ld.so.conf. Make sure you have run ldconfig if that is\n");
+ printf("*** required on your system.\n");
+ printf("*** If libprelude-config was wrong, set the environment variable LIBPRELUDE_CONFIG\n");
+ printf("*** to point to the correct copy of libprelude-config, and remove the file config.cache\n");
+ printf("*** before re-running configure\n");
+ }
+ else if ( strcmp(prelude_check_version(NULL), LIBPRELUDE_VERSION ) )
+ {
+ printf("\n*** LIBPRELUDE header file (version %s) does not match\n", LIBPRELUDE_VERSION);
+ printf("*** library (version %s)\n", prelude_check_version(NULL) );
+ }
+ else
+ {
+ if ( prelude_check_version( "$min_libprelude_version" ) )
+ {
+ return 0;
+ }
+ else
+ {
+ printf("no\n*** An old version of LIBPRELUDE (%s) was found.\n",
+ prelude_check_version(NULL) );
+ printf("*** You need a version of LIBPRELUDE newer than %s. The latest version of\n",
+ "$min_libprelude_version" );
+ printf("*** LIBPRELUDE is always available from http://www.prelude-ids.org/download/releases.\n");
+ printf("*** \n");
+ printf("*** If you have already installed a sufficiently new version, this error\n");
+ printf("*** probably means that the wrong copy of the libprelude-config shell script is\n");
+ printf("*** being found. The easiest way to fix this is to remove the old version\n");
+ printf("*** of LIBPRELUDE, but you can also set the LIBPRELUDE_CONFIG environment to point to the\n");
+ printf("*** correct copy of libprelude-config. (In this case, you will have to\n");
+ printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n");
+ printf("*** so that the correct libraries are found at run-time))\n");
+ }
+ }
+ return 1;
+}
+
+_ACEOF
+rm -f conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ac_cv_search_opendir="none required"
+ :
else
- echo "$as_me: failed program was:" >&5
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
+( exit $ac_status )
+no_libprelude=yes
fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-if test "$ac_cv_search_opendir" = no; then
- for ac_lib in dir; do
- LIBS="-l$ac_lib $ac_func_search_save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+
+
+ CFLAGS="$ac_save_CFLAGS"
+ LIBS="$ac_save_LIBS"
+ LDFLAGS="$ac_save_LDFLAGS"
+ fi
+
+ if test "x$no_libprelude" = x ; then
+ { echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
+ :
+ else
+ if test -f conf.libpreludetest ; then
+ :
+ else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+ fi
+ if test "$LIBPRELUDE_CONFIG" = "no" ; then
+ echo "*** The libprelude-config script installed by LIBPRELUDE could not be found"
+ echo "*** If LIBPRELUDE was installed in PREFIX, make sure PREFIX/bin is in"
+ echo "*** your path, or set the LIBPRELUDE_CONFIG environment variable to the"
+ echo "*** full path to libprelude-config."
+ else
+ if test -f conf.libpreludetest ; then
+ :
+ else
+ echo "*** Could not run libprelude test program, checking why..."
+ CFLAGS="$CFLAGS $LIBPRELUDE_CFLAGS"
+ LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
+ LIBS="$LIBS $LIBPRELUDE_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char opendir ();
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <libprelude/prelude.h>
+
int
main ()
{
-opendir ();
+ return !!prelude_check_version(NULL);
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ echo "*** The test program compiled, but did not run. This usually means"
+ echo "*** that the run-time linker is not finding LIBPRELUDE or finding the wrong"
+ echo "*** version of LIBPRELUDE. If it is not finding LIBPRELUDE, you'll need to set your"
+ echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point"
+ echo "*** to the installed location Also, make sure you have run ldconfig if that"
+ echo "*** is required on your system"
+ echo "***"
+ echo "*** If you have an old version installed, it is best to remove it, although"
+ echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH"
+ echo "***"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ echo "*** The test program failed to compile or link. See the file config.log for the"
+ echo "*** exact error that occured. This usually means LIBPRELUDE was incorrectly installed"
+ echo "*** or that you have moved LIBPRELUDE since it was installed. In the latter case, you"
+ echo "*** may want to edit the libprelude-config script: $LIBPRELUDE_CONFIG"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ CFLAGS="$ac_save_CFLAGS"
+ LDFLAGS="$ac_save_LDFLAGS"
+ LIBS="$ac_save_LIBS"
+ fi
+ fi
+ LIBPRELUDE_CFLAGS=""
+ LIBPRELUDE_LDFLAGS=""
+ LIBPRELUDE_LIBS=""
+ :
+ fi
+ rm -f conf.libpreludetest
+
+
+
+
+
+
+
+ if test "$LIBPRELUDE_CONFIG" != "no" ; then
+ LIBPRELUDE_CFLAGS="$LIBPRELUDE_CFLAGS -DPRELUDE=1"
+ fi
+fi
+
+# Check whether --enable-debug was given.
+if test "${enable_debug+set}" = set; then
+ enableval=$enable_debug; WITH_DEBUG=yes ;
+cat >>confdefs.h <<\_ACEOF
+#define DEBUG
+_ACEOF
+
+else
+ WITH_DEBUG=no
+fi
+
+
+
+# Check whether --enable-securedir was given.
+if test "${enable_securedir+set}" = set; then
+ enableval=$enable_securedir; SECUREDIR=$enableval
+else
+ SECUREDIR=$libdir/security
+fi
+
+
+
+# Check whether --enable-isadir was given.
+if test "${enable_isadir+set}" = set; then
+ enableval=$enable_isadir; ISA=$enableval
+else
+ ISA=../../`basename $libdir`/security
+fi
+
+unset mylibdirbase
+
+cat >>confdefs.h <<_ACEOF
+#define _PAM_ISA "$ISA"
+_ACEOF
+
+{ echo "$as_me:$LINENO: result: Defining \$ISA to \"$ISA\"" >&5
+echo "${ECHO_T}Defining \$ISA to \"$ISA\"" >&6; }
+
+# Check whether --enable-sconfigdir was given.
+if test "${enable_sconfigdir+set}" = set; then
+ enableval=$enable_sconfigdir; SCONFIGDIR=$enableval
+else
+ SCONFIGDIR=$sysconfdir/security
+fi
+
+
+
+# Check whether --enable-pamlocking was given.
+if test "${enable_pamlocking+set}" = set; then
+ enableval=$enable_pamlocking; WITH_PAMLOCKING=yes ;
+cat >>confdefs.h <<\_ACEOF
+#define PAM_LOCKING
+_ACEOF
+
+else
+ WITH_PAMLOCKING=no
+fi
+
+
+
+# Check whether --enable-read-both-confs was given.
+if test "${enable_read_both_confs+set}" = set; then
+ enableval=$enable_read_both_confs;
+cat >>confdefs.h <<\_ACEOF
+#define PAM_READ_BOTH_CONFS
+_ACEOF
+
+fi
+
+
+
+# Check whether --enable-lckpwdf was given.
+if test "${enable_lckpwdf+set}" = set; then
+ enableval=$enable_lckpwdf; WITH_LCKPWDF=$enableval
+else
+ WITH_LCKPWDF=yes
+fi
+
+if test "$WITH_LCKPWDF" == "yes" ; then
+
+cat >>confdefs.h <<\_ACEOF
+#define USE_LCKPWDF 1
+_ACEOF
+
+fi
+
+
+for ac_header in paths.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ { echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+else
+ # Is the header compilable?
+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_compiler=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_search_opendir="-l$ac_lib"
-break
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
+ ac_header_preproc=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
+ ac_header_preproc=no
fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
- done
+
+rm -f conftest.err conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+
+ ;;
+esac
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
fi
-LIBS=$ac_func_search_save_LIBS
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
fi
-echo "$as_me:$LINENO: result: $ac_cv_search_opendir" >&5
-echo "${ECHO_T}$ac_cv_search_opendir" >&6
-if test "$ac_cv_search_opendir" != no; then
- test "$ac_cv_search_opendir" = "none required" || LIBS="$ac_cv_search_opendir $LIBS"
+done
+
+
+# Check whether --with-mailspool was given.
+if test "${with_mailspool+set}" = set; then
+ withval=$with_mailspool; with_mailspool=${withval}
fi
+if test x$with_mailspool != x ; then
+ pam_mail_spool="\"$with_mailspool\""
else
- echo "$as_me:$LINENO: checking for library containing opendir" >&5
-echo $ECHO_N "checking for library containing opendir... $ECHO_C" >&6
-if test "${ac_cv_search_opendir+set}" = set; then
+ if test "$cross_compiling" = yes; then
+ pam_mail_spool="\"/var/spool/mail\""
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <paths.h>
+int main() {
+#ifdef _PATH_MAILDIR
+exit(0);
+#else
+exit(1);
+#endif
+}
+_ACEOF
+rm -f conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ pam_mail_spool="_PATH_MAILDIR"
+else
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+( exit $ac_status )
+pam_mail_spool="\"/var/spool/mail\""
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+
+
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define PAM_PATH_MAILDIR $pam_mail_spool
+_ACEOF
+
+
+
+# Check whether --with-xauth was given.
+if test "${with_xauth+set}" = set; then
+ withval=$with_xauth; pam_xauth_path=${withval}
+fi
+
+if test x$with_xauth == x ; then
+ # Extract the first word of "xauth", so it can be a program name with args.
+set dummy xauth; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_pam_xauth_path+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ac_func_search_save_LIBS=$LIBS
-ac_cv_search_opendir=no
+ case $pam_xauth_path in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_pam_xauth_path="$pam_xauth_path" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_path_pam_xauth_path="$as_dir/$ac_word$ac_exec_ext"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+pam_xauth_path=$ac_cv_path_pam_xauth_path
+if test -n "$pam_xauth_path"; then
+ { echo "$as_me:$LINENO: result: $pam_xauth_path" >&5
+echo "${ECHO_T}$pam_xauth_path" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+ if test x$pam_xauth_path == x/usr/X11R6/bin/xauth ; then
+ unset pam_xauth_path
+ fi
+fi
+
+if test x$pam_xauth_path != x ; then
+
+cat >>confdefs.h <<_ACEOF
+#define PAM_PATH_XAUTH "$pam_xauth_path"
+_ACEOF
+
+fi
+
+{ echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5
+echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6; }
+if test "${ac_cv_lib_dl_dlopen+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldl $LIBS"
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -4885,382 +21171,817 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char opendir ();
+char dlopen ();
int
main ()
{
-opendir ();
+return dlopen ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_dl_dlopen=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_lib_dl_dlopen=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5
+echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6; }
+if test $ac_cv_lib_dl_dlopen = yes; then
+ LIBDL="-ldl"
+else
+ LIBDL=""
+fi
+
+
+
+# Check for cracklib
+# Check whether --enable-cracklib was given.
+if test "${enable_cracklib+set}" = set; then
+ enableval=$enable_cracklib; WITH_CRACKLIB=$enableval
+else
+ WITH_CRACKLIB=yes
+fi
+
+if test x"$WITH_CRACKLIB" != xno ; then
+ if test "${ac_cv_header_crack_h+set}" = set; then
+ { echo "$as_me:$LINENO: checking for crack.h" >&5
+echo $ECHO_N "checking for crack.h... $ECHO_C" >&6; }
+if test "${ac_cv_header_crack_h+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_header_crack_h" >&5
+echo "${ECHO_T}$ac_cv_header_crack_h" >&6; }
+else
+ # Is the header compilable?
+{ echo "$as_me:$LINENO: checking crack.h usability" >&5
+echo $ECHO_N "checking crack.h usability... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <crack.h>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_compiler=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ echo "$as_me:$LINENO: checking crack.h presence" >&5
+echo $ECHO_N "checking crack.h presence... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <crack.h>
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_search_opendir="none required"
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
+ ac_header_preproc=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
+ ac_header_preproc=no
fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-if test "$ac_cv_search_opendir" = no; then
- for ac_lib in x; do
- LIBS="-l$ac_lib $ac_func_search_save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
+
+rm -f conftest.err conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: crack.h: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: crack.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: crack.h: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: crack.h: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: crack.h: present but cannot be compiled" >&5
+echo "$as_me: WARNING: crack.h: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: crack.h: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: crack.h: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: crack.h: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: crack.h: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: crack.h: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: crack.h: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: crack.h: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: crack.h: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: crack.h: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: crack.h: in the future, the compiler will take precedence" >&2;}
+
+ ;;
+esac
+{ echo "$as_me:$LINENO: checking for crack.h" >&5
+echo $ECHO_N "checking for crack.h... $ECHO_C" >&6; }
+if test "${ac_cv_header_crack_h+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_cv_header_crack_h=$ac_header_preproc
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_header_crack_h" >&5
+echo "${ECHO_T}$ac_cv_header_crack_h" >&6; }
+
+fi
+if test $ac_cv_header_crack_h = yes; then
+ { echo "$as_me:$LINENO: checking for FascistCheck in -lcrack" >&5
+echo $ECHO_N "checking for FascistCheck in -lcrack... $ECHO_C" >&6; }
+if test "${ac_cv_lib_crack_FascistCheck+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lcrack $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char opendir ();
+char FascistCheck ();
int
main ()
{
-opendir ();
+return FascistCheck ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_search_opendir="-l$ac_lib"
-break
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_crack_FascistCheck=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
+ ac_cv_lib_crack_FascistCheck=no
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
- done
+LIBS=$ac_check_lib_save_LIBS
fi
-LIBS=$ac_func_search_save_LIBS
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_crack_FascistCheck" >&5
+echo "${ECHO_T}$ac_cv_lib_crack_FascistCheck" >&6; }
+if test $ac_cv_lib_crack_FascistCheck = yes; then
+ LIBCRACK="-lcrack"
+else
+ LIBCRACK=""
fi
-echo "$as_me:$LINENO: result: $ac_cv_search_opendir" >&5
-echo "${ECHO_T}$ac_cv_search_opendir" >&6
-if test "$ac_cv_search_opendir" != no; then
- test "$ac_cv_search_opendir" = "none required" || LIBS="$ac_cv_search_opendir $LIBS"
fi
+
+else
+ LIBCRACK=""
fi
-echo "$as_me:$LINENO: checking for ANSI C header files" >&5
-echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6
-if test "${ac_cv_header_stdc+set}" = set; then
+ if test ! -z "$LIBCRACK"; then
+ HAVE_LIBCRACK_TRUE=
+ HAVE_LIBCRACK_FALSE='#'
+else
+ HAVE_LIBCRACK_TRUE='#'
+ HAVE_LIBCRACK_FALSE=
+fi
+
+
+# Check whether --enable-audit was given.
+if test "${enable_audit+set}" = set; then
+ enableval=$enable_audit; WITH_LIBAUDIT=$enableval
+else
+ WITH_LIBAUDIT=yes
+fi
+
+if test x"$WITH_LIBAUDIT" != xno ; then
+ if test "${ac_cv_header_libaudit_h+set}" = set; then
+ { echo "$as_me:$LINENO: checking for libaudit.h" >&5
+echo $ECHO_N "checking for libaudit.h... $ECHO_C" >&6; }
+if test "${ac_cv_header_libaudit_h+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_header_libaudit_h" >&5
+echo "${ECHO_T}$ac_cv_header_libaudit_h" >&6; }
else
- cat >conftest.$ac_ext <<_ACEOF
+ # Is the header compilable?
+{ echo "$as_me:$LINENO: checking libaudit.h usability" >&5
+echo $ECHO_N "checking libaudit.h usability... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#include <float.h>
-
-int
-main ()
-{
-
- ;
- return 0;
-}
+$ac_includes_default
+#include <libaudit.h>
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_header_stdc=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_header_compiler=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_header_stdc=no
+ ac_header_compiler=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-if test $ac_cv_header_stdc = yes; then
- # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
- cat >conftest.$ac_ext <<_ACEOF
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ echo "$as_me:$LINENO: checking libaudit.h presence" >&5
+echo $ECHO_N "checking libaudit.h presence... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-#include <string.h>
-
+#include <libaudit.h>
_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
- $EGREP "memchr" >/dev/null 2>&1; then
- :
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
+ ac_header_preproc=yes
else
- ac_cv_header_stdc=no
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
fi
-rm -f conftest*
+rm -f conftest.err conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: libaudit.h: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: libaudit.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: libaudit.h: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: libaudit.h: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: libaudit.h: present but cannot be compiled" >&5
+echo "$as_me: WARNING: libaudit.h: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: libaudit.h: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: libaudit.h: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: libaudit.h: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: libaudit.h: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: libaudit.h: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: libaudit.h: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: libaudit.h: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: libaudit.h: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: libaudit.h: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: libaudit.h: in the future, the compiler will take precedence" >&2;}
+
+ ;;
+esac
+{ echo "$as_me:$LINENO: checking for libaudit.h" >&5
+echo $ECHO_N "checking for libaudit.h... $ECHO_C" >&6; }
+if test "${ac_cv_header_libaudit_h+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_cv_header_libaudit_h=$ac_header_preproc
fi
+{ echo "$as_me:$LINENO: result: $ac_cv_header_libaudit_h" >&5
+echo "${ECHO_T}$ac_cv_header_libaudit_h" >&6; }
-if test $ac_cv_header_stdc = yes; then
- # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
- cat >conftest.$ac_ext <<_ACEOF
+fi
+if test $ac_cv_header_libaudit_h = yes; then
+ { echo "$as_me:$LINENO: checking for audit_log_user_message in -laudit" >&5
+echo $ECHO_N "checking for audit_log_user_message in -laudit... $ECHO_C" >&6; }
+if test "${ac_cv_lib_audit_audit_log_user_message+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-laudit $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-#include <stdlib.h>
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char audit_log_user_message ();
+int
+main ()
+{
+return audit_log_user_message ();
+ ;
+ return 0;
+}
_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
- $EGREP "free" >/dev/null 2>&1; then
- :
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_audit_audit_log_user_message=yes
else
- ac_cv_header_stdc=no
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_lib_audit_audit_log_user_message=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_audit_audit_log_user_message" >&5
+echo "${ECHO_T}$ac_cv_lib_audit_audit_log_user_message" >&6; }
+if test $ac_cv_lib_audit_audit_log_user_message = yes; then
+ LIBAUDIT=-laudit
+else
+ LIBAUDIT=""
fi
-rm -f conftest*
+
fi
-if test $ac_cv_header_stdc = yes; then
- # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
- if test "$cross_compiling" = yes; then
- :
+
+ if test ! -z "$LIBAUDIT" -a "ac_cv_header_libaudit_h" != "no" ; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_LIBAUDIT 1
+_ACEOF
+
+ fi
else
- cat >conftest.$ac_ext <<_ACEOF
+ LIBAUDIT=""
+fi
+
+
+BACKUP_LIBS=$LIBS
+{ echo "$as_me:$LINENO: checking for library containing crypt" >&5
+echo $ECHO_N "checking for library containing crypt... $ECHO_C" >&6; }
+if test "${ac_cv_search_crypt+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_func_search_save_LIBS=$LIBS
+cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-#include <ctype.h>
-#if ((' ' & 0x0FF) == 0x020)
-# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
-# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
-#else
-# define ISLOWER(c) \
- (('a' <= (c) && (c) <= 'i') \
- || ('j' <= (c) && (c) <= 'r') \
- || ('s' <= (c) && (c) <= 'z'))
-# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
-#endif
-#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char crypt ();
int
main ()
{
- int i;
- for (i = 0; i < 256; i++)
- if (XOR (islower (i), ISLOWER (i))
- || toupper (i) != TOUPPER (i))
- exit(2);
- exit (0);
+return crypt ();
+ ;
+ return 0;
}
_ACEOF
-rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+for ac_lib in '' xcrypt crypt; do
+ if test -z "$ac_lib"; then
+ ac_res="none required"
+ else
+ ac_res=-l$ac_lib
+ LIBS="-l$ac_lib $ac_func_search_save_LIBS"
+ fi
+ rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- :
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_search_crypt=$ac_res
else
- echo "$as_me: program exited with status $ac_status" >&5
-echo "$as_me: failed program was:" >&5
+ echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-( exit $ac_status )
-ac_cv_header_stdc=no
+
fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext
+ if test "${ac_cv_search_crypt+set}" = set; then
+ break
fi
+done
+if test "${ac_cv_search_crypt+set}" = set; then
+ :
+else
+ ac_cv_search_crypt=no
fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_search_crypt" >&5
+echo "${ECHO_T}$ac_cv_search_crypt" >&6; }
+ac_res=$ac_cv_search_crypt
+if test "$ac_res" != no; then
+ test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+ LIBCRYPT="-l$ac_lib"
+else
+ LIBCRYPT=""
fi
-echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5
-echo "${ECHO_T}$ac_cv_header_stdc" >&6
-if test $ac_cv_header_stdc = yes; then
-cat >>confdefs.h <<\_ACEOF
-#define STDC_HEADERS 1
-_ACEOF
+LIBS=$BACKUP_LIBS
+
+# Check whether --enable-db was given.
+if test "${enable_db+set}" = set; then
+ enableval=$enable_db; WITH_DB=$enableval
+else
+ WITH_DB=yes
fi
-echo "$as_me:$LINENO: checking for sys/wait.h that is POSIX.1 compatible" >&5
-echo $ECHO_N "checking for sys/wait.h that is POSIX.1 compatible... $ECHO_C" >&6
-if test "${ac_cv_header_sys_wait_h+set}" = set; then
+if test x"$WITH_DB" != xno ; then
+ if test x"$WITH_DB" = xyes -o x"$WITH_DB" = xdb ; then
+ { echo "$as_me:$LINENO: checking for db_create in -ldb" >&5
+echo $ECHO_N "checking for db_create in -ldb... $ECHO_C" >&6; }
+if test "${ac_cv_lib_db_db_create+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- cat >conftest.$ac_ext <<_ACEOF
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldb $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-#include <sys/types.h>
-#include <sys/wait.h>
-#ifndef WEXITSTATUS
-# define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
-#endif
-#ifndef WIFEXITED
-# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
-#endif
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char db_create ();
int
main ()
{
- int s;
- wait (&s);
- s = WIFEXITED (s) ? WEXITSTATUS (s) : 1;
+return db_create ();
;
return 0;
}
_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_header_sys_wait_h=yes
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_db_db_create=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_header_sys_wait_h=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+ ac_cv_lib_db_db_create=no
fi
-echo "$as_me:$LINENO: result: $ac_cv_header_sys_wait_h" >&5
-echo "${ECHO_T}$ac_cv_header_sys_wait_h" >&6
-if test $ac_cv_header_sys_wait_h = yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define HAVE_SYS_WAIT_H 1
-_ACEOF
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_db_db_create" >&5
+echo "${ECHO_T}$ac_cv_lib_db_db_create" >&6; }
+if test $ac_cv_lib_db_db_create = yes; then
+ LIBDB="-ldb"
+else
+ LIBDB=""
fi
+ if test -z "$LIBDB" ; then
+ { echo "$as_me:$LINENO: checking for dbm_store in -ldb" >&5
+echo $ECHO_N "checking for dbm_store in -ldb... $ECHO_C" >&6; }
+if test "${ac_cv_lib_db_dbm_store+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldb $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dbm_store ();
+int
+main ()
+{
+return dbm_store ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_db_dbm_store=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+ ac_cv_lib_db_dbm_store=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_db_dbm_store" >&5
+echo "${ECHO_T}$ac_cv_lib_db_dbm_store" >&6; }
+if test $ac_cv_lib_db_dbm_store = yes; then
+ LIBDB="-ldb"
+else
+ LIBDB=""
+fi
+ fi
+ fi
+ if test -z "$LIBDB" ; then
+ { echo "$as_me:$LINENO: checking for dbm_store in -lndbm" >&5
+echo $ECHO_N "checking for dbm_store in -lndbm... $ECHO_C" >&6; }
+if test "${ac_cv_lib_ndbm_dbm_store+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lndbm $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dbm_store ();
+int
+main ()
+{
+return dbm_store ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_ndbm_dbm_store=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+ ac_cv_lib_ndbm_dbm_store=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_ndbm_dbm_store" >&5
+echo "${ECHO_T}$ac_cv_lib_ndbm_dbm_store" >&6; }
+if test $ac_cv_lib_ndbm_dbm_store = yes; then
+ LIBDB="-lndbm"
+else
+ LIBDB=""
+fi
+ if test ! -z "$LIBDB" ; then
-
-for ac_header in fcntl.h limits.h malloc.h sys/file.h sys/ioctl.h sys/time.h syslog.h termio.h unistd.h sys/fsuid.h
+for ac_header in ndbm.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ { echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
else
# Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -5271,41 +21992,37 @@ $ac_includes_default
#include <$ac_header>
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_header_compiler=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_header_compiler=no
+ ac_header_compiler=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -5314,24 +22031,22 @@ cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <$ac_header>
_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
ac_header_preproc=yes
else
echo "$as_me: failed program was:" >&5
@@ -5339,9 +22054,10 @@ sed 's/^/| /' conftest.$ac_ext >&5
ac_header_preproc=no
fi
+
rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
# So? What about this header?
case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
@@ -5365,25 +22081,19 @@ echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\
echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
{ echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
+
;;
esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
eval "$as_ac_Header=\$ac_header_preproc"
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
fi
if test `eval echo '${'$as_ac_Header'}'` = yes; then
@@ -5395,23 +22105,25 @@ fi
done
+ fi
+ else
-
-for ac_header in features.h
+for ac_header in db.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ { echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
else
# Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -5422,41 +22134,37 @@ $ac_includes_default
#include <$ac_header>
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_header_compiler=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_header_compiler=no
+ ac_header_compiler=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -5465,24 +22173,22 @@ cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <$ac_header>
_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
ac_header_preproc=yes
else
echo "$as_me: failed program was:" >&5
@@ -5490,9 +22196,10 @@ sed 's/^/| /' conftest.$ac_ext >&5
ac_header_preproc=no
fi
+
rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
# So? What about this header?
case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
@@ -5516,25 +22223,19 @@ echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\
echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
{ echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
+
;;
esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
eval "$as_ac_Header=\$ac_header_preproc"
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
fi
if test `eval echo '${'$as_ac_Header'}'` = yes; then
@@ -5546,94 +22247,852 @@ fi
done
+ fi
+fi
+ if test ! -z "$LIBDB"; then
+ HAVE_LIBDB_TRUE=
+ HAVE_LIBDB_FALSE='#'
+else
+ HAVE_LIBDB_TRUE='#'
+ HAVE_LIBDB_FALSE=
+fi
-for ac_header in crypt.h
+
+{ echo "$as_me:$LINENO: checking for yp_get_default_domain in -lnsl" >&5
+echo $ECHO_N "checking for yp_get_default_domain in -lnsl... $ECHO_C" >&6; }
+if test "${ac_cv_lib_nsl_yp_get_default_domain+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lnsl $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char yp_get_default_domain ();
+int
+main ()
+{
+return yp_get_default_domain ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_nsl_yp_get_default_domain=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_lib_nsl_yp_get_default_domain=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_nsl_yp_get_default_domain" >&5
+echo "${ECHO_T}$ac_cv_lib_nsl_yp_get_default_domain" >&6; }
+if test $ac_cv_lib_nsl_yp_get_default_domain = yes; then
+ LIBNSL="-lnsl"
+else
+ LIBNSL=""
+fi
+
+LIBS="$LIBS $LIBNSL"
+
+for ac_func in yp_get_default_domain
do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define $ac_func innocuous_$ac_func
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $ac_func
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $ac_func ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_$ac_func || defined __stub___$ac_func
+choke me
+#endif
+
+int
+main ()
+{
+return $ac_func ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ eval "$as_ac_var=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+ac_res=`eval echo '${'$as_ac_var'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+LIBS=$BACKUP_LIBS
+
+
+# Check whether --enable-selinux was given.
+if test "${enable_selinux+set}" = set; then
+ enableval=$enable_selinux; WITH_SELINUX=$enableval
+else
+ WITH_SELINUX=yes
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+if test "$WITH_SELINUX" == "yes" ; then
+ { echo "$as_me:$LINENO: checking for getfilecon in -lselinux" >&5
+echo $ECHO_N "checking for getfilecon in -lselinux... $ECHO_C" >&6; }
+if test "${ac_cv_lib_selinux_getfilecon+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lselinux $LIBS"
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char getfilecon ();
+int
+main ()
+{
+return getfilecon ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_selinux_getfilecon=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_lib_selinux_getfilecon=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_selinux_getfilecon" >&5
+echo "${ECHO_T}$ac_cv_lib_selinux_getfilecon" >&6; }
+if test $ac_cv_lib_selinux_getfilecon = yes; then
+ LIBSELINUX="-lselinux"
+else
+ LIBSELINUX=""
+fi
+
+else
+ LIBSELINUX=""
+fi
+
+ if test ! -z "$LIBSELINUX"; then
+ HAVE_LIBSELINUX_TRUE=
+ HAVE_LIBSELINUX_FALSE='#'
+else
+ HAVE_LIBSELINUX_TRUE='#'
+ HAVE_LIBSELINUX_FALSE=
+fi
+
+if test ! -z "$LIBSELINUX" ; then
+
+cat >>confdefs.h <<\_ACEOF
+#define WITH_SELINUX 1
+_ACEOF
+
+fi
+
+
+
+
+
+
+ac_header_dirent=no
+for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h; do
+ as_ac_Header=`echo "ac_cv_header_dirent_$ac_hdr" | $as_tr_sh`
+{ echo "$as_me:$LINENO: checking for $ac_hdr that defines DIR" >&5
+echo $ECHO_N "checking for $ac_hdr that defines DIR... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/types.h>
+#include <$ac_hdr>
+
+int
+main ()
+{
+if ((DIR *) 0)
+return 0;
+ ;
+ return 0;
+}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ eval "$as_ac_Header=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ eval "$as_ac_Header=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_hdr" | $as_tr_cpp` 1
+_ACEOF
+
+ac_header_dirent=$ac_hdr; break
+fi
+
+done
+# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix.
+if test $ac_header_dirent = dirent.h; then
+ { echo "$as_me:$LINENO: checking for library containing opendir" >&5
+echo $ECHO_N "checking for library containing opendir... $ECHO_C" >&6; }
+if test "${ac_cv_search_opendir+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_func_search_save_LIBS=$LIBS
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char opendir ();
+int
+main ()
+{
+return opendir ();
+ ;
+ return 0;
+}
+_ACEOF
+for ac_lib in '' dir; do
+ if test -z "$ac_lib"; then
+ ac_res="none required"
+ else
+ ac_res=-l$ac_lib
+ LIBS="-l$ac_lib $ac_func_search_save_LIBS"
+ fi
+ rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_search_opendir=$ac_res
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext
+ if test "${ac_cv_search_opendir+set}" = set; then
+ break
+fi
+done
+if test "${ac_cv_search_opendir+set}" = set; then
+ :
+else
+ ac_cv_search_opendir=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_search_opendir" >&5
+echo "${ECHO_T}$ac_cv_search_opendir" >&6; }
+ac_res=$ac_cv_search_opendir
+if test "$ac_res" != no; then
+ test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+fi
+
+else
+ { echo "$as_me:$LINENO: checking for library containing opendir" >&5
+echo $ECHO_N "checking for library containing opendir... $ECHO_C" >&6; }
+if test "${ac_cv_search_opendir+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_func_search_save_LIBS=$LIBS
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char opendir ();
+int
+main ()
+{
+return opendir ();
+ ;
+ return 0;
+}
+_ACEOF
+for ac_lib in '' x; do
+ if test -z "$ac_lib"; then
+ ac_res="none required"
+ else
+ ac_res=-l$ac_lib
+ LIBS="-l$ac_lib $ac_func_search_save_LIBS"
+ fi
+ rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_search_opendir=$ac_res
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext
+ if test "${ac_cv_search_opendir+set}" = set; then
+ break
+fi
+done
+if test "${ac_cv_search_opendir+set}" = set; then
+ :
+else
+ ac_cv_search_opendir=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_search_opendir" >&5
+echo "${ECHO_T}$ac_cv_search_opendir" >&6; }
+ac_res=$ac_cv_search_opendir
+if test "$ac_res" != no; then
+ test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+fi
+
+fi
+
+{ echo "$as_me:$LINENO: checking for ANSI C header files" >&5
+echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6; }
+if test "${ac_cv_header_stdc+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <float.h>
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_header_stdc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_header_stdc=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+if test $ac_cv_header_stdc = yes; then
+ # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <string.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "memchr" >/dev/null 2>&1; then
+ :
+else
+ ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+ # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <stdlib.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "free" >/dev/null 2>&1; then
+ :
+else
+ ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+ # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+ if test "$cross_compiling" = yes; then
+ :
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <ctype.h>
+#include <stdlib.h>
+#if ((' ' & 0x0FF) == 0x020)
+# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#else
+# define ISLOWER(c) \
+ (('a' <= (c) && (c) <= 'i') \
+ || ('j' <= (c) && (c) <= 'r') \
+ || ('s' <= (c) && (c) <= 'z'))
+# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
+#endif
+
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int
+main ()
+{
+ int i;
+ for (i = 0; i < 256; i++)
+ if (XOR (islower (i), ISLOWER (i))
+ || toupper (i) != TOUPPER (i))
+ return 2;
+ return 0;
+}
+_ACEOF
+rm -f conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ac_header_compiler=yes
+ :
+else
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+( exit $ac_status )
+ac_cv_header_stdc=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+
+
+fi
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5
+echo "${ECHO_T}$ac_cv_header_stdc" >&6; }
+if test $ac_cv_header_stdc = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define STDC_HEADERS 1
+_ACEOF
+
+fi
+
+{ echo "$as_me:$LINENO: checking for sys/wait.h that is POSIX.1 compatible" >&5
+echo $ECHO_N "checking for sys/wait.h that is POSIX.1 compatible... $ECHO_C" >&6; }
+if test "${ac_cv_header_sys_wait_h+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/types.h>
+#include <sys/wait.h>
+#ifndef WEXITSTATUS
+# define WEXITSTATUS(stat_val) ((unsigned int) (stat_val) >> 8)
+#endif
+#ifndef WIFEXITED
+# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
+#endif
+
+int
+main ()
+{
+ int s;
+ wait (&s);
+ s = WIFEXITED (s) ? WEXITSTATUS (s) : 1;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_header_sys_wait_h=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_header_compiler=no
+ ac_cv_header_sys_wait_h=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_header_sys_wait_h" >&5
+echo "${ECHO_T}$ac_cv_header_sys_wait_h" >&6; }
+if test $ac_cv_header_sys_wait_h = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_SYS_WAIT_H 1
+_ACEOF
+
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+for ac_header in fcntl.h limits.h malloc.h sys/file.h sys/ioctl.h sys/time.h syslog.h termio.h unistd.h sys/fsuid.h inittypes.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ { echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+else
+ # Is the header compilable?
+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
+$ac_includes_default
#include <$ac_header>
_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_header_compiler=yes
else
- ac_cpp_err=yes
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_compiler=no
fi
-if test -z "$ac_cpp_err"; then
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
ac_header_preproc=yes
else
echo "$as_me: failed program was:" >&5
@@ -5641,9 +23100,10 @@ sed 's/^/| /' conftest.$ac_ext >&5
ac_header_preproc=no
fi
+
rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
# So? What about this header?
case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
@@ -5667,25 +23127,19 @@ echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\
echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
{ echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
+
;;
esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
eval "$as_ac_Header=\$ac_header_preproc"
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
fi
if test `eval echo '${'$as_ac_Header'}'` = yes; then
@@ -5699,22 +23153,22 @@ done
-
-for ac_header in ndbm.h db.h
+for ac_header in crypt.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ { echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
else
# Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -5725,41 +23179,37 @@ $ac_includes_default
#include <$ac_header>
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_header_compiler=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_header_compiler=no
+ ac_header_compiler=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -5768,24 +23218,22 @@ cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <$ac_header>
_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
ac_header_preproc=yes
else
echo "$as_me: failed program was:" >&5
@@ -5793,9 +23241,10 @@ sed 's/^/| /' conftest.$ac_ext >&5
ac_header_preproc=no
fi
+
rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
# So? What about this header?
case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
@@ -5819,25 +23268,19 @@ echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\
echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
{ echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
+
;;
esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
eval "$as_ac_Header=\$ac_header_preproc"
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
fi
if test `eval echo '${'$as_ac_Header'}'` = yes; then
@@ -5849,8 +23292,6 @@ fi
done
-HAVE_NDBM_H=$ac_cv_header_ndbm_h
-
@@ -5858,18 +23299,19 @@ HAVE_NDBM_H=$ac_cv_header_ndbm_h
for ac_header in lastlog.h utmp.h utmpx.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ { echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
else
# Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -5880,41 +23322,37 @@ $ac_includes_default
#include <$ac_header>
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_header_compiler=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_header_compiler=no
+ ac_header_compiler=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -5923,24 +23361,22 @@ cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <$ac_header>
_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
ac_header_preproc=yes
else
echo "$as_me: failed program was:" >&5
@@ -5948,9 +23384,10 @@ sed 's/^/| /' conftest.$ac_ext >&5
ac_header_preproc=no
fi
+
rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
# So? What about this header?
case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
@@ -5974,25 +23411,19 @@ echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\
echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
{ echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
+
;;
esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
eval "$as_ac_Header=\$ac_header_preproc"
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
fi
if test `eval echo '${'$as_ac_Header'}'` = yes; then
@@ -6005,139 +23436,8 @@ fi
done
-
-echo "$as_me:$LINENO: checking path to cracklib dictionary" >&5
-echo $ECHO_N "checking path to cracklib dictionary... $ECHO_C" >&6
-DICT_DIR_CANDIDATES="/usr/lib /usr/share/dict /usr/share/lib \
- /usr/local/lib /usr/local/share/lib /usr/share/cracklib"
-DICT_FILE_CANDIDATES="pw_dict cracklib_dict"
-CRACKLIB_DICTPATH=""
-for d in $DICT_DIR_CANDIDATES ; do
- for f in $DICT_FILE_CANDIDATES ; do
- if test -r $d/$f.hwm ; then
- CRACKLIB_DICTPATH=$d/$f
- break 2
- elif test -r $d/dict/$f.hwm ; then
- CRACKLIB_DICTPATH=$d/dict/$f
- break 2
- fi
- done
-done
-if test -z "$CRACKLIB_DICTPATH" ; then
- { echo "$as_me:$LINENO: WARNING: none found - pam_cracklib will not be built" >&5
-echo "$as_me: WARNING: none found - pam_cracklib will not be built" >&2;}
-else
- echo "$as_me:$LINENO: result: $CRACKLIB_DICTPATH" >&5
-echo "${ECHO_T}$CRACKLIB_DICTPATH" >&6
-fi
-
-
-
-GCC_WARNINGS="-Wall -Wwrite-strings \
- -Wpointer-arith -Wcast-qual -Wcast-align \
- -Wstrict-prototypes -Wmissing-prototypes \
- -Wnested-externs -Winline -Wshadow"
-
-if test "$GCC" = yes; then
- CC=gcc ;
-### May need per-OS attention
-### Example: -D_POSIX_SOURCE: needed on Linux but harms Solaris.
- case $OS in
- linux)
- OS_CFLAGS=
- LD_D="$CC -shared $LDFLAGS"
- WARNINGS="$GCC_WARNINGS"
- PIC="-fPIC"
- DYNTYPE=so
- LD=gcc
- LD_L="$CC -shared $LDFLAGS"
- RANLIB=:
- STRIP=strip
- CC_STATIC="-Xlinker -export-dynamic"
- ;;
- sunos)
- OS_CFLAGS="-ansi -pedantic"
- LD_D="gcc -shared -Xlinker -x"
- WARNINGS="$GCC_WARNINGS"
- PIC="-fPIC"
- DYNTYPE=so
- LD=ld
- LD_L="$LD -x -shared"
- RANLIB=ranlib
- STRIP=strip
- CC_STATIC="-Xlinker -export-dynamic"
- ;;
- aix)
- OS_CFLAGS=""
- DYNTYPE=lo
- LD=ld
- LD_L=ld -bexpall -bM:SRE -bnoentry
- LD_D="$LD_L"
- RANLIB=ranlib
- STRIP=strip
- ;;
- *)
- OS_CFLAGS=""
- ;;
- esac
-else
-###
-### Non-gcc needs attention on per-OS basis
-###
- case "$OS" in
- darwin)
-# add some stuff here (see sourceforge bug 534205)
-# DOCDIR=/System/Documentation/Administration/Libraries/PAM
-# MANDIR=/usr/share/man
- ;;
- solaris)
- ### Support for Solaris-C
- OS_CFLAGS=""
- WARNINGS=""
- PIC="-K pic"
- LD=ld
- LD_D="cc -z text -G -R."
- LD_L="$LD_D"
- RANLIB=ranlib
- STRIP=strip
- CC_STATIC=
- ;;
- irix*)
- OSRELEASE=`uname -r`
- if test "$OSRELEASE" = 6.5; then
- OS_CFLAGS=""
- WARNINGS="-fullwarn"
- PIC= #PIC code is default for IRIX
- LD="cc -shared" # modules friendly approach
- LD_D="cc -shared"
- LD_L="ld -G -z redlocsym"
- RANLIB=echo
- STRIP=strip
- CC_STATIC=
- else
- echo "IRIX prior to 6.5 not allowed for"
- exit
- fi
- ;;
- *) echo "Native compiler on $OS is not yet supported"
- exit
- ;;
- esac
-fi
-
-
-
-
-
-
-
-
-
-
-
-
-echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5
-echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5
+echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6; }
if test "${ac_cv_c_bigendian+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6154,7 +23454,8 @@ cat >>conftest.$ac_ext <<_ACEOF
int
main ()
{
-#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN
+#if ! (defined BYTE_ORDER && defined BIG_ENDIAN && defined LITTLE_ENDIAN \
+ && BYTE_ORDER && BIG_ENDIAN && LITTLE_ENDIAN)
bogus endian macros
#endif
@@ -6163,27 +23464,22 @@ main ()
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
# It does; now see whether it defined to BIG_ENDIAN or not.
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
@@ -6206,40 +23502,36 @@ main ()
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_cv_c_bigendian=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_c_bigendian=no
+ ac_cv_c_bigendian=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-# It does not; compile a test program.
+ # It does not; compile a test program.
if test "$cross_compiling" = yes; then
# try to guess the endianness by grepping values into an object file
ac_cv_c_bigendian=unknown
@@ -6249,11 +23541,11 @@ _ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-short ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 };
-short ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 };
+short int ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 };
+short int ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 };
void _ascii () { char *s = (char *) ascii_mm; s = (char *) ascii_ii; }
-short ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 };
-short ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 };
+short int ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 };
+short int ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 };
void _ebcdic () { char *s = (char *) ebcdic_mm; s = (char *) ebcdic_ii; }
int
main ()
@@ -6264,27 +23556,22 @@ main ()
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then
ac_cv_c_bigendian=yes
fi
@@ -6300,8 +23587,10 @@ else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
+
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
else
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
@@ -6309,27 +23598,41 @@ _ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
+$ac_includes_default
int
main ()
{
+
/* Are we little or big endian? From Harbison&Steele. */
union
{
- long l;
- char c[sizeof (long)];
+ long int l;
+ char c[sizeof (long int)];
} u;
u.l = 1;
- exit (u.c[sizeof (long) - 1] == 1);
+ return u.c[sizeof (long int) - 1] == 1;
+
+ ;
+ return 0;
}
_ACEOF
rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
@@ -6342,13 +23645,16 @@ sed 's/^/| /' conftest.$ac_ext >&5
( exit $ac_status )
ac_cv_c_bigendian=yes
fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
fi
+
+
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5
-echo "${ECHO_T}$ac_cv_c_bigendian" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5
+echo "${ECHO_T}$ac_cv_c_bigendian" >&6; }
case $ac_cv_c_bigendian in
yes)
@@ -6366,8 +23672,8 @@ presetting ac_cv_c_bigendian=no (or yes) will help" >&2;}
{ (exit 1); exit 1; }; } ;;
esac
-echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5
-echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5
+echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6; }
if test "${ac_cv_c_const+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6385,10 +23691,10 @@ main ()
#ifndef __cplusplus
/* Ultrix mips cc rejects this. */
typedef int charset[2];
- const charset x;
+ const charset cs;
/* SunOS 4.1.1 cc rejects this. */
- char const *const *ccp;
- char **p;
+ char const *const *pcpcc;
+ char **ppc;
/* NEC SVR4.0.2 mips cc rejects this. */
struct point {int x, y;};
static struct point const zero = {0,0};
@@ -6397,16 +23703,17 @@ main ()
an arm of an if-expression whose if-part is not a constant
expression */
const char *g = "string";
- ccp = &g + (g ? g-g : 0);
+ pcpcc = &g + (g ? g-g : 0);
/* HPUX 7.0 cc rejects these. */
- ++ccp;
- p = (char**) ccp;
- ccp = (char const *const *) p;
+ ++pcpcc;
+ ppc = (char**) pcpcc;
+ pcpcc = (char const *const *) ppc;
{ /* SCO 3.2v4 cc rejects this. */
char *t;
char const *s = 0 ? (char *) 0 : (char const *) 0;
*t++ = 0;
+ if (s) return 0;
}
{ /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */
int x[] = {25, 17};
@@ -6425,7 +23732,9 @@ main ()
}
{ /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
const int foo = 10;
+ if (!foo) return 0;
}
+ return !cs[0] && !zero.x;
#endif
;
@@ -6433,38 +23742,34 @@ main ()
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_cv_c_const=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_c_const=no
+ ac_cv_c_const=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5
-echo "${ECHO_T}$ac_cv_c_const" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5
+echo "${ECHO_T}$ac_cv_c_const" >&6; }
if test $ac_cv_c_const = no; then
cat >>confdefs.h <<\_ACEOF
@@ -6473,8 +23778,8 @@ _ACEOF
fi
-echo "$as_me:$LINENO: checking for uid_t in sys/types.h" >&5
-echo $ECHO_N "checking for uid_t in sys/types.h... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for uid_t in sys/types.h" >&5
+echo $ECHO_N "checking for uid_t in sys/types.h... $ECHO_C" >&6; }
if test "${ac_cv_type_uid_t+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6496,8 +23801,8 @@ fi
rm -f conftest*
fi
-echo "$as_me:$LINENO: result: $ac_cv_type_uid_t" >&5
-echo "${ECHO_T}$ac_cv_type_uid_t" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_type_uid_t" >&5
+echo "${ECHO_T}$ac_cv_type_uid_t" >&6; }
if test $ac_cv_type_uid_t = no; then
cat >>confdefs.h <<\_ACEOF
@@ -6511,8 +23816,8 @@ _ACEOF
fi
-echo "$as_me:$LINENO: checking for off_t" >&5
-echo $ECHO_N "checking for off_t... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for off_t" >&5
+echo $ECHO_N "checking for off_t... $ECHO_C" >&6; }
if test "${ac_cv_type_off_t+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6523,62 +23828,59 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
$ac_includes_default
+typedef off_t ac__type_new_;
int
main ()
{
-if ((off_t *) 0)
+if ((ac__type_new_ *) 0)
return 0;
-if (sizeof (off_t))
+if (sizeof (ac__type_new_))
return 0;
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_cv_type_off_t=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_type_off_t=no
+ ac_cv_type_off_t=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: $ac_cv_type_off_t" >&5
-echo "${ECHO_T}$ac_cv_type_off_t" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_type_off_t" >&5
+echo "${ECHO_T}$ac_cv_type_off_t" >&6; }
if test $ac_cv_type_off_t = yes; then
:
else
cat >>confdefs.h <<_ACEOF
-#define off_t long
+#define off_t long int
_ACEOF
fi
-echo "$as_me:$LINENO: checking for pid_t" >&5
-echo $ECHO_N "checking for pid_t... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for pid_t" >&5
+echo $ECHO_N "checking for pid_t... $ECHO_C" >&6; }
if test "${ac_cv_type_pid_t+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6589,50 +23891,47 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
$ac_includes_default
+typedef pid_t ac__type_new_;
int
main ()
{
-if ((pid_t *) 0)
+if ((ac__type_new_ *) 0)
return 0;
-if (sizeof (pid_t))
+if (sizeof (ac__type_new_))
return 0;
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_cv_type_pid_t=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_type_pid_t=no
+ ac_cv_type_pid_t=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: $ac_cv_type_pid_t" >&5
-echo "${ECHO_T}$ac_cv_type_pid_t" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_type_pid_t" >&5
+echo "${ECHO_T}$ac_cv_type_pid_t" >&6; }
if test $ac_cv_type_pid_t = yes; then
:
else
@@ -6643,8 +23942,8 @@ _ACEOF
fi
-echo "$as_me:$LINENO: checking for size_t" >&5
-echo $ECHO_N "checking for size_t... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for size_t" >&5
+echo $ECHO_N "checking for size_t... $ECHO_C" >&6; }
if test "${ac_cv_type_size_t+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6655,62 +23954,59 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
$ac_includes_default
+typedef size_t ac__type_new_;
int
main ()
{
-if ((size_t *) 0)
+if ((ac__type_new_ *) 0)
return 0;
-if (sizeof (size_t))
+if (sizeof (ac__type_new_))
return 0;
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_cv_type_size_t=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_type_size_t=no
+ ac_cv_type_size_t=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5
-echo "${ECHO_T}$ac_cv_type_size_t" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5
+echo "${ECHO_T}$ac_cv_type_size_t" >&6; }
if test $ac_cv_type_size_t = yes; then
:
else
cat >>confdefs.h <<_ACEOF
-#define size_t unsigned
+#define size_t unsigned int
_ACEOF
fi
-echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5
-echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5
+echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6; }
if test "${ac_cv_header_time+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6734,38 +24030,34 @@ return 0;
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_cv_header_time=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_header_time=no
+ ac_cv_header_time=no
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5
-echo "${ECHO_T}$ac_cv_header_time" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5
+echo "${ECHO_T}$ac_cv_header_time" >&6; }
if test $ac_cv_header_time = yes; then
cat >>confdefs.h <<\_ACEOF
@@ -6774,8 +24066,8 @@ _ACEOF
fi
-echo "$as_me:$LINENO: checking whether struct tm is in sys/time.h or time.h" >&5
-echo $ECHO_N "checking whether struct tm is in sys/time.h or time.h... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking whether struct tm is in sys/time.h or time.h" >&5
+echo $ECHO_N "checking whether struct tm is in sys/time.h or time.h... $ECHO_C" >&6; }
if test "${ac_cv_struct_tm+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6791,44 +24083,42 @@ cat >>conftest.$ac_ext <<_ACEOF
int
main ()
{
-struct tm *tp; tp->tm_sec;
+struct tm tm;
+ int *p = &tm.tm_sec;
+ return !p;
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
ac_cv_struct_tm=time.h
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_struct_tm=sys/time.h
+ ac_cv_struct_tm=sys/time.h
fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: $ac_cv_struct_tm" >&5
-echo "${ECHO_T}$ac_cv_struct_tm" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_struct_tm" >&5
+echo "${ECHO_T}$ac_cv_struct_tm" >&6; }
if test $ac_cv_struct_tm = sys/time.h; then
cat >>confdefs.h <<\_ACEOF
@@ -6838,8 +24128,8 @@ _ACEOF
fi
-echo "$as_me:$LINENO: checking type of array argument to getgroups" >&5
-echo $ECHO_N "checking type of array argument to getgroups... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking type of array argument to getgroups" >&5
+echo $ECHO_N "checking type of array argument to getgroups... $ECHO_C" >&6; }
if test "${ac_cv_type_getgroups+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6853,7 +24143,7 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
/* Thanks to Mike Rendell for this test. */
-#include <sys/types.h>
+$ac_includes_default
#define NGID 256
#undef MAX
#define MAX(x, y) ((x) > (y) ? (x) : (y))
@@ -6863,7 +24153,7 @@ main ()
{
gid_t gidset[NGID];
int i, n;
- union { gid_t gval; long lval; } val;
+ union { gid_t gval; long int lval; } val;
val.lval = -1;
for (i = 0; i < NGID; i++)
@@ -6871,18 +24161,28 @@ main ()
n = getgroups (sizeof (gidset) / MAX (sizeof (int), sizeof (gid_t)) - 1,
gidset);
/* Exit non-zero if getgroups seems to require an array of ints. This
- happens when gid_t is short but getgroups modifies an array of ints. */
- exit ((n > 0 && gidset[n] != val.gval) ? 1 : 0);
+ happens when gid_t is short int but getgroups modifies an array
+ of ints. */
+ return n > 0 && gidset[n] != val.gval;
}
_ACEOF
rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
@@ -6895,8 +24195,10 @@ sed 's/^/| /' conftest.$ac_ext >&5
( exit $ac_status )
ac_cv_type_getgroups=int
fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
fi
+
+
if test $ac_cv_type_getgroups = cross; then
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
@@ -6917,8 +24219,8 @@ rm -f conftest*
fi
fi
-echo "$as_me:$LINENO: result: $ac_cv_type_getgroups" >&5
-echo "${ECHO_T}$ac_cv_type_getgroups" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_type_getgroups" >&5
+echo "${ECHO_T}$ac_cv_type_getgroups" >&6; }
cat >>confdefs.h <<_ACEOF
#define GETGROUPS_T $ac_cv_type_getgroups
@@ -6926,8 +24228,8 @@ _ACEOF
if test $ac_cv_c_compiler_gnu = yes; then
- echo "$as_me:$LINENO: checking whether $CC needs -traditional" >&5
-echo $ECHO_N "checking whether $CC needs -traditional... $ECHO_C" >&6
+ { echo "$as_me:$LINENO: checking whether $CC needs -traditional" >&5
+echo $ECHO_N "checking whether $CC needs -traditional... $ECHO_C" >&6; }
if test "${ac_cv_prog_gcc_traditional+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6968,15 +24270,15 @@ rm -f conftest*
fi
fi
-echo "$as_me:$LINENO: result: $ac_cv_prog_gcc_traditional" >&5
-echo "${ECHO_T}$ac_cv_prog_gcc_traditional" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_prog_gcc_traditional" >&5
+echo "${ECHO_T}$ac_cv_prog_gcc_traditional" >&6; }
if test $ac_cv_prog_gcc_traditional = yes; then
CC="$CC -traditional"
fi
fi
-echo "$as_me:$LINENO: checking for working memcmp" >&5
-echo $ECHO_N "checking for working memcmp... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for working memcmp" >&5
+echo $ECHO_N "checking for working memcmp... $ECHO_C" >&6; }
if test "${ac_cv_func_memcmp_working+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -6995,9 +24297,9 @@ main ()
{
/* Some versions of memcmp are not 8-bit clean. */
- char c0 = 0x40, c1 = 0x80, c2 = 0x81;
+ char c0 = '\100', c1 = '\200', c2 = '\201';
if (memcmp(&c0, &c2, 1) >= 0 || memcmp(&c1, &c2, 1) >= 0)
- exit (1);
+ return 1;
/* The Next x86 OpenStep bug shows up only when comparing 16 bytes
or more and with at least one buffer not starting on a 4-byte boundary.
@@ -7013,9 +24315,9 @@ main ()
strcpy (a, "--------01111111");
strcpy (b, "--------10000000");
if (memcmp (a, b, 16) >= 0)
- exit (1);
+ return 1;
}
- exit (0);
+ return 0;
}
;
@@ -7023,13 +24325,22 @@ main ()
}
_ACEOF
rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
+ { (case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_try") 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
@@ -7042,17 +24353,17 @@ sed 's/^/| /' conftest.$ac_ext >&5
( exit $ac_status )
ac_cv_func_memcmp_working=no
fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
fi
+
+
fi
-echo "$as_me:$LINENO: result: $ac_cv_func_memcmp_working" >&5
-echo "${ECHO_T}$ac_cv_func_memcmp_working" >&6
-test $ac_cv_func_memcmp_working = no && case $LIBOBJS in
- "memcmp.$ac_objext" | \
- *" memcmp.$ac_objext" | \
- "memcmp.$ac_objext "* | \
+{ echo "$as_me:$LINENO: result: $ac_cv_func_memcmp_working" >&5
+echo "${ECHO_T}$ac_cv_func_memcmp_working" >&6; }
+test $ac_cv_func_memcmp_working = no && case " $LIBOBJS " in
*" memcmp.$ac_objext "* ) ;;
- *) LIBOBJS="$LIBOBJS memcmp.$ac_objext" ;;
+ *) LIBOBJS="$LIBOBJS memcmp.$ac_objext"
+ ;;
esac
@@ -7060,9 +24371,9 @@ esac
for ac_func in vprintf
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_func" >&5
-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
-if eval "test \"\${$as_ac_var+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
@@ -7088,75 +24399,67 @@ cat >>conftest.$ac_ext <<_ACEOF
#undef $ac_func
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
-{
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
char $ac_func ();
/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+#if defined __stub_$ac_func || defined __stub___$ac_func
choke me
-#else
-char (*f) () = $ac_func;
-#endif
-#ifdef __cplusplus
-}
#endif
int
main ()
{
-return f != $ac_func;
+return $ac_func ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
eval "$as_ac_var=yes"
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-eval "$as_ac_var=no"
+ eval "$as_ac_var=no"
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+ac_res=`eval echo '${'$as_ac_var'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
if test `eval echo '${'$as_ac_var'}'` = yes; then
cat >>confdefs.h <<_ACEOF
#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
-echo "$as_me:$LINENO: checking for _doprnt" >&5
-echo $ECHO_N "checking for _doprnt... $ECHO_C" >&6
+{ echo "$as_me:$LINENO: checking for _doprnt" >&5
+echo $ECHO_N "checking for _doprnt... $ECHO_C" >&6; }
if test "${ac_cv_func__doprnt+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
@@ -7183,68 +24486,59 @@ cat >>conftest.$ac_ext <<_ACEOF
#undef _doprnt
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
-{
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
char _doprnt ();
/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
-#if defined (__stub__doprnt) || defined (__stub____doprnt)
+#if defined __stub__doprnt || defined __stub____doprnt
choke me
-#else
-char (*f) () = _doprnt;
-#endif
-#ifdef __cplusplus
-}
#endif
int
main ()
{
-return f != _doprnt;
+return _doprnt ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
ac_cv_func__doprnt=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ac_cv_func__doprnt=no
+ ac_cv_func__doprnt=no
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: $ac_cv_func__doprnt" >&5
-echo "${ECHO_T}$ac_cv_func__doprnt" >&6
+{ echo "$as_me:$LINENO: result: $ac_cv_func__doprnt" >&5
+echo "${ECHO_T}$ac_cv_func__doprnt" >&6; }
if test $ac_cv_func__doprnt = yes; then
cat >>confdefs.h <<\_ACEOF
@@ -7263,17 +24557,111 @@ done
+for ac_func in fseeko gethostname gettimeofday lckpwdf mkdir select
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define $ac_func innocuous_$ac_func
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $ac_func
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $ac_func ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_$ac_func || defined __stub___$ac_func
+choke me
+#endif
+
+int
+main ()
+{
+return $ac_func ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ eval "$as_ac_var=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+ac_res=`eval echo '${'$as_ac_var'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+
-for ac_func in gethostname gettimeofday mkdir select strcspn strdup strerror strspn strstr strtol uname
+for ac_func in strcspn strdup strspn strstr strtol uname
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_func" >&5
-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
-if eval "test \"\${$as_ac_var+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
@@ -7299,68 +24687,158 @@ cat >>conftest.$ac_ext <<_ACEOF
#undef $ac_func
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
-{
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
char $ac_func ();
/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+#if defined __stub_$ac_func || defined __stub___$ac_func
choke me
+#endif
+
+int
+main ()
+{
+return $ac_func ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ eval "$as_ac_var=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+ac_res=`eval echo '${'$as_ac_var'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+
+
+
+
+
+for ac_func in getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define $ac_func innocuous_$ac_func
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
#else
-char (*f) () = $ac_func;
+# include <assert.h>
#endif
+
+#undef $ac_func
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
-}
+extern "C"
+#endif
+char $ac_func ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_$ac_func || defined __stub___$ac_func
+choke me
#endif
int
main ()
{
-return f != $ac_func;
+return $ac_func ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
eval "$as_ac_var=yes"
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-eval "$as_ac_var=no"
+ eval "$as_ac_var=no"
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+ac_res=`eval echo '${'$as_ac_var'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
if test `eval echo '${'$as_ac_var'}'` = yes; then
cat >>confdefs.h <<_ACEOF
#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
@@ -7372,16 +24850,108 @@ done
+for ac_func in getgrouplist getline getdelim
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define $ac_func innocuous_$ac_func
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $ac_func
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $ac_func ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_$ac_func || defined __stub___$ac_func
+choke me
+#endif
+
+int
+main ()
+{
+return $ac_func ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ eval "$as_ac_var=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+ac_res=`eval echo '${'$as_ac_var'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
-for ac_func in getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getgrouplist
+for ac_func in inet_ntop inet_pton ruserok_af
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_func" >&5
-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
-if eval "test \"\${$as_ac_var+set}\" = set"; then
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
@@ -7407,272 +24977,2568 @@ cat >>conftest.$ac_ext <<_ACEOF
#undef $ac_func
-/* Override any gcc2 internal prototype to avoid an error. */
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
-{
#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
char $ac_func ();
/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+#if defined __stub_$ac_func || defined __stub___$ac_func
choke me
+#endif
+
+int
+main ()
+{
+return $ac_func ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ eval "$as_ac_var=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+ac_res=`eval echo '${'$as_ac_var'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+
+
+for ac_func in unshare
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define $ac_func innocuous_$ac_func
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
#else
-char (*f) () = $ac_func;
+# include <assert.h>
#endif
+
+#undef $ac_func
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
-}
+extern "C"
+#endif
+char $ac_func ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_$ac_func || defined __stub___$ac_func
+choke me
#endif
int
main ()
{
-return f != $ac_func;
+return $ac_func ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
eval "$as_ac_var=yes"
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-eval "$as_ac_var=no"
+ eval "$as_ac_var=no"
fi
-rm -f conftest.err conftest.$ac_objext \
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+ac_res=`eval echo '${'$as_ac_var'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
if test `eval echo '${'$as_ac_var'}'` = yes; then
cat >>confdefs.h <<_ACEOF
#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
-
+ UNSHARE=yes
+else
+ UNSHARE=no
fi
done
+ if test "$UNSHARE" = yes; then
+ HAVE_UNSHARE_TRUE=
+ HAVE_UNSHARE_FALSE='#'
+else
+ HAVE_UNSHARE_TRUE='#'
+ HAVE_UNSHARE_FALSE=
+fi
+
-# Extract the first word of "sgml2txt", so it can be a program name with args.
-set dummy sgml2txt; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_HAVE_SGML2TXT+set}" = set; then
+enable_man=yes
+# Extract the first word of "xsltproc", so it can be a program name with args.
+set dummy xsltproc; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_XSLTPROC+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- if test -n "$HAVE_SGML2TXT"; then
- ac_cv_prog_HAVE_SGML2TXT="$HAVE_SGML2TXT" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+ case $XSLTPROC in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_XSLTPROC="$XSLTPROC" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_HAVE_SGML2TXT="yes"
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_path_XSLTPROC="$as_dir/$ac_word$ac_exec_ext"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
- test -z "$ac_cv_prog_HAVE_SGML2TXT" && ac_cv_prog_HAVE_SGML2TXT="no"
-fi
+ ;;
+esac
fi
-HAVE_SGML2TXT=$ac_cv_prog_HAVE_SGML2TXT
-if test -n "$HAVE_SGML2TXT"; then
- echo "$as_me:$LINENO: result: $HAVE_SGML2TXT" >&5
-echo "${ECHO_T}$HAVE_SGML2TXT" >&6
+XSLTPROC=$ac_cv_path_XSLTPROC
+if test -n "$XSLTPROC"; then
+ { echo "$as_me:$LINENO: result: $XSLTPROC" >&5
+echo "${ECHO_T}$XSLTPROC" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
-# Extract the first word of "sgml2html", so it can be a program name with args.
-set dummy sgml2html; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_HAVE_SGML2HTML+set}" = set; then
+
+if test -z "$XSLTPROC"; then
+ enable_man=no
+fi
+# Extract the first word of "xmllint", so it can be a program name with args.
+set dummy xmllint; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_XMLLINT+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- if test -n "$HAVE_SGML2HTML"; then
- ac_cv_prog_HAVE_SGML2HTML="$HAVE_SGML2HTML" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+ case $XMLLINT in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_XMLLINT="$XMLLINT" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_HAVE_SGML2HTML="yes"
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_path_XMLLINT="$as_dir/$ac_word$ac_exec_ext"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
- test -z "$ac_cv_prog_HAVE_SGML2HTML" && ac_cv_prog_HAVE_SGML2HTML="no"
+ test -z "$ac_cv_path_XMLLINT" && ac_cv_path_XMLLINT="/bin/true"
+ ;;
+esac
fi
+XMLLINT=$ac_cv_path_XMLLINT
+if test -n "$XMLLINT"; then
+ { echo "$as_me:$LINENO: result: $XMLLINT" >&5
+echo "${ECHO_T}$XMLLINT" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
-HAVE_SGML2HTML=$ac_cv_prog_HAVE_SGML2HTML
-if test -n "$HAVE_SGML2HTML"; then
- echo "$as_me:$LINENO: result: $HAVE_SGML2HTML" >&5
-echo "${ECHO_T}$HAVE_SGML2HTML" >&6
+
+
+
+ # check for the presence of the XML catalog
+
+# Check whether --with-xml-catalog was given.
+if test "${with_xml_catalog+set}" = set; then
+ withval=$with_xml_catalog;
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ with_xml_catalog=/etc/xml/catalog
fi
-# Extract the first word of "sgml2latex", so it can be a program name with args.
-set dummy sgml2latex; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_HAVE_SGML2LATEX+set}" = set; then
+ jh_found_xmlcatalog=true
+ XML_CATALOG_FILE="$with_xml_catalog"
+
+ { echo "$as_me:$LINENO: checking for XML catalog ($XML_CATALOG_FILE)" >&5
+echo $ECHO_N "checking for XML catalog ($XML_CATALOG_FILE)... $ECHO_C" >&6; }
+ if test -f "$XML_CATALOG_FILE"; then
+ { echo "$as_me:$LINENO: result: found" >&5
+echo "${ECHO_T}found" >&6; }
+ else
+ jh_found_xmlcatalog=false
+ { echo "$as_me:$LINENO: result: not found" >&5
+echo "${ECHO_T}not found" >&6; }
+ fi
+
+ # check for the xmlcatalog program
+ # Extract the first word of "xmlcatalog", so it can be a program name with args.
+set dummy xmlcatalog; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_XMLCATALOG+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- if test -n "$HAVE_SGML2LATEX"; then
- ac_cv_prog_HAVE_SGML2LATEX="$HAVE_SGML2LATEX" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+ case $XMLCATALOG in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_XMLCATALOG="$XMLCATALOG" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_HAVE_SGML2LATEX="yes"
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_path_XMLCATALOG="$as_dir/$ac_word$ac_exec_ext"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
- test -z "$ac_cv_prog_HAVE_SGML2LATEX" && ac_cv_prog_HAVE_SGML2LATEX="no"
-fi
+ test -z "$ac_cv_path_XMLCATALOG" && ac_cv_path_XMLCATALOG="no"
+ ;;
+esac
fi
-HAVE_SGML2LATEX=$ac_cv_prog_HAVE_SGML2LATEX
-if test -n "$HAVE_SGML2LATEX"; then
- echo "$as_me:$LINENO: result: $HAVE_SGML2LATEX" >&5
-echo "${ECHO_T}$HAVE_SGML2LATEX" >&6
+XMLCATALOG=$ac_cv_path_XMLCATALOG
+if test -n "$XMLCATALOG"; then
+ { echo "$as_me:$LINENO: result: $XMLCATALOG" >&5
+echo "${ECHO_T}$XMLCATALOG" >&6; }
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
-if test $HAVE_SGML2LATEX = "yes" ; then
- if sgml2latex -h | grep -e --paper | grep ' -p ' > /dev/null ; then
- PSER="sgml2latex -o ps"
+
+ if test "x$XMLCATALOG" = xno; then
+ jh_found_xmlcatalog=false
+ fi
+
+ if $jh_found_xmlcatalog; then
+ :
else
- PSER="sgml2latex -p"
+ :
+ fi
+
+
+ { echo "$as_me:$LINENO: checking for DocBook XML DTD V4.4 in XML catalog" >&5
+echo $ECHO_N "checking for DocBook XML DTD V4.4 in XML catalog... $ECHO_C" >&6; }
+ if $jh_found_xmlcatalog && \
+ { (echo "$as_me:$LINENO: \$XMLCATALOG --noout \"\$XML_CATALOG_FILE\" \"-//OASIS//DTD DocBook XML V4.4//EN\" >&2") >&5
+ ($XMLCATALOG --noout "$XML_CATALOG_FILE" "-//OASIS//DTD DocBook XML V4.4//EN" >&2) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ { echo "$as_me:$LINENO: result: found" >&5
+echo "${ECHO_T}found" >&6; }
+ else
+ { echo "$as_me:$LINENO: result: not found" >&5
+echo "${ECHO_T}not found" >&6; }
+ enable_man=no
fi
- # Extract the first word of "ps2pdf", so it can be a program name with args.
-set dummy ps2pdf; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_HAVE_PS2PDF+set}" = set; then
+
+
+ { echo "$as_me:$LINENO: checking for DocBook XSL Stylesheets in XML catalog" >&5
+echo $ECHO_N "checking for DocBook XSL Stylesheets in XML catalog... $ECHO_C" >&6; }
+ if $jh_found_xmlcatalog && \
+ { (echo "$as_me:$LINENO: \$XMLCATALOG --noout \"\$XML_CATALOG_FILE\" \"http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl\" >&2") >&5
+ ($XMLCATALOG --noout "$XML_CATALOG_FILE" "http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl" >&2) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ { echo "$as_me:$LINENO: result: found" >&5
+echo "${ECHO_T}found" >&6; }
+ else
+ { echo "$as_me:$LINENO: result: not found" >&5
+echo "${ECHO_T}not found" >&6; }
+ enable_man=no
+ fi
+
+
+# Extract the first word of "w3m", so it can be a program name with args.
+set dummy w3m; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_BROWSER+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- if test -n "$HAVE_PS2PDF"; then
- ac_cv_prog_HAVE_PS2PDF="$HAVE_PS2PDF" # Let the user override the test.
+ case $BROWSER in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_BROWSER="$BROWSER" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_path_BROWSER="$as_dir/$ac_word$ac_exec_ext"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+BROWSER=$ac_cv_path_BROWSER
+if test -n "$BROWSER"; then
+ { echo "$as_me:$LINENO: result: $BROWSER" >&5
+echo "${ECHO_T}$BROWSER" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+if test ! -z "$BROWSER"; then
+ BROWSER="$BROWSER -T text/html -dump"
else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+ enable_man=no
+fi
+
+# Extract the first word of "fop", so it can be a program name with args.
+set dummy fop; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_FO2PDF+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ case $FO2PDF in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_FO2PDF="$FO2PDF" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_HAVE_PS2PDF="yes"
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_path_FO2PDF="$as_dir/$ac_word$ac_exec_ext"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
- test -z "$ac_cv_prog_HAVE_PS2PDF" && ac_cv_prog_HAVE_PS2PDF="no"
+ ;;
+esac
fi
+FO2PDF=$ac_cv_path_FO2PDF
+if test -n "$FO2PDF"; then
+ { echo "$as_me:$LINENO: result: $FO2PDF" >&5
+echo "${ECHO_T}$FO2PDF" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
-HAVE_PS2PDF=$ac_cv_prog_HAVE_PS2PDF
-if test -n "$HAVE_PS2PDF"; then
- echo "$as_me:$LINENO: result: $HAVE_PS2PDF" >&5
-echo "${ECHO_T}$HAVE_PS2PDF" >&6
+
+
+
+ if test x$enable_man != xno; then
+ ENABLE_REGENERATE_MAN_TRUE=
+ ENABLE_REGENERATE_MAN_FALSE='#'
+else
+ ENABLE_REGENERATE_MAN_TRUE='#'
+ ENABLE_REGENERATE_MAN_FALSE=
+fi
+
+ if test ! -z "$FO2PDF"; then
+ ENABLE_GENERATE_PDF_TRUE=
+ ENABLE_GENERATE_PDF_FALSE='#'
+else
+ ENABLE_GENERATE_PDF_TRUE='#'
+ ENABLE_GENERATE_PDF_FALSE=
+fi
+
+
+
+
+
+ { echo "$as_me:$LINENO: checking whether NLS is requested" >&5
+echo $ECHO_N "checking whether NLS is requested... $ECHO_C" >&6; }
+ # Check whether --enable-nls was given.
+if test "${enable_nls+set}" = set; then
+ enableval=$enable_nls; USE_NLS=$enableval
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ USE_NLS=yes
+fi
+
+ { echo "$as_me:$LINENO: result: $USE_NLS" >&5
+echo "${ECHO_T}$USE_NLS" >&6; }
+
+
+
+
+
+
+# Prepare PATH_SEPARATOR.
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
+ fi
+ rm -f conf$$.sh
fi
+# Find out how to test for executable files. Don't use a zero-byte file,
+# as systems may use methods other than mode bits to determine executability.
+cat >conf$$.file <<_ASEOF
+#! /bin/sh
+exit 0
+_ASEOF
+chmod +x conf$$.file
+if test -x conf$$.file >/dev/null 2>&1; then
+ ac_executable_p="test -x"
else
- # Extract the first word of "sgml2ps", so it can be a program name with args.
-set dummy sgml2ps; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_HAVE_SGML2PS+set}" = set; then
+ ac_executable_p="test -f"
+fi
+rm -f conf$$.file
+
+# Extract the first word of "msgfmt", so it can be a program name with args.
+set dummy msgfmt; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_MSGFMT+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- if test -n "$HAVE_SGML2PS"; then
- ac_cv_prog_HAVE_SGML2PS="$HAVE_SGML2PS" # Let the user override the test.
+ case "$MSGFMT" in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_MSGFMT="$MSGFMT" # Let the user override the test with a path.
+ ;;
+ *)
+ ac_save_IFS="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH; do
+ IFS="$ac_save_IFS"
+ test -z "$ac_dir" && ac_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $ac_executable_p "$ac_dir/$ac_word$ac_exec_ext"; then
+ echo "$as_me: trying $ac_dir/$ac_word..." >&5
+ if $ac_dir/$ac_word --statistics /dev/null >&5 2>&1 &&
+ (if $ac_dir/$ac_word --statistics /dev/null 2>&1 >/dev/null | grep usage >/dev/null; then exit 1; else exit 0; fi); then
+ ac_cv_path_MSGFMT="$ac_dir/$ac_word$ac_exec_ext"
+ break 2
+ fi
+ fi
+ done
+ done
+ IFS="$ac_save_IFS"
+ test -z "$ac_cv_path_MSGFMT" && ac_cv_path_MSGFMT=":"
+ ;;
+esac
+fi
+MSGFMT="$ac_cv_path_MSGFMT"
+if test "$MSGFMT" != ":"; then
+ { echo "$as_me:$LINENO: result: $MSGFMT" >&5
+echo "${ECHO_T}$MSGFMT" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+ # Extract the first word of "gmsgfmt", so it can be a program name with args.
+set dummy gmsgfmt; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_GMSGFMT+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+ case $GMSGFMT in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_GMSGFMT="$GMSGFMT" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_HAVE_SGML2PS="yes"
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_path_GMSGFMT="$as_dir/$ac_word$ac_exec_ext"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
+IFS=$as_save_IFS
- test -z "$ac_cv_prog_HAVE_SGML2PS" && ac_cv_prog_HAVE_SGML2PS="no"
+ test -z "$ac_cv_path_GMSGFMT" && ac_cv_path_GMSGFMT="$MSGFMT"
+ ;;
+esac
fi
+GMSGFMT=$ac_cv_path_GMSGFMT
+if test -n "$GMSGFMT"; then
+ { echo "$as_me:$LINENO: result: $GMSGFMT" >&5
+echo "${ECHO_T}$GMSGFMT" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
fi
-HAVE_SGML2PS=$ac_cv_prog_HAVE_SGML2PS
-if test -n "$HAVE_SGML2PS"; then
- echo "$as_me:$LINENO: result: $HAVE_SGML2PS" >&5
-echo "${ECHO_T}$HAVE_SGML2PS" >&6
+
+
+
+ case `$MSGFMT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in
+ '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) MSGFMT_015=: ;;
+ *) MSGFMT_015=$MSGFMT ;;
+ esac
+
+ case `$GMSGFMT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in
+ '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) GMSGFMT_015=: ;;
+ *) GMSGFMT_015=$GMSGFMT ;;
+ esac
+
+
+
+# Prepare PATH_SEPARATOR.
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
+ fi
+ rm -f conf$$.sh
+fi
+
+# Find out how to test for executable files. Don't use a zero-byte file,
+# as systems may use methods other than mode bits to determine executability.
+cat >conf$$.file <<_ASEOF
+#! /bin/sh
+exit 0
+_ASEOF
+chmod +x conf$$.file
+if test -x conf$$.file >/dev/null 2>&1; then
+ ac_executable_p="test -x"
else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
+ ac_executable_p="test -f"
fi
+rm -f conf$$.file
- if test $HAVE_SGML2PS = yes ; then
- PSER="sgml2ps"
+# Extract the first word of "xgettext", so it can be a program name with args.
+set dummy xgettext; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_XGETTEXT+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ case "$XGETTEXT" in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_XGETTEXT="$XGETTEXT" # Let the user override the test with a path.
+ ;;
+ *)
+ ac_save_IFS="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH; do
+ IFS="$ac_save_IFS"
+ test -z "$ac_dir" && ac_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $ac_executable_p "$ac_dir/$ac_word$ac_exec_ext"; then
+ echo "$as_me: trying $ac_dir/$ac_word..." >&5
+ if $ac_dir/$ac_word --omit-header --copyright-holder= --msgid-bugs-address= /dev/null >&5 2>&1 &&
+ (if $ac_dir/$ac_word --omit-header --copyright-holder= --msgid-bugs-address= /dev/null 2>&1 >/dev/null | grep usage >/dev/null; then exit 1; else exit 0; fi); then
+ ac_cv_path_XGETTEXT="$ac_dir/$ac_word$ac_exec_ext"
+ break 2
+ fi
+ fi
+ done
+ done
+ IFS="$ac_save_IFS"
+ test -z "$ac_cv_path_XGETTEXT" && ac_cv_path_XGETTEXT=":"
+ ;;
+esac
+fi
+XGETTEXT="$ac_cv_path_XGETTEXT"
+if test "$XGETTEXT" != ":"; then
+ { echo "$as_me:$LINENO: result: $XGETTEXT" >&5
+echo "${ECHO_T}$XGETTEXT" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+ rm -f messages.po
+
+ case `$XGETTEXT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in
+ '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) XGETTEXT_015=: ;;
+ *) XGETTEXT_015=$XGETTEXT ;;
+ esac
+
+
+
+# Prepare PATH_SEPARATOR.
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
fi
+ rm -f conf$$.sh
fi
+# Find out how to test for executable files. Don't use a zero-byte file,
+# as systems may use methods other than mode bits to determine executability.
+cat >conf$$.file <<_ASEOF
+#! /bin/sh
+exit 0
+_ASEOF
+chmod +x conf$$.file
+if test -x conf$$.file >/dev/null 2>&1; then
+ ac_executable_p="test -x"
+else
+ ac_executable_p="test -f"
+fi
+rm -f conf$$.file
+
+# Extract the first word of "msgmerge", so it can be a program name with args.
+set dummy msgmerge; ac_word=$2
+{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
+if test "${ac_cv_path_MSGMERGE+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ case "$MSGMERGE" in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_MSGMERGE="$MSGMERGE" # Let the user override the test with a path.
+ ;;
+ *)
+ ac_save_IFS="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH; do
+ IFS="$ac_save_IFS"
+ test -z "$ac_dir" && ac_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $ac_executable_p "$ac_dir/$ac_word$ac_exec_ext"; then
+ echo "$as_me: trying $ac_dir/$ac_word..." >&5
+ if $ac_dir/$ac_word --update -q /dev/null /dev/null >&5 2>&1; then
+ ac_cv_path_MSGMERGE="$ac_dir/$ac_word$ac_exec_ext"
+ break 2
+ fi
+ fi
+ done
+ done
+ IFS="$ac_save_IFS"
+ test -z "$ac_cv_path_MSGMERGE" && ac_cv_path_MSGMERGE=":"
+ ;;
+esac
+fi
+MSGMERGE="$ac_cv_path_MSGMERGE"
+if test "$MSGMERGE" != ":"; then
+ { echo "$as_me:$LINENO: result: $MSGMERGE" >&5
+echo "${ECHO_T}$MSGMERGE" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+
+ test -n "$localedir" || localedir='${datadir}/locale'
+
+
+ ac_config_commands="$ac_config_commands po-directories"
+
+
+
+ if test "X$prefix" = "XNONE"; then
+ acl_final_prefix="$ac_default_prefix"
+ else
+ acl_final_prefix="$prefix"
+ fi
+ if test "X$exec_prefix" = "XNONE"; then
+ acl_final_exec_prefix='${prefix}'
+ else
+ acl_final_exec_prefix="$exec_prefix"
+ fi
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ eval acl_final_exec_prefix=\"$acl_final_exec_prefix\"
+ prefix="$acl_save_prefix"
+
+
+# Check whether --with-gnu-ld was given.
+if test "${with_gnu_ld+set}" = set; then
+ withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes
+else
+ with_gnu_ld=no
+fi
+
+# Prepare PATH_SEPARATOR.
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
+ fi
+ rm -f conf$$.sh
+fi
+ac_prog=ld
+if test "$GCC" = yes; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ { echo "$as_me:$LINENO: checking for ld used by GCC" >&5
+echo $ECHO_N "checking for ld used by GCC... $ECHO_C" >&6; }
+ case $host in
+ *-*-mingw*)
+ # gcc leaves a trailing carriage return which upsets mingw
+ ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+ *)
+ ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+ esac
+ case $ac_prog in
+ # Accept absolute paths.
+ [\\/]* | [A-Za-z]:[\\/]*)
+ re_direlt='/[^/][^/]*/\.\./'
+ # Canonicalize the path of ld
+ ac_prog=`echo $ac_prog| sed 's%\\\\%/%g'`
+ while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do
+ ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"`
+ done
+ test -z "$LD" && LD="$ac_prog"
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test "$with_gnu_ld" = yes; then
+ { echo "$as_me:$LINENO: checking for GNU ld" >&5
+echo $ECHO_N "checking for GNU ld... $ECHO_C" >&6; }
+else
+ { echo "$as_me:$LINENO: checking for non-GNU ld" >&5
+echo $ECHO_N "checking for non-GNU ld... $ECHO_C" >&6; }
+fi
+if test "${acl_cv_path_LD+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test -z "$LD"; then
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR-:}"
+ for ac_dir in $PATH; do
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+ acl_cv_path_LD="$ac_dir/$ac_prog"
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some GNU ld's only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ case `"$acl_cv_path_LD" -v 2>&1 < /dev/null` in
+ *GNU* | *'with BFD'*)
+ test "$with_gnu_ld" != no && break ;;
+ *)
+ test "$with_gnu_ld" != yes && break ;;
+ esac
+ fi
+ done
+ IFS="$ac_save_ifs"
+else
+ acl_cv_path_LD="$LD" # Let the user override the test with a path.
+fi
+fi
+
+LD="$acl_cv_path_LD"
+if test -n "$LD"; then
+ { echo "$as_me:$LINENO: result: $LD" >&5
+echo "${ECHO_T}$LD" >&6; }
+else
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+test -z "$LD" && { { echo "$as_me:$LINENO: error: no acceptable ld found in \$PATH" >&5
+echo "$as_me: error: no acceptable ld found in \$PATH" >&2;}
+ { (exit 1); exit 1; }; }
+{ echo "$as_me:$LINENO: checking if the linker ($LD) is GNU ld" >&5
+echo $ECHO_N "checking if the linker ($LD) is GNU ld... $ECHO_C" >&6; }
+if test "${acl_cv_prog_gnu_ld+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ # I'd rather use --version here, but apparently some GNU ld's only accept -v.
+case `$LD -v 2>&1 </dev/null` in
+*GNU* | *'with BFD'*)
+ acl_cv_prog_gnu_ld=yes ;;
+*)
+ acl_cv_prog_gnu_ld=no ;;
+esac
+fi
+{ echo "$as_me:$LINENO: result: $acl_cv_prog_gnu_ld" >&5
+echo "${ECHO_T}$acl_cv_prog_gnu_ld" >&6; }
+with_gnu_ld=$acl_cv_prog_gnu_ld
+
+
+
+
+ { echo "$as_me:$LINENO: checking for shared library run path origin" >&5
+echo $ECHO_N "checking for shared library run path origin... $ECHO_C" >&6; }
+if test "${acl_cv_rpath+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ CC="$CC" GCC="$GCC" LDFLAGS="$LDFLAGS" LD="$LD" with_gnu_ld="$with_gnu_ld" \
+ ${CONFIG_SHELL-/bin/sh} "$ac_aux_dir/config.rpath" "$host" > conftest.sh
+ . ./conftest.sh
+ rm -f ./conftest.sh
+ acl_cv_rpath=done
+
+fi
+{ echo "$as_me:$LINENO: result: $acl_cv_rpath" >&5
+echo "${ECHO_T}$acl_cv_rpath" >&6; }
+ wl="$acl_cv_wl"
+ libext="$acl_cv_libext"
+ shlibext="$acl_cv_shlibext"
+ hardcode_libdir_flag_spec="$acl_cv_hardcode_libdir_flag_spec"
+ hardcode_libdir_separator="$acl_cv_hardcode_libdir_separator"
+ hardcode_direct="$acl_cv_hardcode_direct"
+ hardcode_minus_L="$acl_cv_hardcode_minus_L"
+ # Check whether --enable-rpath was given.
+if test "${enable_rpath+set}" = set; then
+ enableval=$enable_rpath; :
+else
+ enable_rpath=yes
+fi
+
+
+
+ acl_libdirstem=lib
+ searchpath=`(LC_ALL=C $CC -print-search-dirs) 2>/dev/null | sed -n -e 's,^libraries: ,,p' | sed -e 's,^=,,'`
+ if test -n "$searchpath"; then
+ acl_save_IFS="${IFS= }"; IFS=":"
+ for searchdir in $searchpath; do
+ if test -d "$searchdir"; then
+ case "$searchdir" in
+ */lib64/ | */lib64 ) acl_libdirstem=lib64 ;;
+ *) searchdir=`cd "$searchdir" && pwd`
+ case "$searchdir" in
+ */lib64 ) acl_libdirstem=lib64 ;;
+ esac ;;
+ esac
+ fi
+ done
+ IFS="$acl_save_IFS"
+ fi
+
+
+
+
+
+
+
+
+ use_additional=yes
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+
+ eval additional_includedir=\"$includedir\"
+ eval additional_libdir=\"$libdir\"
+
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+
+# Check whether --with-libiconv-prefix was given.
+if test "${with_libiconv_prefix+set}" = set; then
+ withval=$with_libiconv_prefix;
+ if test "X$withval" = "Xno"; then
+ use_additional=no
+ else
+ if test "X$withval" = "X"; then
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+
+ eval additional_includedir=\"$includedir\"
+ eval additional_libdir=\"$libdir\"
+
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ else
+ additional_includedir="$withval/include"
+ additional_libdir="$withval/$acl_libdirstem"
+ fi
+ fi
+
+fi
+
+ LIBICONV=
+ LTLIBICONV=
+ INCICONV=
+ rpathdirs=
+ ltrpathdirs=
+ names_already_handled=
+ names_next_round='iconv '
+ while test -n "$names_next_round"; do
+ names_this_round="$names_next_round"
+ names_next_round=
+ for name in $names_this_round; do
+ already_handled=
+ for n in $names_already_handled; do
+ if test "$n" = "$name"; then
+ already_handled=yes
+ break
+ fi
+ done
+ if test -z "$already_handled"; then
+ names_already_handled="$names_already_handled $name"
+ uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./-|ABCDEFGHIJKLMNOPQRSTUVWXYZ___|'`
+ eval value=\"\$HAVE_LIB$uppername\"
+ if test -n "$value"; then
+ if test "$value" = yes; then
+ eval value=\"\$LIB$uppername\"
+ test -z "$value" || LIBICONV="${LIBICONV}${LIBICONV:+ }$value"
+ eval value=\"\$LTLIB$uppername\"
+ test -z "$value" || LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }$value"
+ else
+ :
+ fi
+ else
+ found_dir=
+ found_la=
+ found_so=
+ found_a=
+ if test $use_additional = yes; then
+ if test -n "$shlibext" && test -f "$additional_libdir/lib$name.$shlibext"; then
+ found_dir="$additional_libdir"
+ found_so="$additional_libdir/lib$name.$shlibext"
+ if test -f "$additional_libdir/lib$name.la"; then
+ found_la="$additional_libdir/lib$name.la"
+ fi
+ else
+ if test -f "$additional_libdir/lib$name.$libext"; then
+ found_dir="$additional_libdir"
+ found_a="$additional_libdir/lib$name.$libext"
+ if test -f "$additional_libdir/lib$name.la"; then
+ found_la="$additional_libdir/lib$name.la"
+ fi
+ fi
+ fi
+ fi
+ if test "X$found_dir" = "X"; then
+ for x in $LDFLAGS $LTLIBICONV; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ case "$x" in
+ -L*)
+ dir=`echo "X$x" | sed -e 's/^X-L//'`
+ if test -n "$shlibext" && test -f "$dir/lib$name.$shlibext"; then
+ found_dir="$dir"
+ found_so="$dir/lib$name.$shlibext"
+ if test -f "$dir/lib$name.la"; then
+ found_la="$dir/lib$name.la"
+ fi
+ else
+ if test -f "$dir/lib$name.$libext"; then
+ found_dir="$dir"
+ found_a="$dir/lib$name.$libext"
+ if test -f "$dir/lib$name.la"; then
+ found_la="$dir/lib$name.la"
+ fi
+ fi
+ fi
+ ;;
+ esac
+ if test "X$found_dir" != "X"; then
+ break
+ fi
+ done
+ fi
+ if test "X$found_dir" != "X"; then
+ LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }-L$found_dir -l$name"
+ if test "X$found_so" != "X"; then
+ if test "$enable_rpath" = no || test "X$found_dir" = "X/usr/$acl_libdirstem"; then
+ LIBICONV="${LIBICONV}${LIBICONV:+ }$found_so"
+ else
+ haveit=
+ for x in $ltrpathdirs; do
+ if test "X$x" = "X$found_dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ ltrpathdirs="$ltrpathdirs $found_dir"
+ fi
+ if test "$hardcode_direct" = yes; then
+ LIBICONV="${LIBICONV}${LIBICONV:+ }$found_so"
+ else
+ if test -n "$hardcode_libdir_flag_spec" && test "$hardcode_minus_L" = no; then
+ LIBICONV="${LIBICONV}${LIBICONV:+ }$found_so"
+ haveit=
+ for x in $rpathdirs; do
+ if test "X$x" = "X$found_dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ rpathdirs="$rpathdirs $found_dir"
+ fi
+ else
+ haveit=
+ for x in $LDFLAGS $LIBICONV; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ if test "X$x" = "X-L$found_dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ LIBICONV="${LIBICONV}${LIBICONV:+ }-L$found_dir"
+ fi
+ if test "$hardcode_minus_L" != no; then
+ LIBICONV="${LIBICONV}${LIBICONV:+ }$found_so"
+ else
+ LIBICONV="${LIBICONV}${LIBICONV:+ }-l$name"
+ fi
+ fi
+ fi
+ fi
+ else
+ if test "X$found_a" != "X"; then
+ LIBICONV="${LIBICONV}${LIBICONV:+ }$found_a"
+ else
+ LIBICONV="${LIBICONV}${LIBICONV:+ }-L$found_dir -l$name"
+ fi
+ fi
+ additional_includedir=
+ case "$found_dir" in
+ */$acl_libdirstem | */$acl_libdirstem/)
+ basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'`
+ additional_includedir="$basedir/include"
+ ;;
+ esac
+ if test "X$additional_includedir" != "X"; then
+ if test "X$additional_includedir" != "X/usr/include"; then
+ haveit=
+ if test "X$additional_includedir" = "X/usr/local/include"; then
+ if test -n "$GCC"; then
+ case $host_os in
+ linux* | gnu* | k*bsd*-gnu) haveit=yes;;
+ esac
+ fi
+ fi
+ if test -z "$haveit"; then
+ for x in $CPPFLAGS $INCICONV; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ if test "X$x" = "X-I$additional_includedir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test -d "$additional_includedir"; then
+ INCICONV="${INCICONV}${INCICONV:+ }-I$additional_includedir"
+ fi
+ fi
+ fi
+ fi
+ fi
+ if test -n "$found_la"; then
+ save_libdir="$libdir"
+ case "$found_la" in
+ */* | *\\*) . "$found_la" ;;
+ *) . "./$found_la" ;;
+ esac
+ libdir="$save_libdir"
+ for dep in $dependency_libs; do
+ case "$dep" in
+ -L*)
+ additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'`
+ if test "X$additional_libdir" != "X/usr/$acl_libdirstem"; then
+ haveit=
+ if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem"; then
+ if test -n "$GCC"; then
+ case $host_os in
+ linux* | gnu* | k*bsd*-gnu) haveit=yes;;
+ esac
+ fi
+ fi
+ if test -z "$haveit"; then
+ haveit=
+ for x in $LDFLAGS $LIBICONV; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ if test "X$x" = "X-L$additional_libdir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test -d "$additional_libdir"; then
+ LIBICONV="${LIBICONV}${LIBICONV:+ }-L$additional_libdir"
+ fi
+ fi
+ haveit=
+ for x in $LDFLAGS $LTLIBICONV; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ if test "X$x" = "X-L$additional_libdir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test -d "$additional_libdir"; then
+ LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }-L$additional_libdir"
+ fi
+ fi
+ fi
+ fi
+ ;;
+ -R*)
+ dir=`echo "X$dep" | sed -e 's/^X-R//'`
+ if test "$enable_rpath" != no; then
+ haveit=
+ for x in $rpathdirs; do
+ if test "X$x" = "X$dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ rpathdirs="$rpathdirs $dir"
+ fi
+ haveit=
+ for x in $ltrpathdirs; do
+ if test "X$x" = "X$dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ ltrpathdirs="$ltrpathdirs $dir"
+ fi
+ fi
+ ;;
+ -l*)
+ names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'`
+ ;;
+ *.la)
+ names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'`
+ ;;
+ *)
+ LIBICONV="${LIBICONV}${LIBICONV:+ }$dep"
+ LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }$dep"
+ ;;
+ esac
+ done
+ fi
+ else
+ LIBICONV="${LIBICONV}${LIBICONV:+ }-l$name"
+ LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }-l$name"
+ fi
+ fi
+ fi
+ done
+ done
+ if test "X$rpathdirs" != "X"; then
+ if test -n "$hardcode_libdir_separator"; then
+ alldirs=
+ for found_dir in $rpathdirs; do
+ alldirs="${alldirs}${alldirs:+$hardcode_libdir_separator}$found_dir"
+ done
+ acl_save_libdir="$libdir"
+ libdir="$alldirs"
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ libdir="$acl_save_libdir"
+ LIBICONV="${LIBICONV}${LIBICONV:+ }$flag"
+ else
+ for found_dir in $rpathdirs; do
+ acl_save_libdir="$libdir"
+ libdir="$found_dir"
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ libdir="$acl_save_libdir"
+ LIBICONV="${LIBICONV}${LIBICONV:+ }$flag"
+ done
+ fi
+ fi
+ if test "X$ltrpathdirs" != "X"; then
+ for found_dir in $ltrpathdirs; do
+ LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }-R$found_dir"
+ done
+ fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ { echo "$as_me:$LINENO: checking for CFPreferencesCopyAppValue" >&5
+echo $ECHO_N "checking for CFPreferencesCopyAppValue... $ECHO_C" >&6; }
+if test "${gt_cv_func_CFPreferencesCopyAppValue+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ gt_save_LIBS="$LIBS"
+ LIBS="$LIBS -Wl,-framework -Wl,CoreFoundation"
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <CoreFoundation/CFPreferences.h>
+int
+main ()
+{
+CFPreferencesCopyAppValue(NULL, NULL)
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ gt_cv_func_CFPreferencesCopyAppValue=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ gt_cv_func_CFPreferencesCopyAppValue=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ LIBS="$gt_save_LIBS"
+fi
+{ echo "$as_me:$LINENO: result: $gt_cv_func_CFPreferencesCopyAppValue" >&5
+echo "${ECHO_T}$gt_cv_func_CFPreferencesCopyAppValue" >&6; }
+ if test $gt_cv_func_CFPreferencesCopyAppValue = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_CFPREFERENCESCOPYAPPVALUE 1
+_ACEOF
+
+ fi
+ { echo "$as_me:$LINENO: checking for CFLocaleCopyCurrent" >&5
+echo $ECHO_N "checking for CFLocaleCopyCurrent... $ECHO_C" >&6; }
+if test "${gt_cv_func_CFLocaleCopyCurrent+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ gt_save_LIBS="$LIBS"
+ LIBS="$LIBS -Wl,-framework -Wl,CoreFoundation"
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <CoreFoundation/CFLocale.h>
+int
+main ()
+{
+CFLocaleCopyCurrent();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ gt_cv_func_CFLocaleCopyCurrent=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ gt_cv_func_CFLocaleCopyCurrent=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ LIBS="$gt_save_LIBS"
+fi
+{ echo "$as_me:$LINENO: result: $gt_cv_func_CFLocaleCopyCurrent" >&5
+echo "${ECHO_T}$gt_cv_func_CFLocaleCopyCurrent" >&6; }
+ if test $gt_cv_func_CFLocaleCopyCurrent = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_CFLOCALECOPYCURRENT 1
+_ACEOF
+
+ fi
+ INTL_MACOSX_LIBS=
+ if test $gt_cv_func_CFPreferencesCopyAppValue = yes || test $gt_cv_func_CFLocaleCopyCurrent = yes; then
+ INTL_MACOSX_LIBS="-Wl,-framework -Wl,CoreFoundation"
+ fi
+
+
+
- ac_config_files="$ac_config_files Make.Rules"
+
+ LIBINTL=
+ LTLIBINTL=
+ POSUB=
+
+ if test "$USE_NLS" = "yes"; then
+ gt_use_preinstalled_gnugettext=no
+
+
+
+
+
+
+ { echo "$as_me:$LINENO: checking for GNU gettext in libc" >&5
+echo $ECHO_N "checking for GNU gettext in libc... $ECHO_C" >&6; }
+if test "${gt_cv_func_gnugettext1_libc+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <libintl.h>
+extern int _nl_msg_cat_cntr;
+extern int *_nl_domain_bindings;
+int
+main ()
+{
+bindtextdomain ("", "");
+return * gettext ("") + _nl_msg_cat_cntr + *_nl_domain_bindings
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ gt_cv_func_gnugettext1_libc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ gt_cv_func_gnugettext1_libc=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+{ echo "$as_me:$LINENO: result: $gt_cv_func_gnugettext1_libc" >&5
+echo "${ECHO_T}$gt_cv_func_gnugettext1_libc" >&6; }
+
+ if test "$gt_cv_func_gnugettext1_libc" != "yes"; then
+
+
+
+
+
+ am_save_CPPFLAGS="$CPPFLAGS"
+
+ for element in $INCICONV; do
+ haveit=
+ for x in $CPPFLAGS; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ if test "X$x" = "X$element"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }$element"
+ fi
+ done
+
+
+ { echo "$as_me:$LINENO: checking for iconv" >&5
+echo $ECHO_N "checking for iconv... $ECHO_C" >&6; }
+if test "${am_cv_func_iconv+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ am_cv_func_iconv="no, consider installing GNU libiconv"
+ am_cv_lib_iconv=no
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <stdlib.h>
+#include <iconv.h>
+int
+main ()
+{
+iconv_t cd = iconv_open("","");
+ iconv(cd,NULL,NULL,NULL,NULL);
+ iconv_close(cd);
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ am_cv_func_iconv=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ if test "$am_cv_func_iconv" != yes; then
+ am_save_LIBS="$LIBS"
+ LIBS="$LIBS $LIBICONV"
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <stdlib.h>
+#include <iconv.h>
+int
+main ()
+{
+iconv_t cd = iconv_open("","");
+ iconv(cd,NULL,NULL,NULL,NULL);
+ iconv_close(cd);
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ am_cv_lib_iconv=yes
+ am_cv_func_iconv=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ LIBS="$am_save_LIBS"
+ fi
+
+fi
+{ echo "$as_me:$LINENO: result: $am_cv_func_iconv" >&5
+echo "${ECHO_T}$am_cv_func_iconv" >&6; }
+ if test "$am_cv_func_iconv" = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_ICONV 1
+_ACEOF
+
+ fi
+ if test "$am_cv_lib_iconv" = yes; then
+ { echo "$as_me:$LINENO: checking how to link with libiconv" >&5
+echo $ECHO_N "checking how to link with libiconv... $ECHO_C" >&6; }
+ { echo "$as_me:$LINENO: result: $LIBICONV" >&5
+echo "${ECHO_T}$LIBICONV" >&6; }
+ else
+ CPPFLAGS="$am_save_CPPFLAGS"
+ LIBICONV=
+ LTLIBICONV=
+ fi
+
+
+
+
+
+
+
+ use_additional=yes
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+
+ eval additional_includedir=\"$includedir\"
+ eval additional_libdir=\"$libdir\"
+
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+
+# Check whether --with-libintl-prefix was given.
+if test "${with_libintl_prefix+set}" = set; then
+ withval=$with_libintl_prefix;
+ if test "X$withval" = "Xno"; then
+ use_additional=no
+ else
+ if test "X$withval" = "X"; then
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+
+ eval additional_includedir=\"$includedir\"
+ eval additional_libdir=\"$libdir\"
+
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ else
+ additional_includedir="$withval/include"
+ additional_libdir="$withval/$acl_libdirstem"
+ fi
+ fi
+
+fi
+
+ LIBINTL=
+ LTLIBINTL=
+ INCINTL=
+ rpathdirs=
+ ltrpathdirs=
+ names_already_handled=
+ names_next_round='intl '
+ while test -n "$names_next_round"; do
+ names_this_round="$names_next_round"
+ names_next_round=
+ for name in $names_this_round; do
+ already_handled=
+ for n in $names_already_handled; do
+ if test "$n" = "$name"; then
+ already_handled=yes
+ break
+ fi
+ done
+ if test -z "$already_handled"; then
+ names_already_handled="$names_already_handled $name"
+ uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./-|ABCDEFGHIJKLMNOPQRSTUVWXYZ___|'`
+ eval value=\"\$HAVE_LIB$uppername\"
+ if test -n "$value"; then
+ if test "$value" = yes; then
+ eval value=\"\$LIB$uppername\"
+ test -z "$value" || LIBINTL="${LIBINTL}${LIBINTL:+ }$value"
+ eval value=\"\$LTLIB$uppername\"
+ test -z "$value" || LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }$value"
+ else
+ :
+ fi
+ else
+ found_dir=
+ found_la=
+ found_so=
+ found_a=
+ if test $use_additional = yes; then
+ if test -n "$shlibext" && test -f "$additional_libdir/lib$name.$shlibext"; then
+ found_dir="$additional_libdir"
+ found_so="$additional_libdir/lib$name.$shlibext"
+ if test -f "$additional_libdir/lib$name.la"; then
+ found_la="$additional_libdir/lib$name.la"
+ fi
+ else
+ if test -f "$additional_libdir/lib$name.$libext"; then
+ found_dir="$additional_libdir"
+ found_a="$additional_libdir/lib$name.$libext"
+ if test -f "$additional_libdir/lib$name.la"; then
+ found_la="$additional_libdir/lib$name.la"
+ fi
+ fi
+ fi
+ fi
+ if test "X$found_dir" = "X"; then
+ for x in $LDFLAGS $LTLIBINTL; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ case "$x" in
+ -L*)
+ dir=`echo "X$x" | sed -e 's/^X-L//'`
+ if test -n "$shlibext" && test -f "$dir/lib$name.$shlibext"; then
+ found_dir="$dir"
+ found_so="$dir/lib$name.$shlibext"
+ if test -f "$dir/lib$name.la"; then
+ found_la="$dir/lib$name.la"
+ fi
+ else
+ if test -f "$dir/lib$name.$libext"; then
+ found_dir="$dir"
+ found_a="$dir/lib$name.$libext"
+ if test -f "$dir/lib$name.la"; then
+ found_la="$dir/lib$name.la"
+ fi
+ fi
+ fi
+ ;;
+ esac
+ if test "X$found_dir" != "X"; then
+ break
+ fi
+ done
+ fi
+ if test "X$found_dir" != "X"; then
+ LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }-L$found_dir -l$name"
+ if test "X$found_so" != "X"; then
+ if test "$enable_rpath" = no || test "X$found_dir" = "X/usr/$acl_libdirstem"; then
+ LIBINTL="${LIBINTL}${LIBINTL:+ }$found_so"
+ else
+ haveit=
+ for x in $ltrpathdirs; do
+ if test "X$x" = "X$found_dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ ltrpathdirs="$ltrpathdirs $found_dir"
+ fi
+ if test "$hardcode_direct" = yes; then
+ LIBINTL="${LIBINTL}${LIBINTL:+ }$found_so"
+ else
+ if test -n "$hardcode_libdir_flag_spec" && test "$hardcode_minus_L" = no; then
+ LIBINTL="${LIBINTL}${LIBINTL:+ }$found_so"
+ haveit=
+ for x in $rpathdirs; do
+ if test "X$x" = "X$found_dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ rpathdirs="$rpathdirs $found_dir"
+ fi
+ else
+ haveit=
+ for x in $LDFLAGS $LIBINTL; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ if test "X$x" = "X-L$found_dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ LIBINTL="${LIBINTL}${LIBINTL:+ }-L$found_dir"
+ fi
+ if test "$hardcode_minus_L" != no; then
+ LIBINTL="${LIBINTL}${LIBINTL:+ }$found_so"
+ else
+ LIBINTL="${LIBINTL}${LIBINTL:+ }-l$name"
+ fi
+ fi
+ fi
+ fi
+ else
+ if test "X$found_a" != "X"; then
+ LIBINTL="${LIBINTL}${LIBINTL:+ }$found_a"
+ else
+ LIBINTL="${LIBINTL}${LIBINTL:+ }-L$found_dir -l$name"
+ fi
+ fi
+ additional_includedir=
+ case "$found_dir" in
+ */$acl_libdirstem | */$acl_libdirstem/)
+ basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'`
+ additional_includedir="$basedir/include"
+ ;;
+ esac
+ if test "X$additional_includedir" != "X"; then
+ if test "X$additional_includedir" != "X/usr/include"; then
+ haveit=
+ if test "X$additional_includedir" = "X/usr/local/include"; then
+ if test -n "$GCC"; then
+ case $host_os in
+ linux* | gnu* | k*bsd*-gnu) haveit=yes;;
+ esac
+ fi
+ fi
+ if test -z "$haveit"; then
+ for x in $CPPFLAGS $INCINTL; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ if test "X$x" = "X-I$additional_includedir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test -d "$additional_includedir"; then
+ INCINTL="${INCINTL}${INCINTL:+ }-I$additional_includedir"
+ fi
+ fi
+ fi
+ fi
+ fi
+ if test -n "$found_la"; then
+ save_libdir="$libdir"
+ case "$found_la" in
+ */* | *\\*) . "$found_la" ;;
+ *) . "./$found_la" ;;
+ esac
+ libdir="$save_libdir"
+ for dep in $dependency_libs; do
+ case "$dep" in
+ -L*)
+ additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'`
+ if test "X$additional_libdir" != "X/usr/$acl_libdirstem"; then
+ haveit=
+ if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem"; then
+ if test -n "$GCC"; then
+ case $host_os in
+ linux* | gnu* | k*bsd*-gnu) haveit=yes;;
+ esac
+ fi
+ fi
+ if test -z "$haveit"; then
+ haveit=
+ for x in $LDFLAGS $LIBINTL; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ if test "X$x" = "X-L$additional_libdir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test -d "$additional_libdir"; then
+ LIBINTL="${LIBINTL}${LIBINTL:+ }-L$additional_libdir"
+ fi
+ fi
+ haveit=
+ for x in $LDFLAGS $LTLIBINTL; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ if test "X$x" = "X-L$additional_libdir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test -d "$additional_libdir"; then
+ LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }-L$additional_libdir"
+ fi
+ fi
+ fi
+ fi
+ ;;
+ -R*)
+ dir=`echo "X$dep" | sed -e 's/^X-R//'`
+ if test "$enable_rpath" != no; then
+ haveit=
+ for x in $rpathdirs; do
+ if test "X$x" = "X$dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ rpathdirs="$rpathdirs $dir"
+ fi
+ haveit=
+ for x in $ltrpathdirs; do
+ if test "X$x" = "X$dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ ltrpathdirs="$ltrpathdirs $dir"
+ fi
+ fi
+ ;;
+ -l*)
+ names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'`
+ ;;
+ *.la)
+ names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'`
+ ;;
+ *)
+ LIBINTL="${LIBINTL}${LIBINTL:+ }$dep"
+ LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }$dep"
+ ;;
+ esac
+ done
+ fi
+ else
+ LIBINTL="${LIBINTL}${LIBINTL:+ }-l$name"
+ LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }-l$name"
+ fi
+ fi
+ fi
+ done
+ done
+ if test "X$rpathdirs" != "X"; then
+ if test -n "$hardcode_libdir_separator"; then
+ alldirs=
+ for found_dir in $rpathdirs; do
+ alldirs="${alldirs}${alldirs:+$hardcode_libdir_separator}$found_dir"
+ done
+ acl_save_libdir="$libdir"
+ libdir="$alldirs"
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ libdir="$acl_save_libdir"
+ LIBINTL="${LIBINTL}${LIBINTL:+ }$flag"
+ else
+ for found_dir in $rpathdirs; do
+ acl_save_libdir="$libdir"
+ libdir="$found_dir"
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ libdir="$acl_save_libdir"
+ LIBINTL="${LIBINTL}${LIBINTL:+ }$flag"
+ done
+ fi
+ fi
+ if test "X$ltrpathdirs" != "X"; then
+ for found_dir in $ltrpathdirs; do
+ LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }-R$found_dir"
+ done
+ fi
+
+ { echo "$as_me:$LINENO: checking for GNU gettext in libintl" >&5
+echo $ECHO_N "checking for GNU gettext in libintl... $ECHO_C" >&6; }
+if test "${gt_cv_func_gnugettext1_libintl+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ gt_save_CPPFLAGS="$CPPFLAGS"
+ CPPFLAGS="$CPPFLAGS $INCINTL"
+ gt_save_LIBS="$LIBS"
+ LIBS="$LIBS $LIBINTL"
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <libintl.h>
+extern int _nl_msg_cat_cntr;
+extern
+#ifdef __cplusplus
+"C"
+#endif
+const char *_nl_expand_alias (const char *);
+int
+main ()
+{
+bindtextdomain ("", "");
+return * gettext ("") + _nl_msg_cat_cntr + *_nl_expand_alias ("")
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ gt_cv_func_gnugettext1_libintl=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ gt_cv_func_gnugettext1_libintl=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ if test "$gt_cv_func_gnugettext1_libintl" != yes && test -n "$LIBICONV"; then
+ LIBS="$LIBS $LIBICONV"
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <libintl.h>
+extern int _nl_msg_cat_cntr;
+extern
+#ifdef __cplusplus
+"C"
+#endif
+const char *_nl_expand_alias (const char *);
+int
+main ()
+{
+bindtextdomain ("", "");
+return * gettext ("") + _nl_msg_cat_cntr + *_nl_expand_alias ("")
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ LIBINTL="$LIBINTL $LIBICONV"
+ LTLIBINTL="$LTLIBINTL $LTLIBICONV"
+ gt_cv_func_gnugettext1_libintl=yes
+
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ fi
+ CPPFLAGS="$gt_save_CPPFLAGS"
+ LIBS="$gt_save_LIBS"
+fi
+{ echo "$as_me:$LINENO: result: $gt_cv_func_gnugettext1_libintl" >&5
+echo "${ECHO_T}$gt_cv_func_gnugettext1_libintl" >&6; }
+ fi
+
+ if test "$gt_cv_func_gnugettext1_libc" = "yes" \
+ || { test "$gt_cv_func_gnugettext1_libintl" = "yes" \
+ && test "$PACKAGE" != gettext-runtime \
+ && test "$PACKAGE" != gettext-tools; }; then
+ gt_use_preinstalled_gnugettext=yes
+ else
+ LIBINTL=
+ LTLIBINTL=
+ INCINTL=
+ fi
+
+
+
+ if test -n "$INTL_MACOSX_LIBS"; then
+ if test "$gt_use_preinstalled_gnugettext" = "yes" \
+ || test "$nls_cv_use_gnu_gettext" = "yes"; then
+ LIBINTL="$LIBINTL $INTL_MACOSX_LIBS"
+ LTLIBINTL="$LTLIBINTL $INTL_MACOSX_LIBS"
+ fi
+ fi
+
+ if test "$gt_use_preinstalled_gnugettext" = "yes" \
+ || test "$nls_cv_use_gnu_gettext" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define ENABLE_NLS 1
+_ACEOF
+
+ else
+ USE_NLS=no
+ fi
+ fi
+
+ { echo "$as_me:$LINENO: checking whether to use NLS" >&5
+echo $ECHO_N "checking whether to use NLS... $ECHO_C" >&6; }
+ { echo "$as_me:$LINENO: result: $USE_NLS" >&5
+echo "${ECHO_T}$USE_NLS" >&6; }
+ if test "$USE_NLS" = "yes"; then
+ { echo "$as_me:$LINENO: checking where the gettext function comes from" >&5
+echo $ECHO_N "checking where the gettext function comes from... $ECHO_C" >&6; }
+ if test "$gt_use_preinstalled_gnugettext" = "yes"; then
+ if test "$gt_cv_func_gnugettext1_libintl" = "yes"; then
+ gt_source="external libintl"
+ else
+ gt_source="libc"
+ fi
+ else
+ gt_source="included intl directory"
+ fi
+ { echo "$as_me:$LINENO: result: $gt_source" >&5
+echo "${ECHO_T}$gt_source" >&6; }
+ fi
+
+ if test "$USE_NLS" = "yes"; then
+
+ if test "$gt_use_preinstalled_gnugettext" = "yes"; then
+ if test "$gt_cv_func_gnugettext1_libintl" = "yes"; then
+ { echo "$as_me:$LINENO: checking how to link with libintl" >&5
+echo $ECHO_N "checking how to link with libintl... $ECHO_C" >&6; }
+ { echo "$as_me:$LINENO: result: $LIBINTL" >&5
+echo "${ECHO_T}$LIBINTL" >&6; }
+
+ for element in $INCINTL; do
+ haveit=
+ for x in $CPPFLAGS; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ eval x=\"$x\"
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+
+ if test "X$x" = "X$element"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }$element"
+ fi
+ done
+
+ fi
+
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_GETTEXT 1
+_ACEOF
+
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_DCGETTEXT 1
+_ACEOF
+
+ fi
+
+ POSUB=po
+ fi
+
+
+
+ INTLLIBS="$LIBINTL"
+
+
+
+
+
+
+
+for ac_func in dngettext
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define $ac_func innocuous_$ac_func
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $ac_func
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $ac_func ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_$ac_func || defined __stub___$ac_func
+choke me
+#endif
+
+int
+main ()
+{
+return $ac_func ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ eval "$as_ac_var=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+ac_res=`eval echo '${'$as_ac_var'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+
+
+
+
+{ echo "$as_me:$LINENO: checking whether __NR_keyctl is declared" >&5
+echo $ECHO_N "checking whether __NR_keyctl is declared... $ECHO_C" >&6; }
+if test "${ac_cv_have_decl___NR_keyctl+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/syscall.h>
+
+int
+main ()
+{
+#ifndef __NR_keyctl
+ (void) __NR_keyctl;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_have_decl___NR_keyctl=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_have_decl___NR_keyctl=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_have_decl___NR_keyctl" >&5
+echo "${ECHO_T}$ac_cv_have_decl___NR_keyctl" >&6; }
+if test $ac_cv_have_decl___NR_keyctl = yes; then
+ have_key_syscalls=1
+else
+ have_key_syscalls=0
+fi
+
+{ echo "$as_me:$LINENO: checking whether ENOKEY is declared" >&5
+echo $ECHO_N "checking whether ENOKEY is declared... $ECHO_C" >&6; }
+if test "${ac_cv_have_decl_ENOKEY+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <errno.h>
+
+int
+main ()
+{
+#ifndef ENOKEY
+ (void) ENOKEY;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_have_decl_ENOKEY=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_have_decl_ENOKEY=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_ENOKEY" >&5
+echo "${ECHO_T}$ac_cv_have_decl_ENOKEY" >&6; }
+if test $ac_cv_have_decl_ENOKEY = yes; then
+ have_key_errors=1
+else
+ have_key_errors=0
+fi
+
+
+HAVE_KEY_MANAGEMENT=0
+if test $have_key_syscalls$have_key_errors = 11
+then
+ HAVE_KEY_MANAGEMENT=1
+fi
+
+if test $HAVE_KEY_MANAGEMENT = 1; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_KEY_MANAGEMENT 1
+_ACEOF
+
+fi
+HAVE_KEY_MANAGEMENT=$HAVE_KEY_MANAGEMENT
+
+
+ if test "$have_key_syscalls" = 1; then
+ HAVE_KEY_MANAGEMENT_TRUE=
+ HAVE_KEY_MANAGEMENT_FALSE='#'
+else
+ HAVE_KEY_MANAGEMENT_TRUE='#'
+ HAVE_KEY_MANAGEMENT_FALSE=
+fi
+
+
+ac_config_files="$ac_config_files Makefile libpam/Makefile libpamc/Makefile libpamc/test/Makefile libpam_misc/Makefile conf/Makefile conf/pam_conv1/Makefile po/Makefile.in modules/Makefile modules/pam_access/Makefile modules/pam_cracklib/Makefile modules/pam_debug/Makefile modules/pam_deny/Makefile modules/pam_echo/Makefile modules/pam_env/Makefile modules/pam_faildelay/Makefile modules/pam_filter/Makefile modules/pam_filter/upperLOWER/Makefile modules/pam_ftp/Makefile modules/pam_group/Makefile modules/pam_issue/Makefile modules/pam_keyinit/Makefile modules/pam_lastlog/Makefile modules/pam_limits/Makefile modules/pam_listfile/Makefile modules/pam_localuser/Makefile modules/pam_loginuid/Makefile modules/pam_mail/Makefile modules/pam_mkhomedir/Makefile modules/pam_motd/Makefile modules/pam_namespace/Makefile modules/pam_nologin/Makefile modules/pam_permit/Makefile modules/pam_rhosts/Makefile modules/pam_rootok/Makefile modules/pam_exec/Makefile modules/pam_securetty/Makefile modules/pam_selinux/Makefile modules/pam_shells/Makefile modules/pam_stress/Makefile modules/pam_succeed_if/Makefile modules/pam_tally/Makefile modules/pam_time/Makefile modules/pam_umask/Makefile modules/pam_unix/Makefile modules/pam_userdb/Makefile modules/pam_warn/Makefile modules/pam_wheel/Makefile modules/pam_xauth/Makefile doc/Makefile doc/specs/Makefile doc/man/Makefile doc/sag/Makefile doc/adg/Makefile doc/mwg/Makefile examples/Makefile tests/Makefile xtests/Makefile"
+
cat >confcache <<\_ACEOF
# This file is a shell script that caches the results of configure
# tests run on this system so they can be shared between configure
@@ -7691,39 +27557,58 @@ _ACEOF
# The following way of writing the cache mishandles newlines in values,
# but we know of no workaround that is simple, portable, and efficient.
-# So, don't put newlines in cache variables' values.
+# So, we kill variables containing newlines.
# Ultrix sh set writes to stderr and can't be redirected directly,
# and sets the high bit in the cache file unless we assign to the vars.
-{
+(
+ for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do
+ eval ac_val=\$$ac_var
+ case $ac_val in #(
+ *${as_nl}*)
+ case $ac_var in #(
+ *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5
+echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;;
+ esac
+ case $ac_var in #(
+ _ | IFS | as_nl) ;; #(
+ *) $as_unset $ac_var ;;
+ esac ;;
+ esac
+ done
+
(set) 2>&1 |
- case `(ac_space=' '; set | grep ac_space) 2>&1` in
- *ac_space=\ *)
+ case $as_nl`(ac_space=' '; set) 2>&1` in #(
+ *${as_nl}ac_space=\ *)
# `set' does not quote correctly, so add quotes (double-quote
# substitution turns \\\\ into \\, and sed turns \\ into \).
sed -n \
"s/'/'\\\\''/g;
s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
- ;;
+ ;; #(
*)
# `set' quotes correctly as required by POSIX, so do not add quotes.
- sed -n \
- "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p"
+ sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
;;
- esac;
-} |
+ esac |
+ sort
+) |
sed '
+ /^ac_cv_env_/b end
t clear
- : clear
+ :clear
s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/
t end
- /^ac_cv_env/!s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
- : end' >>confcache
-if diff $cache_file confcache >/dev/null 2>&1; then :; else
- if test -w $cache_file; then
- test "x$cache_file" != "x/dev/null" && echo "updating cache $cache_file"
+ s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
+ :end' >>confcache
+if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
+ if test -w "$cache_file"; then
+ test "x$cache_file" != "x/dev/null" &&
+ { echo "$as_me:$LINENO: updating cache $cache_file" >&5
+echo "$as_me: updating cache $cache_file" >&6;}
cat confcache >$cache_file
else
- echo "not updating unwritable cache $cache_file"
+ { echo "$as_me:$LINENO: not updating unwritable cache $cache_file" >&5
+echo "$as_me: not updating unwritable cache $cache_file" >&6;}
fi
fi
rm -f confcache
@@ -7732,38 +27617,108 @@ test "x$prefix" = xNONE && prefix=$ac_default_prefix
# Let make expand exec_prefix.
test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-# VPATH may cause trouble with some makes, so we remove $(srcdir),
-# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and
-# trailing colons and then remove the whole line if VPATH becomes empty
-# (actually we leave an empty line to preserve line numbers).
-if test "x$srcdir" = x.; then
- ac_vpsub='/^[ ]*VPATH[ ]*=/{
-s/:*\$(srcdir):*/:/;
-s/:*\${srcdir}:*/:/;
-s/:*@srcdir@:*/:/;
-s/^\([^=]*=[ ]*\):*/\1/;
-s/:*$//;
-s/^[^=]*=[ ]*$//;
-}'
-fi
-
DEFS=-DHAVE_CONFIG_H
ac_libobjs=
ac_ltlibobjs=
for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
# 1. Remove the extension, and $U if already installed.
- ac_i=`echo "$ac_i" |
- sed 's/\$U\././;s/\.o$//;s/\.obj$//'`
- # 2. Add them.
- ac_libobjs="$ac_libobjs $ac_i\$U.$ac_objext"
- ac_ltlibobjs="$ac_ltlibobjs $ac_i"'$U.lo'
+ ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
+ ac_i=`echo "$ac_i" | sed "$ac_script"`
+ # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR
+ # will be set to the directory where LIBOBJS objects are built.
+ ac_libobjs="$ac_libobjs \${LIBOBJDIR}$ac_i\$U.$ac_objext"
+ ac_ltlibobjs="$ac_ltlibobjs \${LIBOBJDIR}$ac_i"'$U.lo'
done
LIBOBJS=$ac_libobjs
LTLIBOBJS=$ac_ltlibobjs
+if test -z "${STATIC_MODULES_TRUE}" && test -z "${STATIC_MODULES_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"STATIC_MODULES\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"STATIC_MODULES\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"AMDEP\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"AMDEP\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCC\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"am__fastdepCC\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${am__fastdepCXX_TRUE}" && test -z "${am__fastdepCXX_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCXX\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"am__fastdepCXX\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${HAVE_VERSIONING_TRUE}" && test -z "${HAVE_VERSIONING_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"HAVE_VERSIONING\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"HAVE_VERSIONING\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${HAVE_LIBCRACK_TRUE}" && test -z "${HAVE_LIBCRACK_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"HAVE_LIBCRACK\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"HAVE_LIBCRACK\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${HAVE_LIBDB_TRUE}" && test -z "${HAVE_LIBDB_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"HAVE_LIBDB\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"HAVE_LIBDB\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${HAVE_LIBSELINUX_TRUE}" && test -z "${HAVE_LIBSELINUX_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"HAVE_LIBSELINUX\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"HAVE_LIBSELINUX\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${HAVE_UNSHARE_TRUE}" && test -z "${HAVE_UNSHARE_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"HAVE_UNSHARE\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"HAVE_UNSHARE\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${ENABLE_REGENERATE_MAN_TRUE}" && test -z "${ENABLE_REGENERATE_MAN_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"ENABLE_REGENERATE_MAN\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"ENABLE_REGENERATE_MAN\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${ENABLE_GENERATE_PDF_TRUE}" && test -z "${ENABLE_GENERATE_PDF_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"ENABLE_GENERATE_PDF\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"ENABLE_GENERATE_PDF\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${HAVE_KEY_MANAGEMENT_TRUE}" && test -z "${HAVE_KEY_MANAGEMENT_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"HAVE_KEY_MANAGEMENT\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"HAVE_KEY_MANAGEMENT\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
: ${CONFIG_STATUS=./config.status}
ac_clean_files_save=$ac_clean_files
@@ -7788,17 +27743,45 @@ cat >>$CONFIG_STATUS <<\_ACEOF
## M4sh Initialization. ##
## --------------------- ##
-# Be Bourne compatible
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
emulate sh
NULLCMD=:
# Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
# is contrary to our usage. Disable this feature.
alias -g '${1+"$@"}'='"$@"'
-elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then
- set -o posix
+ setopt NO_GLOB_SUBST
+else
+ case `(set -o) 2>/dev/null` in
+ *posix*) set -o posix ;;
+esac
+
+fi
+
+
+
+
+# PATH needs CR
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
+ fi
+ rm -f conf$$.sh
fi
-DUALCASE=1; export DUALCASE # for MKS sh
# Support unset when possible.
if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
@@ -7808,8 +27791,43 @@ else
fi
+# IFS
+# We need space, tab and new line, in precisely that order. Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+as_nl='
+'
+IFS=" "" $as_nl"
+
+# Find who we are. Look in the path if we contain no directory separator.
+case $0 in
+ *[\\/]* ) as_myself=$0 ;;
+ *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+done
+IFS=$as_save_IFS
+
+ ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+ as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+ echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+ { (exit 1); exit 1; }
+fi
+
# Work around bugs in pre-3.0 UWIN ksh.
-$as_unset ENV MAIL MAILPATH
+for as_var in ENV MAIL MAILPATH
+do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
+done
PS1='$ '
PS2='> '
PS4='+ '
@@ -7823,18 +27841,19 @@ do
if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
eval $as_var=C; export $as_var
else
- $as_unset $as_var
+ ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
fi
done
# Required to use basename.
-if expr a : '\(a\)' >/dev/null 2>&1; then
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+ test "X`expr 00001 : '.*\(...\)'`" = X001; then
as_expr=expr
else
as_expr=false
fi
-if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
as_basename=basename
else
as_basename=false
@@ -7842,159 +27861,120 @@ fi
# Name of the executable.
-as_me=`$as_basename "$0" ||
+as_me=`$as_basename -- "$0" ||
$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)$' \| \
- . : '\(.\)' 2>/dev/null ||
+ X"$0" : 'X\(/\)' \| . 2>/dev/null ||
echo X/"$0" |
- sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; }
- /^X\/\(\/\/\)$/{ s//\1/; q; }
- /^X\/\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
+ sed '/^.*\/\([^/][^/]*\)\/*$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
-
-# PATH needs CR, and LINENO needs CR and PATH.
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
- echo "#! /bin/sh" >conf$$.sh
- echo "exit 0" >>conf$$.sh
- chmod +x conf$$.sh
- if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
- PATH_SEPARATOR=';'
- else
- PATH_SEPARATOR=:
- fi
- rm -f conf$$.sh
-fi
+# CDPATH.
+$as_unset CDPATH
- as_lineno_1=$LINENO
- as_lineno_2=$LINENO
- as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
- test "x$as_lineno_1" != "x$as_lineno_2" &&
- test "x$as_lineno_3" = "x$as_lineno_2" || {
- # Find who we are. Look in the path if we contain no path at all
- # relative or not.
- case $0 in
- *[\\/]* ) as_myself=$0 ;;
- *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
-done
- ;;
- esac
- # We did not find ourselves, most probably we were run as `sh COMMAND'
- # in which case we are not to be found in the path.
- if test "x$as_myself" = x; then
- as_myself=$0
- fi
- if test ! -f "$as_myself"; then
- { { echo "$as_me:$LINENO: error: cannot find myself; rerun with an absolute path" >&5
-echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2;}
- { (exit 1); exit 1; }; }
- fi
- case $CONFIG_SHELL in
- '')
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for as_base in sh bash ksh sh5; do
- case $as_dir in
- /*)
- if ("$as_dir/$as_base" -c '
as_lineno_1=$LINENO
as_lineno_2=$LINENO
- as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
test "x$as_lineno_1" != "x$as_lineno_2" &&
- test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then
- $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; }
- $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; }
- CONFIG_SHELL=$as_dir/$as_base
- export CONFIG_SHELL
- exec "$CONFIG_SHELL" "$0" ${1+"$@"}
- fi;;
- esac
- done
-done
-;;
- esac
+ test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2" || {
# Create $as_me.lineno as a copy of $as_myself, but with $LINENO
# uniformly replaced by the line number. The first 'sed' inserts a
- # line-number line before each line; the second 'sed' does the real
- # work. The second script uses 'N' to pair each line-number line
- # with the numbered line, and appends trailing '-' during
- # substitution so that $LINENO is not a special case at line end.
+ # line-number line after each line using $LINENO; the second 'sed'
+ # does the real work. The second script uses 'N' to pair each
+ # line-number line with the line containing $LINENO, and appends
+ # trailing '-' during substitution so that $LINENO is not a special
+ # case at line end.
# (Raja R Harinath suggested sed '=', and Paul Eggert wrote the
- # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-)
- sed '=' <$as_myself |
+ # scripts with optimization help from Paolo Bonzini. Blame Lee
+ # E. McMahon (1931-1989) for sed's syntax. :-)
+ sed -n '
+ p
+ /[$]LINENO/=
+ ' <$as_myself |
sed '
+ s/[$]LINENO.*/&-/
+ t lineno
+ b
+ :lineno
N
- s,$,-,
- : loop
- s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3,
+ :loop
+ s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/
t loop
- s,-$,,
- s,^['$as_cr_digits']*\n,,
+ s/-\n.*//
' >$as_me.lineno &&
- chmod +x $as_me.lineno ||
- { { echo "$as_me:$LINENO: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&5
-echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2;}
+ chmod +x "$as_me.lineno" ||
+ { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
{ (exit 1); exit 1; }; }
# Don't try to exec as it changes $[0], causing all sort of problems
# (the dirname of $[0] is not the place where we might find the
- # original and so on. Autoconf is especially sensible to this).
- . ./$as_me.lineno
+ # original and so on. Autoconf is especially sensitive to this).
+ . "./$as_me.lineno"
# Exit status is that of the last command.
exit
}
-case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in
- *c*,-n*) ECHO_N= ECHO_C='
-' ECHO_T=' ' ;;
- *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;;
- *) ECHO_N= ECHO_C='\c' ECHO_T= ;;
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+ as_dirname=dirname
+else
+ as_dirname=false
+fi
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in
+-n*)
+ case `echo 'x\c'` in
+ *c*) ECHO_T=' ';; # ECHO_T is single tab character.
+ *) ECHO_C='\c';;
+ esac;;
+*)
+ ECHO_N='-n';;
esac
-if expr a : '\(a\)' >/dev/null 2>&1; then
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+ test "X`expr 00001 : '.*\(...\)'`" = X001; then
as_expr=expr
else
as_expr=false
fi
rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+ rm -f conf$$.dir/conf$$.file
+else
+ rm -f conf$$.dir
+ mkdir conf$$.dir
+fi
echo >conf$$.file
if ln -s conf$$.file conf$$ 2>/dev/null; then
- # We could just check for DJGPP; but this test a) works b) is more generic
- # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04).
- if test -f conf$$.exe; then
- # Don't use ln at all; we don't have any links
+ as_ln_s='ln -s'
+ # ... but there are two gotchas:
+ # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+ # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+ # In both cases, we have to default to `cp -p'.
+ ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
as_ln_s='cp -p'
- else
- as_ln_s='ln -s'
- fi
elif ln conf$$.file conf$$ 2>/dev/null; then
as_ln_s=ln
else
as_ln_s='cp -p'
fi
-rm -f conf$$ conf$$.exe conf$$.file
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
if mkdir -p . 2>/dev/null; then
as_mkdir_p=:
@@ -8003,7 +27983,28 @@ else
as_mkdir_p=false
fi
-as_executable_p="test -f"
+if test -x / >/dev/null 2>&1; then
+ as_test_x='test -x'
+else
+ if ls -dL / >/dev/null 2>&1; then
+ as_ls_L_option=L
+ else
+ as_ls_L_option=
+ fi
+ as_test_x='
+ eval sh -c '\''
+ if test -d "$1"; then
+ test -d "$1/.";
+ else
+ case $1 in
+ -*)set "./$1";;
+ esac;
+ case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in
+ ???[sx]*):;;*)false;;esac;fi
+ '\'' sh
+ '
+fi
+as_executable_p=$as_test_x
# Sed expression to map a string onto a valid CPP name.
as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
@@ -8012,31 +28013,14 @@ as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-# IFS
-# We need space, tab and new line, in precisely that order.
-as_nl='
-'
-IFS=" $as_nl"
-
-# CDPATH.
-$as_unset CDPATH
-
exec 6>&1
-# Open the log real soon, to keep \$[0] and so on meaningful, and to
+# Save the log message, to keep $[0] and so on meaningful, and to
# report actual input values of CONFIG_FILES etc. instead of their
-# values after options handling. Logging --version etc. is OK.
-exec 5>>config.log
-{
- echo
- sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
-## Running $as_me. ##
-_ASBOX
-} >&5
-cat >&5 <<_CSEOF
-
+# values after options handling.
+ac_log="
This file was extended by $as_me, which was
-generated by GNU Autoconf 2.59. Invocation command line was
+generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
CONFIG_HEADERS = $CONFIG_HEADERS
@@ -8044,30 +28028,20 @@ generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_COMMANDS = $CONFIG_COMMANDS
$ $0 $@
-_CSEOF
-echo "on `(hostname || uname -n) 2>/dev/null | sed 1q`" >&5
-echo >&5
+on `(hostname || uname -n) 2>/dev/null | sed 1q`
+"
+
_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF
# Files that config.status was made for.
-if test -n "$ac_config_files"; then
- echo "config_files=\"$ac_config_files\"" >>$CONFIG_STATUS
-fi
-
-if test -n "$ac_config_headers"; then
- echo "config_headers=\"$ac_config_headers\"" >>$CONFIG_STATUS
-fi
+config_files="$ac_config_files"
+config_headers="$ac_config_headers"
+config_commands="$ac_config_commands"
-if test -n "$ac_config_links"; then
- echo "config_links=\"$ac_config_links\"" >>$CONFIG_STATUS
-fi
-
-if test -n "$ac_config_commands"; then
- echo "config_commands=\"$ac_config_commands\"" >>$CONFIG_STATUS
-fi
+_ACEOF
cat >>$CONFIG_STATUS <<\_ACEOF
-
ac_cs_usage="\
\`$as_me' instantiates files from templates according to the
current configuration.
@@ -8075,7 +28049,7 @@ current configuration.
Usage: $0 [OPTIONS] [FILE]...
-h, --help print this help, then exit
- -V, --version print version number, then exit
+ -V, --version print version number and configuration settings, then exit
-q, --quiet do not print progress messages
-d, --debug don't remove temporary files
--recheck update $as_me by reconfiguring in the same conditions
@@ -8090,20 +28064,26 @@ $config_files
Configuration headers:
$config_headers
+Configuration commands:
+$config_commands
+
Report bugs to <bug-autoconf@gnu.org>."
-_ACEOF
+_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
config.status
-configured by $0, generated by GNU Autoconf 2.59,
- with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
+configured by $0, generated by GNU Autoconf 2.61,
+ with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
-Copyright (C) 2003 Free Software Foundation, Inc.
+Copyright (C) 2006 Free Software Foundation, Inc.
This config.status script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it."
-srcdir=$srcdir
-INSTALL="$INSTALL"
+
+ac_pwd='$ac_pwd'
+srcdir='$srcdir'
+INSTALL='$INSTALL'
+MKDIR_P='$MKDIR_P'
_ACEOF
cat >>$CONFIG_STATUS <<\_ACEOF
@@ -8114,39 +28094,24 @@ while test $# != 0
do
case $1 in
--*=*)
- ac_option=`expr "x$1" : 'x\([^=]*\)='`
- ac_optarg=`expr "x$1" : 'x[^=]*=\(.*\)'`
+ ac_option=`expr "X$1" : 'X\([^=]*\)='`
+ ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
ac_shift=:
;;
- -*)
+ *)
ac_option=$1
ac_optarg=$2
ac_shift=shift
;;
- *) # This is not an option, so the user has probably given explicit
- # arguments.
- ac_option=$1
- ac_need_defaults=false;;
esac
case $ac_option in
# Handling of the options.
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF
-recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
ac_cs_recheck=: ;;
- --version | --vers* | -V )
- echo "$ac_cs_version"; exit 0 ;;
- --he | --h)
- # Conflict between --help and --header
- { { echo "$as_me:$LINENO: error: ambiguous option: $1
-Try \`$0 --help' for more information." >&5
-echo "$as_me: error: ambiguous option: $1
-Try \`$0 --help' for more information." >&2;}
- { (exit 1); exit 1; }; };;
- --help | --hel | -h )
- echo "$ac_cs_usage"; exit 0 ;;
- --debug | --d* | -d )
+ --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
+ echo "$ac_cs_version"; exit ;;
+ --debug | --debu | --deb | --de | --d | -d )
debug=: ;;
--file | --fil | --fi | --f )
$ac_shift
@@ -8156,18 +28121,24 @@ Try \`$0 --help' for more information." >&2;}
$ac_shift
CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg"
ac_need_defaults=false;;
+ --he | --h)
+ # Conflict between --help and --header
+ { echo "$as_me: error: ambiguous option: $1
+Try \`$0 --help' for more information." >&2
+ { (exit 1); exit 1; }; };;
+ --help | --hel | -h )
+ echo "$ac_cs_usage"; exit ;;
-q | -quiet | --quiet | --quie | --qui | --qu | --q \
| -silent | --silent | --silen | --sile | --sil | --si | --s)
ac_cs_silent=: ;;
# This is an error.
- -*) { { echo "$as_me:$LINENO: error: unrecognized option: $1
-Try \`$0 --help' for more information." >&5
-echo "$as_me: error: unrecognized option: $1
-Try \`$0 --help' for more information." >&2;}
+ -*) { echo "$as_me: error: unrecognized option: $1
+Try \`$0 --help' for more information." >&2
{ (exit 1); exit 1; }; } ;;
- *) ac_config_targets="$ac_config_targets $1" ;;
+ *) ac_config_targets="$ac_config_targets $1"
+ ac_need_defaults=false ;;
esac
shift
@@ -8183,29 +28154,114 @@ fi
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
if \$ac_cs_recheck; then
- echo "running $SHELL $0 " $ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6
- exec $SHELL $0 $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
+ echo "running CONFIG_SHELL=$SHELL $SHELL $0 "$ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6
+ CONFIG_SHELL=$SHELL
+ export CONFIG_SHELL
+ exec $SHELL "$0"$ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
fi
_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF
+exec 5>>config.log
+{
+ echo
+ sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
+## Running $as_me. ##
+_ASBOX
+ echo "$ac_log"
+} >&5
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF
+#
+# INIT-COMMANDS
+#
+AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"
+# Capture the value of obsolete ALL_LINGUAS because we need it to compute
+ # POFILES, UPDATEPOFILES, DUMMYPOFILES, GMOFILES, CATALOGS. But hide it
+ # from automake < 1.5.
+ eval 'OBSOLETE_ALL_LINGUAS''="$ALL_LINGUAS"'
+ # Capture the value of LINGUAS because we need it to compute CATALOGS.
+ LINGUAS="${LINGUAS-%UNSET%}"
-
+_ACEOF
cat >>$CONFIG_STATUS <<\_ACEOF
+
+# Handling of arguments.
for ac_config_target in $ac_config_targets
do
- case "$ac_config_target" in
- # Handling of arguments.
- "Make.Rules" ) CONFIG_FILES="$CONFIG_FILES Make.Rules" ;;
- "_pam_aconf.h" ) CONFIG_HEADERS="$CONFIG_HEADERS _pam_aconf.h" ;;
+ case $ac_config_target in
+ "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
+ "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;;
+ "po-directories") CONFIG_COMMANDS="$CONFIG_COMMANDS po-directories" ;;
+ "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
+ "libpam/Makefile") CONFIG_FILES="$CONFIG_FILES libpam/Makefile" ;;
+ "libpamc/Makefile") CONFIG_FILES="$CONFIG_FILES libpamc/Makefile" ;;
+ "libpamc/test/Makefile") CONFIG_FILES="$CONFIG_FILES libpamc/test/Makefile" ;;
+ "libpam_misc/Makefile") CONFIG_FILES="$CONFIG_FILES libpam_misc/Makefile" ;;
+ "conf/Makefile") CONFIG_FILES="$CONFIG_FILES conf/Makefile" ;;
+ "conf/pam_conv1/Makefile") CONFIG_FILES="$CONFIG_FILES conf/pam_conv1/Makefile" ;;
+ "po/Makefile.in") CONFIG_FILES="$CONFIG_FILES po/Makefile.in" ;;
+ "modules/Makefile") CONFIG_FILES="$CONFIG_FILES modules/Makefile" ;;
+ "modules/pam_access/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_access/Makefile" ;;
+ "modules/pam_cracklib/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_cracklib/Makefile" ;;
+ "modules/pam_debug/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_debug/Makefile" ;;
+ "modules/pam_deny/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_deny/Makefile" ;;
+ "modules/pam_echo/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_echo/Makefile" ;;
+ "modules/pam_env/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_env/Makefile" ;;
+ "modules/pam_faildelay/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_faildelay/Makefile" ;;
+ "modules/pam_filter/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_filter/Makefile" ;;
+ "modules/pam_filter/upperLOWER/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_filter/upperLOWER/Makefile" ;;
+ "modules/pam_ftp/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_ftp/Makefile" ;;
+ "modules/pam_group/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_group/Makefile" ;;
+ "modules/pam_issue/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_issue/Makefile" ;;
+ "modules/pam_keyinit/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_keyinit/Makefile" ;;
+ "modules/pam_lastlog/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_lastlog/Makefile" ;;
+ "modules/pam_limits/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_limits/Makefile" ;;
+ "modules/pam_listfile/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_listfile/Makefile" ;;
+ "modules/pam_localuser/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_localuser/Makefile" ;;
+ "modules/pam_loginuid/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_loginuid/Makefile" ;;
+ "modules/pam_mail/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_mail/Makefile" ;;
+ "modules/pam_mkhomedir/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_mkhomedir/Makefile" ;;
+ "modules/pam_motd/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_motd/Makefile" ;;
+ "modules/pam_namespace/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_namespace/Makefile" ;;
+ "modules/pam_nologin/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_nologin/Makefile" ;;
+ "modules/pam_permit/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_permit/Makefile" ;;
+ "modules/pam_rhosts/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_rhosts/Makefile" ;;
+ "modules/pam_rootok/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_rootok/Makefile" ;;
+ "modules/pam_exec/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_exec/Makefile" ;;
+ "modules/pam_securetty/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_securetty/Makefile" ;;
+ "modules/pam_selinux/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_selinux/Makefile" ;;
+ "modules/pam_shells/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_shells/Makefile" ;;
+ "modules/pam_stress/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_stress/Makefile" ;;
+ "modules/pam_succeed_if/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_succeed_if/Makefile" ;;
+ "modules/pam_tally/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_tally/Makefile" ;;
+ "modules/pam_time/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_time/Makefile" ;;
+ "modules/pam_umask/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_umask/Makefile" ;;
+ "modules/pam_unix/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_unix/Makefile" ;;
+ "modules/pam_userdb/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_userdb/Makefile" ;;
+ "modules/pam_warn/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_warn/Makefile" ;;
+ "modules/pam_wheel/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_wheel/Makefile" ;;
+ "modules/pam_xauth/Makefile") CONFIG_FILES="$CONFIG_FILES modules/pam_xauth/Makefile" ;;
+ "doc/Makefile") CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;;
+ "doc/specs/Makefile") CONFIG_FILES="$CONFIG_FILES doc/specs/Makefile" ;;
+ "doc/man/Makefile") CONFIG_FILES="$CONFIG_FILES doc/man/Makefile" ;;
+ "doc/sag/Makefile") CONFIG_FILES="$CONFIG_FILES doc/sag/Makefile" ;;
+ "doc/adg/Makefile") CONFIG_FILES="$CONFIG_FILES doc/adg/Makefile" ;;
+ "doc/mwg/Makefile") CONFIG_FILES="$CONFIG_FILES doc/mwg/Makefile" ;;
+ "examples/Makefile") CONFIG_FILES="$CONFIG_FILES examples/Makefile" ;;
+ "tests/Makefile") CONFIG_FILES="$CONFIG_FILES tests/Makefile" ;;
+ "xtests/Makefile") CONFIG_FILES="$CONFIG_FILES xtests/Makefile" ;;
+
*) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5
echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
{ (exit 1); exit 1; }; };;
esac
done
+
# If the user did not use the arguments to specify the items to instantiate,
# then the envvar interface is used. Set only those that are not.
# We use the long form for the default assignment because of an extremely
@@ -8213,370 +28269,536 @@ done
if $ac_need_defaults; then
test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
+ test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands
fi
# Have a temporary directory for convenience. Make it in the build tree
-# simply because there is no reason to put it here, and in addition,
+# simply because there is no reason against having it here, and in addition,
# creating and moving files from /tmp can sometimes cause problems.
-# Create a temporary directory, and hook for its removal unless debugging.
+# Hook for its removal unless debugging.
+# Note that there is a small window in which the directory will not be cleaned:
+# after its creation but before its name has been assigned to `$tmp'.
$debug ||
{
- trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0
+ tmp=
+ trap 'exit_status=$?
+ { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status
+' 0
trap '{ (exit 1); exit 1; }' 1 2 13 15
}
-
# Create a (secure) tmp directory for tmp files.
{
- tmp=`(umask 077 && mktemp -d -q "./confstatXXXXXX") 2>/dev/null` &&
+ tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
test -n "$tmp" && test -d "$tmp"
} ||
{
- tmp=./confstat$$-$RANDOM
- (umask 077 && mkdir $tmp)
+ tmp=./conf$$-$RANDOM
+ (umask 077 && mkdir "$tmp")
} ||
{
echo "$me: cannot create a temporary directory in ." >&2
{ (exit 1); exit 1; }
}
-_ACEOF
-
-cat >>$CONFIG_STATUS <<_ACEOF
-
#
-# CONFIG_FILES section.
+# Set up the sed scripts for CONFIG_FILES section.
#
# No need to generate the scripts if there are no CONFIG_FILES.
# This happens for instance when ./config.status config.h
-if test -n "\$CONFIG_FILES"; then
- # Protect against being on the right side of a sed subst in config.status.
- sed 's/,@/@@/; s/@,/@@/; s/,;t t\$/@;t t/; /@;t t\$/s/[\\\\&,]/\\\\&/g;
- s/@@/,@/; s/@@/@,/; s/@;t t\$/,;t t/' >\$tmp/subs.sed <<\\CEOF
-s,@SHELL@,$SHELL,;t t
-s,@PATH_SEPARATOR@,$PATH_SEPARATOR,;t t
-s,@PACKAGE_NAME@,$PACKAGE_NAME,;t t
-s,@PACKAGE_TARNAME@,$PACKAGE_TARNAME,;t t
-s,@PACKAGE_VERSION@,$PACKAGE_VERSION,;t t
-s,@PACKAGE_STRING@,$PACKAGE_STRING,;t t
-s,@PACKAGE_BUGREPORT@,$PACKAGE_BUGREPORT,;t t
-s,@exec_prefix@,$exec_prefix,;t t
-s,@prefix@,$prefix,;t t
-s,@program_transform_name@,$program_transform_name,;t t
-s,@bindir@,$bindir,;t t
-s,@sbindir@,$sbindir,;t t
-s,@libexecdir@,$libexecdir,;t t
-s,@datadir@,$datadir,;t t
-s,@sysconfdir@,$sysconfdir,;t t
-s,@sharedstatedir@,$sharedstatedir,;t t
-s,@localstatedir@,$localstatedir,;t t
-s,@libdir@,$libdir,;t t
-s,@includedir@,$includedir,;t t
-s,@oldincludedir@,$oldincludedir,;t t
-s,@infodir@,$infodir,;t t
-s,@mandir@,$mandir,;t t
-s,@build_alias@,$build_alias,;t t
-s,@host_alias@,$host_alias,;t t
-s,@target_alias@,$target_alias,;t t
-s,@DEFS@,$DEFS,;t t
-s,@ECHO_C@,$ECHO_C,;t t
-s,@ECHO_N@,$ECHO_N,;t t
-s,@ECHO_T@,$ECHO_T,;t t
-s,@LIBS@,$LIBS,;t t
-s,@LIBPAM_VERSION_MAJOR@,$LIBPAM_VERSION_MAJOR,;t t
-s,@LIBPAM_VERSION_MINOR@,$LIBPAM_VERSION_MINOR,;t t
-s,@LOCALSRCDIR@,$LOCALSRCDIR,;t t
-s,@LOCALOBJDIR@,$LOCALOBJDIR,;t t
-s,@OS@,$OS,;t t
-s,@CONF_CFLAGS@,$CONF_CFLAGS,;t t
-s,@MKDIR@,$MKDIR,;t t
-s,@SHLIBMODE@,$SHLIBMODE,;t t
-s,@MANMODE@,$MANMODE,;t t
-s,@USESONAME@,$USESONAME,;t t
-s,@SOSWITCH@,$SOSWITCH,;t t
-s,@NEEDSONAME@,$NEEDSONAME,;t t
-s,@LDCONFIG@,$LDCONFIG,;t t
-s,@CC@,$CC,;t t
-s,@CFLAGS@,$CFLAGS,;t t
-s,@LDFLAGS@,$LDFLAGS,;t t
-s,@CPPFLAGS@,$CPPFLAGS,;t t
-s,@ac_ct_CC@,$ac_ct_CC,;t t
-s,@EXEEXT@,$EXEEXT,;t t
-s,@OBJEXT@,$OBJEXT,;t t
-s,@YACC@,$YACC,;t t
-s,@LEX@,$LEX,;t t
-s,@LEXLIB@,$LEXLIB,;t t
-s,@LEX_OUTPUT_ROOT@,$LEX_OUTPUT_ROOT,;t t
-s,@INSTALL_PROGRAM@,$INSTALL_PROGRAM,;t t
-s,@INSTALL_SCRIPT@,$INSTALL_SCRIPT,;t t
-s,@INSTALL_DATA@,$INSTALL_DATA,;t t
-s,@LN_S@,$LN_S,;t t
-s,@SET_MAKE@,$SET_MAKE,;t t
-s,@WITH_DEBUG@,$WITH_DEBUG,;t t
-s,@WITH_MEMORY_DEBUG@,$WITH_MEMORY_DEBUG,;t t
-s,@WITH_LIBDEBUG@,$WITH_LIBDEBUG,;t t
-s,@WITH_PRELUDE@,$WITH_PRELUDE,;t t
-s,@FAKEROOT@,$FAKEROOT,;t t
-s,@SECUREDIR@,$SECUREDIR,;t t
-s,@SCONFIGDIR@,$SCONFIGDIR,;t t
-s,@SUPLEMENTED@,$SUPLEMENTED,;t t
-s,@INCLUDEDIR@,$INCLUDEDIR,;t t
-s,@DOCDIR@,$DOCDIR,;t t
-s,@MANDIR@,$MANDIR,;t t
-s,@WITH_PAMLOCKING@,$WITH_PAMLOCKING,;t t
-s,@PAM_READ_BOTH_CONFS@,$PAM_READ_BOTH_CONFS,;t t
-s,@STATIC_LIBPAM@,$STATIC_LIBPAM,;t t
-s,@DYNAMIC_LIBPAM@,$DYNAMIC_LIBPAM,;t t
-s,@DYNAMIC@,$DYNAMIC,;t t
-s,@STATIC@,$STATIC,;t t
-s,@WITH_LCKPWDF@,$WITH_LCKPWDF,;t t
-s,@CPP@,$CPP,;t t
-s,@EGREP@,$EGREP,;t t
-s,@PAM_NEEDS_LIBC@,$PAM_NEEDS_LIBC,;t t
-s,@HAVE_LCKPWDF@,$HAVE_LCKPWDF,;t t
-s,@LIBDL@,$LIBDL,;t t
-s,@HAVE_LIBCRACK@,$HAVE_LIBCRACK,;t t
-s,@HAVE_LIBCRYPT@,$HAVE_LIBCRYPT,;t t
-s,@HAVE_LIBUTIL@,$HAVE_LIBUTIL,;t t
-s,@HAVE_LIBNDBM@,$HAVE_LIBNDBM,;t t
-s,@HAVE_LIBDB@,$HAVE_LIBDB,;t t
-s,@HAVE_LIBFL@,$HAVE_LIBFL,;t t
-s,@HAVE_LIBNSL@,$HAVE_LIBNSL,;t t
-s,@HAVE_LIBPWDB@,$HAVE_LIBPWDB,;t t
-s,@HAVE_LIBFLEX@,$HAVE_LIBFLEX,;t t
-s,@HAVE_LIBLEX@,$HAVE_LIBLEX,;t t
-s,@HAVE_NDBM_H@,$HAVE_NDBM_H,;t t
-s,@CRACKLIB_DICTPATH@,$CRACKLIB_DICTPATH,;t t
-s,@DYNTYPE@,$DYNTYPE,;t t
-s,@OS_CFLAGS@,$OS_CFLAGS,;t t
-s,@WARNINGS@,$WARNINGS,;t t
-s,@PIC@,$PIC,;t t
-s,@LD@,$LD,;t t
-s,@LD_D@,$LD_D,;t t
-s,@LD_L@,$LD_L,;t t
-s,@RANLIB@,$RANLIB,;t t
-s,@STRIP@,$STRIP,;t t
-s,@CC_STATIC@,$CC_STATIC,;t t
-s,@LIBOBJS@,$LIBOBJS,;t t
-s,@HAVE_SGML2TXT@,$HAVE_SGML2TXT,;t t
-s,@HAVE_SGML2HTML@,$HAVE_SGML2HTML,;t t
-s,@HAVE_SGML2LATEX@,$HAVE_SGML2LATEX,;t t
-s,@HAVE_PS2PDF@,$HAVE_PS2PDF,;t t
-s,@HAVE_SGML2PS@,$HAVE_SGML2PS,;t t
-s,@PSER@,$PSER,;t t
-s,@PS2PDF@,$PS2PDF,;t t
-s,@LTLIBOBJS@,$LTLIBOBJS,;t t
-CEOF
-
-_ACEOF
-
- cat >>$CONFIG_STATUS <<\_ACEOF
- # Split the substitutions into bite-sized pieces for seds with
- # small command number limits, like on Digital OSF/1 and HP-UX.
- ac_max_sed_lines=48
- ac_sed_frag=1 # Number of current file.
- ac_beg=1 # First line for current file.
- ac_end=$ac_max_sed_lines # Line after last line for current file.
- ac_more_lines=:
- ac_sed_cmds=
- while $ac_more_lines; do
- if test $ac_beg -gt 1; then
- sed "1,${ac_beg}d; ${ac_end}q" $tmp/subs.sed >$tmp/subs.frag
- else
- sed "${ac_end}q" $tmp/subs.sed >$tmp/subs.frag
- fi
- if test ! -s $tmp/subs.frag; then
- ac_more_lines=false
- else
- # The purpose of the label and of the branching condition is to
- # speed up the sed processing (if there are no `@' at all, there
- # is no need to browse any of the substitutions).
- # These are the two extra sed commands mentioned above.
- (echo ':t
- /@[a-zA-Z_][a-zA-Z_0-9]*@/!b' && cat $tmp/subs.frag) >$tmp/subs-$ac_sed_frag.sed
- if test -z "$ac_sed_cmds"; then
- ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed"
- else
- ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed"
- fi
- ac_sed_frag=`expr $ac_sed_frag + 1`
- ac_beg=$ac_end
- ac_end=`expr $ac_end + $ac_max_sed_lines`
- fi
- done
- if test -z "$ac_sed_cmds"; then
- ac_sed_cmds=cat
+if test -n "$CONFIG_FILES"; then
+
+_ACEOF
+
+
+
+ac_delim='%!_!# '
+for ac_last_try in false false false false false :; do
+ cat >conf$$subs.sed <<_ACEOF
+SHELL!$SHELL$ac_delim
+PATH_SEPARATOR!$PATH_SEPARATOR$ac_delim
+PACKAGE_NAME!$PACKAGE_NAME$ac_delim
+PACKAGE_TARNAME!$PACKAGE_TARNAME$ac_delim
+PACKAGE_VERSION!$PACKAGE_VERSION$ac_delim
+PACKAGE_STRING!$PACKAGE_STRING$ac_delim
+PACKAGE_BUGREPORT!$PACKAGE_BUGREPORT$ac_delim
+exec_prefix!$exec_prefix$ac_delim
+prefix!$prefix$ac_delim
+program_transform_name!$program_transform_name$ac_delim
+bindir!$bindir$ac_delim
+sbindir!$sbindir$ac_delim
+libexecdir!$libexecdir$ac_delim
+datarootdir!$datarootdir$ac_delim
+datadir!$datadir$ac_delim
+sysconfdir!$sysconfdir$ac_delim
+sharedstatedir!$sharedstatedir$ac_delim
+localstatedir!$localstatedir$ac_delim
+includedir!$includedir$ac_delim
+oldincludedir!$oldincludedir$ac_delim
+docdir!$docdir$ac_delim
+infodir!$infodir$ac_delim
+htmldir!$htmldir$ac_delim
+dvidir!$dvidir$ac_delim
+pdfdir!$pdfdir$ac_delim
+psdir!$psdir$ac_delim
+libdir!$libdir$ac_delim
+localedir!$localedir$ac_delim
+mandir!$mandir$ac_delim
+DEFS!$DEFS$ac_delim
+ECHO_C!$ECHO_C$ac_delim
+ECHO_N!$ECHO_N$ac_delim
+ECHO_T!$ECHO_T$ac_delim
+LIBS!$LIBS$ac_delim
+build_alias!$build_alias$ac_delim
+host_alias!$host_alias$ac_delim
+target_alias!$target_alias$ac_delim
+INSTALL_PROGRAM!$INSTALL_PROGRAM$ac_delim
+INSTALL_SCRIPT!$INSTALL_SCRIPT$ac_delim
+INSTALL_DATA!$INSTALL_DATA$ac_delim
+am__isrc!$am__isrc$ac_delim
+CYGPATH_W!$CYGPATH_W$ac_delim
+PACKAGE!$PACKAGE$ac_delim
+VERSION!$VERSION$ac_delim
+ACLOCAL!$ACLOCAL$ac_delim
+AUTOCONF!$AUTOCONF$ac_delim
+AUTOMAKE!$AUTOMAKE$ac_delim
+AUTOHEADER!$AUTOHEADER$ac_delim
+MAKEINFO!$MAKEINFO$ac_delim
+install_sh!$install_sh$ac_delim
+STRIP!$STRIP$ac_delim
+INSTALL_STRIP_PROGRAM!$INSTALL_STRIP_PROGRAM$ac_delim
+mkdir_p!$mkdir_p$ac_delim
+AWK!$AWK$ac_delim
+SET_MAKE!$SET_MAKE$ac_delim
+am__leading_dot!$am__leading_dot$ac_delim
+AMTAR!$AMTAR$ac_delim
+am__tar!$am__tar$ac_delim
+am__untar!$am__untar$ac_delim
+build!$build$ac_delim
+build_cpu!$build_cpu$ac_delim
+build_vendor!$build_vendor$ac_delim
+build_os!$build_os$ac_delim
+host!$host$ac_delim
+host_cpu!$host_cpu$ac_delim
+host_vendor!$host_vendor$ac_delim
+host_os!$host_os$ac_delim
+STATIC_MODULES_TRUE!$STATIC_MODULES_TRUE$ac_delim
+STATIC_MODULES_FALSE!$STATIC_MODULES_FALSE$ac_delim
+CC!$CC$ac_delim
+CFLAGS!$CFLAGS$ac_delim
+LDFLAGS!$LDFLAGS$ac_delim
+CPPFLAGS!$CPPFLAGS$ac_delim
+ac_ct_CC!$ac_ct_CC$ac_delim
+EXEEXT!$EXEEXT$ac_delim
+OBJEXT!$OBJEXT$ac_delim
+DEPDIR!$DEPDIR$ac_delim
+am__include!$am__include$ac_delim
+am__quote!$am__quote$ac_delim
+AMDEP_TRUE!$AMDEP_TRUE$ac_delim
+AMDEP_FALSE!$AMDEP_FALSE$ac_delim
+AMDEPBACKSLASH!$AMDEPBACKSLASH$ac_delim
+CCDEPMODE!$CCDEPMODE$ac_delim
+am__fastdepCC_TRUE!$am__fastdepCC_TRUE$ac_delim
+am__fastdepCC_FALSE!$am__fastdepCC_FALSE$ac_delim
+YACC!$YACC$ac_delim
+YFLAGS!$YFLAGS$ac_delim
+LEX!$LEX$ac_delim
+LEX_OUTPUT_ROOT!$LEX_OUTPUT_ROOT$ac_delim
+LEXLIB!$LEXLIB$ac_delim
+LN_S!$LN_S$ac_delim
+GREP!$GREP$ac_delim
+EGREP!$EGREP$ac_delim
+ECHO!$ECHO$ac_delim
+AR!$AR$ac_delim
+RANLIB!$RANLIB$ac_delim
+CPP!$CPP$ac_delim
+_ACEOF
+
+ if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
+ break
+ elif $ac_last_try; then
+ { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
+echo "$as_me: error: could not make $CONFIG_STATUS" >&2;}
+ { (exit 1); exit 1; }; }
+ else
+ ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
fi
-fi # test -n "$CONFIG_FILES"
+done
+
+ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed`
+if test -n "$ac_eof"; then
+ ac_eof=`echo "$ac_eof" | sort -nru | sed 1q`
+ ac_eof=`expr $ac_eof + 1`
+fi
+
+cat >>$CONFIG_STATUS <<_ACEOF
+cat >"\$tmp/subs-1.sed" <<\CEOF$ac_eof
+/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+_ACEOF
+sed '
+s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g
+s/^/s,@/; s/!/@,|#_!!_#|/
+:n
+t n
+s/'"$ac_delim"'$/,g/; t
+s/$/\\/; p
+N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n
+' >>$CONFIG_STATUS <conf$$subs.sed
+rm -f conf$$subs.sed
+cat >>$CONFIG_STATUS <<_ACEOF
+CEOF$ac_eof
+_ACEOF
+
+ac_delim='%!_!# '
+for ac_last_try in false false false false false :; do
+ cat >conf$$subs.sed <<_ACEOF
+CXX!$CXX$ac_delim
+CXXFLAGS!$CXXFLAGS$ac_delim
+ac_ct_CXX!$ac_ct_CXX$ac_delim
+CXXDEPMODE!$CXXDEPMODE$ac_delim
+am__fastdepCXX_TRUE!$am__fastdepCXX_TRUE$ac_delim
+am__fastdepCXX_FALSE!$am__fastdepCXX_FALSE$ac_delim
+CXXCPP!$CXXCPP$ac_delim
+F77!$F77$ac_delim
+FFLAGS!$FFLAGS$ac_delim
+ac_ct_F77!$ac_ct_F77$ac_delim
+LIBTOOL!$LIBTOOL$ac_delim
+pam_cv_ld_as_needed!$pam_cv_ld_as_needed$ac_delim
+HAVE_VERSIONING_TRUE!$HAVE_VERSIONING_TRUE$ac_delim
+HAVE_VERSIONING_FALSE!$HAVE_VERSIONING_FALSE$ac_delim
+libc_cv_fpie!$libc_cv_fpie$ac_delim
+PIE_CFLAGS!$PIE_CFLAGS$ac_delim
+PIE_LDFLAGS!$PIE_LDFLAGS$ac_delim
+LIBPRELUDE_CONFIG!$LIBPRELUDE_CONFIG$ac_delim
+LIBPRELUDE_CFLAGS!$LIBPRELUDE_CFLAGS$ac_delim
+LIBPRELUDE_PTHREAD_CFLAGS!$LIBPRELUDE_PTHREAD_CFLAGS$ac_delim
+LIBPRELUDE_LDFLAGS!$LIBPRELUDE_LDFLAGS$ac_delim
+LIBPRELUDE_LIBS!$LIBPRELUDE_LIBS$ac_delim
+LIBPRELUDE_PREFIX!$LIBPRELUDE_PREFIX$ac_delim
+LIBPRELUDE_CONFIG_PREFIX!$LIBPRELUDE_CONFIG_PREFIX$ac_delim
+WITH_DEBUG!$WITH_DEBUG$ac_delim
+SECUREDIR!$SECUREDIR$ac_delim
+SCONFIGDIR!$SCONFIGDIR$ac_delim
+WITH_PAMLOCKING!$WITH_PAMLOCKING$ac_delim
+PAM_READ_BOTH_CONFS!$PAM_READ_BOTH_CONFS$ac_delim
+pam_xauth_path!$pam_xauth_path$ac_delim
+LIBDL!$LIBDL$ac_delim
+LIBCRACK!$LIBCRACK$ac_delim
+HAVE_LIBCRACK_TRUE!$HAVE_LIBCRACK_TRUE$ac_delim
+HAVE_LIBCRACK_FALSE!$HAVE_LIBCRACK_FALSE$ac_delim
+LIBAUDIT!$LIBAUDIT$ac_delim
+LIBCRYPT!$LIBCRYPT$ac_delim
+LIBDB!$LIBDB$ac_delim
+HAVE_LIBDB_TRUE!$HAVE_LIBDB_TRUE$ac_delim
+HAVE_LIBDB_FALSE!$HAVE_LIBDB_FALSE$ac_delim
+LIBNSL!$LIBNSL$ac_delim
+LIBSELINUX!$LIBSELINUX$ac_delim
+HAVE_LIBSELINUX_TRUE!$HAVE_LIBSELINUX_TRUE$ac_delim
+HAVE_LIBSELINUX_FALSE!$HAVE_LIBSELINUX_FALSE$ac_delim
+LIBOBJS!$LIBOBJS$ac_delim
+HAVE_UNSHARE_TRUE!$HAVE_UNSHARE_TRUE$ac_delim
+HAVE_UNSHARE_FALSE!$HAVE_UNSHARE_FALSE$ac_delim
+XSLTPROC!$XSLTPROC$ac_delim
+XMLLINT!$XMLLINT$ac_delim
+XML_CATALOG_FILE!$XML_CATALOG_FILE$ac_delim
+XMLCATALOG!$XMLCATALOG$ac_delim
+BROWSER!$BROWSER$ac_delim
+FO2PDF!$FO2PDF$ac_delim
+ENABLE_REGENERATE_MAN_TRUE!$ENABLE_REGENERATE_MAN_TRUE$ac_delim
+ENABLE_REGENERATE_MAN_FALSE!$ENABLE_REGENERATE_MAN_FALSE$ac_delim
+ENABLE_GENERATE_PDF_TRUE!$ENABLE_GENERATE_PDF_TRUE$ac_delim
+ENABLE_GENERATE_PDF_FALSE!$ENABLE_GENERATE_PDF_FALSE$ac_delim
+USE_NLS!$USE_NLS$ac_delim
+MSGFMT!$MSGFMT$ac_delim
+GMSGFMT!$GMSGFMT$ac_delim
+MSGFMT_015!$MSGFMT_015$ac_delim
+GMSGFMT_015!$GMSGFMT_015$ac_delim
+XGETTEXT!$XGETTEXT$ac_delim
+XGETTEXT_015!$XGETTEXT_015$ac_delim
+MSGMERGE!$MSGMERGE$ac_delim
+INTL_MACOSX_LIBS!$INTL_MACOSX_LIBS$ac_delim
+LIBICONV!$LIBICONV$ac_delim
+LTLIBICONV!$LTLIBICONV$ac_delim
+INTLLIBS!$INTLLIBS$ac_delim
+LIBINTL!$LIBINTL$ac_delim
+LTLIBINTL!$LTLIBINTL$ac_delim
+POSUB!$POSUB$ac_delim
+HAVE_KEY_MANAGEMENT!$HAVE_KEY_MANAGEMENT$ac_delim
+HAVE_KEY_MANAGEMENT_TRUE!$HAVE_KEY_MANAGEMENT_TRUE$ac_delim
+HAVE_KEY_MANAGEMENT_FALSE!$HAVE_KEY_MANAGEMENT_FALSE$ac_delim
+LTLIBOBJS!$LTLIBOBJS$ac_delim
+_ACEOF
+
+ if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 75; then
+ break
+ elif $ac_last_try; then
+ { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
+echo "$as_me: error: could not make $CONFIG_STATUS" >&2;}
+ { (exit 1); exit 1; }; }
+ else
+ ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+ fi
+done
+
+ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed`
+if test -n "$ac_eof"; then
+ ac_eof=`echo "$ac_eof" | sort -nru | sed 1q`
+ ac_eof=`expr $ac_eof + 1`
+fi
+
+cat >>$CONFIG_STATUS <<_ACEOF
+cat >"\$tmp/subs-2.sed" <<\CEOF$ac_eof
+/@[a-zA-Z_][a-zA-Z_0-9]*@/!b end
+_ACEOF
+sed '
+s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g
+s/^/s,@/; s/!/@,|#_!!_#|/
+:n
+t n
+s/'"$ac_delim"'$/,g/; t
+s/$/\\/; p
+N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n
+' >>$CONFIG_STATUS <conf$$subs.sed
+rm -f conf$$subs.sed
+cat >>$CONFIG_STATUS <<_ACEOF
+:end
+s/|#_!!_#|//g
+CEOF$ac_eof
_ACEOF
+
+
+# VPATH may cause trouble with some makes, so we remove $(srcdir),
+# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and
+# trailing colons and then remove the whole line if VPATH becomes empty
+# (actually we leave an empty line to preserve line numbers).
+if test "x$srcdir" = x.; then
+ ac_vpsub='/^[ ]*VPATH[ ]*=/{
+s/:*\$(srcdir):*/:/
+s/:*\${srcdir}:*/:/
+s/:*@srcdir@:*/:/
+s/^\([^=]*=[ ]*\):*/\1/
+s/:*$//
+s/^[^=]*=[ ]*$//
+}'
+fi
+
cat >>$CONFIG_STATUS <<\_ACEOF
-for ac_file in : $CONFIG_FILES; do test "x$ac_file" = x: && continue
- # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
- case $ac_file in
- - | *:- | *:-:* ) # input from stdin
- cat >$tmp/stdin
- ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- * ) ac_file_in=$ac_file.in ;;
+fi # test -n "$CONFIG_FILES"
+
+
+for ac_tag in :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS
+do
+ case $ac_tag in
+ :[FHLC]) ac_mode=$ac_tag; continue;;
+ esac
+ case $ac_mode$ac_tag in
+ :[FHL]*:*);;
+ :L* | :C*:*) { { echo "$as_me:$LINENO: error: Invalid tag $ac_tag." >&5
+echo "$as_me: error: Invalid tag $ac_tag." >&2;}
+ { (exit 1); exit 1; }; };;
+ :[FH]-) ac_tag=-:-;;
+ :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
esac
+ ac_save_IFS=$IFS
+ IFS=:
+ set x $ac_tag
+ IFS=$ac_save_IFS
+ shift
+ ac_file=$1
+ shift
- # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories.
- ac_dir=`(dirname "$ac_file") 2>/dev/null ||
+ case $ac_mode in
+ :L) ac_source=$1;;
+ :[FH])
+ ac_file_inputs=
+ for ac_f
+ do
+ case $ac_f in
+ -) ac_f="$tmp/stdin";;
+ *) # Look for the file first in the build tree, then in the source tree
+ # (if the path is not absolute). The absolute path cannot be DOS-style,
+ # because $ac_f cannot contain `:'.
+ test -f "$ac_f" ||
+ case $ac_f in
+ [\\/$]*) false;;
+ *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
+ esac ||
+ { { echo "$as_me:$LINENO: error: cannot find input file: $ac_f" >&5
+echo "$as_me: error: cannot find input file: $ac_f" >&2;}
+ { (exit 1); exit 1; }; };;
+ esac
+ ac_file_inputs="$ac_file_inputs $ac_f"
+ done
+
+ # Let's still pretend it is `configure' which instantiates (i.e., don't
+ # use $as_me), people would be surprised to read:
+ # /* config.h. Generated by config.status. */
+ configure_input="Generated from "`IFS=:
+ echo $* | sed 's|^[^:]*/||;s|:[^:]*/|, |g'`" by configure."
+ if test x"$ac_file" != x-; then
+ configure_input="$ac_file. $configure_input"
+ { echo "$as_me:$LINENO: creating $ac_file" >&5
+echo "$as_me: creating $ac_file" >&6;}
+ fi
+
+ case $ac_tag in
+ *:-:* | *:-) cat >"$tmp/stdin";;
+ esac
+ ;;
+ esac
+
+ ac_dir=`$as_dirname -- "$ac_file" ||
$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$ac_file" : 'X\(//\)[^/]' \| \
X"$ac_file" : 'X\(//\)$' \| \
- X"$ac_file" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
+ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
echo X"$ac_file" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- { if $as_mkdir_p; then
- mkdir -p "$ac_dir"
- else
- as_dir="$ac_dir"
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ { as_dir="$ac_dir"
+ case $as_dir in #(
+ -*) as_dir=./$as_dir;;
+ esac
+ test -d "$as_dir" || { $as_mkdir_p && mkdir -p "$as_dir"; } || {
as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
+ while :; do
+ case $as_dir in #(
+ *\'*) as_qdir=`echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #(
+ *) as_qdir=$as_dir;;
+ esac
+ as_dirs="'$as_qdir' $as_dirs"
+ as_dir=`$as_dirname -- "$as_dir" ||
$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$as_dir" : 'X\(//\)[^/]' \| \
X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
+ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ test -d "$as_dir" && break
done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
-echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
+ test -z "$as_dirs" || eval "mkdir $as_dirs"
+ } || test -d "$as_dir" || { { echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5
+echo "$as_me: error: cannot create directory $as_dir" >&2;}
{ (exit 1); exit 1; }; }; }
-
ac_builddir=.
-if test "$ac_dir" != .; then
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
- # A "../" for each directory in $ac_dir_suffix.
- ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'`
-else
- ac_dir_suffix= ac_top_builddir=
-fi
+ # A ".." for each directory in $ac_dir_suffix.
+ ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'`
+ case $ac_top_builddir_sub in
+ "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+ *) ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+ esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
case $srcdir in
- .) # No --srcdir option. We are building in place.
+ .) # We are building in place.
ac_srcdir=.
- if test -z "$ac_top_builddir"; then
- ac_top_srcdir=.
- else
- ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'`
- fi ;;
- [\\/]* | ?:[\\/]* ) # Absolute path.
+ ac_top_srcdir=$ac_top_builddir_sub
+ ac_abs_top_srcdir=$ac_pwd ;;
+ [\\/]* | ?:[\\/]* ) # Absolute name.
ac_srcdir=$srcdir$ac_dir_suffix;
- ac_top_srcdir=$srcdir ;;
- *) # Relative path.
- ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix
- ac_top_srcdir=$ac_top_builddir$srcdir ;;
+ ac_top_srcdir=$srcdir
+ ac_abs_top_srcdir=$srcdir ;;
+ *) # Relative name.
+ ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+ ac_top_srcdir=$ac_top_build_prefix$srcdir
+ ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
-# Do not use `cd foo && pwd` to compute absolute paths, because
-# the directories may not exist.
-case `pwd` in
-.) ac_abs_builddir="$ac_dir";;
-*)
- case "$ac_dir" in
- .) ac_abs_builddir=`pwd`;;
- [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";;
- *) ac_abs_builddir=`pwd`/"$ac_dir";;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_top_builddir=${ac_top_builddir}.;;
-*)
- case ${ac_top_builddir}. in
- .) ac_abs_top_builddir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;;
- *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_srcdir=$ac_srcdir;;
-*)
- case $ac_srcdir in
- .) ac_abs_srcdir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;;
- *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_top_srcdir=$ac_top_srcdir;;
-*)
- case $ac_top_srcdir in
- .) ac_abs_top_srcdir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;;
- *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;;
- esac;;
-esac
+ case $ac_mode in
+ :F)
+ #
+ # CONFIG_FILE
+ #
case $INSTALL in
[\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
- *) ac_INSTALL=$ac_top_builddir$INSTALL ;;
+ *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;;
+ esac
+ ac_MKDIR_P=$MKDIR_P
+ case $MKDIR_P in
+ [\\/$]* | ?:[\\/]* ) ;;
+ */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;;
esac
+_ACEOF
- if test x"$ac_file" != x-; then
- { echo "$as_me:$LINENO: creating $ac_file" >&5
-echo "$as_me: creating $ac_file" >&6;}
- rm -f "$ac_file"
- fi
- # Let's still pretend it is `configure' which instantiates (i.e., don't
- # use $as_me), people would be surprised to read:
- # /* config.h. Generated by config.status. */
- if test x"$ac_file" = x-; then
- configure_input=
- else
- configure_input="$ac_file. "
- fi
- configure_input=$configure_input"Generated from `echo $ac_file_in |
- sed 's,.*/,,'` by configure."
-
- # First look for the input files in the build tree, otherwise in the
- # src tree.
- ac_file_inputs=`IFS=:
- for f in $ac_file_in; do
- case $f in
- -) echo $tmp/stdin ;;
- [\\/$]*)
- # Absolute (can't be DOS-style, as IFS=:)
- test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- echo "$f";;
- *) # Relative
- if test -f "$f"; then
- # Build tree
- echo "$f"
- elif test -f "$srcdir/$f"; then
- # Source tree
- echo "$srcdir/$f"
- else
- # /dev/null tree
- { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- fi;;
- esac
- done` || { (exit 1); exit 1; }
+cat >>$CONFIG_STATUS <<\_ACEOF
+# If the template does not know about datarootdir, expand it.
+# FIXME: This hack should be removed a few years after 2.60.
+ac_datarootdir_hack=; ac_datarootdir_seen=
+
+case `sed -n '/datarootdir/ {
+ p
+ q
+}
+/@datadir@/p
+/@docdir@/p
+/@infodir@/p
+/@localedir@/p
+/@mandir@/p
+' $ac_file_inputs` in
+*datarootdir*) ac_datarootdir_seen=yes;;
+*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
+ { echo "$as_me:$LINENO: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
+echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF
+ ac_datarootdir_hack='
+ s&@datadir@&$datadir&g
+ s&@docdir@&$docdir&g
+ s&@infodir@&$infodir&g
+ s&@localedir@&$localedir&g
+ s&@mandir@&$mandir&g
+ s&\\\${datarootdir}&$datarootdir&g' ;;
+esac
_ACEOF
+
+# Neutralize VPATH when `$srcdir' = `.'.
+# Shell code in configure.ac might set extrasub.
+# FIXME: do we really want to maintain this feature?
cat >>$CONFIG_STATUS <<_ACEOF
sed "$ac_vpsub
$extrasub
@@ -8584,252 +28806,414 @@ _ACEOF
cat >>$CONFIG_STATUS <<\_ACEOF
:t
/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
-s,@configure_input@,$configure_input,;t t
-s,@srcdir@,$ac_srcdir,;t t
-s,@abs_srcdir@,$ac_abs_srcdir,;t t
-s,@top_srcdir@,$ac_top_srcdir,;t t
-s,@abs_top_srcdir@,$ac_abs_top_srcdir,;t t
-s,@builddir@,$ac_builddir,;t t
-s,@abs_builddir@,$ac_abs_builddir,;t t
-s,@top_builddir@,$ac_top_builddir,;t t
-s,@abs_top_builddir@,$ac_abs_top_builddir,;t t
-s,@INSTALL@,$ac_INSTALL,;t t
-" $ac_file_inputs | (eval "$ac_sed_cmds") >$tmp/out
- rm -f $tmp/stdin
- if test x"$ac_file" != x-; then
- mv $tmp/out $ac_file
- else
- cat $tmp/out
- rm -f $tmp/out
- fi
-
-done
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF
-
-#
-# CONFIG_HEADER section.
-#
-
-# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where
-# NAME is the cpp macro being defined and VALUE is the value it is being given.
-#
-# ac_d sets the value in "#define NAME VALUE" lines.
-ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)'
-ac_dB='[ ].*$,\1#\2'
-ac_dC=' '
-ac_dD=',;t'
-# ac_u turns "#undef NAME" without trailing blanks into "#define NAME VALUE".
-ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)'
-ac_uB='$,\1#\2define\3'
-ac_uC=' '
-ac_uD=',;t'
-
-for ac_file in : $CONFIG_HEADERS; do test "x$ac_file" = x: && continue
- # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
+s&@configure_input@&$configure_input&;t t
+s&@top_builddir@&$ac_top_builddir_sub&;t t
+s&@srcdir@&$ac_srcdir&;t t
+s&@abs_srcdir@&$ac_abs_srcdir&;t t
+s&@top_srcdir@&$ac_top_srcdir&;t t
+s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t
+s&@builddir@&$ac_builddir&;t t
+s&@abs_builddir@&$ac_abs_builddir&;t t
+s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
+s&@INSTALL@&$ac_INSTALL&;t t
+s&@MKDIR_P@&$ac_MKDIR_P&;t t
+$ac_datarootdir_hack
+" $ac_file_inputs | sed -f "$tmp/subs-1.sed" | sed -f "$tmp/subs-2.sed" >$tmp/out
+
+test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
+ { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } &&
+ { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } &&
+ { echo "$as_me:$LINENO: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined. Please make sure it is defined." >&5
+echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined. Please make sure it is defined." >&2;}
+
+ rm -f "$tmp/stdin"
case $ac_file in
- - | *:- | *:-:* ) # input from stdin
- cat >$tmp/stdin
- ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- * ) ac_file_in=$ac_file.in ;;
+ -) cat "$tmp/out"; rm -f "$tmp/out";;
+ *) rm -f "$ac_file"; mv "$tmp/out" $ac_file;;
esac
+ ;;
+ :H)
+ #
+ # CONFIG_HEADER
+ #
+_ACEOF
- test x"$ac_file" != x- && { echo "$as_me:$LINENO: creating $ac_file" >&5
-echo "$as_me: creating $ac_file" >&6;}
-
- # First look for the input files in the build tree, otherwise in the
- # src tree.
- ac_file_inputs=`IFS=:
- for f in $ac_file_in; do
- case $f in
- -) echo $tmp/stdin ;;
- [\\/$]*)
- # Absolute (can't be DOS-style, as IFS=:)
- test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- # Do quote $f, to prevent DOS paths from being IFS'd.
- echo "$f";;
- *) # Relative
- if test -f "$f"; then
- # Build tree
- echo "$f"
- elif test -f "$srcdir/$f"; then
- # Source tree
- echo "$srcdir/$f"
- else
- # /dev/null tree
- { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- fi;;
- esac
- done` || { (exit 1); exit 1; }
- # Remove the trailing spaces.
- sed 's/[ ]*$//' $ac_file_inputs >$tmp/in
-
-_ACEOF
-
-# Transform confdefs.h into two sed scripts, `conftest.defines' and
-# `conftest.undefs', that substitutes the proper values into
-# config.h.in to produce config.h. The first handles `#define'
-# templates, and the second `#undef' templates.
-# And first: Protect against being on the right side of a sed subst in
-# config.status. Protect against being in an unquoted here document
-# in config.status.
-rm -f conftest.defines conftest.undefs
-# Using a here document instead of a string reduces the quoting nightmare.
-# Putting comments in sed scripts is not portable.
-#
-# `end' is used to avoid that the second main sed command (meant for
-# 0-ary CPP macros) applies to n-ary macro definitions.
-# See the Autoconf documentation for `clear'.
-cat >confdef2sed.sed <<\_ACEOF
-s/[\\&,]/\\&/g
-s,[\\$`],\\&,g
-t clear
-: clear
-s,^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*\)\(([^)]*)\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1\2${ac_dC}\3${ac_dD},gp
-t end
-s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp
-: end
-_ACEOF
-# If some macros were called several times there might be several times
-# the same #defines, which is useless. Nevertheless, we may not want to
-# sort them, since we want the *last* AC-DEFINE to be honored.
-uniq confdefs.h | sed -n -f confdef2sed.sed >conftest.defines
-sed 's/ac_d/ac_u/g' conftest.defines >conftest.undefs
-rm -f confdef2sed.sed
-
-# This sed command replaces #undef with comments. This is necessary, for
+# Transform confdefs.h into a sed script `conftest.defines', that
+# substitutes the proper values into config.h.in to produce config.h.
+rm -f conftest.defines conftest.tail
+# First, append a space to every undef/define line, to ease matching.
+echo 's/$/ /' >conftest.defines
+# Then, protect against being on the right side of a sed subst, or in
+# an unquoted here document, in config.status. If some macros were
+# called several times there might be several #defines for the same
+# symbol, which is useless. But do not sort them, since the last
+# AC_DEFINE must be honored.
+ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]*
+# These sed commands are passed to sed as "A NAME B PARAMS C VALUE D", where
+# NAME is the cpp macro being defined, VALUE is the value it is being given.
+# PARAMS is the parameter list in the macro definition--in most cases, it's
+# just an empty string.
+ac_dA='s,^\\([ #]*\\)[^ ]*\\([ ]*'
+ac_dB='\\)[ (].*,\\1define\\2'
+ac_dC=' '
+ac_dD=' ,'
+
+uniq confdefs.h |
+ sed -n '
+ t rset
+ :rset
+ s/^[ ]*#[ ]*define[ ][ ]*//
+ t ok
+ d
+ :ok
+ s/[\\&,]/\\&/g
+ s/^\('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/ '"$ac_dA"'\1'"$ac_dB"'\2'"${ac_dC}"'\3'"$ac_dD"'/p
+ s/^\('"$ac_word_re"'\)[ ]*\(.*\)/'"$ac_dA"'\1'"$ac_dB$ac_dC"'\2'"$ac_dD"'/p
+ ' >>conftest.defines
+
+# Remove the space that was appended to ease matching.
+# Then replace #undef with comments. This is necessary, for
# example, in the case of _POSIX_SOURCE, which is predefined and required
# on some systems where configure will not decide to define it.
-cat >>conftest.undefs <<\_ACEOF
-s,^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*,/* & */,
-_ACEOF
-
-# Break up conftest.defines because some shells have a limit on the size
-# of here documents, and old seds have small limits too (100 cmds).
-echo ' # Handle all the #define templates only if necessary.' >>$CONFIG_STATUS
-echo ' if grep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then' >>$CONFIG_STATUS
-echo ' # If there are no defines, we may have an empty if/fi' >>$CONFIG_STATUS
-echo ' :' >>$CONFIG_STATUS
-rm -f conftest.tail
-while grep . conftest.defines >/dev/null
+# (The regexp can be short, since the line contains either #define or #undef.)
+echo 's/ $//
+s,^[ #]*u.*,/* & */,' >>conftest.defines
+
+# Break up conftest.defines:
+ac_max_sed_lines=50
+
+# First sed command is: sed -f defines.sed $ac_file_inputs >"$tmp/out1"
+# Second one is: sed -f defines.sed "$tmp/out1" >"$tmp/out2"
+# Third one will be: sed -f defines.sed "$tmp/out2" >"$tmp/out1"
+# et cetera.
+ac_in='$ac_file_inputs'
+ac_out='"$tmp/out1"'
+ac_nxt='"$tmp/out2"'
+
+while :
do
- # Write a limited-size here document to $tmp/defines.sed.
- echo ' cat >$tmp/defines.sed <<CEOF' >>$CONFIG_STATUS
- # Speed up: don't consider the non `#define' lines.
- echo '/^[ ]*#[ ]*define/!b' >>$CONFIG_STATUS
- # Work around the forget-to-reset-the-flag bug.
- echo 't clr' >>$CONFIG_STATUS
- echo ': clr' >>$CONFIG_STATUS
- sed ${ac_max_here_lines}q conftest.defines >>$CONFIG_STATUS
+ # Write a here document:
+ cat >>$CONFIG_STATUS <<_ACEOF
+ # First, check the format of the line:
+ cat >"\$tmp/defines.sed" <<\\CEOF
+/^[ ]*#[ ]*undef[ ][ ]*$ac_word_re[ ]*\$/b def
+/^[ ]*#[ ]*define[ ][ ]*$ac_word_re[( ]/b def
+b
+:def
+_ACEOF
+ sed ${ac_max_sed_lines}q conftest.defines >>$CONFIG_STATUS
echo 'CEOF
- sed -f $tmp/defines.sed $tmp/in >$tmp/out
- rm -f $tmp/in
- mv $tmp/out $tmp/in
-' >>$CONFIG_STATUS
- sed 1,${ac_max_here_lines}d conftest.defines >conftest.tail
+ sed -f "$tmp/defines.sed"' "$ac_in >$ac_out" >>$CONFIG_STATUS
+ ac_in=$ac_out; ac_out=$ac_nxt; ac_nxt=$ac_in
+ sed 1,${ac_max_sed_lines}d conftest.defines >conftest.tail
+ grep . conftest.tail >/dev/null || break
rm -f conftest.defines
mv conftest.tail conftest.defines
done
-rm -f conftest.defines
-echo ' fi # grep' >>$CONFIG_STATUS
-echo >>$CONFIG_STATUS
-
-# Break up conftest.undefs because some shells have a limit on the size
-# of here documents, and old seds have small limits too (100 cmds).
-echo ' # Handle all the #undef templates' >>$CONFIG_STATUS
-rm -f conftest.tail
-while grep . conftest.undefs >/dev/null
-do
- # Write a limited-size here document to $tmp/undefs.sed.
- echo ' cat >$tmp/undefs.sed <<CEOF' >>$CONFIG_STATUS
- # Speed up: don't consider the non `#undef'
- echo '/^[ ]*#[ ]*undef/!b' >>$CONFIG_STATUS
- # Work around the forget-to-reset-the-flag bug.
- echo 't clr' >>$CONFIG_STATUS
- echo ': clr' >>$CONFIG_STATUS
- sed ${ac_max_here_lines}q conftest.undefs >>$CONFIG_STATUS
- echo 'CEOF
- sed -f $tmp/undefs.sed $tmp/in >$tmp/out
- rm -f $tmp/in
- mv $tmp/out $tmp/in
-' >>$CONFIG_STATUS
- sed 1,${ac_max_here_lines}d conftest.undefs >conftest.tail
- rm -f conftest.undefs
- mv conftest.tail conftest.undefs
-done
-rm -f conftest.undefs
+rm -f conftest.defines conftest.tail
+echo "ac_result=$ac_in" >>$CONFIG_STATUS
cat >>$CONFIG_STATUS <<\_ACEOF
- # Let's still pretend it is `configure' which instantiates (i.e., don't
- # use $as_me), people would be surprised to read:
- # /* config.h. Generated by config.status. */
- if test x"$ac_file" = x-; then
- echo "/* Generated by configure. */" >$tmp/config.h
- else
- echo "/* $ac_file. Generated by configure. */" >$tmp/config.h
- fi
- cat $tmp/in >>$tmp/config.h
- rm -f $tmp/in
if test x"$ac_file" != x-; then
- if diff $ac_file $tmp/config.h >/dev/null 2>&1; then
+ echo "/* $configure_input */" >"$tmp/config.h"
+ cat "$ac_result" >>"$tmp/config.h"
+ if diff $ac_file "$tmp/config.h" >/dev/null 2>&1; then
{ echo "$as_me:$LINENO: $ac_file is unchanged" >&5
echo "$as_me: $ac_file is unchanged" >&6;}
else
- ac_dir=`(dirname "$ac_file") 2>/dev/null ||
-$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$ac_file" : 'X\(//\)[^/]' \| \
- X"$ac_file" : 'X\(//\)$' \| \
- X"$ac_file" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$ac_file" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- { if $as_mkdir_p; then
- mkdir -p "$ac_dir"
+ rm -f $ac_file
+ mv "$tmp/config.h" $ac_file
+ fi
else
- as_dir="$ac_dir"
+ echo "/* $configure_input */"
+ cat "$ac_result"
+ fi
+ rm -f "$tmp/out12"
+# Compute $ac_file's index in $config_headers.
+_am_stamp_count=1
+for _am_header in $config_headers :; do
+ case $_am_header in
+ $ac_file | $ac_file:* )
+ break ;;
+ * )
+ _am_stamp_count=`expr $_am_stamp_count + 1` ;;
+ esac
+done
+echo "timestamp for $ac_file" >`$as_dirname -- $ac_file ||
+$as_expr X$ac_file : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X$ac_file : 'X\(//\)[^/]' \| \
+ X$ac_file : 'X\(//\)$' \| \
+ X$ac_file : 'X\(/\)' \| . 2>/dev/null ||
+echo X$ac_file |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`/stamp-h$_am_stamp_count
+ ;;
+
+ :C) { echo "$as_me:$LINENO: executing $ac_file commands" >&5
+echo "$as_me: executing $ac_file commands" >&6;}
+ ;;
+ esac
+
+
+ case $ac_file$ac_mode in
+ "depfiles":C) test x"$AMDEP_TRUE" != x"" || for mf in $CONFIG_FILES; do
+ # Strip MF so we end up with the name of the file.
+ mf=`echo "$mf" | sed -e 's/:.*$//'`
+ # Check whether this is an Automake generated Makefile or not.
+ # We used to match only the files named `Makefile.in', but
+ # some people rename them; so instead we look at the file content.
+ # Grep'ing the first line is not enough: some people post-process
+ # each Makefile.in and add a new line on top of each file to say so.
+ # Grep'ing the whole file is not good either: AIX grep has a line
+ # limit of 2048, but all sed's we know have understand at least 4000.
+ if sed 10q "$mf" | grep '^#.*generated by automake' > /dev/null 2>&1; then
+ dirpart=`$as_dirname -- "$mf" ||
+$as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$mf" : 'X\(//\)[^/]' \| \
+ X"$mf" : 'X\(//\)$' \| \
+ X"$mf" : 'X\(/\)' \| . 2>/dev/null ||
+echo X"$mf" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ else
+ continue
+ fi
+ # Extract the definition of DEPDIR, am__include, and am__quote
+ # from the Makefile without running `make'.
+ DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"`
+ test -z "$DEPDIR" && continue
+ am__include=`sed -n 's/^am__include = //p' < "$mf"`
+ test -z "am__include" && continue
+ am__quote=`sed -n 's/^am__quote = //p' < "$mf"`
+ # When using ansi2knr, U may be empty or an underscore; expand it
+ U=`sed -n 's/^U = //p' < "$mf"`
+ # Find all dependency output files, they are included files with
+ # $(DEPDIR) in their names. We invoke sed twice because it is the
+ # simplest approach to changing $(DEPDIR) to its actual value in the
+ # expansion.
+ for file in `sed -n "
+ s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \
+ sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do
+ # Make sure the directory exists.
+ test -f "$dirpart/$file" && continue
+ fdir=`$as_dirname -- "$file" ||
+$as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$file" : 'X\(//\)[^/]' \| \
+ X"$file" : 'X\(//\)$' \| \
+ X"$file" : 'X\(/\)' \| . 2>/dev/null ||
+echo X"$file" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ { as_dir=$dirpart/$fdir
+ case $as_dir in #(
+ -*) as_dir=./$as_dir;;
+ esac
+ test -d "$as_dir" || { $as_mkdir_p && mkdir -p "$as_dir"; } || {
as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
+ while :; do
+ case $as_dir in #(
+ *\'*) as_qdir=`echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #(
+ *) as_qdir=$as_dir;;
+ esac
+ as_dirs="'$as_qdir' $as_dirs"
+ as_dir=`$as_dirname -- "$as_dir" ||
$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$as_dir" : 'X\(//\)[^/]' \| \
X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
+ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ test -d "$as_dir" && break
done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
-echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
+ test -z "$as_dirs" || eval "mkdir $as_dirs"
+ } || test -d "$as_dir" || { { echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5
+echo "$as_me: error: cannot create directory $as_dir" >&2;}
{ (exit 1); exit 1; }; }; }
-
- rm -f $ac_file
- mv $tmp/config.h $ac_file
- fi
- else
- cat $tmp/config.h
- rm -f $tmp/config.h
- fi
+ # echo "creating $dirpart/$file"
+ echo '# dummy' > "$dirpart/$file"
+ done
done
-_ACEOF
+ ;;
+ "po-directories":C)
+ for ac_file in $CONFIG_FILES; do
+ # Support "outfile[:infile[:infile...]]"
+ case "$ac_file" in
+ *:*) ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
+ esac
+ # PO directories have a Makefile.in generated from Makefile.in.in.
+ case "$ac_file" in */Makefile.in)
+ # Adjust a relative srcdir.
+ ac_dir=`echo "$ac_file"|sed 's%/[^/][^/]*$%%'`
+ ac_dir_suffix="/`echo "$ac_dir"|sed 's%^\./%%'`"
+ ac_dots=`echo "$ac_dir_suffix"|sed 's%/[^/]*%../%g'`
+ # In autoconf-2.13 it is called $ac_given_srcdir.
+ # In autoconf-2.50 it is called $srcdir.
+ test -n "$ac_given_srcdir" || ac_given_srcdir="$srcdir"
+ case "$ac_given_srcdir" in
+ .) top_srcdir=`echo $ac_dots|sed 's%/$%%'` ;;
+ /*) top_srcdir="$ac_given_srcdir" ;;
+ *) top_srcdir="$ac_dots$ac_given_srcdir" ;;
+ esac
+ # Treat a directory as a PO directory if and only if it has a
+ # POTFILES.in file. This allows packages to have multiple PO
+ # directories under different names or in different locations.
+ if test -f "$ac_given_srcdir/$ac_dir/POTFILES.in"; then
+ rm -f "$ac_dir/POTFILES"
+ test -n "$as_me" && echo "$as_me: creating $ac_dir/POTFILES" || echo "creating $ac_dir/POTFILES"
+ cat "$ac_given_srcdir/$ac_dir/POTFILES.in" | sed -e "/^#/d" -e "/^[ ]*\$/d" -e "s,.*, $top_srcdir/& \\\\," | sed -e "\$s/\(.*\) \\\\/\1/" > "$ac_dir/POTFILES"
+ POMAKEFILEDEPS="POTFILES.in"
+ # ALL_LINGUAS, POFILES, UPDATEPOFILES, DUMMYPOFILES, GMOFILES depend
+ # on $ac_dir but don't depend on user-specified configuration
+ # parameters.
+ if test -f "$ac_given_srcdir/$ac_dir/LINGUAS"; then
+ # The LINGUAS file contains the set of available languages.
+ if test -n "$OBSOLETE_ALL_LINGUAS"; then
+ test -n "$as_me" && echo "$as_me: setting ALL_LINGUAS in configure.in is obsolete" || echo "setting ALL_LINGUAS in configure.in is obsolete"
+ fi
+ ALL_LINGUAS_=`sed -e "/^#/d" -e "s/#.*//" "$ac_given_srcdir/$ac_dir/LINGUAS"`
+ # Hide the ALL_LINGUAS assigment from automake < 1.5.
+ eval 'ALL_LINGUAS''=$ALL_LINGUAS_'
+ POMAKEFILEDEPS="$POMAKEFILEDEPS LINGUAS"
+ else
+ # The set of available languages was given in configure.in.
+ # Hide the ALL_LINGUAS assigment from automake < 1.5.
+ eval 'ALL_LINGUAS''=$OBSOLETE_ALL_LINGUAS'
+ fi
+ # Compute POFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).po)
+ # Compute UPDATEPOFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(lang).po-update)
+ # Compute DUMMYPOFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(lang).nop)
+ # Compute GMOFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).gmo)
+ case "$ac_given_srcdir" in
+ .) srcdirpre= ;;
+ *) srcdirpre='$(srcdir)/' ;;
+ esac
+ POFILES=
+ UPDATEPOFILES=
+ DUMMYPOFILES=
+ GMOFILES=
+ for lang in $ALL_LINGUAS; do
+ POFILES="$POFILES $srcdirpre$lang.po"
+ UPDATEPOFILES="$UPDATEPOFILES $lang.po-update"
+ DUMMYPOFILES="$DUMMYPOFILES $lang.nop"
+ GMOFILES="$GMOFILES $srcdirpre$lang.gmo"
+ done
+ # CATALOGS depends on both $ac_dir and the user's LINGUAS
+ # environment variable.
+ INST_LINGUAS=
+ if test -n "$ALL_LINGUAS"; then
+ for presentlang in $ALL_LINGUAS; do
+ useit=no
+ if test "%UNSET%" != "$LINGUAS"; then
+ desiredlanguages="$LINGUAS"
+ else
+ desiredlanguages="$ALL_LINGUAS"
+ fi
+ for desiredlang in $desiredlanguages; do
+ # Use the presentlang catalog if desiredlang is
+ # a. equal to presentlang, or
+ # b. a variant of presentlang (because in this case,
+ # presentlang can be used as a fallback for messages
+ # which are not translated in the desiredlang catalog).
+ case "$desiredlang" in
+ "$presentlang"*) useit=yes;;
+ esac
+ done
+ if test $useit = yes; then
+ INST_LINGUAS="$INST_LINGUAS $presentlang"
+ fi
+ done
+ fi
+ CATALOGS=
+ if test -n "$INST_LINGUAS"; then
+ for lang in $INST_LINGUAS; do
+ CATALOGS="$CATALOGS $lang.gmo"
+ done
+ fi
+ test -n "$as_me" && echo "$as_me: creating $ac_dir/Makefile" || echo "creating $ac_dir/Makefile"
+ sed -e "/^POTFILES =/r $ac_dir/POTFILES" -e "/^# Makevars/r $ac_given_srcdir/$ac_dir/Makevars" -e "s|@POFILES@|$POFILES|g" -e "s|@UPDATEPOFILES@|$UPDATEPOFILES|g" -e "s|@DUMMYPOFILES@|$DUMMYPOFILES|g" -e "s|@GMOFILES@|$GMOFILES|g" -e "s|@CATALOGS@|$CATALOGS|g" -e "s|@POMAKEFILEDEPS@|$POMAKEFILEDEPS|g" "$ac_dir/Makefile.in" > "$ac_dir/Makefile"
+ for f in "$ac_given_srcdir/$ac_dir"/Rules-*; do
+ if test -f "$f"; then
+ case "$f" in
+ *.orig | *.bak | *~) ;;
+ *) cat "$f" >> "$ac_dir/Makefile" ;;
+ esac
+ fi
+ done
+ fi
+ ;;
+ esac
+ done ;;
+
+ esac
+done # for ac_tag
-cat >>$CONFIG_STATUS <<\_ACEOF
{ (exit 0); exit 0; }
_ACEOF
diff --git a/Linux-PAM/configure.in b/Linux-PAM/configure.in
index f090a542..0c4c8cb0 100644
--- a/Linux-PAM/configure.in
+++ b/Linux-PAM/configure.in
@@ -1,171 +1,272 @@
dnl Process this file with autoconf to produce a configure script.
-AC_INIT(conf/pam_conv1/pam_conv.y)
+AC_INIT(conf/pam_conv1/pam_conv_y.y)
+AM_INIT_AUTOMAKE("Linux-PAM", 0.99.7.1)
+AC_PREREQ([2.60])
+AM_CONFIG_HEADER(config.h)
+AC_CANONICAL_HOST
-dnl The configuration header file
-AC_CONFIG_HEADER(_pam_aconf.h)
+AC_SUBST(PACKAGE)
+AC_SUBST(VERSION)
dnl
-dnl Release specific
+dnl By default, everything under PAM is installed below /usr.
dnl
-
-LIBPAM_VERSION_MAJOR=0
-LIBPAM_VERSION_MINOR=79
-
-AC_SUBST(LIBPAM_VERSION_MAJOR)
-AC_SUBST(LIBPAM_VERSION_MINOR)
-AC_DEFINE(LIBPAM_VERSION_MAJOR)
-AC_DEFINE(LIBPAM_VERSION_MINOR)
-
-dnl
-dnl By default, everything under PAM is installed under the root fs.
-dnl
-
-AC_PREFIX_DEFAULT()
-
-dnl
-dnl Useful info (believed to be portable) - in the future
-dnl the LOCALSRCDIR and LOCALOBJDIRs may be different
-dnl
-LOCALSRCDIR=`/bin/pwd` ; AC_SUBST(LOCALSRCDIR)
-LOCALOBJDIR=`/bin/pwd` ; AC_SUBST(LOCALOBJDIR)
-OS=`uname|sed -e 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/'`
-AC_SUBST(OS)
+AC_PREFIX_DEFAULT(/usr)
+
+dnl and some hacks to use /etc and /lib
+test "${prefix}" = "NONE" && prefix="/usr"
+if test ${prefix} = '/usr'
+then
+dnl If we use /usr as prefix, use /etc for config files
+ if test ${sysconfdir} = '${prefix}/etc'
+ then
+ sysconfdir="/etc"
+ fi
+ if test ${libdir} = '${exec_prefix}/lib'
+ then
+ libdir="/lib"
+ fi
+ if test ${sbindir} = '${exec_prefix}/sbin'
+ then
+ sbindir="/sbin"
+ fi
+dnl If we use /usr as prefix, use /usr/share/man for manual pages
+ if test ${mandir} = '${prefix}/man'
+ then
+ mandir='${prefix}/share/man'
+ fi
+dnl Add security to include directory
+ if test ${includedir} = '${prefix}/include'
+ then
+ includedir="${prefix}/include/security"
+ fi
+fi
dnl
-dnl Rules needed for the following (hardcoded Linux defaults for now)
+dnl check if we should link everything static into libpam
dnl
-
-CONF_CFLAGS= ; AC_SUBST(CONF_CFLAGS)
-MKDIR="mkdir -p" ; AC_SUBST(MKDIR)
-
-SHLIBMODE=755 ; AC_SUBST(SHLIBMODE)
-MANMODE=644 ; AC_SUBST(MANMODE)
-
-dnl These are most likely platform specific - I think HPUX differs
-USESONAME=yes ; AC_SUBST(USESONAME)
-SOSWITCH="-Wl,-soname -Wl," ; AC_SUBST(SOSWITCH)
-NEEDSONAME=yes ; AC_SUBST(NEEDSONAME)
-LDCONFIG=/sbin/ldconfig ; AC_SUBST(LDCONFIG)
+AC_ARG_ENABLE(static-modules,AS_HELP_STRING([--enable-static-modules],
+ [do not make the modules dynamically loadable]),
+ STATIC_MODULES=$enableval,STATIC_MODULES=no)
+if test "$STATIC_MODULES" != "no" ; then
+ CFLAGS="$CFLAGS -DPAM_STATIC"
+ AC_ENABLE_STATIC([yes])
+ AC_ENABLE_SHARED([no])
+else
+# per default don't build static libraries
+ AC_ENABLE_STATIC([no])
+ AC_ENABLE_SHARED([yes])
+fi
+AM_CONDITIONAL([STATIC_MODULES], [test "$STATIC_MODULES" != "no"])
dnl Checks for programs.
+AC_GNU_SOURCE
AC_PROG_CC
-dnl ### AC_PROG_CXX
AC_PROG_YACC
-AC_PROG_LEX
+AM_PROG_LEX
AC_PROG_INSTALL
AC_PROG_LN_S
AC_PROG_MAKE_SET
+AC_PROG_LIBTOOL
+AM_PROG_CC_C_O
+PAM_LD_AS_NEEDED
+PAM_LD_O1
+
+dnl Largefile support
+AC_SYS_LARGEFILE
+
+dnl icc claims to be GCC compatible, but use other flags for warnings
+if eval "test x$GCC = xyes -a $CC != icc"; then
+ for flag in \
+ -W \
+ -Wall \
+ -Wbad-function-cast \
+ -Wcast-align \
+ -Wcast-qual \
+ -Wmissing-declarations \
+ -Wmissing-prototypes \
+ -Wpointer-arith \
+ -Wreturn-type \
+ -Wstrict-prototypes \
+ -Wwrite-strings \
+ -Winline \
+ -Wshadow
+ do
+ JAPHAR_GREP_CFLAGS($flag, [ CFLAGS="$CFLAGS $flag" ])
+ done
+fi
+dnl icc has special warning flags
+if eval "test x$CC = xicc"; then
+ for flag in \
+ -Wall \
+ -Wmissing-prototypes \
+ -Wpointer-arith \
+ -Wreturn-type \
+ -Wstrict-prototypes \
+ -Wwrite-strings \
+ -Wshadow \
+ -Wp64 \
+ -Wdeprecated \
+ -Wuninitialized \
+ -Wmain
+ do
+ JAPHAR_GREP_CFLAGS($flag, [ CFLAGS="$CFLAGS $flag" ])
+ done
+fi
+
+AC_C___ATTRIBUTE__
dnl
-dnl options and defaults
+dnl Check if --version-script is supported by ld
dnl
+AC_CACHE_CHECK(for .symver assembler directive, libc_cv_asm_symver_directive,
+[cat > conftest.s <<EOF
+${libc_cv_dot_text}
+_sym:
+.symver _sym,sym@VERS
+EOF
+if ${CC-cc} -c $ASFLAGS conftest.s 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then
+ libc_cv_asm_symver_directive=yes
+else
+ libc_cv_asm_symver_directive=no
+fi
+rm -f conftest*])
+AC_CACHE_CHECK(for ld --version-script, libc_cv_ld_version_script_option, [dnl
+if test $libc_cv_asm_symver_directive = yes; then
+ cat > conftest.s <<EOF
+${libc_cv_dot_text}
+_sym:
+.symver _sym,sym@VERS
+EOF
+ cat > conftest.map <<EOF
+VERS_1 {
+ global: sym;
+};
+
+VERS_2 {
+ global: sym;
+} VERS_1;
+EOF
+ if ${CC-cc} -c $ASFLAGS conftest.s 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD;
+then
+ if AC_TRY_COMMAND([${CC-cc} $CFLAGS $LDFLAGS -shared
+ -o conftest.so conftest.o
+ -nostartfiles -nostdlib
+ -Wl,--version-script,conftest.map
+ 1>&AS_MESSAGE_LOG_FD]);
+ then
+ libc_cv_ld_version_script_option=yes
+ else
+ libc_cv_ld_version_script_option=no
+ fi
+ else
+ libc_cv_ld_version_script_option=no
+ fi
+else
+ libc_cv_ld_version_script_option=no
+fi
+rm -f conftest*])
+AM_CONDITIONAL([HAVE_VERSIONING],
+ [test "$libc_cv_ld_version_script_option" = "yes"])
-dnl lots of debugging information goes to /tmp/pam-debug.log
-AC_ARG_ENABLE(debug,
-[ --enable-debug specify you are building with debugging on],
- WITH_DEBUG=yes ; AC_DEFINE(DEBUG) , WITH_DEBUG=no)
-AC_SUBST(WITH_DEBUG)
+dnl
+dnl check for -fPIE/-pie support
+dnl
+dnl icc handles -fpie as -fp without error, so blacklist icc
+dnl
+AC_ARG_ENABLE(pie,AS_HELP_STRING([--disable-pie],
+ [disable position-independent executeables (PIE)]),
+ USE_PIE=$enableval, USE_PIE=yes)
+
+AC_CACHE_CHECK(for -fpie, libc_cv_fpie, [dnl
+ cat > conftest.c <<EOF
+int foo;
+main () { return 0;}
+EOF
+ if test "$USE_PIE" = "yes" -a "$CC" != "icc" &&
+ AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -pie -fpie
+ -o conftest conftest.c 1>&AS_MESSAGE_LOG_FD])
+ then
+ libc_cv_fpie=yes
+ PIE_CFLAGS="-fpie"
+ PIE_LDFLAGS="-pie"
+ else
+ libc_cv_fpie=no
+ PIE_CFLAGS=""
+ PIE_LDFLAGS=""
+ fi
+ rm -f conftest*])
+AC_SUBST(libc_cv_fpie)
+AC_SUBST(PIE_CFLAGS)
+AC_SUBST(PIE_LDFLAGS)
-AC_ARG_ENABLE(memory-debug,
-[ --enable-memory-debug specify you want every malloc etc. call tracked],
- WITH_MEMORY_DEBUG=yes ; AC_DEFINE(MEMORY_DEBUG) , WITH_MEMORY_DEBUG=no)
-AC_SUBST(WITH_MEMORY_DEBUG)
-dnl build specially named libraries (for debugging purposes)
-AC_ARG_ENABLE(libdebug,
-[ --enable-libdebug specify you are building debugging libraries],
- WITH_LIBDEBUG=yes ; AC_DEFINE(WITH_LIBDEBUG) , WITH_LIBDEBUG=no)
-AC_SUBST(WITH_LIBDEBUG)
+dnl
+dnl options and defaults
+dnl
-dnl have prelude support
-AC_ARG_ENABLE(prelude,
-[ --enable-prelude build prelude ids support],
- WITH_PRELUDE=yes ; AC_DEFINE(WITH_PRELUDE), WITH_PRELUDE=no)
-AC_SUBST(WITH_PRELUDE)
+AC_ARG_ENABLE([prelude],
+ AC_HELP_STRING([--disable-prelude],[do not use prelude]),
+ WITH_PRELUDE=$enableval, WITH_PRELUDE=yes)
+if test "$WITH_PRELUDE" == "yes" ; then
+ AM_PATH_LIBPRELUDE([0.9.0])
+ if test "$LIBPRELUDE_CONFIG" != "no" ; then
+ LIBPRELUDE_CFLAGS="$LIBPRELUDE_CFLAGS -DPRELUDE=1"
+ fi
+fi
-dnl packaging convenience
-AC_ARG_ENABLE(fakeroot,
-[ --enable-fakeroot=<path to packaging directory>], FAKEROOT=$enableval)
-AC_SUBST(FAKEROOT)
+dnl lots of debugging information goes to /var/run/pam-debug.log
+AC_ARG_ENABLE([debug],
+ AC_HELP_STRING([--enable-debug],
+ [specify you are building with debugging on]),
+ WITH_DEBUG=yes ; AC_DEFINE([DEBUG],,
+ [lots of stuff gets written to /var/run/pam-debug.log]),
+ WITH_DEBUG=no)
+AC_SUBST(WITH_DEBUG)
AC_ARG_ENABLE(securedir,
-[ --enable-securedir=<path to location of PAMs> [default \$libdir/security]],
+ AC_HELP_STRING([--enable-securedir=DIR],[path to location of PAMs @<:@default=$libdir/security@:>@]),
SECUREDIR=$enableval, SECUREDIR=$libdir/security)
AC_SUBST(SECUREDIR)
-AC_ARG_ENABLE(isadir,
-[ --enable-isadir=<path to arch-specific module files> [default ../../\`basename \$libdir\`/security]],
+AC_ARG_ENABLE([isadir],
+ AC_HELP_STRING([--enable-isadir=DIR],[path to arch-specific module files @<:@default=../../(basename of $libdir)/security@:>@]),
ISA=$enableval,
ISA=../../`basename $libdir`/security)
unset mylibdirbase
AC_DEFINE_UNQUOTED(_PAM_ISA,"$ISA",[Define to the path, relative to SECUREDIR, where PAMs specific to this architecture can be found.])
-AC_MSG_RESULT([Defining \$ISA to \"$ISA\".])
+AC_MSG_RESULT([Defining \$ISA to "$ISA"])
AC_ARG_ENABLE(sconfigdir,
-[ --enable-sconfigdir=<path to module conf files> [default \$sysconfdir/security]],
+ AC_HELP_STRING([--enable-sconfigdir=DIR],[path to module conf files @<:@default=$sysconfdir/security@:>@]),
SCONFIGDIR=$enableval, SCONFIGDIR=$sysconfdir/security)
AC_SUBST(SCONFIGDIR)
-AC_ARG_ENABLE(suplementedir,
-[ --enable-suplementedir=<path to module helper binaries> [default \$sbindir]],
- SUPLEMENTED=$enableval, SUPLEMENTED=$sbindir)
-AC_SUBST(SUPLEMENTED)
-
-AC_ARG_ENABLE(includedir,
-[ --enable-includedir=<path to include location> - where to put <security>],
- INCLUDEDIR=$enableval, INCLUDEDIR=/usr/include)
-AC_SUBST(INCLUDEDIR)
-
-AC_ARG_ENABLE(docdir,
-[ --enable-docdir=<path to store documentation in - /usr/share/doc/pam>],
- DOCDIR=$enableval, DOCDIR=/usr/share/doc/pam)
-AC_SUBST(DOCDIR)
-
-AC_ARG_ENABLE(mandir,
-[ --enable-mandir=<path to store manuals in - /usr/share/man>],
- MANDIR=$enableval, MANDIR=/usr/share/man)
-AC_SUBST(MANDIR)
-
AC_ARG_ENABLE(pamlocking,
-[ --enable-pamlocking configure libpam to observe a global authentication lock],
- WITH_PAMLOCKING=yes ; AC_DEFINE(PAM_LOCKING) , WITH_PAMLOCKING=no)
+ AC_HELP_STRING([--enable-pamlocking],[configure libpam to observe a global authentication lock]),
+ WITH_PAMLOCKING=yes ; AC_DEFINE([PAM_LOCKING],,
+ [libpam should observe a global authentication lock]),
+ WITH_PAMLOCKING=no)
AC_SUBST(WITH_PAMLOCKING)
-AC_ARG_ENABLE(uglyhack,
-[ --enable-uglyhack configure libpam to try to honor old pam_strerror syntax],
- AC_DEFINE(UGLY_HACK_FOR_PRIOR_BEHAVIOR_SUPPORT))
-
AC_ARG_ENABLE(read-both-confs,
-[ --enable-read-both-confs read both /etc/pam.d and /etc/pam.conf files],
- AC_DEFINE(PAM_READ_BOTH_CONFS))
+ AC_HELP_STRING([--enable-read-both-confs],[read both /etc/pam.d and /etc/pam.conf files]),
+ AC_DEFINE([PAM_READ_BOTH_CONFS],,
+ [read both /etc/pam.d and /etc/pam.conf files]))
AC_SUBST(PAM_READ_BOTH_CONFS)
-AC_ARG_ENABLE(static-libpam, [ --enable-static-libpam build a libpam.a library],
- STATIC_LIBPAM=yes , STATIC_LIBPAM=no)
-AC_SUBST(STATIC_LIBPAM)
-
-AC_ARG_ENABLE(dynamic-libpam,
-[ --disable-dynamic-libpam do not build a shared libpam library],
- DYNAMIC_LIBPAM=no, DYNAMIC_LIBPAM=yes)
-AC_SUBST(DYNAMIC_LIBPAM)
-
-DYNAMIC=-DPAM_DYNAMIC
-AC_SUBST(DYNAMIC)
-
-AC_ARG_ENABLE(static-modules,
-[ --enable-static-modules do not make the modules dynamically loadable],
- STATIC=-DPAM_STATIC)
-AC_SUBST(STATIC)
-
-AC_ARG_ENABLE(lckpwdf,
-[ --disable-lckpwdf do not use the lckpwdf function],
- WITH_LCKPWDF=no, WITH_LCKPWDF=yes)
-AC_SUBST(WITH_LCKPWDF)
+AC_ARG_ENABLE([lckpwdf],
+ AC_HELP_STRING([--disable-lckpwdf],[do not use the lckpwdf function]),
+ WITH_LCKPWDF=$enableval, WITH_LCKPWDF=yes)
+if test "$WITH_LCKPWDF" == "yes" ; then
+ AC_DEFINE([USE_LCKPWDF], 1,
+ [Define to 1 if the lckpwdf function should be used])
+fi
AC_CHECK_HEADERS(paths.h)
AC_ARG_WITH(mailspool,
-[ --with-mailspool path to mail spool directory
- [default _PATH_MAILDIR if defined in paths.h, otherwise /var/spool/mail]],
+[ --with-mailspool path to mail spool directory
+ [default _PATH_MAILDIR if defined in paths.h, otherwise /var/spool/mail]],
with_mailspool=${withval})
if test x$with_mailspool != x ; then
pam_mail_spool="\"$with_mailspool\""
@@ -182,229 +283,119 @@ exit(1);
pam_mail_spool="\"/var/spool/mail\"",
pam_mail_spool="\"/var/spool/mail\"")
fi
-AC_DEFINE_UNQUOTED(PAM_PATH_MAILDIR, $pam_mail_spool)
-
-dnl Checks for libraries.
-AC_CHECK_LIB(c, __libc_sched_setscheduler, PAM_NEEDS_LIBC=, PAM_NEEDS_LIBC=-lc)
-AC_SUBST(PAM_NEEDS_LIBC)
+AC_DEFINE_UNQUOTED(PAM_PATH_MAILDIR, $pam_mail_spool,
+ [Path where mails are stored])
+
+AC_ARG_WITH(xauth,
+[ --with-xauth additional path to check for xauth when it is called from pam_xauth
+ [added to the default of /usr/X11R6/bin/xauth, /usr/bin/xauth, /usr/bin/X11/xauth]],
+pam_xauth_path=${withval})
+if test x$with_xauth == x ; then
+ AC_PATH_PROG(pam_xauth_path, xauth)
+dnl There is no sense in adding the first default path
+ if test x$pam_xauth_path == x/usr/X11R6/bin/xauth ; then
+ unset pam_xauth_path
+ fi
+fi
-dnl Checks for the existence of lckpwdf in libc
-AC_CHECK_LIB(c, lckpwdf, HAVE_LCKPWDF=yes, HAVE_LCKPWDF=no)
-AC_SUBST(HAVE_LCKPWDF)
+if test x$pam_xauth_path != x ; then
+ AC_DEFINE_UNQUOTED(PAM_PATH_XAUTH, "$pam_xauth_path",
+ [Additional path of xauth executable])
+fi
dnl Checks for the existence of libdl - on BSD and Tru64 its part of libc
-AC_CHECK_LIB(dl, dlopen, LIBDL=-ldl)
+AC_CHECK_LIB([dl], [dlopen], LIBDL="-ldl", LIBDL="")
AC_SUBST(LIBDL)
-dnl
-dnl At least on Solaris, the existing libcrack must be dynamic.
-dnl Ought to introduce a check for this.
-dnl
-AC_CHECK_LIB(crack, FascistCheck, HAVE_LIBCRACK=yes ; AC_DEFINE(HAVE_LIBCRACK),
- HAVE_LIBCRACK=no)
-AC_SUBST(HAVE_LIBCRACK)
-
-AC_CHECK_LIB(crypt, crypt, HAVE_LIBCRYPT=yes ; AC_DEFINE(HAVE_LIBCRYPT),
- HAVE_LIBCRYPT=no)
-AC_SUBST(HAVE_LIBCRYPT)
-AC_CHECK_LIB(util, logwtmp, HAVE_LIBUTIL=yes ; AC_DEFINE(HAVE_LIBUTIL),
- HAVE_LIBUTIL=no)
-AC_SUBST(HAVE_LIBUTIL)
-AC_CHECK_LIB(ndbm, dbm_store, HAVE_LIBNDBM=yes ; AC_DEFINE(HAVE_LIBNDBM),
- HAVE_LIBNDBM=no)
-AC_SUBST(HAVE_LIBNDBM)
-AC_CHECK_LIB(db, dbm_store, HAVE_LIBDB=yes ; AC_DEFINE(HAVE_LIBDB),
- HAVE_LIBDB=no)
-if test x$HAVE_LIBDB != xyes ; then
- AC_CHECK_LIB(db, db_create, HAVE_LIBDB=yes ; AC_DEFINE(HAVE_LIBDB),
- HAVE_LIBDB=no)
+# Check for cracklib
+AC_ARG_ENABLE([cracklib],
+ AC_HELP_STRING([--disable-cracklib],[do not use cracklib]),
+ WITH_CRACKLIB=$enableval, WITH_CRACKLIB=yes)
+if test x"$WITH_CRACKLIB" != xno ; then
+ AC_CHECK_HEADER([crack.h],
+ AC_CHECK_LIB([crack], [FascistCheck], LIBCRACK="-lcrack", LIBCRACK=""))
+else
+ LIBCRACK=""
+fi
+AC_SUBST(LIBCRACK)
+AM_CONDITIONAL([HAVE_LIBCRACK], [test ! -z "$LIBCRACK"])
+
+dnl Look for Linux Auditing library - see documentation
+AC_ARG_ENABLE([audit],
+ AC_HELP_STRING([--disable-audit],[do not enable audit support]),
+ WITH_LIBAUDIT=$enableval, WITH_LIBAUDIT=yes)
+if test x"$WITH_LIBAUDIT" != xno ; then
+ AC_CHECK_HEADER([libaudit.h],
+ [AC_CHECK_LIB(audit, audit_log_user_message, LIBAUDIT=-laudit, LIBAUDIT="")]
+ )
+ if test ! -z "$LIBAUDIT" -a "ac_cv_header_libaudit_h" != "no" ; then
+ AC_DEFINE([HAVE_LIBAUDIT], 1, [Defined if audit support should be compiled in])
+ fi
+else
+ LIBAUDIT=""
fi
-AC_SUBST(HAVE_LIBDB)
-AC_CHECK_LIB(fl, yylex, yyterminate, HAVE_LIBFL=yes ; AC_DEFINE(HAVE_LIBFL),
- HAVE_LIBFL=no)
-AC_SUBST(HAVE_LIBFL)
-AC_CHECK_LIB(nsl, yp_maplist, HAVE_LIBNSL=yes ; AC_DEFINE(HAVE_LIBNSL),
- HAVE_LIBNSL=no)
-AC_SUBST(HAVE_LIBNSL)
-
-if test $HAVE_LIBNSL = yes ; then
- pwdblibs="$pwdblibs -lnsl"
+AC_SUBST(LIBAUDIT)
+
+BACKUP_LIBS=$LIBS
+AC_SEARCH_LIBS([crypt],[xcrypt crypt], LIBCRYPT="-l$ac_lib", LIBCRYPT="")
+LIBS=$BACKUP_LIBS
+AC_SUBST(LIBCRYPT)
+
+dnl check for libdb or libndbm as fallback. Some libndbm compat
+dnl libraries are unuseable, so try libdb first.
+AC_ARG_ENABLE([db],
+ AC_HELP_STRING([--enable-db=(db|ndbm|yes|no)],[Default behavior 'yes', which is to check for libdb first, followed by ndbm. Use 'no' to disable db support.]),
+ WITH_DB=$enableval, WITH_DB=yes)
+if test x"$WITH_DB" != xno ; then
+ if test x"$WITH_DB" = xyes -o x"$WITH_DB" = xdb ; then
+ AC_CHECK_LIB([db], [db_create], LIBDB="-ldb", LIBDB="")
+ if test -z "$LIBDB" ; then
+ AC_CHECK_LIB([db], [dbm_store], LIBDB="-ldb", LIBDB="")
+ fi
+ fi
+ if test -z "$LIBDB" ; then
+ AC_CHECK_LIB([ndbm],[dbm_store], LIBDB="-lndbm", LIBDB="")
+ if test ! -z "$LIBDB" ; then
+ AC_CHECK_HEADERS(ndbm.h)
+ fi
+ else
+ AC_CHECK_HEADERS(db.h)
+ fi
+fi
+AC_SUBST(LIBDB)
+AM_CONDITIONAL([HAVE_LIBDB], [test ! -z "$LIBDB"])
+
+AC_CHECK_LIB([nsl],[yp_get_default_domain], LIBNSL="-lnsl", LIBNSL="")
+LIBS="$LIBS $LIBNSL"
+AC_CHECK_FUNCS(yp_get_default_domain)
+LIBS=$BACKUP_LIBS
+AC_SUBST(LIBNSL)
+
+AC_ARG_ENABLE([selinux],
+ AC_HELP_STRING([--disable-selinux],[do not use SELinux]),
+ WITH_SELINUX=$enableval, WITH_SELINUX=yes)
+if test "$WITH_SELINUX" == "yes" ; then
+ AC_CHECK_LIB([selinux],[getfilecon], LIBSELINUX="-lselinux", LIBSELINUX="")
+else
+ LIBSELINUX=""
+fi
+AC_SUBST(LIBSELINUX)
+AM_CONDITIONAL([HAVE_LIBSELINUX], [test ! -z "$LIBSELINUX"])
+if test ! -z "$LIBSELINUX" ; then
+ AC_DEFINE([WITH_SELINUX], 1, [Defined if SE Linux support is compiled in])
fi
-AC_CHECK_LIB(pwdb, pwdb_db_name, HAVE_LIBPWDB=yes ; AC_DEFINE(HAVE_LIBPWDB),
- HAVE_LIBPWDB=no,$pwdblibs)
-AC_SUBST(HAVE_LIBPWDB)
-unset pwdblibs
-
-AC_CHECK_LIB(fl, yywrap, HAVE_LIBFLEX=yes ; AC_DEFINE(HAVE_LIBFLEX),
- HAVE_LIBFLEX=no)
-AC_SUBST(HAVE_LIBFLEX)
-AC_CHECK_LIB(l, yywrap, HAVE_LIBLEX=yes ; AC_DEFINE(HAVE_LIBLEX),
- HAVE_LIBLEX=no)
-AC_SUBST(HAVE_LIBLEX)
dnl Checks for header files.
AC_HEADER_DIRENT
AC_HEADER_STDC
AC_HEADER_SYS_WAIT
-AC_CHECK_HEADERS(fcntl.h limits.h malloc.h sys/file.h sys/ioctl.h sys/time.h syslog.h termio.h unistd.h sys/fsuid.h)
-
-dnl Linux wants features.h in some of the source files.
-AC_CHECK_HEADERS(features.h)
+AC_CHECK_HEADERS(fcntl.h limits.h malloc.h sys/file.h sys/ioctl.h sys/time.h syslog.h termio.h unistd.h sys/fsuid.h inittypes.h)
-dnl For module/pam_cracklib
AC_CHECK_HEADERS(crypt.h)
-dnl For module/pam_userdb
-AC_CHECK_HEADERS(ndbm.h db.h)
-dnl I suspect the following two lines are a hack.
-HAVE_NDBM_H=$ac_cv_header_ndbm_h
-AC_SUBST(HAVE_NDBM_H)
-
dnl For module/pam_lastlog
AC_CHECK_HEADERS(lastlog.h utmp.h utmpx.h)
-dnl This following rule should be made conditional upon HAVE_LIBCRYPT
-dnl being found.
-
-dnl Look for cracklib dictionary
-AC_MSG_CHECKING(path to cracklib dictionary)
-DICT_DIR_CANDIDATES="/usr/lib /usr/share/dict /usr/share/lib \
- /usr/local/lib /usr/local/share/lib /usr/share/cracklib"
-DICT_FILE_CANDIDATES="pw_dict cracklib_dict"
-CRACKLIB_DICTPATH=""
-for d in $DICT_DIR_CANDIDATES ; do
- for f in $DICT_FILE_CANDIDATES ; do
- if test -r $d/$f.hwm ; then
- CRACKLIB_DICTPATH=$d/$f
- break 2
- elif test -r $d/dict/$f.hwm ; then
- CRACKLIB_DICTPATH=$d/dict/$f
- break 2
- fi
- done
-done
-if test -z "$CRACKLIB_DICTPATH" ; then
- AC_MSG_WARN([none found - pam_cracklib will not be built])
-else
- AC_MSG_RESULT($CRACKLIB_DICTPATH)
-fi
-AC_SUBST(CRACKLIB_DICTPATH)
-
-dnl Set FLAGS, linker options etc. depending on C compiler.
-dnl gcc is tested and much preferred; others less so, if at all
-dnl
-dnl If compiling with gcc, linking is also supposed to be done with gcc
-dnl
-dnl For the moment, gcc is enforced above at "CC=gcc".
-dnl
-dnl There is an issue over _POSIX_SOURCE _BSD_SOURCE and _GNU_SOURCE .
-dnl The original "Linux-PAM" had blanket inclusion. But portability
-dnl requires their default absence: if particular OSes require them,
-dnl this should be done selectively.
-
-GCC_WARNINGS="-Wall -Wwrite-strings \
- -Wpointer-arith -Wcast-qual -Wcast-align \
- -Wstrict-prototypes -Wmissing-prototypes \
- -Wnested-externs -Winline -Wshadow"
-
-if test "$GCC" = yes; then
- CC=gcc ; AC_SUBST(CC)
-### May need per-OS attention
-### Example: -D_POSIX_SOURCE: needed on Linux but harms Solaris.
- case $OS in
- linux)
- OS_CFLAGS=
- LD_D="$CC -shared $LDFLAGS"
- WARNINGS="$GCC_WARNINGS"
- PIC="-fPIC"
- DYNTYPE=so
- LD=gcc
- LD_L="$CC -shared $LDFLAGS"
- RANLIB=:
- STRIP=strip
- CC_STATIC="-Xlinker -export-dynamic"
- ;;
- sunos)
- OS_CFLAGS="-ansi -pedantic"
- LD_D="gcc -shared -Xlinker -x"
- WARNINGS="$GCC_WARNINGS"
- PIC="-fPIC"
- DYNTYPE=so
- LD=ld
- LD_L="$LD -x -shared"
- RANLIB=ranlib
- STRIP=strip
- CC_STATIC="-Xlinker -export-dynamic"
- ;;
- aix)
- OS_CFLAGS=""
- DYNTYPE=lo
- LD=ld
- LD_L=ld -bexpall -bM:SRE -bnoentry
- LD_D="$LD_L"
- RANLIB=ranlib
- STRIP=strip
- ;;
- *)
- OS_CFLAGS=""
- ;;
- esac
-else
-###
-### Non-gcc needs attention on per-OS basis
-###
- case "$OS" in
- darwin)
-# add some stuff here (see sourceforge bug 534205)
-# DOCDIR=/System/Documentation/Administration/Libraries/PAM
-# MANDIR=/usr/share/man
- ;;
- solaris)
- ### Support for Solaris-C
- OS_CFLAGS=""
- WARNINGS=""
- PIC="-K pic"
- LD=ld
- LD_D="cc -z text -G -R."
- LD_L="$LD_D"
- RANLIB=ranlib
- STRIP=strip
- CC_STATIC=
- ;;
- irix*)
- OSRELEASE=`uname -r`
- if test "$OSRELEASE" = 6.5; then
- OS_CFLAGS=""
- WARNINGS="-fullwarn"
- PIC= #PIC code is default for IRIX
- LD="cc -shared" # modules friendly approach
- LD_D="cc -shared"
- LD_L="ld -G -z redlocsym"
- RANLIB=echo
- STRIP=strip
- CC_STATIC=
- else
- echo "IRIX prior to 6.5 not allowed for"
- exit
- fi
- ;;
- *) echo "Native compiler on $OS is not yet supported"
- exit
- ;;
- esac
-fi
-
-AC_SUBST(DYNTYPE)
-AC_SUBST(OS_CFLAGS)
-AC_SUBST(WARNINGS)
-AC_SUBST(PIC)
-AC_SUBST(LD)
-AC_SUBST(LD_D)
-AC_SUBST(LD_L)
-AC_SUBST(RANLIB)
-AC_SUBST(STRIP)
-AC_SUBST(CC_STATIC)
-
dnl Checks for typedefs, structures, and compiler characteristics.
AC_C_BIGENDIAN
AC_C_CONST
@@ -420,29 +411,105 @@ AC_TYPE_GETGROUPS
AC_PROG_GCC_TRADITIONAL
AC_FUNC_MEMCMP
AC_FUNC_VPRINTF
-AC_CHECK_FUNCS(gethostname gettimeofday mkdir select strcspn strdup strerror strspn strstr strtol uname)
+AC_CHECK_FUNCS(fseeko gethostname gettimeofday lckpwdf mkdir select)
+AC_CHECK_FUNCS(strcspn strdup strspn strstr strtol uname)
+AC_CHECK_FUNCS(getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r)
+AC_CHECK_FUNCS(getgrouplist getline getdelim)
+AC_CHECK_FUNCS(inet_ntop inet_pton ruserok_af)
-AC_CHECK_FUNCS(getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getgrouplist)
+AC_CHECK_FUNCS(unshare, [UNSHARE=yes], [UNSHARE=no])
+AM_CONDITIONAL([HAVE_UNSHARE], [test "$UNSHARE" = yes])
-dnl Checks for programs/utilities
-AC_CHECK_PROG(HAVE_SGML2TXT, sgml2txt, yes, no)
-AC_CHECK_PROG(HAVE_SGML2HTML, sgml2html, yes, no)
-AC_CHECK_PROG(HAVE_SGML2LATEX, sgml2latex, yes, no)
-if test $HAVE_SGML2LATEX = "yes" ; then
- if sgml2latex -h | grep -e --paper | grep ' -p ' > /dev/null ; then
- PSER="sgml2latex -o ps"
- else
- PSER="sgml2latex -p"
- fi
- AC_CHECK_PROG(HAVE_PS2PDF, ps2pdf, yes, no)
+dnl
+dnl Check for xsltproc
+dnl
+enable_man=yes
+AC_PATH_PROG([XSLTPROC], [xsltproc])
+if test -z "$XSLTPROC"; then
+ enable_man=no
+fi
+AC_PATH_PROG([XMLLINT], [xmllint],[/bin/true])
+dnl check for DocBook DTD and stylesheets in the local catalog.
+JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.4//EN],
+ [DocBook XML DTD V4.4], [], enable_man=no)
+JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl],
+ [DocBook XSL Stylesheets], [], enable_man=no)
+
+AC_PATH_PROG([BROWSER], [w3m])
+if test ! -z "$BROWSER"; then
+ BROWSER="$BROWSER -T text/html -dump"
else
- AC_CHECK_PROG(HAVE_SGML2PS, sgml2ps, yes, no)
- if test $HAVE_SGML2PS = yes ; then
- PSER="sgml2ps"
- fi
+ enable_man=no
fi
-AC_SUBST(PSER)
-AC_SUBST(PS2PDF)
+
+AC_PATH_PROG([FO2PDF], [fop])
+
+AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test x$enable_man != xno)
+AM_CONDITIONAL(ENABLE_GENERATE_PDF, test ! -z "$FO2PDF")
+
+
+AM_GNU_GETTEXT_VERSION
+AM_GNU_GETTEXT([external])
+AC_CHECK_FUNCS(dngettext)
+
+AH_VERBATIM([_ZZENABLE_NLS],
+[#ifdef ENABLE_NLS
+#include <libintl.h>
+#define _(msgid) dgettext(PACKAGE, msgid)
+#define N_(msgid) msgid
+#else
+#define _(msgid) (msgid)
+#define N_(msgid) msgid
+#endif /* ENABLE_NLS */])
+
+dnl
+dnl Check for the availability of the kernel key management facility
+dnl - The pam_keyinit module only requires the syscalls, not the error codes
+dnl
+AC_CHECK_DECL(__NR_keyctl, [have_key_syscalls=1],[have_key_syscalls=0],[#include <sys/syscall.h>])
+AC_CHECK_DECL(ENOKEY, [have_key_errors=1],[have_key_errors=0],[#include <errno.h>])
+
+HAVE_KEY_MANAGEMENT=0
+if test $have_key_syscalls$have_key_errors = 11
+then
+ HAVE_KEY_MANAGEMENT=1
+fi
+
+if test $HAVE_KEY_MANAGEMENT = 1; then
+ AC_DEFINE([HAVE_KEY_MANAGEMENT], 1,
+ [Defined if the kernel key management facility is available])
+fi
+AC_SUBST([HAVE_KEY_MANAGEMENT], $HAVE_KEY_MANAGEMENT)
+
+AM_CONDITIONAL([HAVE_KEY_MANAGEMENT], [test "$have_key_syscalls" = 1])
dnl Files to be created from when we run configure
-AC_OUTPUT(Make.Rules)
+AC_OUTPUT(Makefile libpam/Makefile libpamc/Makefile libpamc/test/Makefile \
+ libpam_misc/Makefile conf/Makefile conf/pam_conv1/Makefile \
+ po/Makefile.in \
+ modules/Makefile \
+ modules/pam_access/Makefile modules/pam_cracklib/Makefile \
+ modules/pam_debug/Makefile modules/pam_deny/Makefile \
+ modules/pam_echo/Makefile modules/pam_env/Makefile \
+ modules/pam_faildelay/Makefile \
+ modules/pam_filter/Makefile modules/pam_filter/upperLOWER/Makefile \
+ modules/pam_ftp/Makefile modules/pam_group/Makefile \
+ modules/pam_issue/Makefile modules/pam_keyinit/Makefile \
+ modules/pam_lastlog/Makefile modules/pam_limits/Makefile \
+ modules/pam_listfile/Makefile modules/pam_localuser/Makefile \
+ modules/pam_loginuid/Makefile modules/pam_mail/Makefile \
+ modules/pam_mkhomedir/Makefile modules/pam_motd/Makefile \
+ modules/pam_namespace/Makefile \
+ modules/pam_nologin/Makefile modules/pam_permit/Makefile \
+ modules/pam_rhosts/Makefile \
+ modules/pam_rootok/Makefile modules/pam_exec/Makefile \
+ modules/pam_securetty/Makefile modules/pam_selinux/Makefile \
+ modules/pam_shells/Makefile modules/pam_stress/Makefile \
+ modules/pam_succeed_if/Makefile modules/pam_tally/Makefile \
+ modules/pam_time/Makefile modules/pam_umask/Makefile \
+ modules/pam_unix/Makefile modules/pam_userdb/Makefile \
+ modules/pam_warn/Makefile modules/pam_wheel/Makefile \
+ modules/pam_xauth/Makefile doc/Makefile doc/specs/Makefile \
+ doc/man/Makefile doc/sag/Makefile doc/adg/Makefile \
+ doc/mwg/Makefile examples/Makefile tests/Makefile \
+ xtests/Makefile)
diff --git a/Linux-PAM/defs/debian.defs b/Linux-PAM/defs/debian.defs
deleted file mode 100644
index 19ba4663..00000000
--- a/Linux-PAM/defs/debian.defs
+++ /dev/null
@@ -1,40 +0,0 @@
-##
-# defs for Debian
-# Ben Collins <bcollins@debian.org>
-##
-# this file indicates the compiler and the various hardware/OS dependent
-# flags for installation. It also defines the various destinations of
-# installed files on the system.
-##
-
-CFLAGS := -O2 -I${shell pwd}/include # -D__NO_STRING_INLINES
-ifneq (,$(findstring $(DEB_BUILD_OPTIONS),debug DEBUG Debug))
- CFLAGS += -g
-endif
-
-OS := $(shell dpkg-architecture -qDEB_BUILD_GNU_SYSTEM)
-ARCH := $(shell dpkg-architecture -qDEB_BUILD_GNU_CPU)
-CC := gcc
-INSTALL := install
-MKDIR := mkdir -p
-ULIBS :=
-LD := ld
-LD_D := gcc -shared -Xlinker -x
-LD_L := $(LD) -x -shared
-AR := ar -cr
-RANLIB := ranlib
-PREFIX :=
-LIBDIR := $(PREFIX)/lib
-USESONAME := yes
-SOSWITCH := -soname
-LINKLIBS := -lc -L${shell pwd}/libpam -L${shell pwd}/libpam_misc
-NEEDSONAME := no
-LDCONFIG := /sbin/ldconfig
-FAKEROOT :=
-SUPLEMENTED := $(PREFIX)/sbin
-SECUREDIR := $(LIBDIR)/security
-INCLUDED := /usr/include/security
-CONFIGED := /etc
-SCONFIGED := /etc/security
-EXTRALS := -lnsl -lcrypt
-WARNINGS := -Wall
diff --git a/Linux-PAM/defs/hpux.defs b/Linux-PAM/defs/hpux.defs
deleted file mode 100644
index d8341983..00000000
--- a/Linux-PAM/defs/hpux.defs
+++ /dev/null
@@ -1,36 +0,0 @@
-##
-# HPUX defs contributed by Derrick J Brashear <shadow@dementia.org>
-##
-# this file indicates the compiler and the various hardware/OS dependent
-# flags for installation. It also defines the various destinations of
-# installed files on the system.
-#
-# This file is the default version. Please look in .../defs/ for your
-# preferred OS/vendor.
-
-OS=hpux9
-ARCH=hpux
-CC=gcc
-INSTALL=install
-MKDIR=mkdir -p
-CFLAGS=-g -DPAM_SHL -DHAVE_UTMP_H
-ULIBS=
-LD=ld
-LD_D=$(LD) -b
-LD_L=$(LD) -b
-USESONAME=no
-NEEDSONAME=no
-LDCONFIG=:
-AR=ar -cr
-RANLIB=ranlib
-FAKEROOT=
-PREFIX=/usr
-SUPLEMENTED=$(PREFIX)/sbin
-LIBDIR=$(PREFIX)/lib
-SECUREDIR=$(LIBDIR)/security
-INCLUDED=/usr/include/security
-CONFIGED=/etc
-SCONFIGED=/etc/security
-DYNLOAD="dld"
-DYNTYPE="sl"
-SHLIBMODE=755
diff --git a/Linux-PAM/defs/linux.defs b/Linux-PAM/defs/linux.defs
deleted file mode 100644
index 0e274320..00000000
--- a/Linux-PAM/defs/linux.defs
+++ /dev/null
@@ -1,32 +0,0 @@
-# this file indicates the compiler and the various hardware/OS dependent
-# flags for installation. It also defines the various destinations of
-# installed files on the system.
-#
-# This file is the default version. Please look in .../defs/ for your
-# preferred OS/vendor.
-
-OS=linux
-ARCH=i386 # should be changed for alpha
-CC=gcc
-INSTALL=install
-MKDIR=mkdir -p
-CFLAGS=-O7 -pipe -g
-ULIBS=#-lefence
-LD=ld
-LD_D=gcc -shared -Xlinker -x
-LD_L=$(LD) -x -shared
-USESONAME=yes
-LINKLIBS=-lc
-SOSWITCH=-soname
-NEEDSONAME=no
-LDCONFIG=/sbin/ldconfig
-AR=ar -cr
-RANLIB=ranlib
-FAKEROOT=
-PREFIX=/usr
-SUPLEMENTED=$(PREFIX)/sbin
-LIBDIR=$(PREFIX)/lib
-SECUREDIR=$(LIBDIR)/security
-INCLUDED=/usr/include/security
-CONFIGED=/etc
-SCONFIGED=/etc/security
diff --git a/Linux-PAM/defs/morgan.defs b/Linux-PAM/defs/morgan.defs
deleted file mode 100644
index 2b0cf289..00000000
--- a/Linux-PAM/defs/morgan.defs
+++ /dev/null
@@ -1,36 +0,0 @@
-##
-# defs for Andrew's debugging version (which is a modified Red Hat
-# box)
-##
-# this file indicates the compiler and the various hardware/OS dependent
-# flags for installation. It also defines the various destinations of
-# installed files on the system.
-#
-# This file is the version used for Red Hat Linux.
-
-OS=linux
-ARCH=i386
-CC=gcc
-INSTALL=install
-MKDIR=mkdir -p
-CFLAGS=$(RPM_OPT_FLAGS) -pipe -g
-ULIBS=
-#-lefence
-LD=ld
-LD_D=gcc -shared -Xlinker -x
-LD_L=$(LD) -x -shared
-USESONAME=yes
-SOSWITCH=-soname
-LINKLIBS=-lc
-NEEDSONAME=no
-LDCONFIG=/sbin/ldconfig
-AR=ar -cr
-RANLIB=ranlib
-FAKEROOT=$(RPM_BUILD_ROOT)
-PREFIX=
-SUPLEMENTED=$(PREFIX)/sbin
-LIBDIR=$(PREFIX)/lib
-SECUREDIR=$(LIBDIR)/security.d
-INCLUDED=/usr/include/security
-CONFIGED=/etc
-SCONFIGED=/etc/security
diff --git a/Linux-PAM/defs/redhat.defs b/Linux-PAM/defs/redhat.defs
deleted file mode 100644
index a6ed36da..00000000
--- a/Linux-PAM/defs/redhat.defs
+++ /dev/null
@@ -1,36 +0,0 @@
-##
-# defs for Red Hat Linux
-# Michael K. Johnson <johnsonm@redhat.com>
-##
-# this file indicates the compiler and the various hardware/OS dependent
-# flags for installation. It also defines the various destinations of
-# installed files on the system.
-#
-# This file is the version used for Red Hat Linux.
-
-OS=linux
-ARCH=$(shell rpm --showrc | grep '^build arch' | sed 's/^.*: //g')
-CC=gcc
-INSTALL=install
-MKDIR=mkdir -p
-CFLAGS=$(RPM_OPT_FLAGS) -pipe -g
-ULIBS=#-lefence
-LD=ld
-LD_D=gcc -shared -Xlinker -x
-LD_L=$(LD) -x -shared
-USESONAME=yes
-SOSWITCH=-soname
-LINKLIBS=-lc
-NEEDSONAME=no
-LDCONFIG=/sbin/ldconfig
-AR=ar -cr
-RANLIB=ranlib
-FAKEROOT=$(RPM_BUILD_ROOT)
-PREFIX=
-SUPLEMENTED=$(PREFIX)/sbin
-LIBDIR=$(PREFIX)/lib
-SECUREDIR=$(LIBDIR)/security
-INCLUDED=/usr/include/security
-CONFIGED=/etc
-SCONFIGED=/etc/security
-EXTRALS=-lcrypt
diff --git a/Linux-PAM/defs/redhat4.defs b/Linux-PAM/defs/redhat4.defs
deleted file mode 100644
index 219abeb6..00000000
--- a/Linux-PAM/defs/redhat4.defs
+++ /dev/null
@@ -1,35 +0,0 @@
-##
-# defs for Red Hat Linux
-# Michael K. Johnson <johnsonm@redhat.com>
-##
-# this file indicates the compiler and the various hardware/OS dependent
-# flags for installation. It also defines the various destinations of
-# installed files on the system.
-#
-# This file is the version used for Red Hat Linux.
-
-OS=linux
-ARCH=$(shell rpm --showrc | grep '^build arch' | sed 's/^.*: //g')
-CC=gcc
-INSTALL=install
-MKDIR=mkdir -p
-CFLAGS=$(RPM_OPT_FLAGS) -pipe -g
-ULIBS=#-lefence
-LD=ld
-LD_D=gcc -shared -Xlinker -x
-LD_L=$(LD) -x -shared
-USESONAME=yes
-SOSWITCH=-soname
-LINKLIBS=-lc
-NEEDSONAME=no
-LDCONFIG=/sbin/ldconfig
-AR=ar -cr
-RANLIB=ranlib
-FAKEROOT=$(RPM_BUILD_ROOT)
-PREFIX=
-SUPLEMENTED=$(PREFIX)/sbin
-LIBDIR=$(PREFIX)/lib
-SECUREDIR=$(LIBDIR)/security
-INCLUDED=/usr/include/security
-CONFIGED=/etc
-SCONFIGED=/etc/security
diff --git a/Linux-PAM/defs/solaris-2.1.5.defs b/Linux-PAM/defs/solaris-2.1.5.defs
deleted file mode 100644
index 4624b604..00000000
--- a/Linux-PAM/defs/solaris-2.1.5.defs
+++ /dev/null
@@ -1,45 +0,0 @@
-##
-# Solaris defs contributed by Josh Wilmes <josh@makita.jpl.nasa.gov>
-##
-# this file indicates the compiler and the various hardware/OS dependent
-# flags for installation. It also defines the various destinations of
-# installed files on the system.
-#
-# This file is the default version. Please look in .../defs/ for your
-# preferred OS/vendor.
-
-# Please note that the linker used must be the GNU ld, not the native Sun
-# linker. It is fairly common for the gnu linker (/usr/ccs/bin/ld) to be
-# configured as the default linker for gcc. To tell gcc to use the
-# gnu linker, you need to set the GCC_EXEC_PREFIX environment variable
-# to point at the directory where the gnu linker is installed. Here's
-# what I do:
-# $ mkdir /tmp/foo
-# $ ln -s /path/to/gnu/ld /tmp/foo/ld
-# $ export GCC_EXEC_PREFIX=/tmp/foo/
-# $ export PATH=/tmp/foo:$PATH
-
-OS=solaris
-ARCH=sun
-CC=gcc
-INSTALL=install
-MKDIR=mkdir -p
-CFLAGS=-O7 -pipe -g -D__EXTENSIONS__ -Dsolaris
-ULIBS=
-LD_D=gcc -shared -Xlinker -x
-LD=ld
-LD_L=$(LD) -G
-USESONAME=yes
-SOSWITCH=-h
-NEEDSONAME=no
-LDCONFIG=/sbin/echo
-AR=ar -cr
-RANLIB=ranlib
-FAKEROOT=
-PREFIX=/usr
-SUPLEMENTED=$(PREFIX)/sbin
-LIBDIR=$(PREFIX)/lib
-SECUREDIR=$(LIBDIR)/security
-INCLUDED=/usr/include/security
-CONFIGED=/etc
-SCONFIGED=/etc/security
diff --git a/Linux-PAM/defs/solaris.defs b/Linux-PAM/defs/solaris.defs
deleted file mode 100644
index f9f26529..00000000
--- a/Linux-PAM/defs/solaris.defs
+++ /dev/null
@@ -1,48 +0,0 @@
-##
-# Solaris defs contributed by Josh Wilmes <josh@makita.jpl.nasa.gov>
-##
-# this file indicates the compiler and the various hardware/OS dependent
-# flags for installation. It also defines the various destinations of
-# installed files on the system.
-#
-# This file is the default version. Please look in .../defs/ for your
-# preferred OS/vendor.
-
-# Please note that the linker used must be the GNU ld, not the native Sun
-# linker. It is fairly common for the gnu linker (/usr/ccs/bin/ld) to be
-# configured as the default linker for gcc. To tell gcc to use the
-# gnu linker, you need to set the GCC_EXEC_PREFIX environment variable
-# to point at the directory where the gnu linker is installed. Here's
-# what I do:
-# $ mkdir /tmp/foo
-# $ ln -s /path/to/gnu/ld /tmp/foo/ld
-# $ export GCC_EXEC_PREFIX=/tmp/foo/
-# $ export PATH=/tmp/foo:$PATH
-
-OS=solaris
-ARCH=sun
-CC=cc
-INSTALL=install
-MKDIR=mkdir -p
-WARNINGS = -D_POSIX_SOURCE
-PIC=-KPIC
-CFLAGS=-g -D__EXTENSIONS__ -Dsolaris
-ULIBS=
-LD=ld
-LD_L=$(LD) -G
-LD_D=$(LD_L)
-RDYNAMIC=
-USESONAME=yes
-SOSWITCH=-h
-NEEDSONAME=no
-LDCONFIG=echo
-AR=ar -cr
-RANLIB=ranlib
-FAKEROOT=
-PREFIX=/usr
-SUPLEMENTED=$(PREFIX)/sbin
-LIBDIR=$(PREFIX)/lib
-SECUREDIR=$(LIBDIR)/security
-INCLUDED=/usr/include/security
-CONFIGED=/etc
-SCONFIGED=/etc/security
diff --git a/Linux-PAM/defs/sunos.defs b/Linux-PAM/defs/sunos.defs
deleted file mode 100644
index 158accc5..00000000
--- a/Linux-PAM/defs/sunos.defs
+++ /dev/null
@@ -1,37 +0,0 @@
-##
-# SunOS defs contributed by Derrick J Brashear <shadow@dementia.org>
-##
-# this file indicates the compiler and the various hardware/OS dependent
-# flags for installation. It also defines the various destinations of
-# installed files on the system.
-#
-# This file is the SunOS version. Please look in .../defs/ for your
-# preferred OS/vendor.
-
-OS=sunos
-ARCH=sun
-CC=gcc
-INSTALL=install
-MKDIR=mkdir -p
-CFLAGS=-O2 -pipe -g -D__EXTENSIONS__
-ULIBS=
-LD_D=gcc -shared -Xlinker -x
-LD=ld
-LD_L=$(LD)
-USESONAME=no
-NEEDSONAME=yes
-LDCONFIG=/usr/etc/ldconfig
-AR=ar cr
-RANLIB=ranlib
-FAKEROOT=
-PREFIX=/usr
-SUPLEMENTED=$(PREFIX)/sbin
-LIBDIR=$(PREFIX)/lib
-SECUREDIR=$(LIBDIR)/security
-INCLUDED=/usr/include/security
-CONFIGED=/etc
-SCONFIGED=/etc/security
-WARNINGS= -ansi -Wall -Wwrite-strings \
- -Wpointer-arith -Wcast-qual -Wcast-align \
- -Wtraditional -Wstrict-prototypes -Wmissing-prototypes \
- -Wnested-externs -Winline -Wshadow
diff --git a/Linux-PAM/defs/suse.defs b/Linux-PAM/defs/suse.defs
deleted file mode 100644
index 1fc6b741..00000000
--- a/Linux-PAM/defs/suse.defs
+++ /dev/null
@@ -1,36 +0,0 @@
-##
-# defs for SuSE Linux
-# Thorsten Kukuk <kukuk@suse.de>
-##
-# this file indicates the compiler and the various hardware/OS dependent
-# flags for installation. It also defines the various destinations of
-# installed files on the system.
-#
-# This file is the version used for SuSE Linux.
-
-OS=linux
-ARCH=$(shell rpm --showrc | grep 'build arch' | grep -v "compatible" | sed 's/^.*: //g')
-CC=gcc
-INSTALL=install
-MKDIR=mkdir -p
-CFLAGS=$(RPM_OPT_FLAGS) -pipe -D_REENTRANT
-ULIBS=#-lefence
-LD=ld
-LD_D=gcc -shared -Xlinker -x
-LD_L=$(LD) -x -shared
-USESONAME=yes
-SOSWITCH=-soname
-LINKLIBS=-lc
-NEEDSONAME=yes
-LDCONFIG=/sbin/ldconfig
-AR=ar -cr
-RANLIB=ranlib
-FAKEROOT=$(RPM_BUILD_ROOT)
-PREFIX=
-SUPLEMENTED=$(PREFIX)/sbin
-LIBDIR=$(PREFIX)/lib
-SECUREDIR=$(LIBDIR)/security
-INCLUDED=/usr/include/security
-CONFIGED=/etc
-SCONFIGED=/etc/security
-EXTRALS=-lcrypt
diff --git a/Linux-PAM/depcomp b/Linux-PAM/depcomp
new file mode 100755
index 00000000..04701da5
--- /dev/null
+++ b/Linux-PAM/depcomp
@@ -0,0 +1,530 @@
+#! /bin/sh
+# depcomp - compile a program generating dependencies as side-effects
+
+scriptversion=2005-07-09.11
+
+# Copyright (C) 1999, 2000, 2003, 2004, 2005 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Originally written by Alexandre Oliva <oliva@dcc.unicamp.br>.
+
+case $1 in
+ '')
+ echo "$0: No command. Try \`$0 --help' for more information." 1>&2
+ exit 1;
+ ;;
+ -h | --h*)
+ cat <<\EOF
+Usage: depcomp [--help] [--version] PROGRAM [ARGS]
+
+Run PROGRAMS ARGS to compile a file, generating dependencies
+as side-effects.
+
+Environment variables:
+ depmode Dependency tracking mode.
+ source Source file read by `PROGRAMS ARGS'.
+ object Object file output by `PROGRAMS ARGS'.
+ DEPDIR directory where to store dependencies.
+ depfile Dependency file to output.
+ tmpdepfile Temporary file to use when outputing dependencies.
+ libtool Whether libtool is used (yes/no).
+
+Report bugs to <bug-automake@gnu.org>.
+EOF
+ exit $?
+ ;;
+ -v | --v*)
+ echo "depcomp $scriptversion"
+ exit $?
+ ;;
+esac
+
+if test -z "$depmode" || test -z "$source" || test -z "$object"; then
+ echo "depcomp: Variables source, object and depmode must be set" 1>&2
+ exit 1
+fi
+
+# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po.
+depfile=${depfile-`echo "$object" |
+ sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`}
+tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`}
+
+rm -f "$tmpdepfile"
+
+# Some modes work just like other modes, but use different flags. We
+# parameterize here, but still list the modes in the big case below,
+# to make depend.m4 easier to write. Note that we *cannot* use a case
+# here, because this file can only contain one case statement.
+if test "$depmode" = hp; then
+ # HP compiler uses -M and no extra arg.
+ gccflag=-M
+ depmode=gcc
+fi
+
+if test "$depmode" = dashXmstdout; then
+ # This is just like dashmstdout with a different argument.
+ dashmflag=-xM
+ depmode=dashmstdout
+fi
+
+case "$depmode" in
+gcc3)
+## gcc 3 implements dependency tracking that does exactly what
+## we want. Yay! Note: for some reason libtool 1.4 doesn't like
+## it if -MD -MP comes after the -MF stuff. Hmm.
+ "$@" -MT "$object" -MD -MP -MF "$tmpdepfile"
+ stat=$?
+ if test $stat -eq 0; then :
+ else
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+ mv "$tmpdepfile" "$depfile"
+ ;;
+
+gcc)
+## There are various ways to get dependency output from gcc. Here's
+## why we pick this rather obscure method:
+## - Don't want to use -MD because we'd like the dependencies to end
+## up in a subdir. Having to rename by hand is ugly.
+## (We might end up doing this anyway to support other compilers.)
+## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like
+## -MM, not -M (despite what the docs say).
+## - Using -M directly means running the compiler twice (even worse
+## than renaming).
+ if test -z "$gccflag"; then
+ gccflag=-MD,
+ fi
+ "$@" -Wp,"$gccflag$tmpdepfile"
+ stat=$?
+ if test $stat -eq 0; then :
+ else
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+ rm -f "$depfile"
+ echo "$object : \\" > "$depfile"
+ alpha=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
+## The second -e expression handles DOS-style file names with drive letters.
+ sed -e 's/^[^:]*: / /' \
+ -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile"
+## This next piece of magic avoids the `deleted header file' problem.
+## The problem is that when a header file which appears in a .P file
+## is deleted, the dependency causes make to die (because there is
+## typically no way to rebuild the header). We avoid this by adding
+## dummy dependencies for each header file. Too bad gcc doesn't do
+## this for us directly.
+ tr ' ' '
+' < "$tmpdepfile" |
+## Some versions of gcc put a space before the `:'. On the theory
+## that the space means something, we add a space to the output as
+## well.
+## Some versions of the HPUX 10.20 sed can't process this invocation
+## correctly. Breaking it into two sed invocations is a workaround.
+ sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+hp)
+ # This case exists only to let depend.m4 do its work. It works by
+ # looking at the text of this script. This case will never be run,
+ # since it is checked for above.
+ exit 1
+ ;;
+
+sgi)
+ if test "$libtool" = yes; then
+ "$@" "-Wp,-MDupdate,$tmpdepfile"
+ else
+ "$@" -MDupdate "$tmpdepfile"
+ fi
+ stat=$?
+ if test $stat -eq 0; then :
+ else
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+ rm -f "$depfile"
+
+ if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files
+ echo "$object : \\" > "$depfile"
+
+ # Clip off the initial element (the dependent). Don't try to be
+ # clever and replace this with sed code, as IRIX sed won't handle
+ # lines with more than a fixed number of characters (4096 in
+ # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines;
+ # the IRIX cc adds comments like `#:fec' to the end of the
+ # dependency line.
+ tr ' ' '
+' < "$tmpdepfile" \
+ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \
+ tr '
+' ' ' >> $depfile
+ echo >> $depfile
+
+ # The second pass generates a dummy entry for each header file.
+ tr ' ' '
+' < "$tmpdepfile" \
+ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \
+ >> $depfile
+ else
+ # The sourcefile does not contain any dependencies, so just
+ # store a dummy comment line, to avoid errors with the Makefile
+ # "include basename.Plo" scheme.
+ echo "#dummy" > "$depfile"
+ fi
+ rm -f "$tmpdepfile"
+ ;;
+
+aix)
+ # The C for AIX Compiler uses -M and outputs the dependencies
+ # in a .u file. In older versions, this file always lives in the
+ # current directory. Also, the AIX compiler puts `$object:' at the
+ # start of each line; $object doesn't have directory information.
+ # Version 6 uses the directory in both cases.
+ stripped=`echo "$object" | sed 's/\(.*\)\..*$/\1/'`
+ tmpdepfile="$stripped.u"
+ if test "$libtool" = yes; then
+ "$@" -Wc,-M
+ else
+ "$@" -M
+ fi
+ stat=$?
+
+ if test -f "$tmpdepfile"; then :
+ else
+ stripped=`echo "$stripped" | sed 's,^.*/,,'`
+ tmpdepfile="$stripped.u"
+ fi
+
+ if test $stat -eq 0; then :
+ else
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+
+ if test -f "$tmpdepfile"; then
+ outname="$stripped.o"
+ # Each line is of the form `foo.o: dependent.h'.
+ # Do two passes, one to just change these to
+ # `$object: dependent.h' and one to simply `dependent.h:'.
+ sed -e "s,^$outname:,$object :," < "$tmpdepfile" > "$depfile"
+ sed -e "s,^$outname: \(.*\)$,\1:," < "$tmpdepfile" >> "$depfile"
+ else
+ # The sourcefile does not contain any dependencies, so just
+ # store a dummy comment line, to avoid errors with the Makefile
+ # "include basename.Plo" scheme.
+ echo "#dummy" > "$depfile"
+ fi
+ rm -f "$tmpdepfile"
+ ;;
+
+icc)
+ # Intel's C compiler understands `-MD -MF file'. However on
+ # icc -MD -MF foo.d -c -o sub/foo.o sub/foo.c
+ # ICC 7.0 will fill foo.d with something like
+ # foo.o: sub/foo.c
+ # foo.o: sub/foo.h
+ # which is wrong. We want:
+ # sub/foo.o: sub/foo.c
+ # sub/foo.o: sub/foo.h
+ # sub/foo.c:
+ # sub/foo.h:
+ # ICC 7.1 will output
+ # foo.o: sub/foo.c sub/foo.h
+ # and will wrap long lines using \ :
+ # foo.o: sub/foo.c ... \
+ # sub/foo.h ... \
+ # ...
+
+ "$@" -MD -MF "$tmpdepfile"
+ stat=$?
+ if test $stat -eq 0; then :
+ else
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+ rm -f "$depfile"
+ # Each line is of the form `foo.o: dependent.h',
+ # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'.
+ # Do two passes, one to just change these to
+ # `$object: dependent.h' and one to simply `dependent.h:'.
+ sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile"
+ # Some versions of the HPUX 10.20 sed can't process this invocation
+ # correctly. Breaking it into two sed invocations is a workaround.
+ sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" |
+ sed -e 's/$/ :/' >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+tru64)
+ # The Tru64 compiler uses -MD to generate dependencies as a side
+ # effect. `cc -MD -o foo.o ...' puts the dependencies into `foo.o.d'.
+ # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put
+ # dependencies in `foo.d' instead, so we check for that too.
+ # Subdirectories are respected.
+ dir=`echo "$object" | sed -e 's|/[^/]*$|/|'`
+ test "x$dir" = "x$object" && dir=
+ base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
+
+ if test "$libtool" = yes; then
+ # With Tru64 cc, shared objects can also be used to make a
+ # static library. This mecanism is used in libtool 1.4 series to
+ # handle both shared and static libraries in a single compilation.
+ # With libtool 1.4, dependencies were output in $dir.libs/$base.lo.d.
+ #
+ # With libtool 1.5 this exception was removed, and libtool now
+ # generates 2 separate objects for the 2 libraries. These two
+ # compilations output dependencies in in $dir.libs/$base.o.d and
+ # in $dir$base.o.d. We have to check for both files, because
+ # one of the two compilations can be disabled. We should prefer
+ # $dir$base.o.d over $dir.libs/$base.o.d because the latter is
+ # automatically cleaned when .libs/ is deleted, while ignoring
+ # the former would cause a distcleancheck panic.
+ tmpdepfile1=$dir.libs/$base.lo.d # libtool 1.4
+ tmpdepfile2=$dir$base.o.d # libtool 1.5
+ tmpdepfile3=$dir.libs/$base.o.d # libtool 1.5
+ tmpdepfile4=$dir.libs/$base.d # Compaq CCC V6.2-504
+ "$@" -Wc,-MD
+ else
+ tmpdepfile1=$dir$base.o.d
+ tmpdepfile2=$dir$base.d
+ tmpdepfile3=$dir$base.d
+ tmpdepfile4=$dir$base.d
+ "$@" -MD
+ fi
+
+ stat=$?
+ if test $stat -eq 0; then :
+ else
+ rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4"
+ exit $stat
+ fi
+
+ for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4"
+ do
+ test -f "$tmpdepfile" && break
+ done
+ if test -f "$tmpdepfile"; then
+ sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile"
+ # That's a tab and a space in the [].
+ sed -e 's,^.*\.[a-z]*:[ ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile"
+ else
+ echo "#dummy" > "$depfile"
+ fi
+ rm -f "$tmpdepfile"
+ ;;
+
+#nosideeffect)
+ # This comment above is used by automake to tell side-effect
+ # dependency tracking mechanisms from slower ones.
+
+dashmstdout)
+ # Important note: in order to support this mode, a compiler *must*
+ # always write the preprocessed file to stdout, regardless of -o.
+ "$@" || exit $?
+
+ # Remove the call to Libtool.
+ if test "$libtool" = yes; then
+ while test $1 != '--mode=compile'; do
+ shift
+ done
+ shift
+ fi
+
+ # Remove `-o $object'.
+ IFS=" "
+ for arg
+ do
+ case $arg in
+ -o)
+ shift
+ ;;
+ $object)
+ shift
+ ;;
+ *)
+ set fnord "$@" "$arg"
+ shift # fnord
+ shift # $arg
+ ;;
+ esac
+ done
+
+ test -z "$dashmflag" && dashmflag=-M
+ # Require at least two characters before searching for `:'
+ # in the target name. This is to cope with DOS-style filenames:
+ # a dependency such as `c:/foo/bar' could be seen as target `c' otherwise.
+ "$@" $dashmflag |
+ sed 's:^[ ]*[^: ][^:][^:]*\:[ ]*:'"$object"'\: :' > "$tmpdepfile"
+ rm -f "$depfile"
+ cat < "$tmpdepfile" > "$depfile"
+ tr ' ' '
+' < "$tmpdepfile" | \
+## Some versions of the HPUX 10.20 sed can't process this invocation
+## correctly. Breaking it into two sed invocations is a workaround.
+ sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+dashXmstdout)
+ # This case only exists to satisfy depend.m4. It is never actually
+ # run, as this mode is specially recognized in the preamble.
+ exit 1
+ ;;
+
+makedepend)
+ "$@" || exit $?
+ # Remove any Libtool call
+ if test "$libtool" = yes; then
+ while test $1 != '--mode=compile'; do
+ shift
+ done
+ shift
+ fi
+ # X makedepend
+ shift
+ cleared=no
+ for arg in "$@"; do
+ case $cleared in
+ no)
+ set ""; shift
+ cleared=yes ;;
+ esac
+ case "$arg" in
+ -D*|-I*)
+ set fnord "$@" "$arg"; shift ;;
+ # Strip any option that makedepend may not understand. Remove
+ # the object too, otherwise makedepend will parse it as a source file.
+ -*|$object)
+ ;;
+ *)
+ set fnord "$@" "$arg"; shift ;;
+ esac
+ done
+ obj_suffix="`echo $object | sed 's/^.*\././'`"
+ touch "$tmpdepfile"
+ ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
+ rm -f "$depfile"
+ cat < "$tmpdepfile" > "$depfile"
+ sed '1,2d' "$tmpdepfile" | tr ' ' '
+' | \
+## Some versions of the HPUX 10.20 sed can't process this invocation
+## correctly. Breaking it into two sed invocations is a workaround.
+ sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
+ rm -f "$tmpdepfile" "$tmpdepfile".bak
+ ;;
+
+cpp)
+ # Important note: in order to support this mode, a compiler *must*
+ # always write the preprocessed file to stdout.
+ "$@" || exit $?
+
+ # Remove the call to Libtool.
+ if test "$libtool" = yes; then
+ while test $1 != '--mode=compile'; do
+ shift
+ done
+ shift
+ fi
+
+ # Remove `-o $object'.
+ IFS=" "
+ for arg
+ do
+ case $arg in
+ -o)
+ shift
+ ;;
+ $object)
+ shift
+ ;;
+ *)
+ set fnord "$@" "$arg"
+ shift # fnord
+ shift # $arg
+ ;;
+ esac
+ done
+
+ "$@" -E |
+ sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
+ -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' |
+ sed '$ s: \\$::' > "$tmpdepfile"
+ rm -f "$depfile"
+ echo "$object : \\" > "$depfile"
+ cat < "$tmpdepfile" >> "$depfile"
+ sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+msvisualcpp)
+ # Important note: in order to support this mode, a compiler *must*
+ # always write the preprocessed file to stdout, regardless of -o,
+ # because we must use -o when running libtool.
+ "$@" || exit $?
+ IFS=" "
+ for arg
+ do
+ case "$arg" in
+ "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI")
+ set fnord "$@"
+ shift
+ shift
+ ;;
+ *)
+ set fnord "$@" "$arg"
+ shift
+ shift
+ ;;
+ esac
+ done
+ "$@" -E |
+ sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::echo "`cygpath -u \\"\1\\"`":p' | sort | uniq > "$tmpdepfile"
+ rm -f "$depfile"
+ echo "$object : \\" > "$depfile"
+ . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s:: \1 \\:p' >> "$depfile"
+ echo " " >> "$depfile"
+ . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s::\1\::p' >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+none)
+ exec "$@"
+ ;;
+
+*)
+ echo "Unknown depmode $depmode" 1>&2
+ exit 1
+ ;;
+esac
+
+exit 0
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-end: "$"
+# End:
diff --git a/Linux-PAM/doc/CREDITS b/Linux-PAM/doc/CREDITS
deleted file mode 100644
index 528032bb..00000000
--- a/Linux-PAM/doc/CREDITS
+++ /dev/null
@@ -1,49 +0,0 @@
-<!--
- an sgml list of people to credit for their contributions to Linux-PAM
- $Id: CREDITS,v 1.2 2001/03/19 01:46:41 agmorgan Exp $
- -->
-Chris Adams,
-Peter Allgeyer,
-Tim Baverstock,
-Tim Berger,
-Craig S. Bell,
-Derrick J. Brashear,
-Ben Buxton,
-Seth Chaiklin,
-Oliver Crow,
-Chris Dent,
-Marc Ewing,
-Cristian Gafton,
-Emmanuel Galanos,
-Brad M. Garcia,
-Eric Hester,
-Michel D'Hooge,
-Roger Hu,
-Eric Jacksch,
-Michael K. Johnson,
-David Kinchlea,
-Olaf Kirch,
-Marcin Korzonek,
-Stephen Langasek,
-Nicolai Langfeldt,
-Elliot Lee,
-Luke Kenneth Casson Leighton,
-Al Longyear,
-Ingo Luetkebohle,
-Marek Michalkiewicz,
-Robert Milkowski,
-Aleph One,
-Martin Pool,
-Sean Reifschneider,
-Jan Rekorajski,
-Erik Troan,
-Theodore Ts'o,
-Jeff Uphoff,
-Myles Uyema,
-Savochkin Andrey Vladimirovich,
-Ronald Wahl,
-David Wood,
-John Wilmes,
-Joseph S. D. Yao
-and
-Alex O. Yuriev.
diff --git a/Linux-PAM/doc/Makefile b/Linux-PAM/doc/Makefile
deleted file mode 100644
index 1c2ba510..00000000
--- a/Linux-PAM/doc/Makefile
+++ /dev/null
@@ -1,169 +0,0 @@
-
-### $Id: Makefile,v 1.10 2004/09/22 09:37:47 kukuk Exp $
-
-include ../Make.Rules
-
-#######################################################
-
-FILES=pam pam_appl pam_modules
-FSRCS=pam.sgml pam_appl.sgml pam_modules.sgml
-
-TEXTS=txts/pam.txt txts/pam_appl.txt txts/pam_modules.txt
-HTMLS=html/pam.html html/pam_appl.html html/pam_modules.html
-PSFILES=ps/pam.ps ps/pam_appl.ps ps/pam_modules.ps
-PDFFILES=pdf/pam.pdf ps/pam_appl.pdf ps/pam_modules.pdf
-
-MODULES=$(shell ls modules/*.sgml)
-
-#######################################################
-
-dummy:
- @echo "Making the documentation..."
- @$(MAKE) all
-
-# note, at this time we don't include pdf files by default, but you
-# can type make pdf in this directory and see what happens in the pdf
-# subdirectory.
-
-all: htmls texts postscript pdf
-
-htmls: $(HTMLS)
-
-$(HTMLS) : $(FSRCS)
-ifeq ($(HAVE_SGML2HTML),yes)
- @for i in $(FILES) ; do \
- if [ ! -f "html/$$i.html" ] || [ "$$i.sgml" -nt "html/$$i.html" ]; \
- then \
- cd html ; sgml2html ../$$i ; \
- if [ $$? -ne 0 ]; then exit 1 ; fi ; \
- cd .. ; \
- fi ; \
- done
-else
- @echo XXX - you do not have the sgml2html binary installed
-endif
-
-texts: $(TEXTS)
-
-$(TEXTS) : $(FSRCS)
-ifeq ($(HAVE_SGML2TXT),yes)
- @for i in $(FILES) ; do \
- if [ ! -f "txts/$$i.txt" ] \
- || [ "$$i.sgml" -nt "txts/$$i.txt" ]; then \
- cd txts ; sgml2txt ../$$i ; cd .. ; \
- fi ; \
- done
-else
- @echo XXX - you do not have the sgml2txt binary installed
-endif
-
-postscript: $(PSFILES)
-
-$(PSFILES): $(FSRCS)
-ifneq ($(PSER),)
- @for i in $(FILES) ; do \
- if [ ! -f "ps/$$i.ps" ] || [ "$$i.sgml" -nt "ps/$$i.ps" ]; then \
- cd ps ; $(PSER) ../$$i ; cd .. ; \
- fi ; \
- done
-else
- @echo XXX - neither sgml2ps nor sgml2latex binaries are installed
-endif
-
-pdf: $(PDFFILES)
-
-$(PDFFILES) : $(PSFILES)
-ifeq ($(HAVE_PS2PDF),yes)
- @for i in $(FILES) ; do \
- if [ ! -f "pdf/$$i.pdf" ] || [ "ps/$$i.ps" -nt "ps/$$i.pdf" ]; then \
- ps2pdf ps/$$i.ps pdf/$$i.pdf ; \
- fi ; \
- done
-else
- @echo XXX - ps2pdf is not installed
-endif
-
-pam.sgml: pam_source.sgml MODULES-SGML CREDITS
- @sed -e '/^<!\-\- insert\-file MODULES\-SGML \-\->/r MODULES-SGML' pam_source.sgml | sed -e '/^<!\-\- insert\-file CREDITS \-\->/r CREDITS' > pam.sgml
-
-MODULES-SGML: $(MODULES)
- @echo 'Building module text from files in modules/*.sgml'
- @rm -f MODULES-SGML
- @echo '<!-- modules included:' > MODULES-SGML
- @ls modules/*.sgml >> MODULES-SGML
- @echo ' and that is all -->' >> MODULES-SGML
- @cat modules/*.sgml >> MODULES-SGML
-
-extraclean: clean
-
-remove:
- cd man && for file in *.3 ; do \
- rm -f $(FAKEROOT)$(MANDIR)/man3/$$file ; \
- done
- cd man && for file in *.8 ; do \
- rm -f $(FAKEROOT)$(MANDIR)/man8/$$file ; \
- done
- cd txts && for file in *.txt; do \
- rm -f $(FAKEROOT)$(DOCDIR)/text/$$file ; \
- done
- cd ps && for file in *.ps; do \
- rm -f $(FAKEROOT)$(DOCDIR)/ps/$$file ; \
- done
- cd html && for file in *.html; do \
- rm -f $(FAKEROOT)$(DOCDIR)/html/$$file ; \
- done
-
-install: all
-ifeq ($(HAVE_SGML2TXT),yes)
- mkdir -p $(FAKEROOT)$(DOCDIR)/text
- for file in txts/*.txt; do \
- install -m 644 $$file $(FAKEROOT)$(DOCDIR)/text ; \
- done
-endif
-ifneq ($(PSER),)
- mkdir -p $(FAKEROOT)$(DOCDIR)/ps
- for file in ps/*.ps; do \
- install -m 644 $$file $(FAKEROOT)$(DOCDIR)/ps ; \
- done
-ifeq ($(HAVE_PS2PDF),yes)
- mkdir -p $(FAKEROOT)$(DOCDIR)/pdf
- for file in pdf/*.pdf; do \
- install -m 644 $$file $(FAKEROOT)$(DOCDIR)/pdf ; \
- done
-endif
-endif
-ifeq ($(HAVE_SGML2HTML),yes)
- mkdir -p $(FAKEROOT)$(DOCDIR)/html
- for file in html/*.html; do \
- install -m 644 $$file $(FAKEROOT)$(DOCDIR)/html ; \
- done
-endif
- mkdir -p $(FAKEROOT)$(MANDIR)/man3
- mkdir -p $(FAKEROOT)$(MANDIR)/man8
- for file in man/*.3 ; do \
- install -m 644 $$file $(FAKEROOT)$(MANDIR)/man3 ; \
- done
- for file in man/*.8 ; do \
- install -m 644 $$file $(FAKEROOT)$(MANDIR)/man8 ; \
- done
-
-spec: specs/draft-morgan-pam.raw
- cd specs/formatter && $(MAKE)
- specs/formatter/padout < specs/draft-morgan-pam.raw > specs/draft-morgan-pam-current.txt
-
-releasedocs: all spec
- tar zvfc Linux-PAM-$(MAJOR_REL).$(MINOR_REL)-docs.tar.gz \
- --exclude CVS --exclude .cvsignore --exclude '.#*' \
- html ps txts specs/draft-morgan-pam-current.txt
-
-clean:
- rm -f *~ *.bak
- rm -f html/pam*.html
- rm -f man/*~
- rm -f $(TEXTS)
- rm -f $(PSFILES) ps/missfont.log
- rm -f pdf/*.pdf
- rm -f MODULES-SGML pam.sgml
- rm -f specs/draft-morgan-pam-current.txt
- $(MAKE) -C specs/formatter clean
-
diff --git a/Linux-PAM/doc/Makefile.am b/Linux-PAM/doc/Makefile.am
new file mode 100644
index 00000000..3b893899
--- /dev/null
+++ b/Linux-PAM/doc/Makefile.am
@@ -0,0 +1,22 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+SUBDIRS = man specs sag adg mwg
+
+CLEANFILES = *~
+
+dist_html_DATA = index.html
+
+#######################################################
+
+releasedocs: all
+ $(mkinstalldirs) $(top_builddir)/Linux-PAM-$(VERSION)/doc/specs
+ cp -av specs/draft-morgan-pam-current.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/specs/
+ cp -av specs/rfc86.0.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/specs/
+ make -C sag releasedocs
+ make -C adg releasedocs
+ make -C mwg releasedocs
+
diff --git a/Linux-PAM/doc/Makefile.in b/Linux-PAM/doc/Makefile.in
new file mode 100644
index 00000000..6c3563ee
--- /dev/null
+++ b/Linux-PAM/doc/Makefile.in
@@ -0,0 +1,589 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = doc
+DIST_COMMON = $(dist_html_DATA) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+SOURCES =
+DIST_SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
+ html-recursive info-recursive install-data-recursive \
+ install-dvi-recursive install-exec-recursive \
+ install-html-recursive install-info-recursive \
+ install-pdf-recursive install-ps-recursive install-recursive \
+ installcheck-recursive installdirs-recursive pdf-recursive \
+ ps-recursive uninstall-recursive
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(htmldir)"
+dist_htmlDATA_INSTALL = $(INSTALL_DATA)
+DATA = $(dist_html_DATA)
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+ETAGS = etags
+CTAGS = ctags
+DIST_SUBDIRS = $(SUBDIRS)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+SUBDIRS = man specs sag adg mwg
+CLEANFILES = *~
+dist_html_DATA = index.html
+all: all-recursive
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu doc/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-dist_htmlDATA: $(dist_html_DATA)
+ @$(NORMAL_INSTALL)
+ test -z "$(htmldir)" || $(MKDIR_P) "$(DESTDIR)$(htmldir)"
+ @list='$(dist_html_DATA)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(dist_htmlDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(htmldir)/$$f'"; \
+ $(dist_htmlDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(htmldir)/$$f"; \
+ done
+
+uninstall-dist_htmlDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(dist_html_DATA)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(htmldir)/$$f'"; \
+ rm -f "$(DESTDIR)$(htmldir)/$$f"; \
+ done
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run `make' without going through this Makefile.
+# To change the values of `make' variables: instead of editing Makefiles,
+# (1) if the variable is set in `config.status', edit `config.status'
+# (which will cause the Makefiles to be regenerated when you run `make');
+# (2) otherwise, pass the desired values on the `make' command line.
+$(RECURSIVE_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+$(RECURSIVE_CLEAN_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ rev=''; for subdir in $$list; do \
+ if test "$$subdir" = "."; then :; else \
+ rev="$$subdir $$rev"; \
+ fi; \
+ done; \
+ rev="$$rev ."; \
+ target=`echo $@ | sed s/-recursive//`; \
+ for subdir in $$rev; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done && test -z "$$fail"
+tags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
+ done
+ctags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+ list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ distdir=`$(am__cd) $(distdir) && pwd`; \
+ top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
+ (cd $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$top_distdir" \
+ distdir="$$distdir/$$subdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-recursive
+all-am: Makefile $(DATA)
+installdirs: installdirs-recursive
+installdirs-am:
+ for dir in "$(DESTDIR)$(htmldir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+info: info-recursive
+
+info-am:
+
+install-data-am: install-dist_htmlDATA
+
+install-dvi: install-dvi-recursive
+
+install-exec-am:
+
+install-html: install-html-recursive
+
+install-info: install-info-recursive
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-ps: install-ps-recursive
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am: uninstall-dist_htmlDATA
+
+.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \
+ install-strip
+
+.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
+ all all-am check check-am clean clean-generic clean-libtool \
+ ctags ctags-recursive distclean distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dist_htmlDATA install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ installdirs-am maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+ ps ps-am tags tags-recursive uninstall uninstall-am \
+ uninstall-dist_htmlDATA
+
+
+#######################################################
+
+releasedocs: all
+ $(mkinstalldirs) $(top_builddir)/Linux-PAM-$(VERSION)/doc/specs
+ cp -av specs/draft-morgan-pam-current.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/specs/
+ cp -av specs/rfc86.0.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/specs/
+ make -C sag releasedocs
+ make -C adg releasedocs
+ make -C mwg releasedocs
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/doc/NOTES b/Linux-PAM/doc/NOTES
deleted file mode 100644
index b0f40d47..00000000
--- a/Linux-PAM/doc/NOTES
+++ /dev/null
@@ -1,16 +0,0 @@
-Things to be added:
-
-@ modules:
-@ application:
-
- use of
- 'user' = user to become,
- 'uid' = user requesting service
- 'euid' = privilege of current process.
-
-@ sysadmin:
-
- included modules:
- behavior
- non-included modules:
- behavior/pointers.
diff --git a/Linux-PAM/doc/adg/Linux-PAM_ADG.xml b/Linux-PAM/doc/adg/Linux-PAM_ADG.xml
new file mode 100644
index 00000000..54df797d
--- /dev/null
+++ b/Linux-PAM/doc/adg/Linux-PAM_ADG.xml
@@ -0,0 +1,779 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<book id="adg">
+ <bookinfo>
+ <title>The Linux-PAM Application Developers' Guide</title>
+ <authorgroup>
+ <author>
+ <firstname>Andrew G.</firstname>
+ <surname>Morgan</surname>
+ <email>morgan@kernel.org</email>
+ </author>
+ <author>
+ <firstname>Thorsten</firstname>
+ <surname>Kukuk</surname>
+ <email>kukuk@thkukuk.de</email>
+ </author>
+ </authorgroup>
+ <releaseinfo>Version 0.99.6.0, 5. August 2006</releaseinfo>
+ <abstract>
+ <para>
+ This manual documents what an application developer needs to know
+ about the <emphasis remap='B'>Linux-PAM</emphasis> library. It
+ describes how an application might use the
+ <emphasis remap='B'>Linux-PAM</emphasis> library to authenticate
+ users. In addition it contains a description of the funtions
+ to be found in <filename>libpam_misc</filename> library, that can
+ be used in general applications. Finally, it contains some comments
+ on PAM related security issues for the application developer.
+ </para>
+ </abstract>
+ </bookinfo>
+
+ <chapter id="adg-introduction">
+ <title>Introduction</title>
+ <section id="adg-introduction-description">
+ <title>Description</title>
+ <para>
+ <emphasis remap='B'>Linux-PAM</emphasis>
+ (Pluggable Authentication Modules for Linux) is a library that enables
+ the local system administrator to choose how individual applications
+ authenticate users. For an overview of the
+ <emphasis remap='B'>Linux-PAM</emphasis> library see the
+ <emphasis>Linux-PAM System Administrators' Guide</emphasis>.
+ </para>
+ <para>
+ It is the purpose of the <emphasis remap='B'>Linux-PAM</emphasis>
+ project to liberate the development of privilege granting software
+ from the development of secure and appropriate authentication schemes.
+ This is accomplished by providing a documented library of functions
+ that an application may use for all forms of user authentication
+ management. This library dynamically loads locally configured
+ authentication modules that actually perform the authentication tasks.
+ </para>
+ <para>
+ From the perspective of an application developer the information
+ contained in the local configuration of the PAM library should not be
+ important. Indeed it is intended that an application treat the
+ functions documented here as a 'black box' that will deal with all
+ aspects of user authentication. 'All aspects' includes user
+ verification, account management, session initialization/termination
+ and also the resetting of passwords
+ (<emphasis>authentication tokens</emphasis>).
+ </para>
+ </section>
+
+ <section id="adg-introduction-synopsis">
+ <title>Synopsis</title>
+ <para>
+ For general applications that wish to use the services provided by
+ <emphasis remap='B'>Linux-PAM</emphasis> the following is a summary
+ of the relevant linking information:
+ <programlisting>
+#include &lt;security/pam_appl.h&gt;
+
+cc -o application .... -lpam
+ </programlisting>
+ </para>
+ <para>
+ In addition to <command>libpam</command>, there is a library of
+ miscellaneous functions that make the job of writing
+ <emphasis>PAM-aware</emphasis> applications easier (this library is not
+ covered in the DCE-RFC for PAM and is specific to the Linux-PAM
+ distribution):
+ <programlisting>
+#include &lt;security/pam_appl.h&gt;
+#include &lt;security/pam_misc.h&gt;
+
+cc -o application .... -lpam -lpam_misc
+ </programlisting>
+ </para>
+ </section>
+ </chapter>
+
+ <chapter id="adg-overview">
+ <title>Overview</title>
+ <para>
+ Most service-giving applications are restricted. In other words,
+ their service is not available to all and every prospective client.
+ Instead, the applying client must jump through a number of hoops to
+ convince the serving application that they are authorized to obtain
+ service.
+ </para>
+ <para>
+ The process of <emphasis>authenticating</emphasis> a client is what
+ PAM is designed to manage. In addition to authentication, PAM provides
+ account management, credential management, session management and
+ authentication-token (password changing) management services. It is
+ important to realize when writing a PAM based application that these
+ services are provided in a manner that is
+ <emphasis remap='B'>transparent</emphasis> to the application. That is
+ to say, when the application is written, no assumptions can be made
+ about <emphasis>how</emphasis> the client will be authenticated.
+ </para>
+ <para>
+ The process of authentication is performed by the PAM library via a
+ call to <function>pam_authenticate()</function>. The return value
+ of this function will indicate whether a named client (the
+ <emphasis>user</emphasis>) has been authenticated. If the PAM library
+ needs to prompt the user for any information, such as their
+ <emphasis>name</emphasis> or a <emphasis>password</emphasis>
+ then it will do so. If the PAM library is configured to authenticate
+ the user using some silent protocol, it will do this too. (This
+ latter case might be via some hardware interface for example.)
+ </para>
+ <para>
+ It is important to note that the application must leave all decisions
+ about when to prompt the user at the discretion of the PAM library.
+ </para>
+ <para>
+ The PAM library, however, must work equally well for different styles
+ of application. Some applications, like the familiar
+ <command>login</command> and <command>passwd</command> are terminal
+ based applications, exchanges of information with the client in
+ these cases is as plain text messages. Graphically based applications,
+ however, have a more sophisticated interface. They generally interact
+ with the user via specially constructed dialogue boxes. Additionally,
+ network based services require that text messages exchanged with the
+ client are specially formatted for automated processing: one such
+ example is <command>ftpd</command> which prefixes each exchanged
+ message with a numeric identifier.
+ </para>
+ <para>
+ The presentation of simple requests to a client is thus something very
+ dependent on the protocol that the serving application will use. In
+ spite of the fact that PAM demands that it drives the whole
+ authentication process, it is not possible to leave such protocol
+ subtleties up to the PAM library. To overcome this potential problem,
+ the application provides the PAM library with a
+ <emphasis>conversation</emphasis> function. This function is called
+ from <emphasis>within</emphasis> the PAM library and enables the PAM
+ to directly interact with the client. The sorts of things that this
+ conversation function must be able to do are prompt the user with
+ text and/or obtain textual input from the user for processing by the
+ PAM library. The details of this function are provided in a later
+ section.
+ </para>
+ <para>
+ For example, the conversation function may be called by the PAM
+ library with a request to prompt the user for a password. Its job is
+ to reformat the prompt request into a form that the client will
+ understand. In the case of <command>ftpd</command>, this might involve
+ prefixing the string with the number <command>331</command> and sending
+ the request over the network to a connected client. The conversation
+ function will then obtain any reply and, after extracting the typed
+ password, will return this string of text to the PAM library. Similar
+ concerns need to be addressed in the case of an X-based graphical
+ server.
+ </para>
+ <para>
+ There are a number of issues that need to be addressed when one is
+ porting an existing application to become PAM compliant. A section
+ below has been devoted to this: Porting legacy applications.
+ </para>
+ <para>
+ Besides authentication, PAM provides other forms of management.
+ Session management is provided with calls to
+ <function>pam_open_session()</function> and
+ <function>pam_close_session()</function>. What these functions
+ actually do is up to the local administrator. But typically, they
+ could be used to log entry and exit from the system or for mounting
+ and unmounting the user's home directory. If an application provides
+ continuous service for a period of time, it should probably call
+ these functions, first open after the user is authenticated and then
+ close when the service is terminated.
+ </para>
+ <para>
+ Account management is another area that an application developer
+ should include with a call to <function>pam_acct_mgmt()</function>.
+ This call will perform checks on the good health of the user's account
+ (has it expired etc.). One of the things this function may check is
+ whether the user's authentication token has expired - in such a case the
+ application may choose to attempt to update it with a call to
+ <function>pam_chauthtok()</function>, although some applications
+ are not suited to this task (<command>ftp</command> for example)
+ and in this case the application should deny access to the user.
+ </para>
+ <para>
+ PAM is also capable of setting and deleting the users credentials with
+ the call <function>pam_setcred()</function>. This function should
+ always be called after the user is authenticated and before service
+ is offered to the user. By convention, this should be the last call
+ to the PAM library before the PAM session is opened. What exactly a
+ credential is, is not well defined. However, some examples are given
+ in the glossary below.
+ </para>
+ </chapter>
+
+ <chapter id="adg-interface">
+ <title>
+ The public interface to <emphasis remap='B'>Linux-PAM</emphasis>
+ </title>
+ <para>
+ Firstly, the relevant include file for the
+ <emphasis remap='B'>Linux-PAM</emphasis> library is
+ <function>&lt;security/pam_appl.h&gt;</function>.
+ It contains the definitions for a number of functions. After
+ listing these functions, we collect some guiding remarks for
+ programmers.
+ </para>
+ <section id="adg-interface-by-app-expected">
+ <title>What can be expected by the application</title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_start.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_end.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_set_item.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_get_item.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_strerror.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_fail_delay.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_authenticate.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_setcred.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_acct_mgmt.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_chauthtok.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_open_session.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_close_session.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_putenv.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_getenv.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_getenvlist.xml"/>
+ </section>
+ <section id="adg-interface-of-app-expected">
+ <title>What is expected of an application</title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_conv.xml"/>
+ </section>
+ <section id="adg-interface-programming-notes">
+ <title>Programming notes</title>
+ <para>
+ Note, all of the authentication service function calls accept the
+ token <emphasis remap='B'>PAM_SILENT</emphasis>, which instructs
+ the modules to not send messages to the application. This token
+ can be logically OR'd with any one of the permitted tokens specific
+ to the individual function calls.
+ <emphasis remap='B'>PAM_SILENT</emphasis> does not override the
+ prompting of the user for passwords etc., it only stops informative
+ messages from being generated.
+ </para>
+ </section>
+ </chapter>
+
+ <chapter id="adg-security">
+ <title>
+ Security issues of <emphasis remap='B'>Linux-PAM</emphasis>
+ </title>
+ <para>
+ PAM, from the perspective of an application, is a convenient API for
+ authenticating users. PAM modules generally have no increased
+ privilege over that possessed by the application that is making use of
+ it. For this reason, the application must take ultimate responsibility
+ for protecting the environment in which PAM operates.
+ </para>
+ <para>
+ A poorly (or maliciously) written application can defeat any
+ <emphasis remap='B'>Linux-PAM</emphasis> module's authentication
+ mechanisms by simply ignoring it's return values. It is the
+ applications task and responsibility to grant privileges and access
+ to services. The <emphasis remap='B'>Linux-PAM</emphasis> library
+ simply assumes the responsibility of <emphasis>authenticating</emphasis>
+ the user; ascertaining that the user <emphasis>is</emphasis> who they
+ say they are. Care should be taken to anticipate all of the documented
+ behavior of the <emphasis remap='B'>Linux-PAM</emphasis> library
+ functions. A failure to do this will most certainly lead to a future
+ security breach.
+ </para>
+
+ <section id="adg-security-library-calls">
+ <title>Care about standard library calls</title>
+ <para>
+ In general, writers of authorization-granting applications should
+ assume that each module is likely to call any or
+ <emphasis>all</emphasis> 'libc' functions. For 'libc' functions
+ that return pointers to static/dynamically allocated structures
+ (ie. the library allocates the memory and the user is not expected
+ to '<function>free()</function>' it) any module call to this
+ function is likely to corrupt a pointer previously
+ obtained by the application. The application programmer should
+ either re-call such a 'libc' function after a call to the
+ <emphasis remap='B'>Linux-PAM</emphasis> library, or copy the
+ structure contents to some safe area of memory before passing
+ control to the <emphasis remap='B'>Linux-PAM</emphasis> library.
+ </para>
+ <para>
+ Two important function classes that fall into this category are
+ <citerefentry>
+ <refentrytitle>getpwnam</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </section>
+
+ <section id="adg-security-service-name">
+ <title>Choice of a service name</title>
+ <para>
+ When picking the <emphasis>service-name</emphasis> that
+ corresponds to the first entry in the
+ <emphasis remap='B'>Linux-PAM</emphasis> configuration file,
+ the application programmer should <emphasis>avoid</emphasis>
+ the temptation of choosing something related to
+ <varname>argv[0]</varname>. It is a trivial matter for any user
+ to invoke any application on a system under a different name and
+ this should not be permitted to cause a security breach.
+ </para>
+ <para>
+ In general, this is always the right advice if the program is
+ setuid, or otherwise more privileged than the user that invokes
+ it. In some cases, avoiding this advice is convenient, but as an
+ author of such an application, you should consider well the ways
+ in which your program will be installed and used. (Its often the
+ case that programs are not intended to be setuid, but end up
+ being installed that way for convenience. If your program falls
+ into this category, don't fall into the trap of making this mistake.)
+ </para>
+ <para>
+ To invoke some <emphasis>target</emphasis> application by
+ another name, the user may symbolically link the target application
+ with the desired name. To be precise all the user need do is,
+ <command>ln -s /target/application ./preferred_name</command>
+ and then run <command>./preferred_name</command>.
+ </para>
+ <para>
+ By studying the <emphasis remap='B'>Linux-PAM</emphasis>
+ configuration file(s), an attacker can choose the
+ <command>preferred_name</command> to be that of a service enjoying
+ minimal protection; for example a game which uses
+ <emphasis remap='B'>Linux-PAM</emphasis> to restrict access to
+ certain hours of the day. If the service-name were to be linked
+ to the filename under which the service was invoked, it
+ is clear that the user is effectively in the position of
+ dictating which authentication scheme the service uses. Needless
+ to say, this is not a secure situation.
+ </para>
+ <para>
+ The conclusion is that the application developer should carefully
+ define the service-name of an application. The safest thing is to
+ make it a single hard-wired name.
+ </para>
+ </section>
+
+ <section id="adg-security-conv-function">
+ <title>The conversation function</title>
+ <para>
+ Care should be taken to ensure that the <function>conv()</function>
+ function is robust. Such a function is provided in the library
+ <command>libpam_misc</command> (see
+ <link linkend="adg-libpam-functions">below</link>).
+ </para>
+ </section>
+
+ <section id="adg-security-usre-identity">
+ <title>The identity of the user</title>
+ <para>
+ The <emphasis remap='B'>Linux-PAM</emphasis> modules will need
+ to determine the identity of the user who requests a service,
+ and the identity of the user who grants the service. These two
+ users will seldom be the same. Indeed there is generally a third
+ user identity to be considered, the new (assumed) identity of
+ the user once the service is granted.
+ </para>
+ <para>
+ The need for keeping tabs on these identities is clearly an
+ issue of security. One convention that is actively used by
+ some modules is that the identity of the user requesting a
+ service should be the current <emphasis>UID</emphasis>
+ (userid) of the running process; the identity of the
+ privilege granting user is the <emphasis>EUID</emphasis>
+ (effective userid) of the running process; the identity of
+ the user, under whose name the service will be executed, is
+ given by the contents of the <emphasis>PAM_USER</emphasis>
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>. Note, modules can change the values of
+ <emphasis>PAM_USER</emphasis> and <emphasis>PAM_RUSER</emphasis>
+ during any of the <function>pam_*()</function> library calls.
+ For this reason, the application should take care to use the
+ <function>pam_get_item()</function> every time it wishes to
+ establish who the authenticated user is (or will currently be).
+ </para>
+ <para>
+ For network-serving databases and other applications that provide
+ their own security model (independent of the OS kernel) the above
+ scheme is insufficient to identify the requesting user.
+ </para>
+ <para>
+ A more portable solution to storing the identity of the requesting
+ user is to use the <emphasis>PAM_RUSER</emphasis> <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>. The application should supply this value before
+ attempting to authenticate the user with
+ <function>pam_authenticate()</function>. How well this name can be
+ trusted will ultimately be at the discretion of the local
+ administrator (who configures PAM for your application) and a
+ selected module may attempt to override the value where it can
+ obtain more reliable data. If an application is unable to determine
+ the identity of the requesting entity/user, it should not call
+ <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> to set <emphasis>PAM_RUSER</emphasis>.
+ </para>
+ <para>
+ In addition to the <emphasis>PAM_RUSER</emphasis> item, the
+ application should supply the <emphasis>PAM_RHOST</emphasis>
+ (<emphasis>requesting host</emphasis>) item. As a general rule,
+ the following convention for its value can be assumed:
+ NULL = unknown; localhost = invoked directly from the local system;
+ <emphasis>other.place.xyz</emphasis> = some component of the
+ user's connection originates from this remote/requesting host. At
+ present, PAM has no established convention for indicating whether
+ the application supports a trusted path to communication from
+ this host.
+ </para>
+ </section>
+
+ <section id="adg-security-resources">
+ <title>Sufficient resources</title>
+ <para>
+ Care should be taken to ensure that the proper execution of an
+ application is not compromised by a lack of system resources. If an
+ application is unable to open sufficient files to perform its service,
+ it should fail gracefully, or request additional resources.
+ Specifically, the quantities manipulated by the <citerefentry>
+ <refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry> family of commands should be taken into consideration.
+ </para>
+ <para>
+ This is also true of conversation prompts. The application should not
+ accept prompts of arbitrary length with out checking for resource
+ allocation failure and dealing with such extreme conditions gracefully
+ and in a mannor that preserves the PAM API. Such tolerance may be
+ especially important when attempting to track a malicious adversary.
+ </para>
+ </section>
+ </chapter>
+
+ <chapter id='adg-libpam_misc'>
+ <title>A library of miscellaneous helper functions</title>
+ <para>
+ To aid the work of the application developer a library of
+ miscellaneous functions is provided. It is called
+ <command>libpam_miscy</command>, and contains a text based
+ conversation function, and routines for enhancing the standard
+ PAM-environment variable support.
+ </para>
+ <para>
+ The functions, structures and macros, made available by this
+ library can be defined by including
+ <function>&lt;security/pam_misc.h&gt;</function>. It should be
+ noted that this library is specific to
+ <emphasis remap='B'>Linux-PAM</emphasis> and is not referred to in
+ the defining DCE-RFC (see <link linkend="adg-see-also">See also</link>)
+ below.
+ </para>
+ <section id='adg-libpam-functions'>
+ <title>Functions supplied</title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_misc_conv.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_misc_paste_env.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_misc_drop_env.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_misc_setenv.xml"/>
+ </section>
+ </chapter>
+
+ <chapter id='adg-porting'>
+ <title>Porting legacy applications</title>
+ <para>
+ The point of PAM is that the application is not supposed to
+ have any idea how the attached authentication modules will choose
+ to authenticate the user. So all they can do is provide a conversation
+ function that will talk directly to the user(client) on the modules'
+ behalf.
+ </para>
+ <para>
+ Consider the case that you plug a retinal scanner into the login
+ program. In this situation the user would be prompted: "please look
+ into the scanner". No username or password would be needed - all this
+ information could be deduced from the scan and a database lookup. The
+ point is that the retinal scanner is an ideal task for a "module".
+ </para>
+ <para>
+ While it is true that a pop-daemon program is designed with the POP
+ protocol in mind and no-one ever considered attaching a retinal
+ scanner to it, it is also the case that the "clean" PAM'ification of
+ such a daemon would allow for the possibility of a scanner module
+ being be attached to it. The point being that the "standard"
+ pop-authentication protocol(s) [which will be needed to satisfy
+ inflexible/legacy clients] would be supported by inserting an
+ appropriate pam_qpopper module(s). However, having rewritten popd
+ once in this way any new protocols can be implemented in-situ.
+ </para>
+ <para>
+ One simple test of a ported application would be to insert the
+ <command>pam_permit</command> module and see if the application
+ demands you type a password... In such a case, <command>xlock</command>
+ would fail to lock the terminal - or would at best be a screen-saver,
+ ftp would give password free access to all etc.. Neither of
+ these is a very secure thing to do, but they do illustrate how
+ much flexibility PAM puts in the hands of the local admin.
+ </para>
+ <para>
+ The key issue, in doing things correctly, is identifying what is part
+ of the authentication procedure (how many passwords etc..) the
+ exchange protocol (prefixes to prompts etc., numbers like 331 in the
+ case of ftpd) and what is part of the service that the application
+ delivers. PAM really needs to have total control in the
+ authentication "procedure", the conversation function should only
+ deal with reformatting user prompts and extracting responses from raw
+ input.
+ </para>
+ </chapter>
+
+ <chapter id='adg-glossary'>
+ <title>Glossary of PAM related terms</title>
+ <para>
+ The following are a list of terms used within this document.
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>Authentication token</term>
+ <listitem>
+ <para>
+ Generally, this is a password. However, a user can authenticate
+ him/herself in a variety of ways. Updating the user's
+ authentication token thus corresponds to
+ <emphasis>refreshing</emphasis> the object they use to
+ authenticate themself with the system. The word password is
+ avoided to keep open the possibility that the authentication
+ involves a retinal scan or other non-textual mode of
+ challenge/response.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Credentials</term>
+ <listitem>
+ <para>
+ Having successfully authenticated the user, PAM is able to
+ establish certain characteristics/attributes of the user.
+ These are termed <emphasis>credentials</emphasis>. Examples
+ of which are group memberships to perform privileged tasks
+ with, and <emphasis>tickets</emphasis> in the form of
+ environment variables etc. . Some user-credentials, such as
+ the user's UID and GID (plus default group memberships) are
+ not deemed to be PAM-credentials. It is the responsibility
+ of the application to grant these directly.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </chapter>
+
+ <chapter id='adg-example'>
+ <title>An example application</title>
+ <para>
+ To get a flavor of the way a <emphasis remap='B'>Linux-PAM</emphasis>
+ application is written we include the following example. It prompts
+ the user for their password and indicates whether their account
+ is valid on the standard output, its return code also indicates
+ the success (<returnvalue>0</returnvalue> for success;
+ <returnvalue>1</returnvalue> for failure).
+ </para>
+ <programlisting><![CDATA[
+/*
+ This program was contributed by Shane Watts
+ [modifications by AGM and kukuk]
+
+ You need to add the following (or equivalent) to the
+ /etc/pam.d/check_user file:
+ # check authorization
+ auth required pam_unix.so
+ account required pam_unix.so
+ */
+
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+#include <stdio.h>
+
+static struct pam_conv conv = {
+ misc_conv,
+ NULL
+};
+
+int main(int argc, char *argv[])
+{
+ pam_handle_t *pamh=NULL;
+ int retval;
+ const char *user="nobody";
+
+ if(argc == 2) {
+ user = argv[1];
+ }
+
+ if(argc > 2) {
+ fprintf(stderr, "Usage: check_user [username]\n");
+ exit(1);
+ }
+
+ retval = pam_start("check_user", user, &conv, &pamh);
+
+ if (retval == PAM_SUCCESS)
+ retval = pam_authenticate(pamh, 0); /* is user really user? */
+
+ if (retval == PAM_SUCCESS)
+ retval = pam_acct_mgmt(pamh, 0); /* permitted access? */
+
+ /* This is where we have been authorized or not. */
+
+ if (retval == PAM_SUCCESS) {
+ fprintf(stdout, "Authenticated\n");
+ } else {
+ fprintf(stdout, "Not Authenticated\n");
+ }
+
+ if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */
+ pamh = NULL;
+ fprintf(stderr, "check_user: failed to release authenticator\n");
+ exit(1);
+ }
+
+ return ( retval == PAM_SUCCESS ? 0:1 ); /* indicate success */
+}
+]]>
+ </programlisting>
+ </chapter>
+
+ <chapter id='adg-files'>
+ <title>Files</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/usr/include/security/pam_appl.h</filename></term>
+ <listitem>
+ <para>
+ Header file with interfaces for
+ <emphasis remap='B'>Linux-PAM</emphasis> applications.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/usr/include/security/pam_misc.h</filename></term>
+ <listitem>
+ <para>
+ Header file for useful library functions for making
+ applications easier to write.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </chapter>
+
+ <chapter id="adg-see-also">
+ <title>See also</title>
+ <itemizedlist>
+ <listitem>
+ <para>
+ The Linux-PAM System Administrators' Guide.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The Linux-PAM Module Writers' Guide.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The V. Samar and R. Schemers (SunSoft), ``UNIFIED LOGIN WITH
+ PLUGGABLE AUTHENTICATION MODULES'', Open Software Foundation
+ Request For Comments 86.0, October 1995.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </chapter>
+
+ <chapter id='adg-author'>
+ <title>Author/acknowledgments</title>
+ <para>
+ This document was written by Andrew G. Morgan (morgan@kernel.org)
+ with many contributions from
+ Chris Adams, Peter Allgeyer, Tim Baverstock, Tim Berger, Craig S. Bell,
+ Derrick J. Brashear, Ben Buxton, Seth Chaiklin, Oliver Crow, Chris Dent,
+ Marc Ewing, Cristian Gafton, Emmanuel Galanos, Brad M. Garcia,
+ Eric Hester, Roger Hu, Eric Jacksch, Michael K. Johnson, David Kinchlea,
+ Olaf Kirch, Marcin Korzonek, Thorsten Kukuk, Stephen Langasek,
+ Nicolai Langfeldt, Elliot Lee, Luke Kenneth Casson Leighton,
+ Al Longyear, Ingo Luetkebohle, Marek Michalkiewicz, Robert Milkowski,
+ Aleph One, Martin Pool, Sean Reifschneider, Jan Rekorajski, Erik Troan,
+ Theodore Ts'o, Jeff Uphoff, Myles Uyema, Savochkin Andrey Vladimirovich,
+ Ronald Wahl, David Wood, John Wilmes, Joseph S. D. Yao
+ and Alex O. Yuriev.
+ </para>
+ <para>
+ Thanks are also due to Sun Microsystems, especially to Vipin Samar and
+ Charlie Lai for their advice. At an early stage in the development of
+ <emphasis remap='B'>Linux-PAM</emphasis>, Sun graciously made the
+ documentation for their implementation of PAM available. This act
+ greatly accelerated the development of
+ <emphasis remap='B'>Linux-PAM</emphasis>.
+ </para>
+ </chapter>
+
+ <chapter id='adg-copyright'>
+ <title>Copyright information for this document</title>
+ <programlisting>
+Copyright (c) 2006 Thorsten Kukuk &lt;kukuk@thkukuk.de&gt;
+Copyright (c) 1996-2002 Andrew G. Morgan &lt;morgan@kernel.org&gt;
+ </programlisting>
+ <para>
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ </para>
+ <programlisting>
+1. Redistributions of source code must retain the above copyright
+ notice, and the entire permission notice in its entirety,
+ including the disclaimer of warranties.
+
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+3. The name of the author may not be used to endorse or promote
+ products derived from this software without specific prior
+ written permission.
+ </programlisting>
+ <para>
+ Alternatively, this product may be distributed under the terms of
+ the GNU General Public License (GPL), in which case the provisions
+ of the GNU GPL are required instead of the above restrictions.
+ (This clause is necessary due to a potential bad interaction between
+ the GNU GPL and the restrictions contained in a BSD-style copyright.)
+ </para>
+ <programlisting>
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ </programlisting>
+ </chapter>
+</book>
diff --git a/Linux-PAM/doc/adg/Makefile.am b/Linux-PAM/doc/adg/Makefile.am
new file mode 100644
index 00000000..03d0c871
--- /dev/null
+++ b/Linux-PAM/doc/adg/Makefile.am
@@ -0,0 +1,97 @@
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+CLEANFILES = Linux-PAM_ADG.fo *~
+
+EXTRA_DIST = $(XMLS)
+
+XMLS = Linux-PAM_ADG.xml $(shell ls $(srcdir)/pam_*.xml)
+DEP_XMLS = $(shell ls $(top_srcdir)/doc/man/pam_*.xml)
+
+if ENABLE_REGENERATE_MAN
+MAINTAINERCLEANFILES = Linux-PAM_ADG.txt Linux-PAM_ADG.pdf html/*.html
+
+all: Linux-PAM_ADG.txt html/Linux-PAM_ADG.html Linux-PAM_ADG.pdf
+
+Linux-PAM_ADG.pdf: $(XMLS) $(DEP_XMLS)
+if ENABLE_GENERATE_PDF
+ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+ $(XSLTPROC) --stringparam generate.toc "book toc" \
+ --stringparam section.autolabel 1 \
+ --stringparam section.label.includes.component.label 1 \
+ --stringparam toc.max.depth 3 --xinclude --nonet \
+ http://docbook.sourceforge.net/release/xsl/current/fo/docbook.xsl $< > Linux-PAM_ADG.fo
+ $(FO2PDF) Linux-PAM_ADG.fo $@
+else
+ echo "No fo2pdf processor installed, skip PDF generation"
+endif
+
+Linux-PAM_ADG.txt: $(XMLS) $(DEP_XMLS)
+ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+ $(XSLTPROC) --stringparam generate.toc "book toc" \
+ --stringparam section.autolabel 1 \
+ --stringparam section.label.includes.component.label 1 \
+ --stringparam toc.max.depth 3 --xinclude --nonet \
+ http://docbook.sourceforge.net/release/xsl/current/html/docbook.xsl $< | $(BROWSER) > $@
+
+html/Linux-PAM_ADG.html: $(XMLS) $(DEP_XMLS)
+ @test -d html || mkdir -p html
+ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+ $(XSLTPROC) --stringparam base.dir html/ \
+ --stringparam root.filename Linux-PAM_ADG \
+ --stringparam use.id.as.filename 1 \
+ --stringparam chunk.first.sections 1 \
+ --stringparam section.autolabel 1 \
+ --stringparam section.label.includes.component.label 1 \
+ --stringparam toc.max.depth 3 --xinclude --nonet \
+ http://docbook.sourceforge.net/release/xsl/current/html/chunk.xsl $<
+
+distclean-local:
+ -rm -rf html Linux-PAM_ADG.txt Linux-PAM_ADG.pdf
+
+endif
+
+install-data-local:
+ $(mkinstalldirs) $(DESTDIR)$(docdir)
+ $(mkinstalldirs) $(DESTDIR)$(pdfdir)
+ $(mkinstalldirs) $(DESTDIR)$(htmldir)
+ test -f html/Linux-PAM_ADG.html || exit 0; \
+ $(install_sh_DATA) html/Linux-PAM_ADG.html html/adg-*.html \
+ $(DESTDIR)$(htmldir)/ || \
+ $(install_sh_DATA) $(srcdir)/html/Linux-PAM_ADG.html \
+ $(srcdir)/html/sag-*.html \
+ $(DESTDIR)$(htmldir)/
+ test -f Linux-PAM_ADG.txt || exit 0; \
+ $(install_sh_DATA) Linux-PAM_ADG.txt $(DESTDIR)$(docdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_ADG.txt \
+ $(DESTDIR)$(docdir)/
+ test -f Linux-PAM_ADG.pdf || exit 0; \
+ $(install_sh_DATA) Linux-PAM_ADG.pdf $(DESTDIR)$(pdfdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_ADG.pdf \
+ $(DESTDIR)$(pdfdir)/
+
+uninstall-local:
+ -rm $(DESTDIR)$(htmldir)/Linux-PAM_ADG.html
+ -rm $(DESTDIR)$(htmldir)/adg-*.html
+ -rm $(DESTDIR)$(docdir)/Linux-PAM_ADG.txt
+ -rm $(DESTDIR)$(pdfdir)/Linux-PAM_ADG.pdf
+
+releasedocs: all
+ $(mkinstalldirs) $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/html
+ test -f html/Linux-PAM_ADG.html || exit 0; \
+ cp -ap html/Linux-PAM_ADG.html html/adg-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/html/ || \
+ cp -ap $(srcdir)/html/Linux-PAM_ADG.html \
+ $(srcdir)/html/adg-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/html/
+ test -f Linux-PAM_ADG.txt || exit 0; \
+ cp -p Linux-PAM_ADG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/ || \
+ cp -p $(srcdir)/Linux-PAM_ADG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/
+ test -f Linux-PAM_ADG.pdf || exit 0; \
+ cp -p Linux-PAM_ADG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/ || \
+ cp -p $(srcdir)/Linux-PAM_ADG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/
diff --git a/Linux-PAM/doc/adg/Makefile.in b/Linux-PAM/doc/adg/Makefile.in
new file mode 100644
index 00000000..7b770841
--- /dev/null
+++ b/Linux-PAM/doc/adg/Makefile.in
@@ -0,0 +1,470 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = doc/adg
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+SOURCES =
+DIST_SOURCES =
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = Linux-PAM_ADG.fo *~
+EXTRA_DIST = $(XMLS)
+XMLS = Linux-PAM_ADG.xml $(shell ls $(srcdir)/pam_*.xml)
+DEP_XMLS = $(shell ls $(top_srcdir)/doc/man/pam_*.xml)
+@ENABLE_REGENERATE_MAN_TRUE@MAINTAINERCLEANFILES = Linux-PAM_ADG.txt Linux-PAM_ADG.pdf html/*.html
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/adg/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu doc/adg/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+tags: TAGS
+TAGS:
+
+ctags: CTAGS
+CTAGS:
+
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+ -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
+@ENABLE_REGENERATE_MAN_FALSE@distclean-local:
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-local
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-data-local
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-local
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am check check-am clean clean-generic clean-libtool \
+ distclean distclean-generic distclean-libtool distclean-local \
+ distdir dvi dvi-am html html-am info info-am install \
+ install-am install-data install-data-am install-data-local \
+ install-dvi install-dvi-am install-exec install-exec-am \
+ install-html install-html-am install-info install-info-am \
+ install-man install-pdf install-pdf-am install-ps \
+ install-ps-am install-strip installcheck installcheck-am \
+ installdirs maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+ ps ps-am uninstall uninstall-am uninstall-local
+
+
+@ENABLE_REGENERATE_MAN_TRUE@all: Linux-PAM_ADG.txt html/Linux-PAM_ADG.html Linux-PAM_ADG.pdf
+
+@ENABLE_REGENERATE_MAN_TRUE@Linux-PAM_ADG.pdf: $(XMLS) $(DEP_XMLS)
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam generate.toc "book toc" \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.autolabel 1 \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.label.includes.component.label 1 \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ --stringparam toc.max.depth 3 --xinclude --nonet \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ http://docbook.sourceforge.net/release/xsl/current/fo/docbook.xsl $< > Linux-PAM_ADG.fo
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ $(FO2PDF) Linux-PAM_ADG.fo $@
+@ENABLE_GENERATE_PDF_FALSE@@ENABLE_REGENERATE_MAN_TRUE@ echo "No fo2pdf processor installed, skip PDF generation"
+
+@ENABLE_REGENERATE_MAN_TRUE@Linux-PAM_ADG.txt: $(XMLS) $(DEP_XMLS)
+@ENABLE_REGENERATE_MAN_TRUE@ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam generate.toc "book toc" \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.autolabel 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.label.includes.component.label 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam toc.max.depth 3 --xinclude --nonet \
+@ENABLE_REGENERATE_MAN_TRUE@ http://docbook.sourceforge.net/release/xsl/current/html/docbook.xsl $< | $(BROWSER) > $@
+
+@ENABLE_REGENERATE_MAN_TRUE@html/Linux-PAM_ADG.html: $(XMLS) $(DEP_XMLS)
+@ENABLE_REGENERATE_MAN_TRUE@ @test -d html || mkdir -p html
+@ENABLE_REGENERATE_MAN_TRUE@ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam base.dir html/ \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam root.filename Linux-PAM_ADG \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam use.id.as.filename 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam chunk.first.sections 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.autolabel 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.label.includes.component.label 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam toc.max.depth 3 --xinclude --nonet \
+@ENABLE_REGENERATE_MAN_TRUE@ http://docbook.sourceforge.net/release/xsl/current/html/chunk.xsl $<
+
+@ENABLE_REGENERATE_MAN_TRUE@distclean-local:
+@ENABLE_REGENERATE_MAN_TRUE@ -rm -rf html Linux-PAM_ADG.txt Linux-PAM_ADG.pdf
+
+install-data-local:
+ $(mkinstalldirs) $(DESTDIR)$(docdir)
+ $(mkinstalldirs) $(DESTDIR)$(pdfdir)
+ $(mkinstalldirs) $(DESTDIR)$(htmldir)
+ test -f html/Linux-PAM_ADG.html || exit 0; \
+ $(install_sh_DATA) html/Linux-PAM_ADG.html html/adg-*.html \
+ $(DESTDIR)$(htmldir)/ || \
+ $(install_sh_DATA) $(srcdir)/html/Linux-PAM_ADG.html \
+ $(srcdir)/html/sag-*.html \
+ $(DESTDIR)$(htmldir)/
+ test -f Linux-PAM_ADG.txt || exit 0; \
+ $(install_sh_DATA) Linux-PAM_ADG.txt $(DESTDIR)$(docdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_ADG.txt \
+ $(DESTDIR)$(docdir)/
+ test -f Linux-PAM_ADG.pdf || exit 0; \
+ $(install_sh_DATA) Linux-PAM_ADG.pdf $(DESTDIR)$(pdfdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_ADG.pdf \
+ $(DESTDIR)$(pdfdir)/
+
+uninstall-local:
+ -rm $(DESTDIR)$(htmldir)/Linux-PAM_ADG.html
+ -rm $(DESTDIR)$(htmldir)/adg-*.html
+ -rm $(DESTDIR)$(docdir)/Linux-PAM_ADG.txt
+ -rm $(DESTDIR)$(pdfdir)/Linux-PAM_ADG.pdf
+
+releasedocs: all
+ $(mkinstalldirs) $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/html
+ test -f html/Linux-PAM_ADG.html || exit 0; \
+ cp -ap html/Linux-PAM_ADG.html html/adg-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/html/ || \
+ cp -ap $(srcdir)/html/Linux-PAM_ADG.html \
+ $(srcdir)/html/adg-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/html/
+ test -f Linux-PAM_ADG.txt || exit 0; \
+ cp -p Linux-PAM_ADG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/ || \
+ cp -p $(srcdir)/Linux-PAM_ADG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/
+ test -f Linux-PAM_ADG.pdf || exit 0; \
+ cp -p Linux-PAM_ADG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/ || \
+ cp -p $(srcdir)/Linux-PAM_ADG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/adg/
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/doc/adg/pam_acct_mgmt.xml b/Linux-PAM/doc/adg/pam_acct_mgmt.xml
new file mode 100644
index 00000000..6a3a37d2
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_acct_mgmt.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_acct_mgmt'>
+ <title>Account validation management</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_acct_mgmt.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_acct_mgmt-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_acct_mgmt-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_acct_mgmt.3.xml" xpointer='xpointer(//refsect1[@id = "pam_acct_mgmt-description"]/*)'/>
+ </section>
+ <section id='adg-pam_acct_mgmt-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_acct_mgmt.3.xml" xpointer='xpointer(//refsect1[@id = "pam_acct_mgmt-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_authenticate.xml b/Linux-PAM/doc/adg/pam_authenticate.xml
new file mode 100644
index 00000000..2ca9b540
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_authenticate.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_authenticate'>
+ <title>Authenticating the user</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_authenticate.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_authenticate-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_authenticate-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_authenticate.3.xml" xpointer='xpointer(//refsect1[@id = "pam_authenticate-description"]/*)'/>
+ </section>
+ <section id='adg-pam_authenticate-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_authenticate.3.xml" xpointer='xpointer(//refsect1[@id = "pam_authenticate-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_chauthtok.xml b/Linux-PAM/doc/adg/pam_chauthtok.xml
new file mode 100644
index 00000000..1c613da7
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_chauthtok.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_chauthtok'>
+ <title>Updating authentication tokens</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_chauthtok.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_chauthtok-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_chauthtok-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_chauthtok.3.xml" xpointer='xpointer(//refsect1[@id = "pam_chauthtok-description"]/*)'/>
+ </section>
+ <section id='adg-pam_chauthtok-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_chauthtok.3.xml" xpointer='xpointer(//refsect1[@id = "pam_chauthtok-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_close_session.xml b/Linux-PAM/doc/adg/pam_close_session.xml
new file mode 100644
index 00000000..4b93fc3a
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_close_session.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_close_session'>
+ <title>terminating PAM session management</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_close_session.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_close_session-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_close_session-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_close_session.3.xml" xpointer='xpointer(//refsect1[@id = "pam_close_session-description"]/*)'/>
+ </section>
+ <section id='adg-pam_close_session-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_close_session.3.xml" xpointer='xpointer(//refsect1[@id = "pam_close_session-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_conv.xml b/Linux-PAM/doc/adg/pam_conv.xml
new file mode 100644
index 00000000..01b75127
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_conv.xml
@@ -0,0 +1,35 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_conv'>
+ <title>The conversation function</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_conv.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_conv-synopsis"]/*)'/>
+ </funcsynopsis>
+ <programlisting>
+struct pam_message {
+ int msg_style;
+ const char *msg;
+};
+
+struct pam_response {
+ char *resp;
+ int resp_retcode;
+};
+
+struct pam_conv {
+ int (*conv)(int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *appdata_ptr);
+ void *appdata_ptr;
+};
+ </programlisting>
+ <section id='adg-pam_conv-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_conv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_conv-description"]/*)'/>
+ </section>
+ <section id='adg-pam_conv-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_conv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_conv-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_end.xml b/Linux-PAM/doc/adg/pam_end.xml
new file mode 100644
index 00000000..efa328be
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_end.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_end'>
+ <title>Termination of PAM transaction</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_end.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_end-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_end-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_end.3.xml" xpointer='xpointer(//refsect1[@id = "pam_end-description"]/*)'/>
+ </section>
+ <section id='adg-pam_end-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_end.3.xml" xpointer='xpointer(//refsect1[@id = "pam_end-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_fail_delay.xml b/Linux-PAM/doc/adg/pam_fail_delay.xml
new file mode 100644
index 00000000..589e1148
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_fail_delay.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_fail_delay'>
+ <title>Request a delay on failure</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_fail_delay.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_fail_delay-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_fail_delay-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_fail_delay.3.xml" xpointer='xpointer(//refsect1[@id = "pam_fail_delay-description"]/*)'/>
+ </section>
+ <section id='adg-pam_fail_delay-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_fail_delay.3.xml" xpointer='xpointer(//refsect1[@id = "pam_fail_delay-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_get_item.xml b/Linux-PAM/doc/adg/pam_get_item.xml
new file mode 100644
index 00000000..f23c734b
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_get_item.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_get_item'>
+ <title>Getting PAM items</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_item.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_get_item-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_get_item-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_item.3.xml" xpointer='xpointer(//refsect1[@id = "pam_get_item-description"]/*)'/>
+ </section>
+ <section id='adg-pam_get_item-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_item.3.xml" xpointer='xpointer(//refsect1[@id = "pam_get_item-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_getenv.xml b/Linux-PAM/doc/adg/pam_getenv.xml
new file mode 100644
index 00000000..61d69c33
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_getenv.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_getenv'>
+ <title>Get a PAM environment variable</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenv.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_getenv-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_getenv-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_getenv-description"]/*)'/>
+ </section>
+ <section id='adg-pam_getenv-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_getenv-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_getenvlist.xml b/Linux-PAM/doc/adg/pam_getenvlist.xml
new file mode 100644
index 00000000..d3c2fcd3
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_getenvlist.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_getenvlist'>
+ <title>Getting the PAM environment</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenvlist.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_getenvlist-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_getenvlist-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenvlist.3.xml" xpointer='xpointer(//refsect1[@id = "pam_getenvlist-description"]/*)'/>
+ </section>
+ <section id='adg-pam_getenvlist-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenvlist.3.xml" xpointer='xpointer(//refsect1[@id = "pam_getenvlist-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_misc_conv.xml b/Linux-PAM/doc/adg/pam_misc_conv.xml
new file mode 100644
index 00000000..2dc760cc
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_misc_conv.xml
@@ -0,0 +1,14 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-misc_conv'>
+ <title>Text based conversation function</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/misc_conv.3.xml" xpointer='xpointer(//funcsynopsis[@id = "misc_conv-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-misc_conv-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/misc_conv.3.xml" xpointer='xpointer(//refsect1[@id = "misc_conv-description"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_misc_drop_env.xml b/Linux-PAM/doc/adg/pam_misc_drop_env.xml
new file mode 100644
index 00000000..956d4815
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_misc_drop_env.xml
@@ -0,0 +1,14 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_misc_drop_env'>
+ <title>Liberating a locally saved environment</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_misc_drop_env.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_misc_drop_env-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_misc_drop_env-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_misc_drop_env.3.xml" xpointer='xpointer(//refsect1[@id = "pam_misc_drop_env-description"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_misc_paste_env.xml b/Linux-PAM/doc/adg/pam_misc_paste_env.xml
new file mode 100644
index 00000000..c6d3856b
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_misc_paste_env.xml
@@ -0,0 +1,14 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_misc_paste_env'>
+ <title>Transcribing an environment to that of PAM</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_misc_paste_env.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_misc_paste_env-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_misc_paste_env-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_misc_paste_env.3.xml" xpointer='xpointer(//refsect1[@id = "pam_misc_paste_env-description"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_misc_setenv.xml b/Linux-PAM/doc/adg/pam_misc_setenv.xml
new file mode 100644
index 00000000..3b1a32e4
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_misc_setenv.xml
@@ -0,0 +1,14 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_misc_setenv'>
+ <title>BSD like PAM environment variable setting</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_misc_setenv.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_misc_setenv-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_misc_setenv-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_misc_setenv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_misc_setenv-description"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_open_session.xml b/Linux-PAM/doc/adg/pam_open_session.xml
new file mode 100644
index 00000000..ba738a55
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_open_session.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_open_session'>
+ <title>Start PAM session management</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_open_session.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_open_session-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_open_session-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_open_session.3.xml" xpointer='xpointer(//refsect1[@id = "pam_open_session-description"]/*)'/>
+ </section>
+ <section id='adg-pam_open_session-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_open_session.3.xml" xpointer='xpointer(//refsect1[@id = "pam_open_session-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_putenv.xml b/Linux-PAM/doc/adg/pam_putenv.xml
new file mode 100644
index 00000000..e55f1a42
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_putenv.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_putenv'>
+ <title>Set or change PAM environment variable</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_putenv.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_putenv-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_putenv-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_putenv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_putenv-description"]/*)'/>
+ </section>
+ <section id='adg-pam_putenv-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_putenv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_putenv-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_set_item.xml b/Linux-PAM/doc/adg/pam_set_item.xml
new file mode 100644
index 00000000..41169387
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_set_item.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_set_item'>
+ <title>Setting PAM items</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_set_item.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_set_item-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_set_item-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_set_item.3.xml" xpointer='xpointer(//refsect1[@id = "pam_set_item-description"]/*)'/>
+ </section>
+ <section id='adg-pam_set_item-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_set_item.3.xml" xpointer='xpointer(//refsect1[@id = "pam_set_item-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_setcred.xml b/Linux-PAM/doc/adg/pam_setcred.xml
new file mode 100644
index 00000000..1d3d23cd
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_setcred.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_setcred'>
+ <title>Setting user credentials</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_setcred.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_setcred-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_setcred-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_setcred.3.xml" xpointer='xpointer(//refsect1[@id = "pam_setcred-description"]/*)'/>
+ </section>
+ <section id='adg-pam_setcred-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_setcred.3.xml" xpointer='xpointer(//refsect1[@id = "pam_setcred-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_start.xml b/Linux-PAM/doc/adg/pam_start.xml
new file mode 100644
index 00000000..e5ec8481
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_start.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_start'>
+ <title>Initialization of PAM transaction</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_start.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_start-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_start-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_start.3.xml" xpointer='xpointer(//refsect1[@id = "pam_start-description"]/*)'/>
+ </section>
+ <section id='adg-pam_start-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_start.3.xml" xpointer='xpointer(//refsect1[@id = "pam_start-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/adg/pam_strerror.xml b/Linux-PAM/doc/adg/pam_strerror.xml
new file mode 100644
index 00000000..35b08a27
--- /dev/null
+++ b/Linux-PAM/doc/adg/pam_strerror.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_strerror'>
+ <title>Strings describing PAM error codes</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_strerror.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_strerror-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_strerror-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_strerror.3.xml" xpointer='xpointer(//refsect1[@id = "pam_strerror-description"]/*)'/>
+ </section>
+ <section id='adg-pam_strerror-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_strerror.3.xml" xpointer='xpointer(//refsect1[@id = "pam_strerror-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/figs/pam_orient.txt b/Linux-PAM/doc/figs/pam_orient.txt
deleted file mode 100644
index a8b745a1..00000000
--- a/Linux-PAM/doc/figs/pam_orient.txt
+++ /dev/null
@@ -1,23 +0,0 @@
-
-
-
- +----------------+
- | application: X |
- +----------------+ / +----------+ +================+
- | authentication-[---->--\--] Linux- |--<--| /etc/pam.conf |
- | + [----<--/--] PAM | |================|
- |[conversation()][--+ \ | | | X auth .. a.so |
- +----------------+ | / +-n--n-----+ | X auth .. b.so |
- | | | __| | | _____/
- | service user | A | | |____,-----'
- | | | V A
- +----------------+ +------|-----|---------+ -----+------+
- +---u-----u----+ | | |
- | auth.... |--[ a ]--[ b ]--[ c ]
- +--------------+
- | acct.... |--[ b ]--[ d ]
- +--------------+
- | password |--[ b ]--[ c ]
- +--------------+
- | session |--[ e ]--[ c ]
- +--------------+ \ No newline at end of file
diff --git a/Linux-PAM/doc/html/index.html b/Linux-PAM/doc/html/index.html
deleted file mode 100644
index 5cb1e0f0..00000000
--- a/Linux-PAM/doc/html/index.html
+++ /dev/null
@@ -1,21 +0,0 @@
-
-<HTML>
-<HEAD>
-<TITLE>Linux-PAM - Pluggable Authentication Modules for Linux</TITLE>
-</HEAD>
-<BODY>
-
-<p>
-Here is the documentation for Linux-PAM. As you will see it is
-currently not complete. However, in order of decreasing length:
-
-<ul>
-<li> <a href="pam.html">The System Administrators' Guide</a>
-<li> <a href="pam_modules.html">The Module Writers' Manual</a>
-<li> <a href="pam_appl.html">The Application developers' Manual</a>
-</ul>
-
-<hr>
-<p>
-REVISION: <tt>$Id: index.html,v 1.1.1.1 2000/06/20 22:10:56 agmorgan Exp $</tt>
-</BODY>
diff --git a/Linux-PAM/doc/index.html b/Linux-PAM/doc/index.html
new file mode 100644
index 00000000..9afc8b79
--- /dev/null
+++ b/Linux-PAM/doc/index.html
@@ -0,0 +1,21 @@
+<html>
+ <head>
+ <title>The Linux-PAM Administration and Developer Guides</title>
+ </head>
+ <body>
+ <center>
+ <h1>The Linux-PAM Guides</h1>
+ </center>
+ <hr>
+ <p>
+ Here is the documentation for Linux-PAM. As you will see it is
+ currently not complete.
+ <p>
+ <ul>
+ <li> <a href="Linux-PAM_SAG.html">The System Administrators' Guide</a>
+ <li> <a href="Linux-PAM_MWG.html">The Module Writers' Guide</a>
+ <li> <a href="Linux-PAM_ADG.html">The Application Developers' Guide</a>
+ </ul>
+ <hr>
+ </body>
+</html> \ No newline at end of file
diff --git a/Linux-PAM/doc/man/Makefile.am b/Linux-PAM/doc/man/Makefile.am
new file mode 100644
index 00000000..7d17a439
--- /dev/null
+++ b/Linux-PAM/doc/man/Makefile.am
@@ -0,0 +1,51 @@
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = $(MANS) $(XMLS)
+
+man_MANS = pam.3 PAM.8 pam.8 pam.conf.5 pam.d.5 \
+ pam_acct_mgmt.3 pam_authenticate.3 \
+ pam_chauthtok.3 pam_close_session.3 pam_conv.3 \
+ pam_end.3 pam_error.3 \
+ pam_fail_delay.3 \
+ pam_get_data.3 pam_get_item.3 pam_get_user.3 pam_getenv.3 \
+ pam_getenvlist.3 \
+ pam_info.3 \
+ pam_open_session.3 \
+ pam_prompt.3 pam_putenv.3 \
+ pam_set_data.3 pam_set_item.3 pam_syslog.3 \
+ pam_setcred.3 pam_sm_acct_mgmt.3 pam_sm_authenticate.3 \
+ pam_sm_close_session.3 pam_sm_open_session.3 pam_sm_setcred.3 \
+ pam_sm_chauthtok.3 pam_start.3 pam_strerror.3 \
+ pam_verror.3 pam_vinfo.3 pam_vprompt.3 pam_vsyslog.3 \
+ misc_conv.3 pam_misc_paste_env.3 pam_misc_drop_env.3 \
+ pam_misc_setenv.3
+XMLS = pam.3.xml pam.8.xml \
+ pam_acct_mgmt.3.xml pam_authenticate.3.xml \
+ pam_chauthtok.3.xml pam_close_session.3.xml pam_conv.3.xml \
+ pam_end.3.xml pam_error.3.xml \
+ pam_fail_delay.3.xml \
+ pam_get_data.3.xml pam_get_item.3.xml pam_get_user.3.xml \
+ pam_getenv.3.xml pam_getenvlist.3.xml \
+ pam_info.3.xml \
+ pam_open_session.3.xml \
+ pam_prompt.3.xml pam_putenv.3.xml \
+ pam_set_data.3.xml pam_set_item.3.xml pam_syslog.3.xml \
+ pam_setcred.3.xml pam_sm_acct_mgmt.3.xml pam_sm_authenticate.3.xml \
+ pam_sm_close_session.3.xml pam_sm_open_session.3.xml \
+ pam_sm_setcred.3.xml pam_start.3.xml pam_strerror.3.xml \
+ pam_sm_chauthtok.3.xml \
+ pam_item_types.inc.xml \
+ pam.conf-desc.xml pam.conf-dir.xml pam.conf-syntax.xml \
+ misc_conv.3.xml pam_misc_paste_env.3.xml pam_misc_drop_env.3.xml \
+ pam_misc_setenv.3.xml
+
+if ENABLE_REGENERATE_MAN
+pam_get_item.3: pam_item_types.inc.xml
+pam_set_data.3: pam_item_types.inc.xml
+pam.conf.5: pam.conf-desc.xml pam.conf-dir.xml pam.conf-syntax.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
diff --git a/Linux-PAM/doc/man/Makefile.in b/Linux-PAM/doc/man/Makefile.in
new file mode 100644
index 00000000..ed2f5fdb
--- /dev/null
+++ b/Linux-PAM/doc/man/Makefile.in
@@ -0,0 +1,577 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = doc/man
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+SOURCES =
+DIST_SOURCES =
+man3dir = $(mandir)/man3
+am__installdirs = "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" \
+ "$(DESTDIR)$(man8dir)"
+man5dir = $(mandir)/man5
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = $(MANS) $(XMLS)
+man_MANS = pam.3 PAM.8 pam.8 pam.conf.5 pam.d.5 \
+ pam_acct_mgmt.3 pam_authenticate.3 \
+ pam_chauthtok.3 pam_close_session.3 pam_conv.3 \
+ pam_end.3 pam_error.3 \
+ pam_fail_delay.3 \
+ pam_get_data.3 pam_get_item.3 pam_get_user.3 pam_getenv.3 \
+ pam_getenvlist.3 \
+ pam_info.3 \
+ pam_open_session.3 \
+ pam_prompt.3 pam_putenv.3 \
+ pam_set_data.3 pam_set_item.3 pam_syslog.3 \
+ pam_setcred.3 pam_sm_acct_mgmt.3 pam_sm_authenticate.3 \
+ pam_sm_close_session.3 pam_sm_open_session.3 pam_sm_setcred.3 \
+ pam_sm_chauthtok.3 pam_start.3 pam_strerror.3 \
+ pam_verror.3 pam_vinfo.3 pam_vprompt.3 pam_vsyslog.3 \
+ misc_conv.3 pam_misc_paste_env.3 pam_misc_drop_env.3 \
+ pam_misc_setenv.3
+
+XMLS = pam.3.xml pam.8.xml \
+ pam_acct_mgmt.3.xml pam_authenticate.3.xml \
+ pam_chauthtok.3.xml pam_close_session.3.xml pam_conv.3.xml \
+ pam_end.3.xml pam_error.3.xml \
+ pam_fail_delay.3.xml \
+ pam_get_data.3.xml pam_get_item.3.xml pam_get_user.3.xml \
+ pam_getenv.3.xml pam_getenvlist.3.xml \
+ pam_info.3.xml \
+ pam_open_session.3.xml \
+ pam_prompt.3.xml pam_putenv.3.xml \
+ pam_set_data.3.xml pam_set_item.3.xml pam_syslog.3.xml \
+ pam_setcred.3.xml pam_sm_acct_mgmt.3.xml pam_sm_authenticate.3.xml \
+ pam_sm_close_session.3.xml pam_sm_open_session.3.xml \
+ pam_sm_setcred.3.xml pam_start.3.xml pam_strerror.3.xml \
+ pam_sm_chauthtok.3.xml \
+ pam_item_types.inc.xml \
+ pam.conf-desc.xml pam.conf-dir.xml pam.conf-syntax.xml \
+ misc_conv.3.xml pam_misc_paste_env.3.xml pam_misc_drop_env.3.xml \
+ pam_misc_setenv.3.xml
+
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/man/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu doc/man/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man3: $(man3_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)"
+ @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.3*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 3*) ;; \
+ *) ext='3' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \
+ done
+uninstall-man3:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.3*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 3*) ;; \
+ *) ext='3' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man3dir)/$$inst"; \
+ done
+install-man5: $(man5_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)"
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+uninstall-man5:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+tags: TAGS
+TAGS:
+
+ctags: CTAGS
+CTAGS:
+
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(MANS)
+installdirs:
+ for dir in "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man3 install-man5 install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man
+
+uninstall-man: uninstall-man3 uninstall-man5 uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am check check-am clean clean-generic clean-libtool \
+ distclean distclean-generic distclean-libtool distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-html install-html-am \
+ install-info install-info-am install-man install-man3 \
+ install-man5 install-man8 install-pdf install-pdf-am \
+ install-ps install-ps-am install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am uninstall uninstall-am \
+ uninstall-man uninstall-man3 uninstall-man5 uninstall-man8
+
+
+@ENABLE_REGENERATE_MAN_TRUE@pam_get_item.3: pam_item_types.inc.xml
+@ENABLE_REGENERATE_MAN_TRUE@pam_set_data.3: pam_item_types.inc.xml
+@ENABLE_REGENERATE_MAN_TRUE@pam.conf.5: pam.conf-desc.xml pam.conf-dir.xml pam.conf-syntax.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/doc/man/PAM.8 b/Linux-PAM/doc/man/PAM.8
new file mode 100644
index 00000000..112ea7d7
--- /dev/null
+++ b/Linux-PAM/doc/man/PAM.8
@@ -0,0 +1,103 @@
+.\" Title: pam
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM" "8" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+PAM, pam \- Pluggable Authentication Modules for Linux
+.SH "DESCRIPTION"
+.PP
+This manual is intended to offer a quick introduction to
+\fBLinux\-PAM\fR. For more information the reader is directed to the
+\fBLinux\-PAM system administrators' guide\fR.
+.PP
+
+\fBLinux\-PAM\fR
+is a system of libraries that handle the authentication tasks of applications (services) on the system. The library provides a stable general interface (Application Programming Interface \- API) that privilege granting programs (such as
+\fBlogin\fR(1)
+and
+\fBsu\fR(1)) defer to to perform standard authentication tasks.
+.PP
+The principal feature of the PAM approach is that the nature of the authentication is dynamically configurable. In other words, the system administrator is free to choose how individual service\-providing applications will authenticate users. This dynamic configuration is set by the contents of the single
+\fBLinux\-PAM\fR
+configuration file
+\fI/etc/pam.conf\fR. Alternatively, the configuration can be set by individual configuration files located in the
+\fI/etc/pam.d/\fR
+directory. The presence of this directory will cause
+\fBLinux\-PAM\fR
+to
+\fIignore\fR
+\fI/etc/pam.conf\fR.
+.PP
+From the point of view of the system administrator, for whom this manual is provided, it is not of primary importance to understand the internal behavior of the
+\fBLinux\-PAM\fR
+library. The important point to recognize is that the configuration file(s)
+\fIdefine\fR
+the connection between applications
+(\fBservices\fR) and the pluggable authentication modules
+(\fBPAM\fRs) that perform the actual authentication tasks.
+.PP
+\fBLinux\-PAM\fR
+separates the tasks of
+\fIauthentication\fR
+into four independent management groups:
+\fBaccount\fR
+management;
+\fBauth\fRentication management;
+\fBpassword\fR
+management; and
+\fBsession\fR
+management. (We highlight the abbreviations used for these groups in the configuration file.)
+.PP
+Simply put, these groups take care of different aspects of a typical user's request for a restricted service:
+.PP
+\fBaccount\fR
+\- provide account verification types of service: has the user's password expired?; is this user permitted access to the requested service?
+.PP
+\fBauth\fRentication \- authenticate a user and set up user credentials. Typically this is via some challenge\-response request that the user must satisfy: if you are who you claim to be please enter your password. Not all authentications are of this type, there exist hardware based authentication schemes (such as the use of smart\-cards and biometric devices), with suitable modules, these may be substituted seamlessly for more standard approaches to authentication \- such is the flexibility of
+\fBLinux\-PAM\fR.
+.PP
+\fBpassword\fR
+\- this group's responsibility is the task of updating authentication mechanisms. Typically, such services are strongly coupled to those of the
+\fBauth\fR
+group. Some authentication mechanisms lend themselves well to being updated with such a function. Standard UN*X password\-based access is the obvious example: please enter a replacement password.
+.PP
+\fBsession\fR
+\- this group of tasks cover things that should be done prior to a service being given and after it is withdrawn. Such tasks include the maintenance of audit trails and the mounting of the user's home directory. The
+\fBsession\fR
+management group is important as it provides both an opening and closing hook for modules to affect the services available to a user.
+.SH "FILES"
+.TP 3n
+\fI/etc/pam.conf\fR
+the configuration file
+.TP 3n
+\fI/etc/pam.d\fR
+the
+\fBLinux\-PAM\fR
+configuration directory. Generally, if this directory is present, the
+\fI/etc/pam.conf\fR
+file is ignored.
+.SH "ERRORS"
+.PP
+Typically errors generated by the
+\fBLinux\-PAM\fR
+system of libraries, will be written to
+\fBsyslog\fR(3).
+.SH "CONFORMING TO"
+.PP
+DCE\-RFC 86.0, October 1995. Contains additional features, but remains backwardly compatible with this RFC.
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(3),
+\fBpam_authenticate\fR(3),
+\fBpam_sm_setcred\fR(3),
+\fBpam_strerror\fR(3),
+\fBPAM\fR(8)
diff --git a/Linux-PAM/doc/man/misc_conv.3 b/Linux-PAM/doc/man/misc_conv.3
new file mode 100644
index 00000000..bb8cbd87
--- /dev/null
+++ b/Linux-PAM/doc/man/misc_conv.3
@@ -0,0 +1,97 @@
+.\" Title: misc_conv
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "MISC_CONV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+misc_conv \- text based conversation function
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_misc.h>
+.fi
+.ft
+.HP 15
+.BI "void misc_conv(int\ " "num_msg" ", const\ struct\ pam_message\ **" "msgm" ", struct\ pam_response\ **" "response" ", void\ *" "appdata_ptr" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBmisc_conv\fR
+function is part of
+\fBlibpam_misc\fR
+and not of the standard
+\fBlibpam\fR
+library. This function will prompt the user with the appropriate comments and obtain the appropriate inputs as directed by authentication modules.
+.PP
+In addition to simply slotting into the appropriate
+\fBpam_conv\fR(3), this function provides some time\-out facilities. The function exports five variables that can be used by an application programmer to limit the amount of time this conversation function will spend waiting for the user to type something. The five variabls are as follows:
+.TP 3n
+\fBtime_t\fR \fIpam_misc_conv_warn_time\fR;
+This variable contains the
+\fItime\fR
+(as returned by
+\fBtime\fR(2)) that the user should be first warned that the clock is ticking. By default it has the value
+0, which indicates that no such warning will be given. The application may set its value to sometime in the future, but this should be done prior to passing control to the
+\fILinux\-PAM\fR
+library.
+.TP 3n
+\fBconst char *\fR\fIpam_misc_conv_warn_line\fR;
+Used in conjuction with
+\fIpam_misc_conv_warn_time\fR, this variable is a pointer to the string that will be displayed when it becomes time to warn the user that the timeout is approaching. Its default value is a translated version of
+\(lq...Time is running out...\(rq, but this can be changed by the application prior to passing control to
+\fILinux\-PAM\fR.
+.TP 3n
+\fBtime_t\fR \fIpam_misc_conv_die_time\fR;
+This variable contains the
+\fItime\fR
+(as returned by
+\fBtime\fR(2)) that the will time out. By default it has the value
+0, which indicates that the conversation function will not timeout. The application may set its value to sometime in the future, but this should be done prior to passing control to the
+\fILinux\-PAM\fR
+library.
+.TP 3n
+\fBconst char *\fR\fIpam_misc_conv_die_line\fR;
+Used in conjuction with
+\fIpam_misc_conv_die_time\fR, this variable is a pointer to the string that will be displayed when the conversation times out. Its default value is a translated version of
+\(lq...Sorry, your time is up!\(rq, but this can be changed by the application prior to passing control to
+\fILinux\-PAM\fR.
+.TP 3n
+\fBint\fR \fIpam_misc_conv_died\fR;
+Following a return from the
+\fILinux\-PAM\fR
+libraray, the value of this variable indicates whether the conversation has timed out. A value of
+1
+indicates the time\-out occurred.
+.PP
+The following two function pointers are available for supporting binary prompts in the conversation function. They are optimized for the current incarnation of the
+\fBlibpamc\fR
+library and are subject to change.
+.TP 3n
+\fBint\fR \fI(*pam_binary_handler_fn)\fR(\fBvoid *\fR\fIappdata\fR, \fBpamc_bp_t *\fR\fIprompt_p\fR);
+This function pointer is initialized to
+NULL
+but can be filled with a function that provides machine\-machine (hidden) message exchange. It is intended for use with hidden authentication protocols such as RSA or Diffie\-Hellman key exchanges. (This is still under development.)
+.TP 3n
+\fBint\fR \fI(*pam_binary_handler_free)\fR(\fBvoid *\fR\fIappdata\fR, \fBpamc_bp_t *\fR\fIdelete_me\fR);
+This function pointer is initialized to
+\fBPAM_BP_RENEW(delete_me, 0, 0)\fR, but can be redefined as desired by the application.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_conv\fR(3),
+\fBpam\fR(8)
+.SH "STANDARDS"
+.PP
+The
+\fBmisc_conv\fR
+function is part of the
+\fBlibpam_misc\fR
+Library and not defined in any standard.
diff --git a/Linux-PAM/doc/man/misc_conv.3.xml b/Linux-PAM/doc/man/misc_conv.3.xml
new file mode 100644
index 00000000..825dd10c
--- /dev/null
+++ b/Linux-PAM/doc/man/misc_conv.3.xml
@@ -0,0 +1,188 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="misc_conv">
+
+ <refmeta>
+ <refentrytitle>misc_conv</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="misc_conv-name">
+ <refname>misc_conv</refname>
+ <refpurpose>text based conversation function</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="misc_conv-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_misc.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>void <function>misc_conv</function></funcdef>
+ <paramdef>int <parameter>num_msg</parameter></paramdef>
+ <paramdef>const struct pam_message **<parameter>msgm</parameter></paramdef>
+ <paramdef>struct pam_response **<parameter>response</parameter></paramdef>
+ <paramdef>void *<parameter>appdata_ptr</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='misc_conv-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>misc_conv</function> function is part of
+ <command>libpam_misc</command> and not of the standard
+ <command>libpam</command> library. This function will prompt
+ the user with the appropriate comments and obtain the appropriate
+ inputs as directed by authentication modules.
+ </para>
+ <para>
+ In addition to simply slotting into the appropriate <citerefentry>
+ <refentrytitle>pam_conv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, this function provides some time-out facilities.
+ The function exports five variables that can be used by an
+ application programmer to limit the amount of time this conversation
+ function will spend waiting for the user to type something. The
+ five variabls are as follows:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term><type>time_t</type> <varname>pam_misc_conv_warn_time</varname>;</term>
+ <listitem>
+ <para>
+ This variable contains the <emphasis>time</emphasis> (as
+ returned by <citerefentry>
+ <refentrytitle>time</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>) that the user should be first warned that
+ the clock is ticking. By default it has the value
+ <returnvalue>0</returnvalue>, which indicates that no such
+ warning will be given. The application may set its value to
+ sometime in the future, but this should be done prior to
+ passing control to the <emphasis>Linux-PAM</emphasis> library.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><type>const char *</type><varname>pam_misc_conv_warn_line</varname>;</term>
+ <listitem>
+ <para>
+ Used in conjuction with
+ <varname>pam_misc_conv_warn_time</varname>, this variable is
+ a pointer to the string that will be displayed when it becomes
+ time to warn the user that the timeout is approaching. Its
+ default value is a translated version of
+ <quote>...Time is running out...</quote>, but this can be
+ changed by the application prior to passing control to
+ <emphasis>Linux-PAM</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><type>time_t</type> <varname>pam_misc_conv_die_time</varname>;</term>
+ <listitem>
+ <para>
+ This variable contains the <emphasis>time</emphasis> (as
+ returned by <citerefentry>
+ <refentrytitle>time</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>) that the will time out. By default it has
+ the value <returnvalue>0</returnvalue>, which indicates that
+ the conversation function will not timeout. The application
+ may set its value to sometime in the future, but this should
+ be done prior to passing control to the
+ <emphasis>Linux-PAM</emphasis> library.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><type>const char *</type><varname>pam_misc_conv_die_line</varname>;</term>
+ <listitem>
+ <para>
+ Used in conjuction with
+ <varname>pam_misc_conv_die_time</varname>, this variable is
+ a pointer to the string that will be displayed when the
+ conversation times out. Its default value is a translated
+ version of
+ <quote>...Sorry, your time is up!</quote>, but this can be
+ changed by the application prior to passing control to
+ <emphasis>Linux-PAM</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><type>int</type> <varname>pam_misc_conv_died</varname>;</term>
+ <listitem>
+ <para>
+ Following a return from the <emphasis>Linux-PAM</emphasis>
+ libraray, the value of this variable indicates whether the
+ conversation has timed out. A value of
+ <returnvalue>1</returnvalue> indicates the time-out occurred.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ The following two function pointers are available for supporting
+ binary prompts in the conversation function. They are optimized
+ for the current incarnation of the <command>libpamc</command>
+ library and are subject to change.
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <type>int</type> <varname>(*pam_binary_handler_fn)</varname>(<type>void *</type><varname>appdata</varname>, <type>pamc_bp_t *</type><varname>prompt_p</varname>);
+ </term>
+ <listitem>
+ <para>
+ This function pointer is initialized to
+ <returnvalue>NULL</returnvalue> but can be filled with a
+ function that provides machine-machine (hidden) message
+ exchange. It is intended for use with hidden authentication
+ protocols such as RSA or Diffie-Hellman key exchanges.
+ (This is still under development.)
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <type>int</type> <varname>(*pam_binary_handler_free)</varname>(<type>void *</type><varname>appdata</varname>, <type>pamc_bp_t *</type><varname>delete_me</varname>);
+ </term>
+ <listitem>
+ <para>
+ This function pointer is initialized to
+ <function>PAM_BP_RENEW(delete_me, 0, 0)</function>, but can be
+ redefined as desired by the application.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='misc_conv-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_conv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='misc_conv-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>misc_conv</function> function is part of the
+ <command>libpam_misc</command> Library and not defined in any
+ standard.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam.3 b/Linux-PAM/doc/man/pam.3
new file mode 100644
index 00000000..f1cd729c
--- /dev/null
+++ b/Linux-PAM/doc/man/pam.3
@@ -0,0 +1,282 @@
+.\" Title: pam
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.71.0 <http://docbook.sf.net/>
+.\" Date: 10/26/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM" "3" "10/26/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam \- Pluggable Authentication Modules Library
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.sp
+.ft B
+.nf
+#include <security/pam_ext.h>
+.fi
+.ft
+.SH "DESCRIPTION"
+.PP
+
+\fBPAM\fR
+is a system of libraries that handle the authentication tasks of applications (services) on the system. The library provides a stable general interface (Application Programming Interface \- API) that privilege granting programs (such as
+\fBlogin\fR(1)
+and
+\fBsu\fR(1)) defer to to perform standard authentication tasks.
+.SS "Initialization and Cleanup"
+.PP
+The
+\fBpam_start\fR(3)
+function creates the PAM context and initiates the PAM transaction. It is the first of the PAM functions that needs to be called by an application. The transaction state is contained entirely within the structure identified by this handle, so it is possible to have multiple transactions in parallel. But it is not possible to use the same handle for different transactions, a new one is needed for every new context.
+.PP
+The
+\fBpam_end\fR(3)
+function terminates the PAM transaction and is the last function an application should call in the PAM contenxt. Upon return the handle pamh is no longer valid and all memory associated with it will be invalid. It can be called at any time to terminate a PAM transaction.
+.SS "Authentication"
+.PP
+The
+\fBpam_authenticate\fR(3)
+function is used to authenticate the user. The user is required to provide an authentication token depending upon the authentication service, usually this is a password, but could also be a finger print.
+.PP
+The
+\fBpam_setcred\fR(3)
+function manages the userscredentials.
+.SS "Account Management"
+.PP
+The
+\fBpam_acct_mgmt\fR(3)
+function is used to determine if the users account is valid. It checks for authentication token and account expiration and verifies access restrictions. It is typically called after the user has been authenticated.
+.SS "Password Management"
+.PP
+The
+\fBpam_chauthtok\fR(3)
+function is used to change the authentication token for a given user on request or because the token has expired.
+.SS "Session Management"
+.PP
+The
+\fBpam_open_session\fR(3)
+function sets up a user session for a previously successful authenticated user. The session should later be terminated with a call to
+\fBpam_close_session\fR(3).
+.SS "Conversation"
+.PP
+The PAM library uses an application\-defined callback to allow a direct communication between a loaded module and the application. This callback is specified by the
+\fIstruct pam_conv\fR
+passed to
+\fBpam_start\fR(3)
+at the start of the transaction. See
+\fBpam_conv\fR(3)
+for details.
+.SS "Data Objects"
+.PP
+The
+\fBpam_set_item\fR(3)
+and
+\fBpam_get_item\fR(3)
+functions allows applications and PAM service modules to set and retrieve PAM informations.
+.PP
+The
+\fBpam_get_user\fR(3)
+function is the preferred method to obtain the username.
+.PP
+The
+\fBpam_set_data\fR(3)
+and
+\fBpam_get_data\fR(3)
+functions allows PAM service modules to set and retrieve free\-form data from one invocation to another.
+.SS "Environment and Error Management"
+.PP
+The
+\fBpam_putenv\fR(3),
+\fBpam_getenv\fR(3)
+and
+\fBpam_getenvlist\fR(3)
+functions are for maintaining a set of private environment variables.
+.PP
+The
+\fBpam_strerror\fR(3)
+function returns a pointer to a string describing the given PAM error code.
+.SH "RETURN VALUES"
+.PP
+The following return codes are known by PAM:
+.PP
+PAM_ABORT
+.RS 3n
+Critical error, immediate abort.
+.RE
+.PP
+PAM_ACCT_EXPIRED
+.RS 3n
+User account has expired.
+.RE
+.PP
+PAM_AUTHINFO_UNAVAIL
+.RS 3n
+Authentication service cannot retrieve authentication info.
+.RE
+.PP
+PAM_AUTHTOK_DISABLE_AGING
+.RS 3n
+Authentication token aging disabled.
+.RE
+.PP
+PAM_AUTHTOK_ERR
+.RS 3n
+Authentication token manipulation error.
+.RE
+.PP
+PAM_AUTHTOK_EXPIRED
+.RS 3n
+Authentication token expired.
+.RE
+.PP
+PAM_AUTHTOK_LOCK_BUSY
+.RS 3n
+Authentication token lock busy.
+.RE
+.PP
+PAM_AUTHTOK_RECOVERY_ERR
+.RS 3n
+Authentication information cannot be recovered.
+.RE
+.PP
+PAM_AUTH_ERR
+.RS 3n
+Authentication failure.
+.RE
+.PP
+PAM_BUF_ERR
+.RS 3n
+Memory buffer error.
+.RE
+.PP
+PAM_CONV_ERR
+.RS 3n
+Conversation failure.
+.RE
+.PP
+PAM_CRED_ERR
+.RS 3n
+Failure setting user credentials.
+.RE
+.PP
+PAM_CRED_EXPIRED
+.RS 3n
+User credentials expired.
+.RE
+.PP
+PAM_CRED_INSUFFICIENT
+.RS 3n
+Insufficient credentials to access authentication data.
+.RE
+.PP
+PAM_CRED_UNAVAIL
+.RS 3n
+Authentication service cannot retrieve user credentials.
+.RE
+.PP
+PAM_IGNORE
+.RS 3n
+The return value should be ignored by PAM dispatch.
+.RE
+.PP
+PAM_MAXTRIES
+.RS 3n
+Have exhausted maximum number of retries for service.
+.RE
+.PP
+PAM_MODULE_UNKNOWN
+.RS 3n
+Module is unknown.
+.RE
+.PP
+PAM_NEW_AUTHTOK_REQD
+.RS 3n
+Authentication token is no longer valid; new one required.
+.RE
+.PP
+PAM_NO_MODULE_DATA
+.RS 3n
+No module specific data is present.
+.RE
+.PP
+PAM_OPEN_ERR
+.RS 3n
+Failed to load module.
+.RE
+.PP
+PAM_PERM_DENIED
+.RS 3n
+Permission denied.
+.RE
+.PP
+PAM_SERVICE_ERR
+.RS 3n
+Error in service module.
+.RE
+.PP
+PAM_SESSION_ERR
+.RS 3n
+Cannot make/remove an entry for the specified session.
+.RE
+.PP
+PAM_SUCCESS
+.RS 3n
+Success.
+.RE
+.PP
+PAM_SYMBOL_ERR
+.RS 3n
+Symbol not found.
+.RE
+.PP
+PAM_SYSTEM_ERR
+.RS 3n
+System error.
+.RE
+.PP
+PAM_TRY_AGAIN
+.RS 3n
+Failed preliminary check by password service.
+.RE
+.PP
+PAM_USER_UNKNOWN
+.RS 3n
+User not known to the underlying authentication module.
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBpam_acct_mgmt\fR(3),
+\fBpam_authenticate\fR(3),
+\fBpam_chauthtok\fR(3),
+\fBpam_close_session\fR(3),
+\fBpam_conv\fR(3),
+\fBpam_end\fR(3),
+\fBpam_get_data\fR(3),
+\fBpam_getenv\fR(3),
+\fBpam_getenvlist\fR(3),
+\fBpam_get_item\fR(3),
+\fBpam_get_user\fR(3),
+\fBpam_open_session\fR(3),
+\fBpam_putenv\fR(3),
+\fBpam_set_data\fR(3),
+\fBpam_set_item\fR(3),
+\fBpam_setcred\fR(3),
+\fBpam_start\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam.3.xml b/Linux-PAM/doc/man/pam.3.xml
new file mode 100644
index 00000000..3ae2d343
--- /dev/null
+++ b/Linux-PAM/doc/man/pam.3.xml
@@ -0,0 +1,433 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam3'>
+
+ <refmeta>
+ <refentrytitle>pam</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam3-name'>
+ <refname>pam</refname>
+ <refpurpose>Pluggable Authentication Modules Library</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='pam3-synopsis'>
+ <funcsynopsis>
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcsynopsisinfo>#include &lt;security/pam_ext.h&gt;</funcsynopsisinfo>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam3-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ <emphasis remap='B'>PAM</emphasis> is a system of libraries
+ that handle the authentication tasks of applications (services)
+ on the system. The library provides a stable general interface
+ (Application Programming Interface - API) that privilege granting
+ programs (such as
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> and <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>)
+ defer to to perform standard authentication tasks.
+ </para>
+
+ <refsect2 id='pam3-initialization_and_cleanup'>
+ <title>Initialization and Cleanup</title>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function creates the PAM context and initiates the
+ PAM transaction. It is the first of the PAM functions that needs to
+ be called by an application. The transaction state is contained
+ entirely within the structure identified by this handle, so it is
+ possible to have multiple transactions in parallel. But it is not
+ possible to use the same handle for different transactions, a new
+ one is needed for every new context.
+ </para>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function terminates the PAM transaction and is the last
+ function an application should call in the PAM contenxt. Upon return
+ the handle pamh is no longer valid and all memory associated with it
+ will be invalid. It can be called at any time to terminate a PAM
+ transaction.
+ </para>
+ </refsect2>
+
+ <refsect2 id='pam3-authentication'>
+ <title>Authentication</title>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ function is used to
+ authenticate the user. The user is required to provide an
+ authentication token depending upon the authentication service,
+ usually this is a password, but could also be a finger print.
+ </para>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ function manages the userscredentials.
+ </para>
+ </refsect2>
+
+ <refsect2 id='pam3-account_management'>
+ <title>Account Management</title>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_acct_mgmt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function is used to determine if the users account is
+ valid. It checks for authentication token and account expiration and
+ verifies access restrictions. It is typically called after the user
+ has been authenticated.
+ </para>
+ </refsect2>
+
+ <refsect2 id='pam3-password_management'>
+ <title>Password Management</title>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function is used to change the authentication token
+ for a given user on request or because the token has expired.
+ </para>
+ </refsect2>
+
+ <refsect2 id='pam3-session_management'>
+ <title>Session Management</title>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_open_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function sets up a user session for a previously
+ successful authenticated user. The session should later be terminated
+ with a call to
+ <citerefentry>
+ <refentrytitle>pam_close_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect2>
+
+ <refsect2 id='pam3-conversation'>
+ <title>Conversation</title>
+ <para>
+ The PAM library uses an application-defined callback to allow
+ a direct communication between a loaded module and the application.
+ This callback is specified by the
+ <emphasis>struct pam_conv</emphasis> passed to
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> at the start of the transaction. See
+ <citerefentry>
+ <refentrytitle>pam_conv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ for details.
+ </para>
+ </refsect2>
+
+ <refsect2 id='pam3-data'>
+ <title>Data Objects</title>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ and
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ functions allows applications and PAM service modules to set and
+ retrieve PAM informations.
+ </para>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_get_user</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ function is the preferred method to obtain the username.
+ </para>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_set_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ and
+ <citerefentry>
+ <refentrytitle>pam_get_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ functions allows PAM service modules to set and retrieve free-form
+ data from one invocation to another.
+ </para>
+ </refsect2>
+
+ <refsect2 id='pam3-miscellaneous'>
+ <title>Environment and Error Management</title>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_putenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_getenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and
+ <citerefentry>
+ <refentrytitle>pam_getenvlist</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ functions are for maintaining a set of private environment variables.
+ </para>
+
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function returns a pointer to a string describing the
+ given PAM error code.
+ </para>
+ </refsect2>
+ </refsect1>
+
+ <refsect1 id='pam3-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ The following return codes are known by PAM:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>Critical error, immediate abort.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_ACCT_EXPIRED</term>
+ <listitem>
+ <para>User account has expired.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHINFO_UNAVAIL</term>
+ <listitem>
+ <para>
+ Authentication service cannot retrieve authentication info.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_DISABLE_AGING</term>
+ <listitem>
+ <para>Authentication token aging disabled.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_ERR</term>
+ <listitem>
+ <para>Authentication token manipulation error.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_EXPIRED</term>
+ <listitem>
+ <para>Authentication token expired.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_LOCK_BUSY</term>
+ <listitem>
+ <para>Authentication token lock busy.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_RECOVERY_ERR</term>
+ <listitem>
+ <para>Authentication information cannot be recovered.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>Authentication failure.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>Memory buffer error.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CONV_ERR</term>
+ <listitem>
+ <para>Conversation failure.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_ERR</term>
+ <listitem>
+ <para>Failure setting user credentials.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_EXPIRED</term>
+ <listitem>
+ <para>User credentials expired.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_INSUFFICIENT</term>
+ <listitem>
+ <para>Insufficient credentials to access authentication data.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_UNAVAIL</term>
+ <listitem>
+ <para>Authentication service cannot retrieve user credentials.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>The return value should be ignored by PAM dispatch.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_MAXTRIES</term>
+ <listitem>
+ <para>Have exhausted maximum number of retries for service.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_MODULE_UNKNOWN</term>
+ <listitem>
+ <para>Module is unknown.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_NEW_AUTHTOK_REQD</term>
+ <listitem>
+ <para>
+ Authentication token is no longer valid; new one required.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_NO_MODULE_DATA</term>
+ <listitem>
+ <para>No module specific data is present.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_OPEN_ERR</term>
+ <listitem>
+ <para>Failed to load module.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>Permission denied.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>Error in service module.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SESSION_ERR</term>
+ <listitem>
+ <para>Cannot make/remove an entry for the specified session.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>Success.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYMBOL_ERR</term>
+ <listitem>
+ <para>Symbol not found.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>System error.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_TRY_AGAIN</term>
+ <listitem>
+ <para>Failed preliminary check by password service.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>User not known to the underlying authentication module.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'><title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_acct_mgmt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_close_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_conv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_get_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_getenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_getenvlist</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_get_user</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_open_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_putenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_set_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam.8 b/Linux-PAM/doc/man/pam.8
index 81f9eb35..da9773b9 100644
--- a/Linux-PAM/doc/man/pam.8
+++ b/Linux-PAM/doc/man/pam.8
@@ -1,375 +1 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" $Id: pam.8,v 1.3 2003/09/25 17:49:29 baggins Exp $
-.\" Copyright (c) Andrew G. Morgan 1996-7,2001 <morgan@kernel.org>
-.TH PAM 8 "2001 Jan 20" "Linux-PAM 0.74" "Linux-PAM Manual"
-.SH NAME
-
-Linux-PAM \- Pluggable Authentication Modules for Linux
-
-.SH SYNOPSIS
-.B /etc/pam.conf
-.sp 2
-.SH DESCRIPTION
-
-This manual is intended to offer a quick introduction to
-.BR Linux-PAM ". "
-For more information the reader is directed to the
-.BR "Linux-PAM system administrators' guide".
-
-.sp
-.BR Linux-PAM
-Is a system of libraries that handle the authentication tasks of
-applications (services) on the system. The library provides a stable
-general interface (Application Programming Interface - API) that
-privilege granting programs (such as
-.BR login "(1) "
-and
-.BR su "(1)) "
-defer to to perform standard authentication tasks.
-
-.sp
-The principal feature of the PAM approach is that the nature of the
-authentication is dynamically configurable. In other words, the
-system administrator is free to choose how individual
-service-providing applications will authenticate users. This dynamic
-configuration is set by the contents of the single
-.BR Linux-PAM
-configuration file
-.BR /etc/pam.conf "."
-Alternatively, the configuration can be set by individual
-configuration files located in the
-.B /etc/pam.d/
-directory.
-.IB "The presence of this directory will cause " Linux-PAM " to ignore"
-.BI /etc/pam.conf "."
-
-.sp
-From the point of view of the system administrator, for whom this
-manual is provided, it is not of primary importance to understand the
-internal behavior of the
-.BR Linux-PAM
-library. The important point to recognize is that the configuration
-file(s)
-.I define
-the connection between applications
-.BR "" "(" services ")"
-and the pluggable authentication modules
-.BR "" "(" PAM "s)"
-that perform the actual authentication tasks.
-
-.sp
-.BR Linux-PAM
-separates the tasks of
-.I authentication
-into four independent management groups:
-.BR "account" " management; "
-.BR "auth" "entication management; "
-.BR "password" " management; "
-and
-.BR "session" " management."
-(We highlight the abbreviations used for these groups in the
-configuration file.)
-
-.sp
-Simply put, these groups take care of different aspects of a typical
-user's request for a restricted service:
-
-.sp
-.BR account " - "
-provide account verification types of service: has the user's password
-expired?; is this user permitted access to the requested service?
-
-.br
-.BR auth "entication - "
-establish the user is who they claim to be. Typically this is via some
-challenge-response request that the user must satisfy: if you are who
-you claim to be please enter your password. Not all authentications
-are of this type, there exist hardware based authentication schemes
-(such as the use of smart-cards and biometric devices), with suitable
-modules, these may be substituted seamlessly for more standard
-approaches to authentication - such is the flexibility of
-.BR Linux-PAM "."
-
-.br
-.BR password " - "
-this group's responsibility is the task of updating authentication
-mechanisms. Typically, such services are strongly coupled to those of
-the
-.BR auth
-group. Some authentication mechanisms lend themselves well to being
-updated with such a function. Standard UN*X password-based access is
-the obvious example: please enter a replacement password.
-
-.br
-.BR session " - "
-this group of tasks cover things that should be done prior to a
-service being given and after it is withdrawn. Such tasks include the
-maintenance of audit trails and the mounting of the user's home
-directory. The
-.BR session
-management group is important as it provides both an opening and
-closing hook for modules to affect the services available to a user.
-
-.SH The configuration file(s)
-
-When a
-.BR Linux-PAM
-aware privilege granting application is started, it activates its
-attachment to the PAM-API. This activation performs a number of
-tasks, the most important being the reading of the configuration file(s):
-.BR /etc/pam.conf "."
-Alternatively, this may be the contents of the
-.BR /etc/pam.d/
-directory.
-
-These files list the
-.BR PAM "s"
-that will do the authentication tasks required by this service, and
-the appropriate behavior of the PAM-API in the event that individual
-.BR PAM "s "
-fail.
-
-.sp
-The syntax of the
-.B /etc/pam.conf
-configuration file is as follows. The file is made
-up of a list of rules, each rule is typically placed on a single line,
-but may be extended with an escaped end of line: `\\<LF>'. Comments
-are preceded with `#' marks and extend to the next end of line.
-
-.sp
-The format of each rule is a space separated collection of tokens, the
-first three being case-insensitive:
-
-.sp
-.br
-.BR " service type control module-path module-arguments"
-
-.sp
-The syntax of files contained in the
-.B /etc/pam.d/
-directory, are identical except for the absence of any
-.I service
-field. In this case, the
-.I service
-is the name of the file in the
-.B /etc/pam.d/
-directory. This filename must be in lower case.
-
-.sp
-An important feature of
-.BR Linux-PAM ", "
-is that a number of rules may be
-.I stacked
-to combine the services of a number of PAMs for a given authentication
-task.
-
-.sp
-The
-.BR service
-is typically the familiar name of the corresponding application:
-.BR login
-and
-.BR su
-are good examples. The
-.BR service "-name, " other ", "
-is reserved for giving
-.I default
-rules. Only lines that mention the current service (or in the absence
-of such, the
-.BR other
-entries) will be associated with the given service-application.
-
-.sp
-The
-.BR type
-is the management group that the rule corresponds to. It is used to
-specify which of the management groups the subsequent module is to
-be associated with. Valid entries are:
-.BR account "; "
-.BR auth "; "
-.BR password "; "
-and
-.BR session "."
-The meaning of each of these tokens was explained above.
-
-.sp
-The third field,
-.BR control ", "
-indicates the behavior of the PAM-API should the module fail to
-succeed in its authentication task. There are two types of syntax for
-this control field: the simple one has a single simple keyword; the
-more complicated one involves a square-bracketed selection of
-.B value=action
-pairs.
-
-.sp
-For the simple (historical) syntax valid
-.BR control
-values are:
-.BR requisite
-- failure of such a PAM results in the immediate termination of the
-authentication process;
-.BR required
-- failure of such a PAM will ultimately lead to the PAM-API returning
-failure but only after the remaining
-.I stacked
-modules (for this
-.BR service
-and
-.BR type ")"
-have been invoked;
-.BR sufficient
-- success of such a module is enough to satisfy the authentication
-requirements of the stack of modules (if a prior
-.BR required
-module has failed the success of this one is
-.IR ignored "); "
-.BR optional
-- the success or failure of this module is only important if it is the
-only module in the stack associated with this
-.BR service "+" type "."
-
-.sp
-New control directive first introduced in ALT Linux is
-.BR include
-- include all lines of given type from the configuration
-file specified as an argument to this control.
-
-.sp
-For the more complicated syntax valid
-.B control
-values have the following form:
-.sp
-.RB [value1=action1 value2=action2 ...]
-.sp
-Where
-.B valueN
-corresponds to the return code from the function invoked in the module
-for which the line is defined. It is selected from one of these:
-.BR success ;
-.BR open_err ;
-.BR symbol_err ;
-.BR service_err ;
-.BR system_err ;
-.BR buf_err ;
-.BR perm_denied ;
-.BR auth_err ;
-.BR cred_insufficient ;
-.BR authinfo_unavail ;
-.BR user_unknown ;
-.BR maxtries ;
-.BR new_authtok_reqd ;
-.BR acct_expired ;
-.BR session_err ;
-.BR cred_unavail ;
-.BR cred_expired ;
-.BR cred_err ;
-.BR no_module_data ;
-.BR conv_err ;
-.BR authtok_err ;
-.BR authtok_recover_err ;
-.BR authtok_lock_busy ;
-.BR authtok_disable_aging ;
-.BR try_again ;
-.BR ignore ;
-.BR abort ;
-.BR authtok_expired ;
-.BR module_unknown ;
-.BR bad_item "; and"
-.BR default .
-The last of these,
-.BR default ,
-implies 'all
-.BR valueN 's
-not mentioned explicitly. Note, the full list of PAM errors is
-available in /usr/include/security/_pam_types.h . The
-.B actionN
-can be: an unsigned integer,
-.BR J ,
-signifying an action of 'jump over the next J modules in the stack';
-or take one of the following forms:
-.br
-.B ignore
-- when used with a stack of modules, the module's return status will
-not contribute to the return code the application obtains;
-.br
-.B bad
-- this action indicates that the return code should be thought of as
-indicative of the module failing. If this module is the first in the
-stack to fail, its status value will be used for that of the whole
-stack.
-.br
-.B die
-- equivalent to bad with the side effect of terminating the module
-stack and PAM immediately returning to the application.
-.br
-.B ok
-- this tells PAM that the administrator thinks this return code
-should contribute directly to the return code of the full stack of
-modules. In other words, if the former state of the stack would lead
-to a return of
-.BR PAM_SUCCESS ,
-the module's return code will override this value. Note, if the former
-state of the stack holds some value that is indicative of a modules
-failure, this 'ok' value will not be used to override that value.
-.br
-.B done
-- equivalent to ok with the side effect of terminating the module
-stack and PAM immediately returning to the application.
-.br
-.B reset
-- clear all memory of the state of the module stack and start again
-with the next stacked module.
-
-.sp
-.BR module-path
-- this is either the full filename of the PAM to be used by the
-application (it begins with a '/'), or a relative pathname from the
-default module location:
-.BR /lib/security/ .
-
-.sp
-.BR module-arguments
-- these are a space separated list of tokens that can be used to
-modify the specific behavior of the given PAM. Such arguments will be
-documented for each individual module.
-
-.SH "FILES"
-.BR /etc/pam.conf " - the configuration file"
-.br
-.BR /etc/pam.d/ " - the"
-.BR Linux-PAM
-configuration directory. Generally, if this directory is present, the
-.B /etc/pam.conf
-file is ignored.
-.br
-.BR /lib/libpam.so.X " - the dynamic library"
-.br
-.BR /lib/security/*.so " - the PAMs
-
-.SH ERRORS
-Typically errors generated by the
-.BR Linux-PAM
-system of libraries, will be written to
-.BR syslog "(3)."
-
-.SH "CONFORMING TO"
-DCE-RFC 86.0, October 1995.
-.br
-Contains additional features, but remains backwardly compatible with
-this RFC.
-
-.SH BUGS
-.sp 2
-None known.
-
-.SH "SEE ALSO"
-
-The three
-.BR Linux-PAM
-Guides, for
-.BR "system administrators" ", "
-.BR "module developers" ", "
-and
-.BR "application developers" ". "
+.so man8/PAM.8
diff --git a/Linux-PAM/doc/man/pam.8.xml b/Linux-PAM/doc/man/pam.8.xml
new file mode 100644
index 00000000..1267f01c
--- /dev/null
+++ b/Linux-PAM/doc/man/pam.8.xml
@@ -0,0 +1,186 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam8'>
+
+ <refmeta>
+ <refentrytitle>pam</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam8-name'>
+ <refname>PAM</refname>
+ <refname>pam</refname>
+ <refpurpose>Pluggable Authentication Modules for Linux</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='pam8-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ This manual is intended to offer a quick introduction to
+ <emphasis remap='B'>Linux-PAM</emphasis>. For more information
+ the reader is directed to the
+ <emphasis remap='B'>Linux-PAM system administrators' guide</emphasis>.
+ </para>
+
+ <para>
+ <emphasis remap='B'>Linux-PAM</emphasis> is a system of libraries
+ that handle the authentication tasks of applications (services) on
+ the system. The library provides a stable general interface
+ (Application Programming Interface - API) that privilege granting
+ programs (such as <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> and <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>) defer to to perform standard authentication tasks.
+ </para>
+
+ <para>
+ The principal feature of the PAM approach is that the nature of the
+ authentication is dynamically configurable. In other words, the
+ system administrator is free to choose how individual
+ service-providing applications will authenticate users. This dynamic
+ configuration is set by the contents of the single
+ <emphasis remap='B'>Linux-PAM</emphasis> configuration file
+ <filename>/etc/pam.conf</filename>. Alternatively, the configuration
+ can be set by individual configuration files located in the
+ <filename>/etc/pam.d/</filename> directory. The presence of this
+ directory will cause <emphasis remap='B'>Linux-PAM</emphasis> to
+ <emphasis remap='I'>ignore</emphasis>
+ <filename>/etc/pam.conf</filename>.
+ </para>
+
+
+<para>From the point of view of the system administrator, for whom this
+manual is provided, it is not of primary importance to understand the
+internal behavior of the
+<emphasis remap='B'>Linux-PAM</emphasis>
+library. The important point to recognize is that the configuration
+file(s)
+<emphasis remap='I'>define</emphasis>
+the connection between applications
+<emphasis remap='B'></emphasis>(<emphasis remap='B'>services</emphasis>)
+and the pluggable authentication modules
+<emphasis remap='B'></emphasis>(<emphasis remap='B'>PAM</emphasis>s)
+that perform the actual authentication tasks.</para>
+
+
+<para><emphasis remap='B'>Linux-PAM</emphasis>
+separates the tasks of
+<emphasis remap='I'>authentication</emphasis>
+into four independent management groups:
+<emphasis remap='B'>account</emphasis> management;
+<emphasis remap='B'>auth</emphasis>entication management;
+<emphasis remap='B'>password</emphasis> management;
+and
+<emphasis remap='B'>session</emphasis> management.
+(We highlight the abbreviations used for these groups in the
+configuration file.)</para>
+
+
+<para>Simply put, these groups take care of different aspects of a typical
+user's request for a restricted service:</para>
+
+
+<para><emphasis remap='B'>account</emphasis> -
+provide account verification types of service: has the user's password
+expired?; is this user permitted access to the requested service?</para>
+
+<!-- .br -->
+<para><emphasis remap='B'>auth</emphasis>entication -
+authenticate a user and set up user credentials. Typically this is via
+some challenge-response request that the user must satisfy: if you are
+who you claim to be please enter your password. Not all authentications
+are of this type, there exist hardware based authentication schemes
+(such as the use of smart-cards and biometric devices), with suitable
+modules, these may be substituted seamlessly for more standard
+approaches to authentication - such is the flexibility of
+<emphasis remap='B'>Linux-PAM</emphasis>.</para>
+
+<!-- .br -->
+<para><emphasis remap='B'>password</emphasis> -
+this group's responsibility is the task of updating authentication
+mechanisms. Typically, such services are strongly coupled to those of
+the
+<emphasis remap='B'>auth</emphasis>
+group. Some authentication mechanisms lend themselves well to being
+updated with such a function. Standard UN*X password-based access is
+the obvious example: please enter a replacement password.</para>
+
+<!-- .br -->
+<para><emphasis remap='B'>session</emphasis> -
+this group of tasks cover things that should be done prior to a
+service being given and after it is withdrawn. Such tasks include the
+maintenance of audit trails and the mounting of the user's home
+directory. The
+<emphasis remap='B'>session</emphasis>
+management group is important as it provides both an opening and
+closing hook for modules to affect the services available to a user.</para>
+
+</refsect1>
+
+ <refsect1 id='pam8-files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/pam.conf</filename></term>
+ <listitem>
+ <para>the configuration file</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/pam.d</filename></term>
+ <listitem>
+ <para>
+ the <emphasis remap='B'>Linux-PAM</emphasis> configuration
+ directory. Generally, if this directory is present, the
+ <filename>/etc/pam.conf</filename> file is ignored.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam8-errors'>
+ <title>ERRORS</title>
+ <para>
+ Typically errors generated by the
+ <emphasis remap='B'>Linux-PAM</emphasis> system of libraries, will
+ be written to <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam8-conforming_to'>
+ <title>CONFORMING TO</title>
+ <para>
+ DCE-RFC 86.0, October 1995.
+ Contains additional features, but remains backwardly compatible
+ with this RFC.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam8-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_sm_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>PAM</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam.conf-desc.xml b/Linux-PAM/doc/man/pam.conf-desc.xml
new file mode 100644
index 00000000..909dcdbe
--- /dev/null
+++ b/Linux-PAM/doc/man/pam.conf-desc.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<section id='pam.conf-desc'>
+ <para>
+ When a <emphasis>PAM</emphasis> aware privilege granting application
+ is started, it activates its attachment to the PAM-API. This
+ activation performs a number of tasks, the most important being the
+ reading of the configuration file(s): <filename>/etc/pam.conf</filename>.
+ Alternatively, this may be the contents of the
+ <filename>/etc/pam.d/</filename> directory. The presence of this
+ directory will cause Linux-PAM to ignore
+ <filename>/etc/pam.conf</filename>.
+ </para>
+ <para>
+ These files list the <emphasis>PAM</emphasis>s that will do the
+ authentication tasks required by this service, and the appropriate
+ behavior of the PAM-API in the event that individual
+ <emphasis>PAM</emphasis>s fail.
+ </para>
+</section>
diff --git a/Linux-PAM/doc/man/pam.conf-dir.xml b/Linux-PAM/doc/man/pam.conf-dir.xml
new file mode 100644
index 00000000..8446cf35
--- /dev/null
+++ b/Linux-PAM/doc/man/pam.conf-dir.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<section id='pam.conf-dir'>
+ <para>
+ More flexible than the single configuration file is it to
+ configure libpam via the contents of the
+ <filename>/etc/pam.d/</filename> directory. In this case the
+ directory is filled with files each of which has a filename
+ equal to a service-name (in lower-case): it is the personal
+ configuration file for the named service.
+ </para>
+
+ <para>
+ The syntax of each file in /etc/pam.d/ is similar to that of the
+ <filename>/etc/pam.conf</filename> file and is made up of lines
+ of the following form:
+ </para>
+
+ <programlisting>
+type control module-path module-arguments
+ </programlisting>
+
+ <para>
+ The only difference being that the service-name is not present. The
+ service-name is of course the name of the given configuration file.
+ For example, <filename>/etc/pam.d/login</filename> contains the
+ configuration for the <emphasis remap='B'>login</emphasis> service.
+ </para>
+</section>
diff --git a/Linux-PAM/doc/man/pam.conf-syntax.xml b/Linux-PAM/doc/man/pam.conf-syntax.xml
new file mode 100644
index 00000000..60c64b75
--- /dev/null
+++ b/Linux-PAM/doc/man/pam.conf-syntax.xml
@@ -0,0 +1,374 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<section id='pam.conf-syntax'>
+ <para>
+ The syntax of the <filename>/etc/pam.conf</filename>
+ configuration file is as follows. The file is made up of a list
+ of rules, each rule is typically placed on a single line,
+ but may be extended with an escaped end of line: `\&lt;LF&gt;'.
+ Comments are preceded with `#' marks and extend to the next end of
+ line.
+ </para>
+
+ <para>
+ The format of each rule is a space separated collection of tokens,
+ the first three being case-insensitive:
+ </para>
+
+ <para>
+ <emphasis remap='B'> service type control module-path module-arguments</emphasis>
+ </para>
+
+ <para>
+ The syntax of files contained in the <filename>/etc/pam.d/</filename>
+ directory, are identical except for the absence of any
+ <emphasis>service</emphasis> field. In this case, the
+ <emphasis>service</emphasis> is the name of the file in the
+ <filename>/etc/pam.d/</filename> directory. This filename must be
+ in lower case.
+ </para>
+
+ <para>
+ An important feature of <emphasis>PAM</emphasis>, is that a
+ number of rules may be <emphasis>stacked</emphasis> to combine
+ the services of a number of PAMs for a given authentication task.
+ </para>
+
+ <para>
+ The <emphasis>service</emphasis> is typically the familiar name of
+ the corresponding application: <emphasis>login</emphasis> and
+ <emphasis>su</emphasis> are good examples. The
+ <emphasis>service</emphasis>-name, <emphasis>other</emphasis>,
+ is reserved for giving <emphasis>default</emphasis> rules.
+ Only lines that mention the current service (or in the absence
+ of such, the <emphasis>other</emphasis> entries) will be associated
+ with the given service-application.
+ </para>
+
+ <para>
+ The <emphasis>type</emphasis> is the management group that the rule
+ corresponds to. It is used to specify which of the management groups
+ the subsequent module is to be associated with. Valid entries are:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>account</term>
+ <listitem>
+ <para>
+ this module type performs non-authentication based account
+ management. It is typically used to restrict/permit access
+ to a service based on the time of day, currently available
+ system resources (maximum number of users) or perhaps the
+ location of the applicant user -- 'root' login only on the
+ console.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>auth</term>
+ <listitem>
+ <para>
+ this module type provides two aspects of authenticating
+ the user. Firstly, it establishes that the user is who they
+ claim to be, by instructing the application to prompt the user
+ for a password or other means of identification. Secondly, the
+ module can grant group membership or other privileges through
+ its credential granting properties.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>password</term>
+ <listitem>
+ <para>
+ this module type is required for updating the authentication
+ token associated with the user. Typically, there is one module
+ for each 'challenge/response' based authentication (auth) type.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>session</term>
+ <listitem>
+ <para>
+ this module type is associated with doing things that need to
+ be done for the user before/after they can be given service.
+ Such things include the logging of information concerning the
+ opening/closing of some data exchange with a user, mounting
+ directories, etc.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ The third field, <emphasis>control</emphasis>, indicates the
+ behavior of the PAM-API should the module fail to succeed in its
+ authentication task. There are two types of syntax for this control
+ field: the simple one has a single simple keyword; the more
+ complicated one involves a square-bracketed selection of
+ <emphasis>value=action</emphasis> pairs.
+ </para>
+
+ <para>
+ For the simple (historical) syntax valid <emphasis>control</emphasis>
+ values are:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>required</term>
+ <listitem>
+ <para>
+ failure of such a PAM will ultimately lead to the PAM-API
+ returning failure but only after the remaining
+ <emphasis>stacked</emphasis> modules (for this
+ <emphasis>service</emphasis> and <emphasis>type</emphasis>)
+ have been invoked.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>requisite</term>
+ <listitem>
+ <para>
+ like <emphasis>required</emphasis>, however, in the case that
+ such a module returns a failure, control is directly returned
+ to the application. The return value is that associated with
+ the first required or requisite module to fail. Note, this flag
+ can be used to protect against the possibility of a user getting
+ the opportunity to enter a password over an unsafe medium. It is
+ conceivable that such behavior might inform an attacker of valid
+ accounts on a system. This possibility should be weighed against
+ the not insignificant concerns of exposing a sensitive password
+ in a hostile environment.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>sufficient</term>
+ <listitem>
+ <para>
+ success of such a module is enough to satisfy the
+ authentication requirements of the stack of modules (if a
+ prior <emphasis>required</emphasis> module has failed the
+ success of this one is <emphasis>ignored</emphasis>). A failure
+ of this module is not deemed as fatal to satisfying the
+ application that this type has succeeded. If the module succeeds
+ the PAM framework returns success to the application immediately
+ without trying any other modules.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>optional</term>
+ <listitem>
+ <para>
+ the success or failure of this module is only important if
+ it is the only module in the stack associated with this
+ <emphasis>service</emphasis>+<emphasis>type</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>include</term>
+ <listitem>
+ <para>
+ include all lines of given type from the configuration
+ file specified as an argument to this control.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ For the more complicated syntax valid <emphasis>control</emphasis>
+ values have the following form:
+ </para>
+ <programlisting>
+ [value1=action1 value2=action2 ...]
+ </programlisting>
+
+ <para>
+ Where <emphasis>valueN</emphasis> corresponds to the return code
+ from the function invoked in the module for which the line is
+ defined. It is selected from one of these:
+ <emphasis>success</emphasis>, <emphasis>open_err</emphasis>,
+ <emphasis>symbol_err</emphasis>, <emphasis>service_err</emphasis>,
+ <emphasis>system_err</emphasis>, <emphasis>buf_err</emphasis>,
+ <emphasis>perm_denied</emphasis>, <emphasis>auth_err</emphasis>,
+ <emphasis>cred_insufficient</emphasis>,
+ <emphasis>authinfo_unavail</emphasis>,
+ <emphasis>user_unknown</emphasis>, <emphasis>maxtries</emphasis>,
+ <emphasis>new_authtok_reqd</emphasis>,
+ <emphasis>acct_expired</emphasis>, <emphasis>session_err</emphasis>,
+ <emphasis>cred_unavail</emphasis>, <emphasis>cred_expired</emphasis>,
+ <emphasis>cred_err</emphasis>, <emphasis>no_module_data</emphasis>,
+ <emphasis>conv_err</emphasis>, <emphasis>authtok_err</emphasis>,
+ <emphasis>authtok_recover_err</emphasis>,
+ <emphasis>authtok_lock_busy</emphasis>,
+ <emphasis>authtok_disable_aging</emphasis>,
+ <emphasis>try_again</emphasis>, <emphasis>ignore</emphasis>,
+ <emphasis>abort</emphasis>, <emphasis>authtok_expired</emphasis>,
+ <emphasis>module_unknown</emphasis>, <emphasis>bad_item</emphasis>
+ and <emphasis>default</emphasis>.
+ </para>
+ <para>
+ The last of these, <emphasis>default</emphasis>, implies 'all
+ <emphasis>valueN</emphasis>'s not mentioned explicitly. Note, the
+ full list of PAM errors is available in
+ <filename>/usr/include/security/_pam_types.h</filename>. The
+ <emphasis>actionN</emphasis> can be: an unsigned integer,
+ <emphasis>n</emphasis>, signifying an action of 'jump over the
+ next <emphasis>n</emphasis> modules in the stack', or take one
+ of the following forms:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>ignore</term>
+ <listitem>
+ <para>
+ when used with a stack of modules, the module's return
+ status will not contribute to the return code the application
+ obtains.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>bad</term>
+ <listitem>
+ <para>
+ this action indicates that the return code should be thought
+ of as indicative of the module failing. If this module is the
+ first in the stack to fail, its status value will be used for
+ that of the whole stack.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>die</term>
+ <listitem>
+ <para>
+ equivalent to bad with the side effect of terminating the
+ module stack and PAM immediately returning to the application.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>ok</term>
+ <listitem>
+ <para>
+ this tells PAM that the administrator thinks this return code
+ should contribute directly to the return code of the full
+ stack of modules. In other words, if the former state of the
+ stack would lead to a return of <emphasis>PAM_SUCCESS</emphasis>,
+ the module's return code will override this value. Note, if
+ the former state of the stack holds some value that is
+ indicative of a modules failure, this 'ok' value will not be
+ used to override that value.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>done</term>
+ <listitem>
+ <para>
+ equivalent to ok with the side effect of terminating the module
+ stack and PAM immediately returning to the application.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>reset</term>
+ <listitem>
+ <para>
+ clear all memory of the state of the module stack and
+ start again with the next stacked module.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ Each of the four keywords: required; requisite; sufficient; and
+ optional, have an equivalent expression in terms of the [...]
+ syntax. They are as follows:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>required</term>
+ <listitem>
+ <para>
+ [success=ok new_authtok_reqd=ok ignore=ignore default=bad]
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>requisite</term>
+ <listitem>
+ <para>
+ [success=ok new_authtok_reqd=ok ignore=ignore default=die]
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>sufficient</term>
+ <listitem>
+ <para>
+ [success=done new_authtok_reqd=done default=ignore]
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>optional</term>
+ <listitem>
+ <para>
+ [success=ok new_authtok_reqd=ok default=ignore]
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ <emphasis>module-path</emphasis> is either the full filename
+ of the PAM to be used by the application (it begins with a '/'),
+ or a relative pathname from the default module location:
+ <filename>/lib/security/</filename> or
+ <filename>/lib64/security/</filename>, depending on the architecture.
+ </para>
+
+ <para>
+ <emphasis>module-arguments</emphasis> are a space separated list
+ of tokens that can be used to modify the specific behavior of the
+ given PAM. Such arguments will be documented for each individual
+ module. Note, if you wish to include spaces in an argument, you
+ should surround that argument with square brackets.
+ </para>
+ <programlisting>
+ squid auth required pam_mysql.so user=passwd_query passwd=mada \
+ db=eminence [query=select user_name from internet_service \
+ where user_name='%u' and password=PASSWORD('%p') and \
+ service='web_proxy']
+ </programlisting>
+ <para>
+ When using this convention, you can include `[' characters
+ inside the string, and if you wish to include a `]' character
+ inside the string that will survive the argument parsing, you
+ should use `\['. In other words:
+ </para>
+ <programlisting>
+ [..[..\]..] --> ..[..]..
+ </programlisting>
+
+ <para>
+ Any line in (one of) the configuration file(s), that is not formatted
+ correctly, will generally tend (erring on the side of caution) to make
+ the authentication process fail. A corresponding error is written to
+ the system log files with a call to
+ <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+
+</section>
diff --git a/Linux-PAM/doc/man/pam.conf.5 b/Linux-PAM/doc/man/pam.conf.5
new file mode 100644
index 00000000..3a76ba45
--- /dev/null
+++ b/Linux-PAM/doc/man/pam.conf.5
@@ -0,0 +1,303 @@
+.\" Title: pam.conf
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
+.\" Date: 01/16/2007
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM.CONF" "5" "01/16/2007" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam.conf, pam.d \- PAM configuration files
+.SH "DESCRIPTION"
+.PP
+When a
+\fIPAM\fR
+aware privilege granting application is started, it activates its attachment to the PAM\-API. This activation performs a number of tasks, the most important being the reading of the configuration file(s):
+\fI/etc/pam.conf\fR. Alternatively, this may be the contents of the
+\fI/etc/pam.d/\fR
+directory. The presence of this directory will cause Linux\-PAM to ignore
+\fI/etc/pam.conf\fR.
+.PP
+These files list the
+\fIPAM\fRs that will do the authentication tasks required by this service, and the appropriate behavior of the PAM\-API in the event that individual
+\fIPAM\fRs fail.
+.PP
+The syntax of the
+\fI/etc/pam.conf\fR
+configuration file is as follows. The file is made up of a list of rules, each rule is typically placed on a single line, but may be extended with an escaped end of line: `\\<LF>'. Comments are preceded with `#' marks and extend to the next end of line.
+.PP
+The format of each rule is a space separated collection of tokens, the first three being case\-insensitive:
+.PP
+
+\fB service type control module\-path module\-arguments\fR
+.PP
+The syntax of files contained in the
+\fI/etc/pam.d/\fR
+directory, are identical except for the absence of any
+\fIservice\fR
+field. In this case, the
+\fIservice\fR
+is the name of the file in the
+\fI/etc/pam.d/\fR
+directory. This filename must be in lower case.
+.PP
+An important feature of
+\fIPAM\fR, is that a number of rules may be
+\fIstacked\fR
+to combine the services of a number of PAMs for a given authentication task.
+.PP
+The
+\fIservice\fR
+is typically the familiar name of the corresponding application:
+\fIlogin\fR
+and
+\fIsu\fR
+are good examples. The
+\fIservice\fR\-name,
+\fIother\fR, is reserved for giving
+\fIdefault\fR
+rules. Only lines that mention the current service (or in the absence of such, the
+\fIother\fR
+entries) will be associated with the given service\-application.
+.PP
+The
+\fItype\fR
+is the management group that the rule corresponds to. It is used to specify which of the management groups the subsequent module is to be associated with. Valid entries are:
+.PP
+account
+.RS 4
+this module type performs non\-authentication based account management. It is typically used to restrict/permit access to a service based on the time of day, currently available system resources (maximum number of users) or perhaps the location of the applicant user \-\- 'root' login only on the console.
+.RE
+.PP
+auth
+.RS 4
+this module type provides two aspects of authenticating the user. Firstly, it establishes that the user is who they claim to be, by instructing the application to prompt the user for a password or other means of identification. Secondly, the module can grant group membership or other privileges through its credential granting properties.
+.RE
+.PP
+password
+.RS 4
+this module type is required for updating the authentication token associated with the user. Typically, there is one module for each 'challenge/response' based authentication (auth) type.
+.RE
+.PP
+session
+.RS 4
+this module type is associated with doing things that need to be done for the user before/after they can be given service. Such things include the logging of information concerning the opening/closing of some data exchange with a user, mounting directories, etc.
+.RE
+.PP
+The third field,
+\fIcontrol\fR, indicates the behavior of the PAM\-API should the module fail to succeed in its authentication task. There are two types of syntax for this control field: the simple one has a single simple keyword; the more complicated one involves a square\-bracketed selection of
+\fIvalue=action\fR
+pairs.
+.PP
+For the simple (historical) syntax valid
+\fIcontrol\fR
+values are:
+.PP
+required
+.RS 4
+failure of such a PAM will ultimately lead to the PAM\-API returning failure but only after the remaining
+\fIstacked\fR
+modules (for this
+\fIservice\fR
+and
+\fItype\fR) have been invoked.
+.RE
+.PP
+requisite
+.RS 4
+like
+\fIrequired\fR, however, in the case that such a module returns a failure, control is directly returned to the application. The return value is that associated with the first required or requisite module to fail. Note, this flag can be used to protect against the possibility of a user getting the opportunity to enter a password over an unsafe medium. It is conceivable that such behavior might inform an attacker of valid accounts on a system. This possibility should be weighed against the not insignificant concerns of exposing a sensitive password in a hostile environment.
+.RE
+.PP
+sufficient
+.RS 4
+success of such a module is enough to satisfy the authentication requirements of the stack of modules (if a prior
+\fIrequired\fR
+module has failed the success of this one is
+\fIignored\fR). A failure of this module is not deemed as fatal to satisfying the application that this type has succeeded. If the module succeeds the PAM framework returns success to the application immediately without trying any other modules.
+.RE
+.PP
+optional
+.RS 4
+the success or failure of this module is only important if it is the only module in the stack associated with this
+\fIservice\fR+\fItype\fR.
+.RE
+.PP
+include
+.RS 4
+include all lines of given type from the configuration file specified as an argument to this control.
+.RE
+.PP
+For the more complicated syntax valid
+\fIcontrol\fR
+values have the following form:
+.sp
+.RS 4
+.nf
+ [value1=action1 value2=action2 ...]
+
+.fi
+.RE
+.PP
+Where
+\fIvalueN\fR
+corresponds to the return code from the function invoked in the module for which the line is defined. It is selected from one of these:
+\fIsuccess\fR,
+\fIopen_err\fR,
+\fIsymbol_err\fR,
+\fIservice_err\fR,
+\fIsystem_err\fR,
+\fIbuf_err\fR,
+\fIperm_denied\fR,
+\fIauth_err\fR,
+\fIcred_insufficient\fR,
+\fIauthinfo_unavail\fR,
+\fIuser_unknown\fR,
+\fImaxtries\fR,
+\fInew_authtok_reqd\fR,
+\fIacct_expired\fR,
+\fIsession_err\fR,
+\fIcred_unavail\fR,
+\fIcred_expired\fR,
+\fIcred_err\fR,
+\fIno_module_data\fR,
+\fIconv_err\fR,
+\fIauthtok_err\fR,
+\fIauthtok_recover_err\fR,
+\fIauthtok_lock_busy\fR,
+\fIauthtok_disable_aging\fR,
+\fItry_again\fR,
+\fIignore\fR,
+\fIabort\fR,
+\fIauthtok_expired\fR,
+\fImodule_unknown\fR,
+\fIbad_item\fR
+and
+\fIdefault\fR.
+.PP
+The last of these,
+\fIdefault\fR, implies 'all
+\fIvalueN\fR's not mentioned explicitly. Note, the full list of PAM errors is available in
+\fI/usr/include/security/_pam_types.h\fR. The
+\fIactionN\fR
+can be: an unsigned integer,
+\fIn\fR, signifying an action of 'jump over the next
+\fIn\fR
+modules in the stack', or take one of the following forms:
+.PP
+ignore
+.RS 4
+when used with a stack of modules, the module's return status will not contribute to the return code the application obtains.
+.RE
+.PP
+bad
+.RS 4
+this action indicates that the return code should be thought of as indicative of the module failing. If this module is the first in the stack to fail, its status value will be used for that of the whole stack.
+.RE
+.PP
+die
+.RS 4
+equivalent to bad with the side effect of terminating the module stack and PAM immediately returning to the application.
+.RE
+.PP
+ok
+.RS 4
+this tells PAM that the administrator thinks this return code should contribute directly to the return code of the full stack of modules. In other words, if the former state of the stack would lead to a return of
+\fIPAM_SUCCESS\fR, the module's return code will override this value. Note, if the former state of the stack holds some value that is indicative of a modules failure, this 'ok' value will not be used to override that value.
+.RE
+.PP
+done
+.RS 4
+equivalent to ok with the side effect of terminating the module stack and PAM immediately returning to the application.
+.RE
+.PP
+reset
+.RS 4
+clear all memory of the state of the module stack and start again with the next stacked module.
+.RE
+.PP
+Each of the four keywords: required; requisite; sufficient; and optional, have an equivalent expression in terms of the [...] syntax. They are as follows:
+.PP
+required
+.RS 4
+[success=ok new_authtok_reqd=ok ignore=ignore default=bad]
+.RE
+.PP
+requisite
+.RS 4
+[success=ok new_authtok_reqd=ok ignore=ignore default=die]
+.RE
+.PP
+sufficient
+.RS 4
+[success=done new_authtok_reqd=done default=ignore]
+.RE
+.PP
+optional
+.RS 4
+[success=ok new_authtok_reqd=ok default=ignore]
+.RE
+.PP
+
+\fImodule\-path\fR
+is either the full filename of the PAM to be used by the application (it begins with a '/'), or a relative pathname from the default module location:
+\fI/lib/security/\fR
+or
+\fI/lib64/security/\fR, depending on the architecture.
+.PP
+
+\fImodule\-arguments\fR
+are a space separated list of tokens that can be used to modify the specific behavior of the given PAM. Such arguments will be documented for each individual module. Note, if you wish to include spaces in an argument, you should surround that argument with square brackets.
+.sp
+.RS 4
+.nf
+ squid auth required pam_mysql.so user=passwd_query passwd=mada \\
+ db=eminence [query=select user_name from internet_service \\
+ where user_name='%u' and password=PASSWORD('%p') and \\
+ service='web_proxy']
+
+.fi
+.RE
+.PP
+When using this convention, you can include `[' characters inside the string, and if you wish to include a `]' character inside the string that will survive the argument parsing, you should use `\\['. In other words:
+.sp
+.RS 4
+.nf
+ [..[..\\]..] \-\-> ..[..]..
+
+.fi
+.RE
+.PP
+Any line in (one of) the configuration file(s), that is not formatted correctly, will generally tend (erring on the side of caution) to make the authentication process fail. A corresponding error is written to the system log files with a call to
+\fBsyslog\fR(3).
+.PP
+More flexible than the single configuration file is it to configure libpam via the contents of the
+\fI/etc/pam.d/\fR
+directory. In this case the directory is filled with files each of which has a filename equal to a service\-name (in lower\-case): it is the personal configuration file for the named service.
+.PP
+The syntax of each file in /etc/pam.d/ is similar to that of the
+\fI/etc/pam.conf\fR
+file and is made up of lines of the following form:
+.sp
+.RS 4
+.nf
+type control module\-path module\-arguments
+
+.fi
+.RE
+.PP
+The only difference being that the service\-name is not present. The service\-name is of course the name of the given configuration file. For example,
+\fI/etc/pam.d/login\fR
+contains the configuration for the
+\fBlogin\fR
+service.
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(3),
+\fBPAM\fR(8),
+\fBpam_start\fR(3)
diff --git a/Linux-PAM/doc/man/pam.conf.8 b/Linux-PAM/doc/man/pam.conf.8
deleted file mode 100644
index d067b559..00000000
--- a/Linux-PAM/doc/man/pam.conf.8
+++ /dev/null
@@ -1 +0,0 @@
-.so pam.8
diff --git a/Linux-PAM/doc/man/pam.d.5 b/Linux-PAM/doc/man/pam.d.5
new file mode 100644
index 00000000..e4606aed
--- /dev/null
+++ b/Linux-PAM/doc/man/pam.d.5
@@ -0,0 +1 @@
+.so man5/pam.conf.5
diff --git a/Linux-PAM/doc/man/pam.d.8 b/Linux-PAM/doc/man/pam.d.8
deleted file mode 100644
index d067b559..00000000
--- a/Linux-PAM/doc/man/pam.d.8
+++ /dev/null
@@ -1 +0,0 @@
-.so pam.8
diff --git a/Linux-PAM/doc/man/pam_acct_mgmt.3 b/Linux-PAM/doc/man/pam_acct_mgmt.3
new file mode 100644
index 00000000..352df7d1
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_acct_mgmt.3
@@ -0,0 +1,68 @@
+.\" Title: pam_acct_mgmt
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_ACCT_MGMT" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_acct_mgmt \- PAM account validation management
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 18
+.BI "int pam_acct_mgmt(pam_handle_t\ *" "pamh" ", int\ " "flags" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_acct_mgmt\fR
+function is used to determine if the users account is valid. It checks for authentication token and account expiration and verifies access restrictions. It is typically called after the user has been authenticated.
+.PP
+The
+\fIpamh\fR
+argument is an authentication handle obtained by a prior call to pam_start(). The flags argument is the binary or of zero or more of the following values:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.TP 3n
+PAM_DISALLOW_NULL_AUTHTOK
+The PAM module service should return PAM_NEW_AUTHTOK_REQD if the user has a null authentication token.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_ACCT_EXPIRED
+User account has expired.
+.TP 3n
+PAM_AUTH_ERR
+Authentication failure.
+.TP 3n
+PAM_NEW_AUTHTOK_REQD
+The user account is valid but their authentication token is
+\fIexpired\fR. The correct response to this return\-value is to require that the user satisfies the
+\fBpam_chauthtok()\fR
+function before obtaining service. It may not be possible for some applications to do this. In such cases, the user should be denied access until such time as they can update their password.
+.TP 3n
+PAM_PERM_DENIED
+Permission denied.
+.TP 3n
+PAM_SUCCESS
+The authentication token was successfully updated.
+.TP 3n
+PAM_USER_UNKNOWN
+User unknown to password service.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_start\fR(3),
+\fBpam_authenticate\fR(3),
+\fBpam_chauthtok\fR(3),
+\fBpam_strerror\fR(3),
+\fBpam\fR(8)
diff --git a/Linux-PAM/doc/man/pam_acct_mgmt.3.xml b/Linux-PAM/doc/man/pam_acct_mgmt.3.xml
new file mode 100644
index 00000000..72274d1e
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_acct_mgmt.3.xml
@@ -0,0 +1,145 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_acct_mgmt'>
+ <refmeta>
+ <refentrytitle>pam_acct_mgmt</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_acct_mgmt-name">
+ <refname>pam_acct_mgmt</refname>
+ <refpurpose>PAM account validation management</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_acct_mgmt-synopsis'>
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_acct_mgmt</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_acct_mgmt-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_acct_mgmt</function> function is used to determine
+ if the users account is valid. It checks for authentication token
+ and account expiration and verifies access restrictions. It is
+ typically called after the user has been authenticated.
+ </para>
+ <para>
+ The <emphasis>pamh</emphasis> argument is an authentication
+ handle obtained by a prior call to pam_start().
+ The flags argument is the binary or of zero or more of the
+ following values:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_DISALLOW_NULL_AUTHTOK</term>
+ <listitem>
+ <para>
+ The PAM module service should return PAM_NEW_AUTHTOK_REQD
+ if the user has a null authentication token.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_acct_mgmt-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ACCT_EXPIRED</term>
+ <listitem>
+ <para>
+ User account has expired.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ Authentication failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_NEW_AUTHTOK_REQD</term>
+ <listitem>
+ <para>
+ The user account is valid but their authentication token
+ is <emphasis>expired</emphasis>. The correct response to
+ this return-value is to require that the user satisfies
+ the <function>pam_chauthtok()</function> function before
+ obtaining service. It may not be possible for some
+ applications to do this. In such cases, the user should be
+ denied access until such time as they can update their password.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ Permission denied.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The authentication token was successfully updated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User unknown to password service.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_acct_mgmt-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_authenticate.3 b/Linux-PAM/doc/man/pam_authenticate.3
index 7383f5f0..576a7a2c 100644
--- a/Linux-PAM/doc/man/pam_authenticate.3
+++ b/Linux-PAM/doc/man/pam_authenticate.3
@@ -1,91 +1,76 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" $Id: pam_authenticate.3,v 1.1.1.1 2000/06/20 22:10:57 agmorgan Exp $
-.\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@parc.power.net>
-.TH PAM_AUTHENTICATE 3 "1996 Dec 9" "Linux-PAM 0.55" "App. Programmers' Manual"
-.SH NAME
-
-pam_authenticate \- authenticate a user
-
-.SH SYNOPSIS
-.B #include <security/pam_appl.h>
+.\" Title: pam_authenticate
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_AUTHENTICATE" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_authenticate \- account authentication
+.SH "SYNOPSIS"
.sp
-.BI "int pam_authenticate(pam_handle_t " *pamh ", int " flags ");"
-.sp 2
-.SH DESCRIPTION
-.B pam_authenticate
-
-.br
-Use this function to authenticate an applicant user. It is linked
-.I dynamically
-to the authentication modules by
-.BR Linux-PAM ". "
-It is the task of these module to perform such an authentication. The
-specific nature of the authentication is not the concern of the
-application.
-
-.br
-Following successful completion, the
-.BR name
-of the authenticated user will be present in the
-.BR Linux-PAM
-item
-.BR PAM_USER ". "
-This item may be recovered with a call to
-.BR pam_get_item "(3)."
-
-.br
-The application developer should note that the modules may request
-that the user enter their username via the conversation mechanism (see
-.BR pam_start "(3))."
-Should this be the case, the user-prompt string can be set via
-the
-.BR PAM_USER_PROMPT
-item (see
-.BR pam_set_item "(3))."
-
-.SH "RETURN VALUE"
-On success
-.BR PAM_SUCCESS
-is returned. All other returns should be considered
-authentication failures and will be
-.I delayed
-by an amount specified with prior calls to
-.BR pam_fail_delay "(3). "
-Specific failures that demand special attention are the following:
-.TP
-.B PAM_ABORT
-the application should exit immediately. Of course,
-.BR pam_end "(3)"
-should be called first.
-
-.TP
-.B PAM_MAXTRIES
-the application has tried too many times to authenticate the
-user, authentication should not be attempted again.
-
-.SH ERRORS
-May be translated to text with
-.BR pam_strerror "(3). "
-
-.SH "CONFORMING TO"
-DCE-RFC 86.0, October 1995.
-
-.SH BUGS
-.sp 2
-none known.
-
-.SH "SEE ALSO"
-
-.BR pam_start "(3), "
-.BR pam_get_item "(3) "
-.BR pam_fail_delay "(3) "
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 21
+.BI "int pam_authenticate(pam_handle_t\ *" "pamh" ", int\ " "flags" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_authenticate\fR
+function is used to authenticate the user. The user is required to provide an authentication token depending upon the authentication service, usually this is a password, but could also be a finger print.
+.PP
+The PAM service module may request that the user enter their username vio the the conversation mechanism (see
+\fBpam_start\fR(3)
and
-.BR pam_strerror "(3). "
+\fBpam_conv\fR(3)). The name of the authenticated user will be present in the PAM item PAM_USER. This item may be recovered with a call to
+\fBpam_get_item\fR(3).
+.PP
+The
+\fIpamh\fR
+argument is an authentication handle obtained by a prior call to pam_start(). The flags argument is the binary or of zero or more of the following values:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.TP 3n
+PAM_DISALLOW_NULL_AUTHTOK
+The PAM module service should return PAM_AUTH_ERR if the user does not have a registered authentication token.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_ABORT
+The application should exit immediately after calling
+\fBpam_end\fR(3)
+first.
+.TP 3n
+PAM_AUTH_ERR
+The user was not authenticated.
+.TP 3n
+PAM_CRED_INSUFFICIENT
+For some reason the application does not have sufficient credentials to authenticate the user.
+.TP 3n
+PAM_AUTHINFO_UNVAIL
+The modules were not able to access the authentication information. This might be due to a network or hardware failure etc.
+.TP 3n
+PAM_MAXTRIES
+One or more of the authentication modules has reached its limit of tries authenticating the user. Do not try again.
+.TP 3n
+PAM_SUCCESS
+The user was successfully authenticated.
+.TP 3n
+PAM_USER_UNKNOWN
+User unknown to authentication service.
+.SH "SEE ALSO"
+.PP
-Also, see the three
-.BR Linux-PAM
-Guides, for
-.BR "System administrators" ", "
-.BR "module developers" ", "
-and
-.BR "application developers" ". "
+\fBpam_start\fR(3),
+\fBpam_setcred\fR(3),
+\fBpam_chauthtok\fR(3),
+\fBpam_strerror\fR(3),
+\fBpam\fR(8)
diff --git a/Linux-PAM/doc/man/pam_authenticate.3.xml b/Linux-PAM/doc/man/pam_authenticate.3.xml
new file mode 100644
index 00000000..8ddc38c9
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_authenticate.3.xml
@@ -0,0 +1,169 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_authenticate'>
+ <refmeta>
+ <refentrytitle>pam_authenticate</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_authenticate-name">
+ <refname>pam_authenticate</refname>
+ <refpurpose>account authentication</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_authenticate-synopsis'>
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_authenticate</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_authenticate-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_authenticate</function> function is used to
+ authenticate the user. The user is required to provide an
+ authentication token depending upon the authentication service,
+ usually this is a password, but could also be a finger print.
+ </para>
+ <para>
+ The PAM service module may request that the user enter their
+ username vio the the conversation mechanism (see
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and
+ <citerefentry>
+ <refentrytitle>pam_conv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>). The name of the authenticated user
+ will be present in the PAM item PAM_USER. This item may be
+ recovered with a call to
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ <para>
+ The <emphasis>pamh</emphasis> argument is an authentication
+ handle obtained by a prior call to pam_start().
+ The flags argument is the binary or of zero or more of the
+ following values:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_DISALLOW_NULL_AUTHTOK</term>
+ <listitem>
+ <para>
+ The PAM module service should return PAM_AUTH_ERR
+ if the user does not have a registered authentication token.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_authenticate-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ The application should exit immediately after calling
+ <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> first.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ The user was not authenticated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_INSUFFICIENT</term>
+ <listitem>
+ <para>
+ For some reason the application does not have sufficient
+ credentials to authenticate the user.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHINFO_UNVAIL</term>
+ <listitem>
+ <para>
+ The modules were not able to access the authentication
+ information. This might be due to a network or hardware
+ failure etc.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_MAXTRIES</term>
+ <listitem>
+ <para>
+ One or more of the authentication modules has reached its
+ limit of tries authenticating the user. Do not try again.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The user was successfully authenticated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User unknown to authentication service.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_authenticate-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_chauthtok.3 b/Linux-PAM/doc/man/pam_chauthtok.3
index a0466f0f..16c673b5 100644
--- a/Linux-PAM/doc/man/pam_chauthtok.3
+++ b/Linux-PAM/doc/man/pam_chauthtok.3
@@ -1,101 +1,73 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" $Id: pam_chauthtok.3,v 1.1.1.1 2000/06/20 22:10:57 agmorgan Exp $
-.\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net>
-.TH PAM_CHAUTHTOK 3 "1997 Jan 4" "Linux-PAM 0.55" "App. Programmers' Manual"
-.SH NAME
-
+.\" Title: pam_chauthtok
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_CHAUTHTOK" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
pam_chauthtok \- updating authentication tokens
-
-.SH SYNOPSIS
-.B #include <security/pam_appl.h>
+.SH "SYNOPSIS"
.sp
-.BI "int pam_chauthtok(pam_handle_t " *pamh ", int " flags ");"
-.sp 2
-.SH DESCRIPTION
-.B pam_chauthtok
-
-.br
-Use this function to rejuvenate the authentication tokens (passwords
-etc.) of an applicant user.
-
-.br
-Note, the application should not pre-authenticate the user, as this is
-performed (if required) by the
-.BR Linux-PAM
-framework.
-
-.br
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 18
+.BI "int pam_chauthtok(pam_handle_t\ *" "pamh" ", int\ " "flags" ");"
+.SH "DESCRIPTION"
+.PP
The
-.I flags
-argument can
-.I optionally
-take the value,
-.BR PAM_CHANGE_EXPIRED_AUTHTOK "."
-In such cases the framework is only required to update those
-authentication tokens that have expired. Without this argument, the
-framework will attempt to obtain new tokens for all configured
-authentication mechanisms. The details of the types and number of such
-schemes should not concern the calling application.
-
-.SH RETURN VALUE
-A successful return from this function will be indicated with
-.BR PAM_SUCCESS "."
-
-.br
-Specific errors of special interest when calling this function are
-
-.br
-.BR PAM_AUTHTOK_ERROR
-- a valid new token was not obtained
-
-.br
-.BR PAM_AUTHTOK_RECOVERY_ERR
-- old authentication token was not available
-
-.br
-.BR PAM_AUTHTOK_LOCK_BUSY
-- a resource needed to update the token was locked (try again later)
-
-.br
-.BR PAM_AUTHTOK_DISABLE_AGING
-- one or more of the authentication modules does not honor
-authentication token aging
-
-.br
-.BR PAM_TRY_AGAIN
-- one or more authentication mechanism is not prepared to update a
-token at this time
-
-.br
-In general other return values may be returned. They should be treated
-as indicating failure.
-
-.SH ERRORS
-May be translated to text with
-.BR pam_strerror "(3). "
-
-.SH "CONFORMING TO"
-DCE-RFC 86.0, October 1995.
-
-.SH BUGS
-.sp 2
-none known.
-
+\fBpam_chauthtok\fR
+function is used to change the authentication token for a given user (as indicated by the state associated with the handle
+\fIpamh\fR).
+.PP
+The
+\fIpamh\fR
+argument is an authentication handle obtained by a prior call to pam_start(). The flags argument is the binary or of zero or more of the following values:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.TP 3n
+PAM_CHANGE_EXPIRED_AUTHTOK
+This argument indicates to the modules that the users authentication token (password) should only be changed if it has expired. If this argument is not passed, the application requires that all authentication tokens are to be changed.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_AUTHTOK_ERR
+A module was unable to obtain the new authentication token.
+.TP 3n
+PAM_AUTHTOK_RECOVERY_ERR
+A module was unable to obtain the old authentication token.
+.TP 3n
+PAM_AUTHTOK_LOCK_BUSY
+One or more of the modules was unable to change the authentication token since it is currently locked.
+.TP 3n
+PAM_AUTHTOK_DISABLE_AGING
+Authentication token aging has been disabled for at least one of the modules.
+.TP 3n
+PAM_PERM_DENIED
+Permission denied.
+.TP 3n
+PAM_SUCCESS
+The authentication token was successfully updated.
+.TP 3n
+PAM_TRY_AGAIN
+Not all of the modules were in a position to update the authentication token(s). In such a case none of the user's authentication tokens are updated.
+.TP 3n
+PAM_USER_UNKNOWN
+User unknown to password service.
.SH "SEE ALSO"
-
-.BR pam_start "(3), "
-.BR pam_authenticate "(3), "
-.BR pam_setcred "(3), "
-.BR pam_get_item "(3), "
-.BR pam_strerror "(3) "
-and
-.BR pam "(8)."
-
-.br
-Also, see the three
-.BR Linux-PAM
-Guides, for
-.BR "System administrators" ", "
-.BR "module developers" ", "
-and
-.BR "application developers" ". "
+.PP
+
+\fBpam_start\fR(3),
+\fBpam_authenticate\fR(3),
+\fBpam_setcred\fR(3),
+\fBpam_get_item\fR(3),
+\fBpam_strerror\fR(3),
+\fBpam\fR(8)
diff --git a/Linux-PAM/doc/man/pam_chauthtok.3.xml b/Linux-PAM/doc/man/pam_chauthtok.3.xml
new file mode 100644
index 00000000..7e20070b
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_chauthtok.3.xml
@@ -0,0 +1,164 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_chauthtok'>
+ <refmeta>
+ <refentrytitle>pam_chauthtok</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_chauthtok-name">
+ <refname>pam_chauthtok</refname>
+ <refpurpose>updating authentication tokens</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_chauthtok-synopsis'>
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_chauthtok</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_chauthtok-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_chauthtok</function> function is used to change the
+ authentication token for a given user (as indicated by the state
+ associated with the handle <emphasis>pamh</emphasis>).
+ </para>
+ <para>
+ The <emphasis>pamh</emphasis> argument is an authentication
+ handle obtained by a prior call to pam_start().
+ The flags argument is the binary or of zero or more of the
+ following values:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CHANGE_EXPIRED_AUTHTOK</term>
+ <listitem>
+ <para>
+ This argument indicates to the modules that the users
+ authentication token (password) should only be changed
+ if it has expired.
+ If this argument is not passed, the application requires
+ that all authentication tokens are to be changed.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_chauthtok-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTHTOK_ERR</term>
+ <listitem>
+ <para>
+ A module was unable to obtain the new authentication token.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_RECOVERY_ERR</term>
+ <listitem>
+ <para>
+ A module was unable to obtain the old authentication token.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_LOCK_BUSY</term>
+ <listitem>
+ <para>
+ One or more of the modules was unable to change the
+ authentication token since it is currently locked.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_DISABLE_AGING</term>
+ <listitem>
+ <para>
+ Authentication token aging has been disabled for at least
+ one of the modules.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ Permission denied.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The authentication token was successfully updated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_TRY_AGAIN</term>
+ <listitem>
+ <para>
+ Not all of the modules were in a position to update the
+ authentication token(s). In such a case none of the user's
+ authentication tokens are updated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User unknown to password service.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_chauthtok-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_close_session.3 b/Linux-PAM/doc/man/pam_close_session.3
index d851700c..622c10e9 100644
--- a/Linux-PAM/doc/man/pam_close_session.3
+++ b/Linux-PAM/doc/man/pam_close_session.3
@@ -1 +1,55 @@
-.so pam_open_session.3
+.\" Title: pam_close_session
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_CLOSE_SESSION" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_close_session \- terminate PAM session management
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 22
+.BI "int pam_close_session(pam_handle_t\ *" "pamh" ", int\ " "flags" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_close_session\fR
+function is used to indicate that an authenticated session has ended. The session should have been created with a call to
+\fBpam_open_session\fR(3).
+.PP
+It should be noted that the effective uid,
+\fBgeteuid\fR(2). of the application should be of sufficient privilege to perform such tasks as unmounting the user's home directory for example.
+.PP
+The flags argument is the binary or of zero or more of the following values:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_ABORT
+General failure.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_SESSION_ERR
+Session failure.
+.TP 3n
+PAM_SUCCESS
+Session was successful terminated.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_open_session\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam_close_session.3.xml b/Linux-PAM/doc/man/pam_close_session.3.xml
new file mode 100644
index 00000000..db549bda
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_close_session.3.xml
@@ -0,0 +1,115 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_send'>
+
+ <refmeta>
+ <refentrytitle>pam_close_session</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_close_session-name">
+ <refname>pam_close_session</refname>
+ <refpurpose>terminate PAM session management</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_close_session-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_close_session</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_close_session-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_close_session</function> function is used
+ to indicate that an authenticated session has ended.
+ The session should have been created with a call to
+ <citerefentry>
+ <refentrytitle>pam_open_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ <para>
+ It should be noted that the effective uid,
+ <citerefentry>
+ <refentrytitle>geteuid</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>. of the application should be of sufficient
+ privilege to perform such tasks as unmounting the
+ user's home directory for example.
+ </para>
+ <para>
+ The flags argument is the binary or of zero or more of the
+ following values:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_close_session-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ General failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SESSION_ERR</term>
+ <listitem>
+ <para>
+ Session failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Session was successful terminated.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_close_session-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_open_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_conv.3 b/Linux-PAM/doc/man/pam_conv.3
new file mode 100644
index 00000000..34b61fb3
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_conv.3
@@ -0,0 +1,129 @@
+.\" Title: pam_conv
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_CONV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_conv \- PAM conversation function
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.sp
+.RS 3n
+.nf
+struct pam_message {
+ int msg_style;
+ const char *msg;
+};
+
+struct pam_response {
+ char *resp;
+ int resp_retcode;
+};
+
+struct pam_conv {
+ int (*conv)(int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *appdata_ptr);
+ void *appdata_ptr;
+};
+
+.fi
+.RE
+.SH "DESCRIPTION"
+.PP
+The PAM library uses an application\-defined callback to allow a direct communication between a loaded module and the application. This callback is specified by the
+\fIstruct pam_conv\fR
+passed to
+\fBpam_start\fR(3)
+at the start of the transaction.
+.PP
+When a module calls the referenced conv() function, the argument
+\fIappdata_ptr\fR
+is set to the second element of this structure.
+.PP
+The other arguments of a call to conv() concern the information exchanged by module and application. That is to say,
+\fInum_msg\fR
+holds the length of the array of pointers,
+\fImsg\fR. After a successful return, the pointer
+\fIresp\fR
+points to an array of pam_response structures, holding the application supplied text. The
+\fIresp_retcode\fR
+member of this struct is unused and should be set to zero. It is the caller's responsibility to release both, this array and the responses themselves, using
+\fBfree\fR(3). Note,
+\fI*resp\fR
+is a
+\fIstruct pam_response\fR
+array and not an array of pointers.
+.PP
+The number of responses is always equal to the
+\fInum_msg\fR
+conversation function argument. This does require that the response array is
+\fBfree\fR(3)'d after every call to the conversation function. The index of the responses corresponds directly to the prompt index in the pam_message array.
+.PP
+On failure, the conversation function should release any resources it has allocated, and return one of the predefined PAM error codes.
+.PP
+Each message can have one of four types, specified by the
+\fImsg_style\fR
+member of
+\fIstruct pam_message\fR:
+.TP 3n
+PAM_PROMPT_ECHO_OFF
+Obtain a string without echoing any text.
+.TP 3n
+PAM_PROMPT_ECHO_ON
+Obtain a string whilst echoing text.
+.TP 3n
+PAM_ERROR_MSG
+Display an error message.
+.TP 3n
+PAM_TEXT_INFO
+Display some text.
+.PP
+The point of having an array of messages is that it becomes possible to pass a number of things to the application in a single call from the module. It can also be convenient for the application that related things come at once: a windows based application can then present a single form with many messages/prompts on at once.
+.PP
+In passing, it is worth noting that there is a descrepency between the way Linux\-PAM handles the const struct pam_message **msg conversation function argument from the way that Solaris' PAM (and derivitives, known to include HP/UX, are there others?) does. Linux\-PAM interprets the msg argument as entirely equivalent to the following prototype const struct pam_message *msg[] (which, in spirit, is consistent with the commonly used prototypes for argv argument to the familiar main() function: char **argv; and char *argv[]). Said another way Linux\-PAM interprets the msg argument as a pointer to an array of num_meg read only 'struct pam_message' pointers. Solaris' PAM implementation interprets this argument as a pointer to a pointer to an array of num_meg pam_message structures. Fortunately, perhaps, for most module/application developers when num_msg has a value of one these two definitions are entirely equivalent. Unfortunately, casually raising this number to two has led to unanticipated compatibility problems.
+.PP
+For what its worth the two known module writer work\-arounds for trying to maintain source level compatibility with both PAM implementations are:
+.TP 3n
+\(bu
+never call the conversation function with num_msg greater than one.
+.TP 3n
+\(bu
+set up msg as doubly referenced so both types of conversation function can find the messages. That is, make
+.sp
+.RS 3n
+.nf
+ msg[n] = & (( *msg )[n])
+
+.fi
+.RE
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_CONV_ERR
+Conversation failure. The application should not set
+\fI*resp\fR.
+.TP 3n
+PAM_SUCCESS
+Success.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_start\fR(3),
+\fBpam_set_item\fR(3),
+\fBpam_get_item\fR(3),
+\fBpam_strerror\fR(3),
+\fBpam\fR(8)
diff --git a/Linux-PAM/doc/man/pam_conv.3.xml b/Linux-PAM/doc/man/pam_conv.3.xml
new file mode 100644
index 00000000..73bb37cc
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_conv.3.xml
@@ -0,0 +1,228 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_conv'>
+ <refmeta>
+ <refentrytitle>pam_conv</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_conv-name">
+ <refname>pam_conv</refname>
+ <refpurpose>PAM conversation function</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_conv-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ </funcsynopsis>
+ <programlisting>
+struct pam_message {
+ int msg_style;
+ const char *msg;
+};
+
+struct pam_response {
+ char *resp;
+ int resp_retcode;
+};
+
+struct pam_conv {
+ int (*conv)(int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *appdata_ptr);
+ void *appdata_ptr;
+};
+ </programlisting>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_conv-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The PAM library uses an application-defined callback to allow
+ a direct communication between a loaded module and the application.
+ This callback is specified by the
+ <emphasis>struct pam_conv</emphasis> passed to
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ at the start of the transaction.
+ </para>
+ <para>
+ When a module calls the referenced conv() function, the argument
+ <emphasis>appdata_ptr</emphasis> is set to the second element of
+ this structure.
+ </para>
+ <para>
+ The other arguments of a call to conv() concern the information
+ exchanged by module and application. That is to say,
+ <emphasis>num_msg</emphasis> holds the length of the array of
+ pointers, <emphasis>msg</emphasis>. After a successful return, the
+ pointer <emphasis>resp</emphasis> points to an array of pam_response
+ structures, holding the application supplied text. The
+ <emphasis>resp_retcode</emphasis> member of this struct is unused and
+ should be set to zero. It is the caller's responsibility to release
+ both, this array and the responses themselves, using
+ <citerefentry>
+ <refentrytitle>free</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>. Note, <emphasis>*resp</emphasis> is a
+ <emphasis>struct pam_response</emphasis> array and not an array of
+ pointers.
+ </para>
+ <para>
+ The number of responses is always equal to the
+ <emphasis>num_msg</emphasis> conversation function argument.
+ This does require that the response array is
+ <citerefentry>
+ <refentrytitle>free</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>'d after
+ every call to the conversation function. The index of the
+ responses corresponds directly to the prompt index in the
+ pam_message array.
+ </para>
+ <para>
+ On failure, the conversation function should release any resources
+ it has allocated, and return one of the predefined PAM error codes.
+ </para>
+ <para>
+ Each message can have one of four types, specified by the
+ <emphasis>msg_style</emphasis> member of
+ <emphasis>struct pam_message</emphasis>:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_PROMPT_ECHO_OFF</term>
+ <listitem>
+ <para>
+ Obtain a string without echoing any text.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PROMPT_ECHO_ON</term>
+ <listitem>
+ <para>
+ Obtain a string whilst echoing text.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_ERROR_MSG</term>
+ <listitem>
+ <para>
+ Display an error message.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_TEXT_INFO</term>
+ <listitem>
+ <para>
+ Display some text.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ The point of having an array of messages is that it becomes possible
+ to pass a number of things to the application in a single call from
+ the module. It can also be convenient for the application that related
+ things come at once: a windows based application can then present a
+ single form with many messages/prompts on at once.
+ </para>
+ <para>
+ In passing, it is worth noting that there is a descrepency between
+ the way Linux-PAM handles the const struct pam_message **msg
+ conversation function argument from the way that Solaris' PAM
+ (and derivitives, known to include HP/UX, are there others?) does.
+ Linux-PAM interprets the msg argument as entirely equivalent to the
+ following prototype
+ const struct pam_message *msg[] (which, in spirit, is consistent with
+ the commonly used prototypes for argv argument to the familiar main()
+ function: char **argv; and char *argv[]). Said another way Linux-PAM
+ interprets the msg argument as a pointer to an array of num_meg read
+ only 'struct pam_message' pointers. Solaris' PAM implementation
+ interprets this argument as a pointer to a pointer to an array of
+ num_meg pam_message structures. Fortunately, perhaps, for most
+ module/application developers when num_msg has a value of one these
+ two definitions are entirely equivalent. Unfortunately, casually
+ raising this number to two has led to unanticipated compatibility
+ problems.
+ </para>
+ <para>
+ For what its worth the two known module writer work-arounds for trying
+ to maintain source level compatibility with both PAM implementations
+ are:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ never call the conversation function with num_msg greater than one.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ set up msg as doubly referenced so both types of conversation
+ function can find the messages. That is, make
+ </para>
+ <programlisting>
+ msg[n] = &amp; (( *msg )[n])
+ </programlisting>
+ </listitem>
+ </itemizedlist>
+ </refsect1>
+
+ <refsect1 id="pam_conv-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CONV_ERR</term>
+ <listitem>
+ <para>
+ Conversation failure. The application should not set
+ <emphasis>*resp</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Success.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_conv-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_end.3 b/Linux-PAM/doc/man/pam_end.3
index de999f24..27cf95d2 100644
--- a/Linux-PAM/doc/man/pam_end.3
+++ b/Linux-PAM/doc/man/pam_end.3
@@ -1 +1,69 @@
-.so pam_start.3
+.\" Title: pam_end
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_END" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_end \- termination of PAM transaction
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 12
+.BI "int pam_end(pam_handle_t\ *" "pamh" ", int\ " "pam_status" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_end\fR
+function terminates the PAM transaction and is the last function an application should call in the PAM contenxt. Upon return the handle
+\fIpamh\fR
+is no longer valid and all memory associated with it will be invalid.
+.PP
+The
+\fIpam_status\fR
+argument should be set to the value returned to the application by the last PAM library call.
+.PP
+The value taken by
+\fIpam_status\fR
+is used as an argument to the module specific callback function,
+\fBcleanup()\fR
+(See
+\fBpam_set_data\fR(3)
+and
+\fBpam_get_data\fR(3)). In this way the module can be given notification of the pass/fail nature of the tear\-down process, and perform any last minute tasks that are appropriate to the module before it is unlinked. This argument can be logically OR'd with
+\fIPAM_DATA_SILENT\fR
+to indicate to indicate that the module should not treat the call too seriously. It is generally used to indicate that the current closing of the library is in a
+\fBfork\fR(2)ed process, and that the parent will take care of cleaning up things that exist outside of the current process space (files etc.).
+.PP
+This function
+\fIfree\fR's all memory for items associated with the
+\fBpam_set_item\fR(3)
+and
+\fBpam_get_item\fR(3)
+functions. Pointers associated with such objects are not valid anymore after
+\fBpam_end\fR
+was called.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+Transaction was successful terminated.
+.TP 3n
+PAM_SYSTEM_ERR
+System error, for example a NULL pointer was submitted as PAM handle or the function was called by a module.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_get_data\fR(3),
+\fBpam_set_data\fR(3),
+\fBpam_start\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam_end.3.xml b/Linux-PAM/doc/man/pam_end.3.xml
new file mode 100644
index 00000000..fd4a4250
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_end.3.xml
@@ -0,0 +1,122 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_end'>
+
+ <refmeta>
+ <refentrytitle>pam_end</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_end-name">
+ <refname>pam_end</refname>
+ <refpurpose>termination of PAM transaction</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_end-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_end</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>pam_status</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_end-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_end</function> function terminates the PAM
+ transaction and is the last function an application should call
+ in the PAM contenxt. Upon return the handle <emphasis>pamh</emphasis>
+ is no longer valid and all memory associated with it will be
+ invalid.
+ </para>
+ <para>
+ The <emphasis>pam_status</emphasis> argument should be set to
+ the value returned to the application by the last PAM
+ library call.
+ </para>
+ <para>
+ The value taken by <emphasis>pam_status</emphasis> is used as
+ an argument to the module specific callback function,
+ <function>cleanup()</function>
+ (See <citerefentry>
+ <refentrytitle>pam_set_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and
+ <citerefentry>
+ <refentrytitle>pam_get_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>). In this way the module can be given notification
+ of the pass/fail nature of the tear-down process, and perform any
+ last minute tasks that are appropriate to the module before it is
+ unlinked. This argument can be logically OR'd with
+ <emphasis>PAM_DATA_SILENT</emphasis> to indicate to indicate that
+ the module should not treat the call too seriously. It is generally
+ used to indicate that the current closing of the library is in a
+ <citerefentry>
+ <refentrytitle>fork</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>ed
+ process, and that the parent will take care of cleaning up things
+ that exist outside of the current process space (files etc.).
+ </para>
+
+ <para>
+ This function <emphasis>free</emphasis>'s all memory for items
+ associated with the
+ <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> functions. Pointers associated with such objects
+ are not valid anymore after <function>pam_end</function> was called.
+ </para>
+
+ </refsect1>
+ <refsect1 id="pam_end-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Transaction was successful terminated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ System error, for example a NULL pointer was submitted
+ as PAM handle or the function was called by a module.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_end-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_get_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_set_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_error.3 b/Linux-PAM/doc/man/pam_error.3
new file mode 100644
index 00000000..f295f98b
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_error.3
@@ -0,0 +1,66 @@
+.\" Title: pam_error
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_ERROR" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_error, pam_verror \- display error messages to the user
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_ext.h>
+.fi
+.ft
+.HP 14
+.BI "int pam_error(pam_handle_t\ *" "pamh" ", const\ char\ *" "fmt" ", " "..." ");"
+.HP 15
+.BI "int pam_verror(pam_handle_t\ *" "pamh" ", const\ char\ *" "fmt" ", va_list\ " "args" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_error\fR
+function prints error messages through the conversation function to the user.
+.PP
+The
+\fBpam_verror\fR
+function performs the same task as
+\fBpam_error()\fR
+with the difference that it takes a set of arguments which have been obtained using the
+\fBstdarg\fR(3)
+variable argument list macros.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_CONV_ERR
+Conversation failure.
+.TP 3n
+PAM_SUCCESS
+Error message was displayed.
+.TP 3n
+PAM_SYSTEM_ERR
+System error.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_info\fR(3),
+\fBpam_vinfo\fR(3),
+\fBpam_prompt\fR(3),
+\fBpam_vprompt\fR(3),
+\fBpam\fR(8)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_error\fR
+and
+\fBpam_verror\fR
+functions are Linux\-PAM extensions.
diff --git a/Linux-PAM/doc/man/pam_error.3.xml b/Linux-PAM/doc/man/pam_error.3.xml
new file mode 100644
index 00000000..de167f2c
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_error.3.xml
@@ -0,0 +1,121 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_error">
+
+ <refmeta>
+ <refentrytitle>pam_error</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_error-name">
+ <refname>pam_error</refname>
+ <refname>pam_verror</refname>
+ <refpurpose>display error messages to the user</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv id="pam_error-synopsis">
+ <funcsynopsis>
+ <funcsynopsisinfo>#include &lt;security/pam_ext.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_error</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef><parameter>...</parameter></paramdef>
+ </funcprototype>
+ <funcprototype>
+ <funcdef>int <function>pam_verror</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef>va_list <parameter>args</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_error-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_error</function> function prints error messages
+ through the conversation function to the user.
+ </para>
+ <para>
+ The <function>pam_verror</function> function performs the same
+ task as <function>pam_error()</function> with the difference
+ that it takes a set of arguments which have been obtained using
+ the <citerefentry>
+ <refentrytitle>stdarg</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> variable argument list macros.
+ </para>
+ </refsect1>
+ <refsect1 id="pam_error-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CONV_ERR</term>
+ <listitem>
+ <para>
+ Conversation failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Error message was displayed.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ System error.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_error-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_info</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_vinfo</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_prompt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_vprompt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_error-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_error</function> and <function>pam_verror</function>
+ functions are Linux-PAM extensions.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_fail_delay.3 b/Linux-PAM/doc/man/pam_fail_delay.3
index 3b72f3d9..000276ed 100644
--- a/Linux-PAM/doc/man/pam_fail_delay.3
+++ b/Linux-PAM/doc/man/pam_fail_delay.3
@@ -1,130 +1,130 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" $Id: pam_fail_delay.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $
-.\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net>
-.TH PAM_FAIL_DELAY 3 "1997 Jan 12" "Linux-PAM 0.56" "Programmers' Manual"
-.SH NAME
-
+.\" Title: pam_fail_delay
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 08/01/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_FAIL_DELAY" "3" "08/01/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
pam_fail_delay \- request a delay on failure
-
-.SH SYNOPSIS
-.B #include <security/pam_appl.h>
-.br
-or,
-.br
-.B #include <security/pam_modules.h>
+.SH "SYNOPSIS"
.sp
-.BI "int pam_fail_delay(pam_handle_t " "*pamh" ", unsigned int " "usec" ");"
-.sp 2
-.SH DESCRIPTION
-.br
-It is often possible to attack an authentication scheme by exploiting
-the time it takes the scheme to deny access to an applicant user. In
-cases of
-.I short
-timeouts, it may prove possible to attempt a
-.I brute force
-dictionary attack -- with an automated process, the attacker tries all
-possible passwords to gain access to the system. In other cases,
-where individual failures can take measurable amounts of time
-(indicating the nature of the failure), an attacker can obtain useful
-information about the authentication process. These latter attacks
-make use of procedural delays that constitute a
-.I covert channel
-of useful information.
-
-.br
-To minimize the effectiveness of such attacks, it is desirable to
-introduce a random delay in a failed authentication process.
-.B Linux-PAM
-provides such a facility. The delay occurs upon failure of the
-.BR pam_authenticate "(3) "
-and
-.BR pam_chauthtok "(3) "
-functions. It occurs
-.I after
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 19
+.BI "int pam_fail_delay(pam_handle_t\ *" "pamh" ", unsigned\ int\ " "usec" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_fail_delay\fR
+function provides a mechanism by which an application or module can suggest a minimum delay of
+\fIusec\fR
+micro\-seconds. The function keeps a record of the longest time requested with this function. Should
+\fBpam_authenticate\fR(3)
+fail, the failing return to the application is delayed by an amount of time randomly distributed (by up to 25%) about this longest value.
+.PP
+Independent of success, the delay time is reset to its zero default value when the PAM service module returns control to the application. The delay occurs
+\fIafter\fR
all authentication modules have been called, but
-.I before
+\fIbefore\fR
control is returned to the service application.
-
-.br
-The function,
-.BR pam_fail_delay "(3),"
-is used to specify a required minimum for the length of the
-failure-delay; the
-.I usec
-argument. This function can be called by the service application
-and/or the authentication modules, both may have an interest in
-delaying a reapplication for service by the user. The length of the
-delay is computed at the time it is required. Its length is
-pseudo-gausianly distributed about the
-.I maximum
-requested value; the resultant delay will differ by as much as 25% of
-this maximum requested value (both up and down).
-
-.br
-On return from
-.BR pam_authenticate "(3) or " pam_chauthtok "(3),"
-independent of success or failure, the new requested delay is reset to
-its default value: zero.
-
-.SH EXAMPLE
-.br
-For example, a
-.B login
-application may require a failure delay of roughly 3 seconds. It will
-contain the following code:
+.PP
+When using this function the programmer should check if it is available with:
.sp
-.br
-.B " pam_fail_delay(pamh, 3000000 /* micro-seconds */ );"
-.br
-.B " pam_authenticate(pamh, 0);"
+.RS 3n
+.nf
+#ifdef HAVE_PAM_FAIL_DELAY
+ ....
+#endif /* HAVE_PAM_FAIL_DELAY */
+
+.fi
+.RE
+.PP
+For applications written with a single thread that are event driven in nature, generating this delay may be undesirable. Instead, the application may want to register the delay in some other way. For example, in a single threaded server that serves multiple authentication requests from a single event loop, the application might want to simply mark a given connection as blocked until an application timer expires. For this reason the delay function can be changed with the
+\fIPAM_FAIL_DELAY\fR
+item. It can be queried and set with
+\fBpam_get_item\fR(3)
+and
+\fBpam_set_item \fR(3)
+respectively. The value used to set it should be a function pointer of the following prototype:
.sp
-.br
-if the modules do not request a delay, the failure delay will be
-between 2.25 and 3.75 seconds.
-
-.br
-However, the modules, invoked in the authentication process, may
-also request delays:
+.RS 3n
+.nf
+void (*delay_fn)(int retval, unsigned usec_delay, void *appdata_ptr);
+
+.fi
+.RE
.sp
-.br
-.RB " (module #1) " "pam_fail_delay(pamh, 2000000);"
+The arguments being the
+\fIretval\fR
+return code of the module stack, the
+\fIusec_delay\fR
+micro\-second delay that libpam is requesting and the
+\fIappdata_ptr\fR
+that the application has associated with the current
+\fIpamh\fR. This last value was set by the application when it called
+\fBpam_start\fR(3)
+or explicitly with
+\fBpam_set_item\fR(3). Note, if PAM_FAIL_DELAY item is unset (or set to NULL), then no delay will be performed.
+.SH "RATIONALE"
+.PP
+It is often possible to attack an authentication scheme by exploiting the time it takes the scheme to deny access to an applicant user. In cases of
+\fIshort\fR
+timeouts, it may prove possible to attempt a
+\fIbrute force\fR
+dictionary attack \-\- with an automated process, the attacker tries all possible passwords to gain access to the system. In other cases, where individual failures can take measurable amounts of time (indicating the nature of the failure), an attacker can obtain useful information about the authentication process. These latter attacks make use of procedural delays that constitute a
+\fIcovert channel\fR
+of useful information.
+.PP
+To minimize the effectiveness of such attacks, it is desirable to introduce a random delay in a failed authentication process. Preferable this value should be set by the application or a special PAM module. Standard PAM modules should not modify the delay unconditional.
+.SH "EXAMPLE"
+.PP
+For example, a login application may require a failure delay of roughly 3 seconds. It will contain the following code:
.sp
-.br
-.RB " (module #2) " "pam_fail_delay(pamh, 4000000);"
+.RS 3n
+.nf
+ pam_fail_delay (pamh, 3000000 /* micro\-seconds */ );
+ pam_authenticate (pamh, 0);
+
+.fi
+.RE
+.PP
+if the modules do not request a delay, the failure delay will be between 2.25 and 3.75 seconds.
+.PP
+However, the modules, invoked in the authentication process, may also request delays:
.sp
-.br
-in this case, it is the largest requested value that is used to
-compute the actual failed delay: here between 3 and 5 seconds.
-
-.SH "RETURN VALUE"
-Following a successful call to
-.BR pam_fail_delay "(3), " PAM_SUCCESS
-is returned. All other returns should be considered serious failures.
-
-.SH ERRORS
-May be translated to text with
-.BR pam_strerror "(3). "
-
-.SH "CONFORMING TO"
-Under consideration by the X/Open group for future inclusion in the
-PAM RFC. 1996/1/10
-
-.SH BUGS
-.sp 2
-none known.
-
+.RS 3n
+.nf
+module #1: pam_fail_delay (pamh, 2000000);
+module #2: pam_fail_delay (pamh, 4000000);
+
+.fi
+.RE
+.PP
+in this case, it is the largest requested value that is used to compute the actual failed delay: here between 3 and 5 seconds.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+Delay was successful adjusted.
+.TP 3n
+PAM_SYSTEM_ERR
+A NULL pointer was submitted as PAM handle.
.SH "SEE ALSO"
+.PP
-.BR pam_start "(3), "
-.BR pam_get_item "(3) "
-and
-.BR pam_strerror "(3). "
-
-Also, see the three
-.BR Linux-PAM
-Guides, for
-.BR "System administrators" ", "
-.BR "module developers" ", "
-and
-.BR "application developers" ". "
+\fBpam_start\fR(3),
+\fBpam_get_item\fR(3),
+\fBpam_strerror\fR(3)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_fail_delay\fR
+function is an Linux\-PAM extension.
diff --git a/Linux-PAM/doc/man/pam_fail_delay.3.xml b/Linux-PAM/doc/man/pam_fail_delay.3.xml
new file mode 100644
index 00000000..a101cf39
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_fail_delay.3.xml
@@ -0,0 +1,202 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_fail_delay">
+
+ <refmeta>
+ <refentrytitle>pam_fail_delay</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_fail_delay-name">
+ <refname>pam_fail_delay</refname>
+ <refpurpose>request a delay on failure</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_fail_delay-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_fail_delay</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>unsigned int <parameter>usec</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_fail_delay-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_fail_delay</function> function provides a
+ mechanism by which an application or module can suggest a minimum
+ delay of <emphasis>usec</emphasis> micro-seconds. The
+ function keeps a record of the longest time requested with this
+ function. Should
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> fail, the failing return to the application is
+ delayed by an amount of time randomly distributed (by up to 25%)
+ about this longest value.
+ </para>
+ <para>
+ Independent of success, the delay time is reset to its zero
+ default value when the PAM service module returns control to
+ the application. The delay occurs <emphasis>after</emphasis> all
+ authentication modules have been called, but <emphasis>before</emphasis>
+ control is returned to the service application.
+ </para>
+ <para>
+ When using this function the programmer should check if it is
+ available with:
+ </para>
+ <programlisting>
+#ifdef HAVE_PAM_FAIL_DELAY
+ ....
+#endif /* HAVE_PAM_FAIL_DELAY */
+ </programlisting>
+
+ <para>
+ For applications written with a single thread that are event
+ driven in nature, generating this delay may be undesirable.
+ Instead, the application may want to register the delay in some
+ other way. For example, in a single threaded server that serves
+ multiple authentication requests from a single event loop, the
+ application might want to simply mark a given connection as
+ blocked until an application timer expires. For this reason
+ the delay function can be changed with the
+ <emphasis>PAM_FAIL_DELAY</emphasis> item. It can be queried and
+ set with
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ and
+ <citerefentry>
+ <refentrytitle>pam_set_item </refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> respectively. The value used to set it should be
+ a function pointer of the following prototype:
+ <programlisting>
+void (*delay_fn)(int retval, unsigned usec_delay, void *appdata_ptr);
+ </programlisting>
+ The arguments being the <emphasis>retval</emphasis> return code
+ of the module stack, the <emphasis>usec_delay</emphasis>
+ micro-second delay that libpam is requesting and the
+ <emphasis>appdata_ptr</emphasis> that the application has associated
+ with the current <emphasis>pamh</emphasis>. This last value was set
+ by the application when it called
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> or explicitly with
+ <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ Note, if PAM_FAIL_DELAY item is unset (or set to NULL), then no delay
+ will be performed.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_fail_delay-rationale'>
+ <title>RATIONALE</title>
+ <para>
+ It is often possible to attack an authentication scheme by exploiting
+ the time it takes the scheme to deny access to an applicant user. In
+ cases of <emphasis>short</emphasis> timeouts, it may prove possible
+ to attempt a <emphasis>brute force</emphasis> dictionary attack --
+ with an automated process, the attacker tries all possible passwords
+ to gain access to the system. In other cases, where individual
+ failures can take measurable amounts of time (indicating the nature
+ of the failure), an attacker can obtain useful information about the
+ authentication process. These latter attacks make use of procedural
+ delays that constitute a <emphasis>covert channel</emphasis>
+ of useful information.
+ </para>
+ <para>
+ To minimize the effectiveness of such attacks, it is desirable to
+ introduce a random delay in a failed authentication process.
+ Preferable this value should be set by the application or a special
+ PAM module. Standard PAM modules should not modify the delay
+ unconditional.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_fail_delay-example'>
+ <title>EXAMPLE</title>
+ <para>
+ For example, a login application may require a failure delay of
+ roughly 3 seconds. It will contain the following code:
+ </para>
+ <programlisting>
+ pam_fail_delay (pamh, 3000000 /* micro-seconds */ );
+ pam_authenticate (pamh, 0);
+ </programlisting>
+
+ <para>
+ if the modules do not request a delay, the failure delay will be
+ between 2.25 and 3.75 seconds.
+ </para>
+
+ <para>
+ However, the modules, invoked in the authentication process, may
+ also request delays:
+ </para>
+
+ <programlisting>
+module #1: pam_fail_delay (pamh, 2000000);
+module #2: pam_fail_delay (pamh, 4000000);
+ </programlisting>
+
+ <para>
+ in this case, it is the largest requested value that is used to
+ compute the actual failed delay: here between 3 and 5 seconds.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_fail_delay-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Delay was successful adjusted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ A NULL pointer was submitted as PAM handle.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_fail_delay-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_fail_delay-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_fail_delay</function> function is an
+ Linux-PAM extension.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_get_data.3 b/Linux-PAM/doc/man/pam_get_data.3
new file mode 100644
index 00000000..cacec733
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_get_data.3
@@ -0,0 +1,60 @@
+.\" Title: pam_get_data
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_GET_DATA" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_get_data \- get module internal data
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 17
+.BI "int pam_get_data(const\ pam_handle_t\ *" "pamh" ", const\ char\ *" "module_data_name" ", const\ void\ **" "data" ");"
+.SH "DESCRIPTION"
+.PP
+This function together with the
+\fBpam_set_data\fR(3)
+function is useful to manage module\-specific data meaningful only to the calling PAM module.
+.PP
+The
+\fBpam_get_data\fR
+function looks up the object associated with the (hopefully) unique string
+\fImodule_data_name\fR
+in the PAM context specified by the
+\fIpamh\fR
+argument. A successful call to
+\fBpam_get_data\fR
+will result in
+\fIdata\fR
+pointing to the object. Note, this data is
+\fInot\fR
+a copy and should be treated as
+\fIconstant\fR
+by the module.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+Data was successful retrieved.
+.TP 3n
+PAM_SYSTEM_ERR
+A NULL pointer was submitted as PAM handle or the function was called by an application.
+.TP 3n
+PAM_NO_MODULE_DATA
+Module data not found or there is an entry, but it has the value NULL.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_end\fR(3),
+\fBpam_set_data\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam_get_data.3.xml b/Linux-PAM/doc/man/pam_get_data.3.xml
new file mode 100644
index 00000000..e84e5a4c
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_get_data.3.xml
@@ -0,0 +1,108 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_get_data'>
+
+ <refmeta>
+ <refentrytitle>pam_get_data</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_get_data-name'>
+ <refname>pam_get_data</refname>
+ <refpurpose>
+ get module internal data
+ </refpurpose>
+ </refnamediv>
+
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+
+ <funcsynopsis id="pam_get_data-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_get_data</function></funcdef>
+ <paramdef>const pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char *<parameter>module_data_name</parameter></paramdef>
+ <paramdef>const void **<parameter>data</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_get_data-description">
+ <title>DESCRIPTION</title>
+ <para>
+ This function together with the
+ <citerefentry>
+ <refentrytitle>pam_set_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function
+ is useful to manage module-specific data meaningful only to
+ the calling PAM module.
+ </para>
+ <para>
+ The <function>pam_get_data</function> function looks up the
+ object associated with the (hopefully) unique string
+ <emphasis>module_data_name</emphasis> in the PAM context
+ specified by the <emphasis>pamh</emphasis> argument.
+ A successful call to
+ <function>pam_get_data</function> will result in
+ <emphasis>data</emphasis> pointing to the object. Note,
+ this data is <emphasis>not</emphasis> a copy and should be
+ treated as <emphasis>constant</emphasis> by the module.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_get_data-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Data was successful retrieved.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ A NULL pointer was submitted as PAM handle or the
+ function was called by an application.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_NO_MODULE_DATA</term>
+ <listitem>
+ <para>
+ Module data not found or there is an entry, but it has
+ the value NULL.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_get_data-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_set_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_get_item.3 b/Linux-PAM/doc/man/pam_get_item.3
index f4f0d462..ae63d298 100644
--- a/Linux-PAM/doc/man/pam_get_item.3
+++ b/Linux-PAM/doc/man/pam_get_item.3
@@ -1 +1,125 @@
-.so pam_set_item.3
+.\" Title: pam_get_item
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_GET_ITEM" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_get_item \- getting PAM informations
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 17
+.BI "int pam_get_item(const\ pam_handle_t\ *" "pamh" ", int\ " "item_type" ", const\ void\ **" "item" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_get_item\fR
+function allows applications and PAM service modules to access and retrieve PAM informations of
+\fIitem_type\fR. Upon successful return,
+\fIitem\fR
+contains a pointer to the value of the corresponding item. Note, this is a pointer to the
+\fIactual\fR
+data and should
+\fBnot\fR
+be
+\fIfree()\fR'ed or over\-written! The following values are supported for
+\fIitem_type\fR:
+.TP 3n
+PAM_SERVICE
+The service name (which identifies that PAM stack that the PAM functions will use to authenticate the program).
+.TP 3n
+PAM_USER
+The username of the entity under whose identity service will be given. That is, following authentication,
+\fIPAM_USER\fR
+identifies the local entity that gets to use the service. Note, this value can be mapped from something (eg., "anonymous") to something else (eg. "guest119") by any module in the PAM stack. As such an application should consult the value of
+\fIPAM_USER\fR
+after each call to a PAM function.
+.TP 3n
+PAM_USER_PROMPT
+The string used when prompting for a user's name. The default value for this string is a localized version of "login: ".
+.TP 3n
+PAM_TTY
+The terminal name: prefixed by
+\fI/dev/\fR
+if it is a device file; for graphical, X\-based, applications the value for this item should be the
+\fI$DISPLAY\fR
+variable.
+.TP 3n
+PAM_RUSER
+The requesting user name: local name for a locally requesting user or a remote user name for a remote requesting user.
+.sp
+Generally an application or module will attempt to supply the value that is most strongly authenticated (a local account before a remote one. The level of trust in this value is embodied in the actual authentication stack associated with the application, so it is ultimately at the discretion of the system administrator.
+.sp
+
+\fIPAM_RUSER@PAM_RHOST\fR
+should always identify the requesting user. In some cases,
+\fIPAM_RUSER\fR
+may be NULL. In such situations, it is unclear who the requesting entity is.
+.TP 3n
+PAM_RHOST
+The requesting hostname (the hostname of the machine from which the
+\fIPAM_RUSER\fR
+entity is requesting service). That is
+\fIPAM_RUSER@PAM_RHOST\fR
+does identify the requesting user. In some applications,
+\fIPAM_RHOST\fR
+may be NULL. In such situations, it is unclear where the authentication request is originating from.
+.TP 3n
+PAM_AUTHTOK
+The authentication token (often a password). This token should be ignored by all module functions besides
+\fBpam_sm_authenticate\fR(3)
+and
+\fBpam_sm_chauthtok\fR(3). In the former function it is used to pass the most recent authentication token from one stacked module to another. In the latter function the token is used for another purpose. It contains the currently active authentication token.
+.TP 3n
+PAM_OLDAUTHTOK
+The old authentication token. This token should be ignored by all module functions except
+\fBpam_sm_chauthtok\fR(3).
+.TP 3n
+PAM_CONV
+The pam_conv structure. See
+\fBpam_conv\fR(3).
+.TP 3n
+PAM_FAIL_DELAY
+A function pointer to redirect centrally managed failure delays. See
+\fBpam_fail_delay\fR(3).
+.PP
+If a service module wishes to obtain the name of the user, it should not use this function, but instead perform a call to
+\fBpam_get_user\fR(3).
+.PP
+Only a service module is privileged to read the authentication tokens, PAM_AUTHTOK and PAM_OLDAUTHTOK.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BAD_ITEM
+The application attempted to set an undefined or inaccessible item.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_PERM_DENIED
+The value of
+\fIitem\fR
+was NULL.
+.TP 3n
+PAM_SUCCESS
+Data was successful updated.
+.TP 3n
+PAM_SYSTEM_ERR
+The
+\fIpam_handle_t\fR
+passed as first argument was invalid.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_set_item\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam_get_item.3.xml b/Linux-PAM/doc/man/pam_get_item.3.xml
new file mode 100644
index 00000000..e5806d11
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_get_item.3.xml
@@ -0,0 +1,134 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"
+[
+<!--
+<!ENTITY accessconf SYSTEM "pam_item_types.inc.xml">
+-->
+]>
+
+<refentry id='pam_get_item'>
+
+ <refmeta>
+ <refentrytitle>pam_get_item</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_get_item-name'>
+ <refname>pam_get_item</refname>
+ <refpurpose>
+ getting PAM informations
+ </refpurpose>
+ </refnamediv>
+
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+
+ <funcsynopsis id="pam_get_item-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_get_item</function></funcdef>
+ <paramdef>const pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>item_type</parameter></paramdef>
+ <paramdef>const void **<parameter>item</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_get_item-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_get_item</function> function allows applications
+ and PAM service modules to access and retrieve PAM informations
+ of <emphasis>item_type</emphasis>. Upon successful return,
+ <emphasis>item</emphasis> contains a pointer to the value of the
+ corresponding item. Note, this is a pointer to the
+ <emphasis>actual</emphasis> data and should
+ <emphasis remap="B">not</emphasis> be <emphasis>free()</emphasis>'ed or
+ over-written! The following values are supported for
+ <emphasis>item_type</emphasis>:
+ </para>
+
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_item_types.inc.xml"/>
+
+ <para>
+ If a service module wishes to obtain the name of the user,
+ it should not use this function, but instead perform a call to
+ <citerefentry>
+ <refentrytitle>pam_get_user</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ <para>
+ Only a service module is privileged to read the
+ authentication tokens, PAM_AUTHTOK and PAM_OLDAUTHTOK.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_get_item-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BAD_ITEM</term>
+ <listitem>
+ <para>
+ The application attempted to set an undefined or inaccessible
+ item.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ The value of <emphasis>item</emphasis> was NULL.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Data was successful updated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ The <emphasis>pam_handle_t</emphasis> passed as first
+ argument was invalid.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_get_item-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_get_user.3 b/Linux-PAM/doc/man/pam_get_user.3
new file mode 100644
index 00000000..f4ab776b
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_get_user.3
@@ -0,0 +1,79 @@
+.\" Title: pam_get_user
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_GET_USER" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_get_user \- get user name
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 17
+.BI "int pam_get_user(const\ pam_handle_t\ *" "pamh" ", const\ char\ **" "user" ", const\ char\ *" "prompt" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_get_user\fR
+function returns the name of the user specified by
+\fBpam_start\fR(3). If no user was specified it what
+\fBpam_get_item (pamh, PAM_USER, ... );\fR
+would have returned. If this is NULL it obtains the username via the
+\fBpam_conv\fR(3)
+mechanism, it prompts the user with the first non\-NULL string in the following list:
+.TP 3n
+\(bu
+The
+\fIprompt\fR
+argument passed to the function.
+.TP 3n
+\(bu
+What is returned by pam_get_item (pamh, PAM_USER_PROMPT, ... );
+.TP 3n
+\(bu
+The default prompt: "login: "
+.sp
+.RE
+.PP
+By whatever means the username is obtained, a pointer to it is returned as the contents of
+\fI*user\fR. Note, this memory should
+\fBnot\fR
+be
+\fIfree()\fR'd or
+\fImodified\fR
+by the module.
+.PP
+This function sets the
+\fIPAM_USER\fR
+item associated with the
+\fBpam_set_item\fR(3)
+and
+\fBpam_get_item\fR(3)
+functions.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+User name was successful retrieved.
+.TP 3n
+PAM_SYSTEM_ERR
+A NULL pointer was submitted.
+.TP 3n
+PAM_CONV_ERR
+The conversation method supplied by the application failed to obtain the username.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_end\fR(3),
+\fBpam_get_item\fR(3),
+\fBpam_set_item\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam_get_user.3.xml b/Linux-PAM/doc/man/pam_get_user.3.xml
new file mode 100644
index 00000000..ff8be694
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_get_user.3.xml
@@ -0,0 +1,139 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_get_user'>
+
+ <refmeta>
+ <refentrytitle>pam_get_user</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_get_user-name'>
+ <refname>pam_get_user</refname>
+ <refpurpose>
+ get user name
+ </refpurpose>
+ </refnamediv>
+
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+
+ <funcsynopsis id="pam_get_user-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_get_user</function></funcdef>
+ <paramdef>const pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char **<parameter>user</parameter></paramdef>
+ <paramdef>const char *<parameter>prompt</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_get_user-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_get_user</function> function returns the
+ name of the user specified by
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>. If no user was specified it what
+ <function>pam_get_item (pamh, PAM_USER, ... );</function> would
+ have returned. If this is NULL it obtains the username via the
+ <citerefentry>
+ <refentrytitle>pam_conv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> mechanism, it prompts the user with the first
+ non-NULL string in the following list:
+ </para>
+
+ <itemizedlist>
+ <listitem>
+ <para>
+ The <emphasis>prompt</emphasis> argument passed to the function.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ What is returned by pam_get_item (pamh, PAM_USER_PROMPT, ... );
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The default prompt: "login: "
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ By whatever means the username is obtained, a pointer to it is
+ returned as the contents of <emphasis>*user</emphasis>. Note,
+ this memory should <emphasis remap="B">not</emphasis> be
+ <emphasis>free()</emphasis>'d or <emphasis>modified</emphasis>
+ by the module.
+ </para>
+ <para>
+ This function sets the <emphasis>PAM_USER</emphasis> item
+ associated with the
+ <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> functions.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_get_user-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ User name was successful retrieved.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ A NULL pointer was submitted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CONV_ERR</term>
+ <listitem>
+ <para>
+ The conversation method supplied by the
+ application failed to obtain the username.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_get_user-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_getenv.3 b/Linux-PAM/doc/man/pam_getenv.3
new file mode 100644
index 00000000..3882d080
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_getenv.3
@@ -0,0 +1,43 @@
+.\" Title: pam_getenv
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_GETENV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_getenv \- get a PAM environment variable
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 23
+.BI "const char *pam_getenv(pam_handle_t\ *" "pamh" ", const\ char\ *" "name" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_getenv\fR
+function searches the PAM environment list as associated with the handle
+\fIpamh\fR
+for a string that matches the string pointed to by
+\fIname\fR. The return values are of the form: "\fIname=value\fR".
+.SH "RETURN VALUES"
+.PP
+The
+\fBpam_getenv\fR
+function returns NULL on failure.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_start\fR(3),
+\fBpam_getenvlist\fR(3),
+\fBpam_putenv\fR(3),
+\fBpam\fR(8)
diff --git a/Linux-PAM/doc/man/pam_getenv.3.xml b/Linux-PAM/doc/man/pam_getenv.3.xml
new file mode 100644
index 00000000..e78aa3c2
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_getenv.3.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_getenv'>
+ <refmeta>
+ <refentrytitle>pam_getenv</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_getenv-name">
+ <refname>pam_getenv</refname>
+ <refpurpose>get a PAM environment variable</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_getenv-synopsis'>
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>const char *<function>pam_getenv</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char *<parameter>name</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_getenv-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_getenv</function> function searches the
+ PAM environment list as associated with the handle
+ <emphasis>pamh</emphasis> for a string that matches the string
+ pointed to by <emphasis>name</emphasis>. The return values are
+ of the form: "<emphasis>name=value</emphasis>".
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_getenv-return_values">
+ <title>RETURN VALUES</title>
+ <para>
+ The <function>pam_getenv</function> function returns NULL
+ on failure.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_getenv-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_getenvlist</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_putenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_getenvlist.3 b/Linux-PAM/doc/man/pam_getenvlist.3
new file mode 100644
index 00000000..57c1d70e
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_getenvlist.3
@@ -0,0 +1,50 @@
+.\" Title: pam_getenvlist
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_GETENVLIST" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_getenvlist \- getting the PAM environment
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 22
+.BI "char **pam_getenvlist(pam_handle_t\ *" "pamh" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_getenvlist\fR
+function returns a complete copy of the PAM environment as associated with the handle
+\fIpamh\fR. The PAM environment variables represent the contents of the regular environment variables of the authenticated user when service is granted.
+.PP
+The format of the memory is a malloc()'d array of char pointers, the last element of which is set to NULL. Each of the non\-NULL entries in this array point to a NUL terminated and malloc()'d char string of the form: "\fIname=value\fR".
+.PP
+It should be noted that this memory will never be free()'d by libpam. Once obtained by a call to
+\fBpam_getenvlist\fR, it is the responsibility of the calling application to free() this memory.
+.PP
+It is by design, and not a coincidence, that the format and contents of the returned array matches that required for the third argument of the
+\fBexecle\fR(3)
+function call.
+.SH "RETURN VALUES"
+.PP
+The
+\fBpam_getenvlist\fR
+function returns NULL on failure.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_start\fR(3),
+\fBpam_getenv\fR(3),
+\fBpam_putenv\fR(3),
+\fBpam\fR(8)
diff --git a/Linux-PAM/doc/man/pam_getenvlist.3.xml b/Linux-PAM/doc/man/pam_getenvlist.3.xml
new file mode 100644
index 00000000..1c29b737
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_getenvlist.3.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_getenvlist'>
+ <refmeta>
+ <refentrytitle>pam_getenvlist</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_getenvlist-name">
+ <refname>pam_getenvlist</refname>
+ <refpurpose>getting the PAM environment</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_getenvlist-synopsis'>
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>char **<function>pam_getenvlist</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_getenvlist-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_getenvlist</function> function returns a complete
+ copy of the PAM environment as associated with the handle
+ <emphasis>pamh</emphasis>. The PAM environment variables
+ represent the contents of the regular environment variables of the
+ authenticated user when service is granted.
+ </para>
+ <para>
+ The format of the memory is a malloc()'d array of char pointers,
+ the last element of which is set to NULL. Each of the non-NULL
+ entries in this array point to a NUL terminated and malloc()'d
+ char string of the form: "<emphasis>name=value</emphasis>".
+ </para>
+ <para>
+ It should be noted that this memory will never be free()'d by
+ libpam. Once obtained by a call to
+ <function>pam_getenvlist</function>, it is the responsibility of
+ the calling application to free() this memory.
+ </para>
+ <para>
+ It is by design, and not a coincidence, that the format and contents
+ of the returned array matches that required for the third argument of
+ the
+ <citerefentry>
+ <refentrytitle>execle</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function call.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_getenvlist-return_values">
+ <title>RETURN VALUES</title>
+ <para>
+ The <function>pam_getenvlist</function> function returns NULL
+ on failure.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_getenvlist-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_getenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_putenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_info.3 b/Linux-PAM/doc/man/pam_info.3
new file mode 100644
index 00000000..fabb5aa7
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_info.3
@@ -0,0 +1,62 @@
+.\" Title: pam_info
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_INFO" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_info, pam_vinfo \- display messages to the user
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_ext.h>
+.fi
+.ft
+.HP 13
+.BI "int pam_info(pam_handle_t\ *" "pamh" ", const\ char\ *" "fmt" ", " "..." ");"
+.HP 14
+.BI "int pam_vinfo(pam_handle_t\ *" "pamh" ", const\ char\ *" "fmt" ", va_list\ " "args" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_info\fR
+function prints messages through the conversation function to the user.
+.PP
+The
+\fBpam_vinfo\fR
+function performs the same task as
+\fBpam_info()\fR
+with the difference that it takes a set of arguments which have been obtained using the
+\fBstdarg\fR(3)
+variable argument list macros.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_CONV_ERR
+Conversation failure.
+.TP 3n
+PAM_SUCCESS
+Transaction was successful created.
+.TP 3n
+PAM_SYSTEM_ERR
+System error.
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(8)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_info\fR
+and
+\fBpam_vinfo\fR
+functions are Linux\-PAM extensions.
diff --git a/Linux-PAM/doc/man/pam_info.3.xml b/Linux-PAM/doc/man/pam_info.3.xml
new file mode 100644
index 00000000..88e671c7
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_info.3.xml
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_info">
+
+ <refmeta>
+ <refentrytitle>pam_info</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_info-name">
+ <refname>pam_info</refname>
+ <refname>pam_vinfo</refname>
+ <refpurpose>display messages to the user</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv id="pam_info-synopsis">
+ <funcsynopsis>
+ <funcsynopsisinfo>#include &lt;security/pam_ext.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_info</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef><parameter>...</parameter></paramdef>
+ </funcprototype>
+ <funcprototype>
+ <funcdef>int <function>pam_vinfo</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef>va_list <parameter>args</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_info-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_info</function> function prints messages
+ through the conversation function to the user.
+ </para>
+ <para>
+ The <function>pam_vinfo</function> function performs the same
+ task as <function>pam_info()</function> with the difference
+ that it takes a set of arguments which have been obtained using
+ the <citerefentry>
+ <refentrytitle>stdarg</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> variable argument list macros.
+ </para>
+ </refsect1>
+ <refsect1 id="pam_info-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CONV_ERR</term>
+ <listitem>
+ <para>
+ Conversation failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Transaction was successful created.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ System error.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_info-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_info-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_info</function> and <function>pam_vinfo</function>
+ functions are Linux-PAM extensions.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_item_types.inc.xml b/Linux-PAM/doc/man/pam_item_types.inc.xml
new file mode 100644
index 00000000..9d70087b
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_item_types.inc.xml
@@ -0,0 +1,151 @@
+<!-- this file is included by pam_set_item and pam_get_item -->
+
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SERVICE</term>
+ <listitem>
+ <para>
+ The service name (which identifies that PAM stack that
+ the PAM functions will use to authenticate the program).
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_USER</term>
+ <listitem>
+ <para>
+ The username of the entity under whose identity service
+ will be given. That is, following authentication,
+ <emphasis>PAM_USER</emphasis> identifies the local entity
+ that gets to use the service. Note, this value can be mapped
+ from something (eg., "anonymous") to something else (eg.
+ "guest119") by any module in the PAM stack. As such an
+ application should consult the value of
+ <emphasis>PAM_USER</emphasis> after each call to a PAM function.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_USER_PROMPT</term>
+ <listitem>
+ <para>
+ The string used when prompting for a user's name. The default
+ value for this string is a localized version of "login: ".
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_TTY</term>
+ <listitem>
+ <para>
+ The terminal name: prefixed by <filename>/dev/</filename> if
+ it is a device file; for graphical, X-based, applications the
+ value for this item should be the
+ <emphasis>$DISPLAY</emphasis> variable.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_RUSER</term>
+ <listitem>
+ <para>
+ The requesting user name: local name for a locally
+ requesting user or a remote user name for a remote
+ requesting user.
+ </para>
+ <para>
+ Generally an application or module will attempt to supply
+ the value that is most strongly authenticated (a local account
+ before a remote one. The level of trust in this value is
+ embodied in the actual authentication stack associated with
+ the application, so it is ultimately at the discretion of the
+ system administrator.
+ </para>
+ <para>
+ <emphasis>PAM_RUSER@PAM_RHOST</emphasis> should always identify
+ the requesting user. In some cases,
+ <emphasis>PAM_RUSER</emphasis> may be NULL. In such situations,
+ it is unclear who the requesting entity is.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_RHOST</term>
+ <listitem>
+ <para>
+ The requesting hostname (the hostname of the machine from
+ which the <emphasis>PAM_RUSER</emphasis> entity is requesting
+ service). That is <emphasis>PAM_RUSER@PAM_RHOST</emphasis>
+ does identify the requesting user. In some applications,
+ <emphasis>PAM_RHOST</emphasis> may be NULL. In such situations,
+ it is unclear where the authentication request is originating
+ from.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_AUTHTOK</term>
+ <listitem>
+ <para>
+ The authentication token (often a password). This token
+ should be ignored by all module functions besides
+ <citerefentry>
+ <refentrytitle>pam_sm_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and
+ <citerefentry>
+ <refentrytitle>pam_sm_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ In the former function it is used to pass the most recent
+ authentication token from one stacked module to another. In
+ the latter function the token is used for another purpose.
+ It contains the currently active authentication token.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_OLDAUTHTOK</term>
+ <listitem>
+ <para>
+ The old authentication token. This token should be ignored
+ by all module functions except
+ <citerefentry>
+ <refentrytitle>pam_sm_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+
+ <varlistentry>
+ <term>PAM_CONV</term>
+ <listitem>
+ <para>
+ The pam_conv structure. See
+ <citerefentry>
+ <refentrytitle>pam_conv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_FAIL_DELAY</term>
+ <listitem>
+ <para>
+ A function pointer to redirect centrally managed
+ failure delays. See
+ <citerefentry>
+ <refentrytitle>pam_fail_delay</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
diff --git a/Linux-PAM/doc/man/pam_misc_drop_env.3 b/Linux-PAM/doc/man/pam_misc_drop_env.3
new file mode 100644
index 00000000..5708d5bc
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_misc_drop_env.3
@@ -0,0 +1,46 @@
+.\" Title: pam_misc_drop_env
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_MISC_DROP_ENV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_misc_drop_env \- liberating a locally saved environment
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_misc.h>
+.fi
+.ft
+.HP 22
+.BI "int pam_misc_drop_env(char\ **" "env" ");"
+.SH "DESCRIPTION"
+.PP
+This function is defined to complement the
+\fBpam_getenvlist\fR(3)
+function. It liberates the memory associated with
+\fIenv\fR,
+\fIoverwriting\fR
+with
+\fI0\fR
+all memory before
+\fBfree()\fRing it.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_getenvlist\fR(3),
+\fBpam\fR(8)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_misc_drop_env\fR
+function is part of the
+\fBlibpam_misc\fR
+Library and not defined in any standard.
diff --git a/Linux-PAM/doc/man/pam_misc_drop_env.3.xml b/Linux-PAM/doc/man/pam_misc_drop_env.3.xml
new file mode 100644
index 00000000..1941f589
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_misc_drop_env.3.xml
@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_misc_drop_env">
+
+ <refmeta>
+ <refentrytitle>pam_misc_drop_env</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_misc_drop_env-name">
+ <refname>pam_misc_drop_env</refname>
+ <refpurpose>liberating a locally saved environment</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_misc_drop_env-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_misc.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_misc_drop_env</function></funcdef>
+ <paramdef>char **<parameter>env</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_misc_drop_env-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ This function is defined to complement the <citerefentry>
+ <refentrytitle>pam_getenvlist</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function. It liberates the memory associated
+ with <parameter>env</parameter>, <emphasis>overwriting</emphasis>
+ with <emphasis>0</emphasis> all memory before
+ <function>free()</function>ing it.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_misc_drop_env-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_getenvlist</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_misc_drop_env-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_misc_drop_env</function> function is part of the
+ <command>libpam_misc</command> Library and not defined in any
+ standard.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_misc_paste_env.3 b/Linux-PAM/doc/man/pam_misc_paste_env.3
new file mode 100644
index 00000000..9ba1e8fe
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_misc_paste_env.3
@@ -0,0 +1,41 @@
+.\" Title: pam_misc_paste_env
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_MISC_PASTE_ENV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_misc_paste_env \- transcribing an environment to that of PAM
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_misc.h>
+.fi
+.ft
+.HP 23
+.BI "int pam_misc_paste_env(pam_handle_t\ *" "pamh" ", const\ char\ *\ const\ *" "user" ");"
+.SH "DESCRIPTION"
+.PP
+This function takes the supplied list of environment pointers and
+\fIuploads\fR
+its contents to the PAM environment. Success is indicated by
+PAM_SUCCESS.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_putenv\fR(3),
+\fBpam\fR(8)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_misc_paste_env\fR
+function is part of the
+\fBlibpam_misc\fR
+Library and not defined in any standard.
diff --git a/Linux-PAM/doc/man/pam_misc_paste_env.3.xml b/Linux-PAM/doc/man/pam_misc_paste_env.3.xml
new file mode 100644
index 00000000..d9a282c0
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_misc_paste_env.3.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_misc_paste_env">
+
+ <refmeta>
+ <refentrytitle>pam_misc_paste_env</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_misc_paste_env-name">
+ <refname>pam_misc_paste_env</refname>
+ <refpurpose>transcribing an environment to that of PAM</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_misc_paste_env-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_misc.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_misc_paste_env</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char * const *<parameter>user</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_misc_paste_env-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ This function takes the supplied list of environment pointers and
+ <emphasis>uploads</emphasis> its contents to the PAM environment.
+ Success is indicated by <errorname>PAM_SUCCESS</errorname>.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_misc_paste_env-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_putenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_misc_paste_env-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_misc_paste_env</function> function is part of the
+ <command>libpam_misc</command> Library and not defined in any
+ standard.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_misc_setenv.3 b/Linux-PAM/doc/man/pam_misc_setenv.3
new file mode 100644
index 00000000..49e8138c
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_misc_setenv.3
@@ -0,0 +1,46 @@
+.\" Title: pam_misc_setenv
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_MISC_SETENV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_misc_setenv \- BSD like PAM environment variable setting
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_misc.h>
+.fi
+.ft
+.HP 20
+.BI "int pam_misc_setenv(pam_handle_t\ *" "pamh" ", const\ char\ *" "name" ", const\ char\ *" "value" ", int" "readonly" ");"
+.SH "DESCRIPTION"
+.PP
+This function performs a task equivalent to
+\fBpam_putenv\fR(3), its syntax is, however, more like the BSD style function;
+\fBsetenv()\fR. The
+\fIname\fR
+and
+\fIvalue\fR
+are concatenated with an '=' to form a name=value and passed to
+\fBpam_putenv()\fR. If, however, the PAM variable is already set, the replacement will only be applied if the last argument,
+\fIreadonly\fR, is zero.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_putenv\fR(3),
+\fBpam\fR(8)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_misc_setenv\fR
+function is part of the
+\fBlibpam_misc\fR
+Library and not defined in any standard.
diff --git a/Linux-PAM/doc/man/pam_misc_setenv.3.xml b/Linux-PAM/doc/man/pam_misc_setenv.3.xml
new file mode 100644
index 00000000..fdc8f33d
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_misc_setenv.3.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_misc_setenv">
+
+ <refmeta>
+ <refentrytitle>pam_misc_setenv</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+ <refnamediv id="pam_misc_setenv-name">
+ <refname>pam_misc_setenv</refname>
+ <refpurpose>BSD like PAM environment variable setting</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_misc_setenv-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_misc.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_misc_setenv</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char *<parameter>name</parameter></paramdef>
+ <paramdef>const char *<parameter>value</parameter></paramdef>
+ <paramdef>int<parameter>readonly</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_misc_setenv-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ This function performs a task equivalent to <citerefentry>
+ <refentrytitle>pam_putenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, its syntax is, however, more like the BSD style
+ function; <function>setenv()</function>. The <parameter>name</parameter>
+ and <parameter>value</parameter> are concatenated with an '=' to
+ form a name=value and passed to <function>pam_putenv()</function>.
+ If, however, the PAM variable is already set, the replacement will
+ only be applied if the last argument, <parameter>readonly</parameter>,
+ is zero.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_misc_setenv-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_putenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_misc_setenv-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_misc_setenv</function> function is part of the
+ <command>libpam_misc</command> Library and not defined in any
+ standard.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_open_session.3 b/Linux-PAM/doc/man/pam_open_session.3
index 53f6adf1..e61b5ed8 100644
--- a/Linux-PAM/doc/man/pam_open_session.3
+++ b/Linux-PAM/doc/man/pam_open_session.3
@@ -1,99 +1,55 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" $Id: pam_open_session.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $
-.\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net>
-.TH PAM_OPEN_SESSION 3 "1997 Jan 4" "Linux-PAM 0.55" "App. Programmers' Manual"
-.SH NAME
-
-pam_open/close_session \- PAM session management
-
-.SH SYNOPSIS
-.B #include <security/pam_appl.h>
+.\" Title: pam_open_session
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_OPEN_SESSION" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_open_session \- start PAM session management
+.SH "SYNOPSIS"
.sp
-.BI "int pam_open_session(pam_handle_t " *pamh ", int " flags ");"
-.sp
-.BI "int pam_close_session(pam_handle_t " *pamh ", int " flags ");"
-.sp 2
-.SH DESCRIPTION
-
-PAM provides management-hooks for the initialization and termination
-of a session.
-
-.TP
-.B pam_open_session
-.br
-Use this function to signal that an authenticated user session has
-begun. It should be called only after the user is properly identified
-and (where necessary) has been granted their credentials with
-.BR pam_authenticate "(3)"
-and
-.BR pam_setcred "(3)"
-respectively.
-
-.br
-Some types of functions associated with session
-initialization are logging for the purposes of system-audit and
-mounting directories (the user's home directory for example). These
-should not concern the application. It should be noted that the
-.I effective
-uid,
-.BR geteuid "(2),"
-of the application should be of sufficient privilege to perform such
-tasks.
-
-.TP
-.B pam_close_session
-.br
-Use this function to signal that a user session has
-terminated. In general this function may not need to be located in the
-same application as the initialization function,
-.BR pam_open_session "."
-
-.br
-Typically, this function will undo the actions of
-.BR pam_open_session "."
-That is, log audit information concerning the end of the user session
-or unmount the user's home directory. Apart from having sufficient
-privilege the details of the session termination should not concern
-the calling application. It is good programming practice, however, to
-cease acting on behalf of the user on returning from this call.
-
-.SH RETURN VALUE
-A successful return from the session management functions will be
-indicated with
-.BR PAM_SUCCESS "."
-
-.br
-The specific error indicating a failure to open or close a session is
-.BR PAM_SESSION_ERR "."
-In general other return values may be returned. They should be treated
-as indicating failure.
-
-.SH ERRORS
-May be translated to text with
-.BR pam_strerror "(3). "
-
-.SH "CONFORMING TO"
-OSF-RFC 86.0, October 1995.
-
-.SH BUGS
-.sp 2
-none known.
-
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 21
+.BI "int pam_open_session(pam_handle_t\ *" "pamh" ", int\ " "flags" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_open_session\fR
+function sets up a user session for a previously successful authenticated user. The session should later be terminated with a call to
+\fBpam_close_session\fR(3).
+.PP
+It should be noted that the effective uid,
+\fBgeteuid\fR(2). of the application should be of sufficient privilege to perform such tasks as creating or mounting the user's home directory for example.
+.PP
+The flags argument is the binary or of zero or more of the following values:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_ABORT
+General failure.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_SESSION_ERR
+Session failure.
+.TP 3n
+PAM_SUCCESS
+Session was successful created.
.SH "SEE ALSO"
+.PP
-.BR pam_start "(3), "
-.BR pam_authenticate "(3), "
-.BR pam_setcred "(3), "
-.BR pam_get_item "(3), "
-.BR pam_strerror "(3) "
-and
-.BR pam "(3)."
-
-.br
-Also, see the three
-.BR Linux-PAM
-Guides, for
-.BR "System administrators" ", "
-.BR "module developers" ", "
-and
-.BR "application developers" ". "
+\fBpam_close_session\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam_open_session.3.xml b/Linux-PAM/doc/man/pam_open_session.3.xml
new file mode 100644
index 00000000..eba0bc01
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_open_session.3.xml
@@ -0,0 +1,115 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_send'>
+
+ <refmeta>
+ <refentrytitle>pam_open_session</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_open_session-name">
+ <refname>pam_open_session</refname>
+ <refpurpose>start PAM session management</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_open_session-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_open_session</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_open_session-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_open_session</function> function sets up a
+ user session for a previously successful authenticated user.
+ The session should later be terminated with a call to
+ <citerefentry>
+ <refentrytitle>pam_close_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ <para>
+ It should be noted that the effective uid,
+ <citerefentry>
+ <refentrytitle>geteuid</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>. of the application should be of sufficient
+ privilege to perform such tasks as creating or mounting the
+ user's home directory for example.
+ </para>
+ <para>
+ The flags argument is the binary or of zero or more of the
+ following values:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_open_session-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ General failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SESSION_ERR</term>
+ <listitem>
+ <para>
+ Session failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Session was successful created.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_open_session-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_close_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_prompt.3 b/Linux-PAM/doc/man/pam_prompt.3
new file mode 100644
index 00000000..ce3b2a96
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_prompt.3
@@ -0,0 +1,55 @@
+.\" Title: pam_prompt
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_PROMPT" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_prompt, pam_vprompt \- interface to conversation function
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_ext.h>
+.fi
+.ft
+.HP 16
+.BI "void pam_prompt(pam_handle_t\ *" "pamh" ", int\ " "style" ", char\ **" "response" ", const\ char\ *" "fmt" ", " "..." ");"
+.HP 17
+.BI "void pam_vprompt(pam_handle_t\ *" "pamh" ", int\ " "style" ", char\ **" "response" ", const\ char\ *" "fmt" ", va_list\ " "args" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_prompt\fR
+function constructs a message from the specified format string and arguments and passes it to
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_CONV_ERR
+Conversation failure.
+.TP 3n
+PAM_SUCCESS
+Transaction was successful created.
+.TP 3n
+PAM_SYSTEM_ERR
+System error.
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(8),
+\fBpam_conv\fR(3)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_prompt\fR
+and
+\fBpam_vprompt\fR
+functions are Linux\-PAM extensions.
diff --git a/Linux-PAM/doc/man/pam_prompt.3.xml b/Linux-PAM/doc/man/pam_prompt.3.xml
new file mode 100644
index 00000000..d0824131
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_prompt.3.xml
@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_prompt">
+
+ <refmeta>
+ <refentrytitle>pam_prompt</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_prompt-name">
+ <refname>pam_prompt</refname>
+ <refname>pam_vprompt</refname>
+ <refpurpose>interface to conversation function</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv id="pam_prompt-synopsis">
+ <funcsynopsis>
+ <funcsynopsisinfo>#include &lt;security/pam_ext.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>void <function>pam_prompt</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>style</parameter></paramdef>
+ <paramdef>char **<parameter>response</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef><parameter>...</parameter></paramdef>
+ </funcprototype>
+ <funcprototype>
+ <funcdef>void <function>pam_vprompt</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>style</parameter></paramdef>
+ <paramdef>char **<parameter>response</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef>va_list <parameter>args</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_prompt-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_prompt</function> function constructs a message
+ from the specified format string and arguments and passes it to
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_prompt-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CONV_ERR</term>
+ <listitem>
+ <para>
+ Conversation failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Transaction was successful created.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ System error.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+
+ <refsect1 id='pam_prompt-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_conv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_prompt-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_prompt</function> and <function>pam_vprompt</function>
+ functions are Linux-PAM extensions.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_putenv.3 b/Linux-PAM/doc/man/pam_putenv.3
new file mode 100644
index 00000000..60b49651
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_putenv.3
@@ -0,0 +1,74 @@
+.\" Title: pam_putenv
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_PUTENV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_putenv \- set or change PAM environment variable
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 15
+.BI "int pam_putenv(pam_handle_t\ *" "pamh" ", const\ char\ *" "name_value" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_putenv\fR
+function is used to add or change the value of PAM environment variables as associated with the
+\fIpamh\fR
+handle.
+.PP
+The
+\fIpamh\fR
+argument is an authentication handle obtained by a prior call to pam_start(). The
+\fIname_value\fR
+argument is a single NUL terminated string of one of the following forms:
+.TP 3n
+NAME=value of variable
+In this case the environment variable of the given NAME is set to the indicated value:
+\fIvalue of variable\fR. If this variable is already known, it is overwritten. Otherwise it is added to the PAM environment.
+.TP 3n
+NAME=
+This function sets the variable to an empty value. It is listed separately to indicate that this is the correct way to achieve such a setting.
+.TP 3n
+NAME
+Without an '=' the pam_putenv() function will delete the corresponding variable from the PAM environment.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_PERM_DENIED
+Argument
+\fIname_value\fR
+given is a NULL pointer.
+.TP 3n
+PAM_BAD_ITEM
+Variable requested (for deletion) is not currently set.
+.TP 3n
+PAM_ABORT
+The
+\fIpamh\fR
+handle is corrupt.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_SUCCESS
+The environment variable was successfully updated.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_start\fR(3),
+\fBpam_getenv\fR(3),
+\fBpam_getenvlist\fR(3),
+\fBpam_strerror\fR(3),
+\fBpam\fR(8)
diff --git a/Linux-PAM/doc/man/pam_putenv.3.xml b/Linux-PAM/doc/man/pam_putenv.3.xml
new file mode 100644
index 00000000..5efef381
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_putenv.3.xml
@@ -0,0 +1,144 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_putenv'>
+ <refmeta>
+ <refentrytitle>pam_putenv</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_putenv-name">
+ <refname>pam_putenv</refname>
+ <refpurpose>set or change PAM environment variable</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_putenv-synopsis'>
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_putenv</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char *<parameter>name_value</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_putenv-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_putenv</function> function is used to
+ add or change the value of PAM environment variables as
+ associated with the <emphasis>pamh</emphasis> handle.
+ </para>
+ <para>
+ The <emphasis>pamh</emphasis> argument is an authentication
+ handle obtained by a prior call to pam_start().
+ The <emphasis>name_value</emphasis> argument is a single NUL
+ terminated string of one of the following forms:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>NAME=value of variable</term>
+ <listitem>
+ <para>
+ In this case the environment variable of the given NAME
+ is set to the indicated value:
+ <emphasis>value of variable</emphasis>. If this variable
+ is already known, it is overwritten. Otherwise it is added
+ to the PAM environment.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>NAME=</term>
+ <listitem>
+ <para>
+ This function sets the variable to an empty value. It is
+ listed separately to indicate that this is the correct way
+ to achieve such a setting.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>NAME</term>
+ <listitem>
+ <para>
+ Without an '=' the pam_putenv() function will delete the
+ corresponding variable from the PAM environment.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_putenv-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ Argument <emphasis>name_value</emphasis> given is a NULL pointer.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BAD_ITEM</term>
+ <listitem>
+ <para>
+ Variable requested (for deletion) is not currently set.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ The <emphasis>pamh</emphasis> handle is corrupt.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The environment variable was successfully updated.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_putenv-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_getenv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_getenvlist</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_set_data.3 b/Linux-PAM/doc/man/pam_set_data.3
new file mode 100644
index 00000000..c3a2a689
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_set_data.3
@@ -0,0 +1,93 @@
+.\" Title: pam_set_data
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SET_DATA" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_set_data \- set module internal data
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 17
+.BI "int pam_set_data(pam_handle_t\ *" "pamh" ", const\ char\ *" "module_data_name" ", void\ *" "data" ", void\ " "(*cleanup)(pam_handle_t\ *pamh,\ void\ *data,\ int\ error_status)" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_set_data\fR
+function associates a pointer to an object with the (hopefully) unique string
+\fImodule_data_name\fR
+in the PAM context specified by the
+\fIpamh\fR
+argument.
+.PP
+PAM modules may be dynamically loadable objects. In general such files should not contain
+\fIstatic\fR
+variables. This function and its counterpart
+\fBpam_get_data\fR(3), provide a mechanism for a module to associate some data with the handle
+\fIpamh\fR. Typically a module will call the
+\fBpam_set_data\fR
+function to register some data under a (hopefully) unique
+\fImodule_data_name\fR. The data is available for use by other modules too but
+\fInot\fR
+by an application. Since this functions stores only a pointer to the
+\fIdata\fR, the module should not modify or free the content of it.
+.PP
+The function
+\fBcleanup()\fR
+is associated with the
+\fIdata\fR
+and, if non\-NULL, it is called when this data is over\-written or following a call to
+\fBpam_end\fR(3).
+.PP
+The
+\fIerror_status\fR
+argument is used to indicate to the module the sort of action it is to take in cleaning this data item. As an example, Kerberos creates a ticket file during the authentication phase, this file might be associated with a data item. When
+\fBpam_end\fR(3)
+is called by the module, the
+\fIerror_status\fR
+carries the return value of the
+\fBpam_authenticate\fR(3)
+or other
+\fIlibpam\fR
+function as appropriate. Based on this value the Kerberos module may choose to delete the ticket file (\fIauthentication failure\fR) or leave it in place.
+.PP
+The
+\fIerror_status\fR
+may have been logically OR'd with either of the following two values:
+.TP 3n
+PAM_DATA_REPLACE
+When a data item is being replaced (through a second call to
+\fBpam_set_data\fR) this mask is used. Otherwise, the call is assumed to be from
+\fBpam_end\fR(3).
+.TP 3n
+PAM_DATA_SILENT
+Which indicates that the process would prefer to perform the
+\fBcleanup()\fR
+quietly. That is, discourages logging/messages to the user.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_SUCCESS
+Data was successful stored.
+.TP 3n
+PAM_SYSTEM_ERR
+A NULL pointer was submitted as PAM handle or the function was called by an application.
+.SH "SEE ALSO"
+.PP
+
+\fBpam_end\fR(3),
+\fBpam_get_data\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam_set_data.3.xml b/Linux-PAM/doc/man/pam_set_data.3.xml
new file mode 100644
index 00000000..d6d224e7
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_set_data.3.xml
@@ -0,0 +1,172 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_set_data'>
+
+ <refmeta>
+ <refentrytitle>pam_set_data</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_set_data-name'>
+ <refname>pam_set_data</refname>
+ <refpurpose>
+ set module internal data
+ </refpurpose>
+ </refnamediv>
+
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+
+ <funcsynopsis id="pam_set_data-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_set_data</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>const char *<parameter>module_data_name</parameter></paramdef>
+ <paramdef>void *<parameter>data</parameter></paramdef>
+ <paramdef>void <parameter>(*cleanup)(pam_handle_t *pamh, void *data, int error_status)</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_set_data-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_set_data</function> function associates a pointer
+ to an object with the (hopefully) unique string
+ <emphasis>module_data_name</emphasis> in the PAM context specified
+ by the <emphasis>pamh</emphasis> argument.
+ </para>
+
+ <para>
+ PAM modules may be dynamically loadable objects. In general such files
+ should not contain <emphasis>static</emphasis> variables. This function
+ and its counterpart
+ <citerefentry>
+ <refentrytitle>pam_get_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ provide a mechanism for a module to associate some data with
+ the handle <emphasis>pamh</emphasis>. Typically a module will call the
+ <function>pam_set_data</function> function to register some data
+ under a (hopefully) unique <emphasis>module_data_name</emphasis>.
+ The data is available for use by other modules too but
+ <emphasis>not</emphasis> by an application. Since this functions
+ stores only a pointer to the <emphasis>data</emphasis>, the module
+ should not modify or free the content of it.
+ </para>
+
+ <para>
+ The function <function>cleanup()</function> is associated with the
+ <emphasis>data</emphasis> and, if non-NULL, it is called when this
+ data is over-written or following a call to
+ <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+
+ <para>
+ The <emphasis>error_status</emphasis> argument is used to indicate
+ to the module the sort of action it is to take in cleaning this data
+ item. As an example, Kerberos creates a ticket file during the
+ authentication phase, this file might be associated with a data item.
+ When
+ <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ is called by the module, the <emphasis>error_status</emphasis>
+ carries the return value of the
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ or other <emphasis>libpam</emphasis> function as appropriate. Based
+ on this value the Kerberos module may choose to delete the ticket file
+ (<emphasis>authentication failure</emphasis>) or leave it in place.
+ </para>
+
+ <para>
+ The <emphasis>error_status</emphasis> may have been logically
+ OR'd with either of the following two values:
+ </para>
+
+ <variablelist>
+ <varlistentry>
+ <term>PAM_DATA_REPLACE</term>
+ <listitem>
+ <para>
+ When a data item is being replaced (through a second call to
+ <function>pam_set_data</function>) this mask is used.
+ Otherwise, the call is assumed to be from
+ <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_DATA_SILENT</term>
+ <listitem>
+ <para>
+ Which indicates that the process would prefer to perform the
+ <function>cleanup()</function> quietly. That is, discourages
+ logging/messages to the user.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_set_data-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Data was successful stored.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ A NULL pointer was submitted as PAM handle or the
+ function was called by an application.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_set_data-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_get_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_set_item.3 b/Linux-PAM/doc/man/pam_set_item.3
index ddd081fe..fa802747 100644
--- a/Linux-PAM/doc/man/pam_set_item.3
+++ b/Linux-PAM/doc/man/pam_set_item.3
@@ -1,55 +1,124 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" $Id: pam_set_item.3,v 1.1 2001/12/08 19:02:48 agmorgan Exp $
-.\" Copyright (c) Andrew G. Morgan 1996,1997 <morgan@kernel.org>
-.TH PAM_SET_ITEM 3 "2001 Jan 21" "Linux-PAM" "App. Programmers' Manual"
-.SH NAME
-
-pam_set_item, pam_get_item \- item manipulation under PAM
-
-.SH SYNOPSIS
-.B #include <security/pam_appl.h>
-.br
-or
-.br
-.B #include <secruity/pam_modules.h>
+.\" Title: pam_set_item
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SET_ITEM" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_set_item \- set and update PAM informations
+.SH "SYNOPSIS"
.sp
-.BI "int pam_set_item(pam_handle_t " *pamh ", int " item_type ", void " *item ");"
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 17
+.BI "int pam_set_item(pam_handle_t\ *" "pamh" ", int\ " "item_type" ", const\ void\ *" "item" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_set_item\fR
+function allows applications and PAM service modules to access and to update PAM informations of
+\fIitem_type\fR. For this a copy of the object pointed to by the
+\fIitem\fR
+argument is created. The following
+\fIitem_type\fRs are supported:
+.TP 3n
+PAM_SERVICE
+The service name (which identifies that PAM stack that the PAM functions will use to authenticate the program).
+.TP 3n
+PAM_USER
+The username of the entity under whose identity service will be given. That is, following authentication,
+\fIPAM_USER\fR
+identifies the local entity that gets to use the service. Note, this value can be mapped from something (eg., "anonymous") to something else (eg. "guest119") by any module in the PAM stack. As such an application should consult the value of
+\fIPAM_USER\fR
+after each call to a PAM function.
+.TP 3n
+PAM_USER_PROMPT
+The string used when prompting for a user's name. The default value for this string is a localized version of "login: ".
+.TP 3n
+PAM_TTY
+The terminal name: prefixed by
+\fI/dev/\fR
+if it is a device file; for graphical, X\-based, applications the value for this item should be the
+\fI$DISPLAY\fR
+variable.
+.TP 3n
+PAM_RUSER
+The requesting user name: local name for a locally requesting user or a remote user name for a remote requesting user.
.sp
-.BI "int pam_get_item(const pam_handle_t " *pamh ", int " item_type ", const void " **item_p ");"
-.sp 2
-.SH DESCRIPTION
-.B pam_set_item
+Generally an application or module will attempt to supply the value that is most strongly authenticated (a local account before a remote one. The level of trust in this value is embodied in the actual authentication stack associated with the application, so it is ultimately at the discretion of the system administrator.
.sp
-.B pam_set_item
-
-These functions are currently undocumented in a man page, but see the
-end of this man page for more information (the PAM guides).
-
-On success
-.BR PAM_SUCCESS
-is returned, all other return values should be treated as errors.
-
-.SH ERRORS
-May be translated to text with
-.BR pam_strerror "(3). "
-
-.SH "CONFORMING TO"
-DCE-RFC 86.0, October 1995.
-.SH BUGS
-.sp 2
-none known.
-
-.SH "SEE ALSO"
-
-.BR pam (8)
+\fIPAM_RUSER@PAM_RHOST\fR
+should always identify the requesting user. In some cases,
+\fIPAM_RUSER\fR
+may be NULL. In such situations, it is unclear who the requesting entity is.
+.TP 3n
+PAM_RHOST
+The requesting hostname (the hostname of the machine from which the
+\fIPAM_RUSER\fR
+entity is requesting service). That is
+\fIPAM_RUSER@PAM_RHOST\fR
+does identify the requesting user. In some applications,
+\fIPAM_RHOST\fR
+may be NULL. In such situations, it is unclear where the authentication request is originating from.
+.TP 3n
+PAM_AUTHTOK
+The authentication token (often a password). This token should be ignored by all module functions besides
+\fBpam_sm_authenticate\fR(3)
and
-.BR pam_strerror "(3)."
+\fBpam_sm_chauthtok\fR(3). In the former function it is used to pass the most recent authentication token from one stacked module to another. In the latter function the token is used for another purpose. It contains the currently active authentication token.
+.TP 3n
+PAM_OLDAUTHTOK
+The old authentication token. This token should be ignored by all module functions except
+\fBpam_sm_chauthtok\fR(3).
+.TP 3n
+PAM_CONV
+The pam_conv structure. See
+\fBpam_conv\fR(3).
+.TP 3n
+PAM_FAIL_DELAY
+A function pointer to redirect centrally managed failure delays. See
+\fBpam_fail_delay\fR(3).
+.PP
+For all
+\fIitem_type\fRs, other than PAM_CONV and PAM_FAIL_DELAY,
+\fIitem\fR
+is a pointer to a <NUL> terminated character string. In the case of PAM_CONV,
+\fIitem\fR
+points to an initialized
+\fIpam_conv\fR
+structure. In the case of PAM_FAIL_DELAY,
+\fIitem\fR
+is a function pointer:
+\fBvoid (*delay_fn)(int retval, unsigned usec_delay, void *appdata_ptr)\fR
+.PP
+Both, PAM_AUTHTOK and PAM_OLDAUTHTOK, will be reseted before returning to the application. Which means an application is not able to access the authentication tokens.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BAD_ITEM
+The application attempted to set an undefined or inaccessible item.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_SUCCESS
+Data was successful updated.
+.TP 3n
+PAM_SYSTEM_ERR
+The
+\fIpam_handle_t\fR
+passed as first argument was invalid.
+.SH "SEE ALSO"
+.PP
-Also, see the three
-.BR Linux-PAM
-Guides, for
-.BR "System administrators" ", "
-.BR "module developers" ", "
-and
-.BR "application developers" ". "
+\fBpam_get_item\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam_set_item.3.xml b/Linux-PAM/doc/man/pam_set_item.3.xml
new file mode 100644
index 00000000..cbac8413
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_set_item.3.xml
@@ -0,0 +1,127 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"
+[
+<!--
+<!ENTITY accessconf SYSTEM "pam_item_types.inc.xml">
+-->
+]>
+
+<refentry id='pam_set_item'>
+
+ <refmeta>
+ <refentrytitle>pam_set_item</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_set_item-name'>
+ <refname>pam_set_item</refname>
+ <refpurpose>
+ set and update PAM informations
+ </refpurpose>
+ </refnamediv>
+
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+
+ <funcsynopsis id="pam_set_item-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_set_item</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>item_type</parameter></paramdef>
+ <paramdef>const void *<parameter>item</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_set_item-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_set_item</function> function allows applications
+ and PAM service modules to access and to update PAM informations
+ of <emphasis>item_type</emphasis>. For this a copy
+ of the object pointed to by the <emphasis>item</emphasis> argument
+ is created. The following <emphasis>item_type</emphasis>s are
+ supported:
+ </para>
+
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_item_types.inc.xml"/>
+
+ <para>
+ For all <emphasis>item_type</emphasis>s, other than PAM_CONV and
+ PAM_FAIL_DELAY, <emphasis>item</emphasis> is a pointer to a &lt;NUL&gt;
+ terminated character string. In the case of PAM_CONV,
+ <emphasis>item</emphasis> points to an initialized
+ <emphasis>pam_conv</emphasis> structure. In the case of
+ PAM_FAIL_DELAY, <emphasis>item</emphasis> is a function pointer:
+ <function>void (*delay_fn)(int retval, unsigned usec_delay, void *appdata_ptr)</function>
+ </para>
+
+ <para>
+ Both, PAM_AUTHTOK and PAM_OLDAUTHTOK, will be reseted before
+ returning to the application. Which means an application is not
+ able to access the authentication tokens.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_set_item-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BAD_ITEM</term>
+ <listitem>
+ <para>
+ The application attempted to set an undefined or inaccessible
+ item.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Data was successful updated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ The <emphasis>pam_handle_t</emphasis> passed as first
+ argument was invalid.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_set_item-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_setcred.3 b/Linux-PAM/doc/man/pam_setcred.3
index ea251405..055ee56e 100644
--- a/Linux-PAM/doc/man/pam_setcred.3
+++ b/Linux-PAM/doc/man/pam_setcred.3
@@ -1,79 +1,82 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" $Id: pam_setcred.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $
-.\" Copyright (c) Andrew G. Morgan 1996,1997 <morgan@parc.power.net>
-.TH PAM_SETCRED 3 "1997 July 6" "Linux-PAM 0.58" "App. Programmers' Manual"
-.SH NAME
-
-pam_setcred \- set the credentials for the user
-
-.SH SYNOPSIS
-.B #include <security/pam_appl.h>
+.\" Title: pam_setcred
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SETCRED" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_setcred \- establish / delete user credentials
+.SH "SYNOPSIS"
.sp
-.BI "int pam_setcred(pam_handle_t " *pamh ", int " flags ");"
-.sp 2
-.SH DESCRIPTION
-.B pam_setcred
-
-This function is used to establish, maintain and delete the
-credentials of a user. It should be called after a user has been
-authenticated and before a session is opened for the user (with
-.BR pam_open_session "(3))."
-
-It should be noted that credentials come in many forms. Examples
-include: group memberships; ticket-files; and Linux-PAM environment
-variables. For this reason, it is important that the basic identity
-of the user is established, by the application, prior to a call to
-this function. For example, the default
-.BR Linux-PAM
-environment variables should be set and also
-.BR initgroups "(2) "
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 16
+.BI "int pam_setcred(pam_handle_t\ *" "pamh" ", int\ " "flags" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_setcred\fR
+function is used to establish, maintain and delete the credentials of a user. It should be called after a user has been authenticated and before a session is opened for the user (with
+\fBpam_open_session\fR(3)).
+.PP
+A credential is something that the user possesses. It is some property, such as a
+\fIKerberos\fR
+ticket, or a supplementary group membership that make up the uniqueness of a given user. On a Linux system the user's
+\fIUID\fR
+and
+\fIGID\fR's are credentials too. However, it has been decided that these properties (along with the default supplementary groups of which the user is a member) are credentials that should be set directly by the application and not by PAM. Such credentials should be established, by the application, prior to a call to this function. For example,
+\fBinitgroups\fR(2)
(or equivalent) should have been performed.
-
-.SH "VALID FLAGS"
-.TP
-.BR PAM_ESTABLISH_CRED
-initialize the credentials for the user.
-
-.TP
-.BR PAM_DELETE_CRED
-delete the user's credentials.
-
-.TP
-.BR PAM_REINITIALIZE_CRED
-delete and then initialize the user's credentials.
-
-.TP
-.BR PAM_REFRESH_CRED
-extend the lifetime of the existing credentials.
-
-.SH "RETURN VALUE"
-
-On success
-.BR PAM_SUCCESS
-is returned, all other return values should be treated as errors.
-
-.SH ERRORS
-May be translated to text with
-.BR pam_strerror "(3). "
-
-.SH "CONFORMING TO"
-DCE-RFC 86.0, October 1995.
-
-.SH BUGS
-.sp 2
-none known.
-
+.PP
+Valid
+\fIflags\fR, any one of which, may be logically OR'd with
+\fBPAM_SILENT\fR, are:
+.TP 3n
+PAM_ESTABLISH_CRED
+Initialize the credentials for the user.
+.TP 3n
+PAM_DELETE_CRED
+Delete the user's credentials.
+.TP 3n
+PAM_REINITIALIZE_CRED
+Fully reinitialize the user's credentials.
+.TP 3n
+PAM_REFRESH_CRED
+Extend the lifetime of the existing credentials.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_CRED_ERR
+Failed to set user credentials.
+.TP 3n
+PAM_CRED_EXPIRED
+User credentials are expired.
+.TP 3n
+PAM_CRED_UNAVAIL
+Failed to retrieve user credentials.
+.TP 3n
+PAM_SUCCESS
+Data was successful stored.
+.TP 3n
+PAM_SYSTEM_ERR
+A NULL pointer was submitted as PAM handle, the function was called by a module or another system error occured.
+.TP 3n
+PAM_USER_UNKNOWN
+User is not known to an authentication module.
.SH "SEE ALSO"
+.PP
-.BR pam_authenticate "(3), "
-.BR pam_strerror "(3)"
-and
-.BR pam_open_session "(3). "
-
-Also, see the three
-.BR Linux-PAM
-Guides, for
-.BR "System administrators" ", "
-.BR "module developers" ", "
-and
-.BR "application developers" ". "
+\fBpam_authenticate\fR(3),
+\fBpam_open_session\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam_setcred.3.xml b/Linux-PAM/doc/man/pam_setcred.3.xml
new file mode 100644
index 00000000..90e23b5c
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_setcred.3.xml
@@ -0,0 +1,173 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_setcred">
+
+ <refmeta>
+ <refentrytitle>pam_setcred</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_setcred-name">
+ <refname>pam_setcred</refname>
+ <refpurpose>
+ establish / delete user credentials
+ </refpurpose>
+ </refnamediv>
+
+ <!-- body begins here -->
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_setcred-synopsis'>
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_setcred</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_setcred-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_setcred</function> function is used to establish,
+ maintain and delete the credentials of a user. It should be called
+ after a user has been authenticated and before a session is opened
+ for the user (with
+ <citerefentry>
+ <refentrytitle>pam_open_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>).
+ </para>
+
+ <para>
+ A credential is something that the user possesses. It is some
+ property, such as a <emphasis>Kerberos</emphasis> ticket, or a
+ supplementary group membership that make up the uniqueness of a
+ given user. On a Linux system the user's <emphasis>UID</emphasis>
+ and <emphasis>GID</emphasis>'s are credentials too. However, it
+ has been decided that these properties (along with the default
+ supplementary groups of which the user is a member) are credentials
+ that should be set directly by the application and not by PAM.
+ Such credentials should be established, by the application, prior
+ to a call to this function. For example,
+ <citerefentry>
+ <refentrytitle>initgroups</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry> (or equivalent) should have been performed.
+ </para>
+
+ <para>
+ Valid <emphasis>flags</emphasis>, any one of which, may be
+ logically OR'd with <option>PAM_SILENT</option>, are:
+ </para>
+
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ESTABLISH_CRED</term>
+ <listitem>
+ <para>Initialize the credentials for the user.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_DELETE_CRED</term>
+ <listitem>
+ <para>Delete the user's credentials.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_REINITIALIZE_CRED</term>
+ <listitem>
+ <para>Fully reinitialize the user's credentials.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_REFRESH_CRED</term>
+ <listitem>
+ <para>Extend the lifetime of the existing credentials.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_setcred-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_ERR</term>
+ <listitem>
+ <para>
+ Failed to set user credentials.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_EXPIRED</term>
+ <listitem>
+ <para>
+ User credentials are expired.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_UNAVAIL</term>
+ <listitem>
+ <para>
+ Failed to retrieve user credentials.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Data was successful stored.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ A NULL pointer was submitted as PAM handle, the
+ function was called by a module or another system
+ error occured.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User is not known to an authentication module.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_set_data-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_open_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_sm_acct_mgmt.3 b/Linux-PAM/doc/man/pam_sm_acct_mgmt.3
new file mode 100644
index 00000000..b720e3af
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_acct_mgmt.3
@@ -0,0 +1,79 @@
+.\" Title: pam_sm_acct_mgmt
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SM_ACCT_MGMT" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_sm_acct_mgmt \- PAM service function for account management
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#define PAM_SM_ACCOUNT
+.fi
+.ft
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 32
+.BI "PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t\ *" "pamh" ", int\ " "flags" ", int\ " "argc" ", const\ char\ **" "argv" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_sm_acct_mgmt\fR
+function is the service module's implementation of the
+\fBpam_acct_mgmt\fR(3)
+interface.
+.PP
+This function performs the task of establishing whether the user is permitted to gain access at this time. It should be understood that the user has previously been validated by an authentication module. This function checks for other things. Such things might be: the time of day or the date, the terminal line, remote hostname, etc. This function may also determine things like the expiration on passwords, and respond that the user change it before continuing.
+.PP
+Valid flags, which may be logically OR'd with
+\fIPAM_SILENT\fR, are:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.TP 3n
+PAM_DISALLOW_NULL_AUTHTOK
+Return
+\fBPAM_AUTH_ERR\fR
+if the database of authentication tokens for this authentication mechanism has a
+\fINULL\fR
+entry for the user.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_ACCT_EXPIRED
+User account has expired.
+.TP 3n
+PAM_AUTH_ERR
+Authentication failure.
+.TP 3n
+PAM_NEW_AUTHTOK_REQD
+The user's authentication token has expired. Before calling this function again the application will arrange for a new one to be given. This will likely result in a call to
+\fBpam_sm_chauthtok()\fR.
+.TP 3n
+PAM_PERM_DENIED
+Permission denied.
+.TP 3n
+PAM_SUCCESS
+The authentication token was successfully updated.
+.TP 3n
+PAM_USER_UNKNOWN
+User unknown to password service.
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(3),
+\fBpam_acct_mgmt\fR(3),
+\fBpam_sm_chauthtok\fR(3),
+\fBpam_strerror\fR(3),
+\fBPAM\fR(8)
diff --git a/Linux-PAM/doc/man/pam_sm_acct_mgmt.3.xml b/Linux-PAM/doc/man/pam_sm_acct_mgmt.3.xml
new file mode 100644
index 00000000..35aa28a8
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_acct_mgmt.3.xml
@@ -0,0 +1,155 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_sm_acct_mgmt'>
+ <refmeta>
+ <refentrytitle>pam_sm_acct_mgmt</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_sm_acct_mgmt-name">
+ <refname>pam_sm_acct_mgmt</refname>
+ <refpurpose>PAM service function for account management</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_acct_mgmt-synopsis'>
+ <funcsynopsisinfo>#define PAM_SM_ACCOUNT</funcsynopsisinfo>
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>PAM_EXTERN int <function>pam_sm_acct_mgmt</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ <paramdef>int <parameter>argc</parameter></paramdef>
+ <paramdef>const char **<parameter>argv</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_sm_acct_mgmt-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_sm_acct_mgmt</function> function is the service
+ module's implementation of the
+ <citerefentry>
+ <refentrytitle>pam_acct_mgmt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> interface.
+ </para>
+ <para>
+ This function performs the task of establishing whether the user is
+ permitted to gain access at this time. It should be understood that
+ the user has previously been validated by an authentication
+ module. This function checks for other things. Such things might be:
+ the time of day or the date, the terminal line, remote hostname, etc.
+ This function may also determine things like the expiration on
+ passwords, and respond that the user change it before continuing.
+ </para>
+ <para>
+ Valid flags, which may be logically OR'd with
+ <emphasis>PAM_SILENT</emphasis>, are:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_DISALLOW_NULL_AUTHTOK</term>
+ <listitem>
+ <para>
+ Return <emphasis remap='B'>PAM_AUTH_ERR</emphasis> if the
+ database of authentication tokens for this authentication
+ mechanism has a <emphasis>NULL</emphasis> entry for the user.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_sm_acct_mgmt-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ACCT_EXPIRED</term>
+ <listitem>
+ <para>
+ User account has expired.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ Authentication failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_NEW_AUTHTOK_REQD</term>
+ <listitem>
+ <para>
+ The user's authentication token has expired. Before calling
+ this function again the application will arrange for a new
+ one to be given. This will likely result in a call to
+ <function>pam_sm_chauthtok()</function>.
+
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ Permission denied.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The authentication token was successfully updated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User unknown to password service.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_sm_acct_mgmt-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_acct_mgmt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_sm_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>PAM</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_sm_authenticate.3 b/Linux-PAM/doc/man/pam_sm_authenticate.3
new file mode 100644
index 00000000..7487f6af
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_authenticate.3
@@ -0,0 +1,80 @@
+.\" Title: pam_sm_authenticate
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SM_AUTHENTICATE" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_sm_authenticate \- PAM service function for user authentication
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#define PAM_SM_AUTH
+.fi
+.ft
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 35
+.BI "PAM_EXTERN int pam_sm_authenticate(pam_handle_t\ *" "pamh" ", int\ " "flags" ", int\ " "argc" ", const\ char\ **" "argv" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_sm_authenticate\fR
+function is the service module's implementation of the
+\fBpam_authenticate\fR(3)
+interface.
+.PP
+This function performs the task of authenticating the user.
+.PP
+Valid flags, which may be logically OR'd with
+\fIPAM_SILENT\fR, are:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.TP 3n
+PAM_DISALLOW_NULL_AUTHTOK
+Return
+\fBPAM_AUTH_ERR\fR
+if the database of authentication tokens for this authentication mechanism has a
+\fINULL\fR
+entry for the user. Without this flag, such a
+\fINULL\fR
+token will lead to a success without the user being prompted.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_AUTH_ERR
+Authentication failure.
+.TP 3n
+PAM_CRED_INSUFFICIENT
+For some reason the application does not have sufficient credentials to authenticate the user.
+.TP 3n
+PAM_AUTHINFO_UNAVAIL
+The modules were not able to access the authentication information. This might be due to a network or hardware failure etc.
+.TP 3n
+PAM_SUCCESS
+The authentication token was successfully updated.
+.TP 3n
+PAM_USER_UNKNOWN
+The supplied username is not known to the authentication service.
+.TP 3n
+PAM_MAXTRIES
+One or more of the authentication modules has reached its limit of tries authenticating the user. Do not try again.
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(3),
+\fBpam_authenticate\fR(3),
+\fBpam_sm_setcred\fR(3),
+\fBpam_strerror\fR(3),
+\fBPAM\fR(8)
diff --git a/Linux-PAM/doc/man/pam_sm_authenticate.3.xml b/Linux-PAM/doc/man/pam_sm_authenticate.3.xml
new file mode 100644
index 00000000..37c77576
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_authenticate.3.xml
@@ -0,0 +1,152 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_sm_authenticate'>
+ <refmeta>
+ <refentrytitle>pam_sm_authenticate</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_sm_authenticate-name">
+ <refname>pam_sm_authenticate</refname>
+ <refpurpose>PAM service function for user authentication</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_authenticate-synopsis'>
+ <funcsynopsisinfo>#define PAM_SM_AUTH</funcsynopsisinfo>
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>PAM_EXTERN int <function>pam_sm_authenticate</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ <paramdef>int <parameter>argc</parameter></paramdef>
+ <paramdef>const char **<parameter>argv</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_sm_authenticate-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_sm_authenticate</function> function is the service
+ module's implementation of the
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> interface.
+ </para>
+ <para>
+ This function performs the task of authenticating the user.
+ </para>
+ <para>
+ Valid flags, which may be logically OR'd with
+ <emphasis>PAM_SILENT</emphasis>, are:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_DISALLOW_NULL_AUTHTOK</term>
+ <listitem>
+ <para>
+ Return <emphasis remap='B'>PAM_AUTH_ERR</emphasis> if the
+ database of authentication tokens for this authentication
+ mechanism has a <emphasis>NULL</emphasis> entry for the user.
+ Without this flag, such a <emphasis>NULL</emphasis> token
+ will lead to a success without the user being prompted.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_sm_authenticate-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ Authentication failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_INSUFFICIENT</term>
+ <listitem>
+ <para>
+ For some reason the application does not have sufficient
+ credentials to authenticate the user.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHINFO_UNAVAIL</term>
+ <listitem>
+ <para>
+ The modules were not able to access the authentication
+ information. This might be due to a network or hardware
+ failure etc.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The authentication token was successfully updated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ The supplied username is not known to the authentication
+ service.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_MAXTRIES</term>
+ <listitem>
+ <para>
+ One or more of the authentication modules has reached its
+ limit of tries authenticating the user. Do not try again.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_sm_authenticate-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_sm_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>PAM</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_sm_chauthtok.3 b/Linux-PAM/doc/man/pam_sm_chauthtok.3
new file mode 100644
index 00000000..c247f68f
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_chauthtok.3
@@ -0,0 +1,97 @@
+.\" Title: pam_sm_chauthtok
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SM_CHAUTHTOK" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_sm_chauthtok \- PAM service function for authentication token management
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#define PAM_SM_PASSWORD
+.fi
+.ft
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 32
+.BI "PAM_EXTERN int pam_sm_chauthtok(pam_handle_t\ *" "pamh" ", int\ " "flags" ", int\ " "argc" ", const\ char\ **" "argv" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_sm_chauthtok\fR
+function is the service module's implementation of the
+\fBpam_chauthtok\fR(3)
+interface.
+.PP
+This function is used to (re\-)set the authentication token of the user.
+.PP
+Valid flags, which may be logically OR'd with
+\fIPAM_SILENT\fR, are:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.TP 3n
+PAM_CHANGE_EXPIRED_AUTHTOK
+This argument indicates to the module that the users authentication token (password) should only be changed if it has expired. This flag is optional and
+\fImust\fR
+be combined with one of the following two flags. Note, however, the following two options are
+\fImutually exclusive\fR.
+.TP 3n
+PAM_PRELIM_CHECK
+This indicates that the modules are being probed as to their ready status for altering the user's authentication token. If the module requires access to another system over some network it should attempt to verify it can connect to this system on receiving this flag. If a module cannot establish it is ready to update the user's authentication token it should return
+\fBPAM_TRY_AGAIN\fR, this information will be passed back to the application.
+.TP 3n
+PAM_UPDATE_AUTHTOK
+This informs the module that this is the call it should change the authorization tokens. If the flag is logically OR'd with
+\fBPAM_CHANGE_EXPIRED_AUTHTOK\fR, the token is only changed if it has actually expired.
+.PP
+The PAM library calls this function twice in succession. The first time with
+\fBPAM_PRELIM_CHECK\fR
+and then, if the module does not return
+\fBPAM_TRY_AGAIN\fR, subsequently with
+\fBPAM_UPDATE_AUTHTOK\fR. It is only on the second call that the authorization token is (possibly) changed.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_AUTHTOK_ERR
+The module was unable to obtain the new authentication token.
+.TP 3n
+PAM_AUTHTOK_RECOVERY_ERR
+The module was unable to obtain the old authentication token.
+.TP 3n
+PAM_AUTHTOK_LOCK_BUSY
+Cannot change the authentication token since it is currently locked.
+.TP 3n
+PAM_AUTHTOK_DISABLE_AGING
+Authentication token aging has been disabled.
+.TP 3n
+PAM_PERM_DENIED
+Permission denied.
+.TP 3n
+PAM_TRY_AGAIN
+Preliminary check was unsuccessful. Signals an immediate return to the application is desired.
+.TP 3n
+PAM_SUCCESS
+The authentication token was successfully updated.
+.TP 3n
+PAM_USER_UNKNOWN
+User unknown to password service.
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(3),
+\fBpam_chauthtok\fR(3),
+\fBpam_sm_chauthtok\fR(3),
+\fBpam_strerror\fR(3),
+\fBPAM\fR(8)
diff --git a/Linux-PAM/doc/man/pam_sm_chauthtok.3.xml b/Linux-PAM/doc/man/pam_sm_chauthtok.3.xml
new file mode 100644
index 00000000..c36a0baf
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_chauthtok.3.xml
@@ -0,0 +1,200 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_sm_chauthtok'>
+ <refmeta>
+ <refentrytitle>pam_sm_chauthtok</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_sm_chauthtok-name">
+ <refname>pam_sm_chauthtok</refname>
+ <refpurpose>PAM service function for authentication token management</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_chauthtok-synopsis'>
+ <funcsynopsisinfo>#define PAM_SM_PASSWORD</funcsynopsisinfo>
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>PAM_EXTERN int <function>pam_sm_chauthtok</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ <paramdef>int <parameter>argc</parameter></paramdef>
+ <paramdef>const char **<parameter>argv</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_sm_chauthtok-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_sm_chauthtok</function> function is the service
+ module's implementation of the
+ <citerefentry>
+ <refentrytitle>pam_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> interface.
+ </para>
+ <para>
+ This function is used to (re-)set the authentication token of the user.
+ </para>
+ <para>
+ Valid flags, which may be logically OR'd with
+ <emphasis>PAM_SILENT</emphasis>, are:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CHANGE_EXPIRED_AUTHTOK</term>
+ <listitem>
+ <para>
+ This argument indicates to the module that the users
+ authentication token (password) should only be changed if
+ it has expired. This flag is optional and
+ <emphasis>must</emphasis> be combined with one of the
+ following two flags. Note, however, the following two options
+ are <emphasis>mutually exclusive</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PRELIM_CHECK</term>
+ <listitem>
+ <para>
+ This indicates that the modules are being probed as to
+ their ready status for altering the user's authentication
+ token. If the module requires access to another system over
+ some network it should attempt to verify it can connect to
+ this system on receiving this flag. If a module cannot establish
+ it is ready to update the user's authentication token it should
+ return <emphasis remap='B'>PAM_TRY_AGAIN</emphasis>, this
+ information will be passed back to the application.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_UPDATE_AUTHTOK</term>
+ <listitem>
+ <para>
+ This informs the module that this is the call it should change
+ the authorization tokens. If the flag is logically OR'd with
+ <emphasis remap='B'>PAM_CHANGE_EXPIRED_AUTHTOK</emphasis>, the
+ token is only changed if it has actually expired.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ The PAM library calls this function twice in succession. The first
+ time with <emphasis remap='B'>PAM_PRELIM_CHECK</emphasis> and then,
+ if the module does not return
+ <emphasis remap='B'>PAM_TRY_AGAIN</emphasis>, subsequently with
+ <emphasis remap='B'>PAM_UPDATE_AUTHTOK</emphasis>. It is only on
+ the second call that the authorization token is (possibly) changed.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_sm_chauthtok-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTHTOK_ERR</term>
+ <listitem>
+ <para>
+ The module was unable to obtain the new authentication token.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_RECOVERY_ERR</term>
+ <listitem>
+ <para>
+ The module was unable to obtain the old authentication token.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_LOCK_BUSY</term>
+ <listitem>
+ <para>
+ Cannot change the authentication token since it is currently
+ locked.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_DISABLE_AGING</term>
+ <listitem>
+ <para>
+ Authentication token aging has been disabled.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ Permission denied.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_TRY_AGAIN</term>
+ <listitem>
+ <para>
+ Preliminary check was unsuccessful. Signals an immediate
+ return to the application is desired.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The authentication token was successfully updated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User unknown to password service.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_sm_chauthtok-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_sm_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>PAM</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_sm_close_session.3 b/Linux-PAM/doc/man/pam_sm_close_session.3
new file mode 100644
index 00000000..4d0f081b
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_close_session.3
@@ -0,0 +1,58 @@
+.\" Title: pam_sm_close_session
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SM_CLOSE_SESSION" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_sm_close_session \- PAM service function to terminate session management
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#define PAM_SM_SESSION
+.fi
+.ft
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 36
+.BI "PAM_EXTERN int pam_sm_close_session(pam_handle_t\ *" "pamh" ", int\ " "flags" ", int\ " "argc" ", const\ char\ **" "argv" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_sm_close_session\fR
+function is the service module's implementation of the
+\fBpam_close_session\fR(3)
+interface.
+.PP
+This function is called to terminate a session. The only valid value for
+\fIflags\fR
+is zero or:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SESSION_ERR
+Cannot make/remove an entry for the specified session.
+.TP 3n
+PAM_SUCCESS
+The session was successfully terminated.
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(3),
+\fBpam_close_session\fR(3),
+\fBpam_sm_close_session\fR(3),
+\fBpam_strerror\fR(3),
+\fBPAM\fR(8)
diff --git a/Linux-PAM/doc/man/pam_sm_close_session.3.xml b/Linux-PAM/doc/man/pam_sm_close_session.3.xml
new file mode 100644
index 00000000..f2e67185
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_close_session.3.xml
@@ -0,0 +1,100 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-close.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_sm_close_session'>
+ <refmeta>
+ <refentrytitle>pam_sm_close_session</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_sm_close_session-name">
+ <refname>pam_sm_close_session</refname>
+ <refpurpose>PAM service function to terminate session management</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_close_session-synopsis'>
+ <funcsynopsisinfo>#define PAM_SM_SESSION</funcsynopsisinfo>
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>PAM_EXTERN int <function>pam_sm_close_session</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ <paramdef>int <parameter>argc</parameter></paramdef>
+ <paramdef>const char **<parameter>argv</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_sm_close_session-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_sm_close_session</function> function is the service
+ module's implementation of the
+ <citerefentry>
+ <refentrytitle>pam_close_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> interface.
+ </para>
+ <para>
+ This function is called to terminate a session. The only valid
+ value for <varname role='parameter'>flags</varname> is zero or:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_sm_close_session-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SESSION_ERR</term>
+ <listitem>
+ <para>
+ Cannot make/remove an entry for the specified session.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The session was successfully terminated.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_sm_close_session-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_close_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_sm_close_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>PAM</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_sm_open_session.3 b/Linux-PAM/doc/man/pam_sm_open_session.3
new file mode 100644
index 00000000..b97f6005
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_open_session.3
@@ -0,0 +1,58 @@
+.\" Title: pam_sm_open_session
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SM_OPEN_SESSION" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_sm_open_session \- PAM service function to start session management
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#define PAM_SM_SESSION
+.fi
+.ft
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 35
+.BI "PAM_EXTERN int pam_sm_open_session(pam_handle_t\ *" "pamh" ", int\ " "flags" ", int\ " "argc" ", const\ char\ **" "argv" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_sm_open_session\fR
+function is the service module's implementation of the
+\fBpam_open_session\fR(3)
+interface.
+.PP
+This function is called to commence a session. The only valid value for
+\fIflags\fR
+is zero or:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SESSION_ERR
+Cannot make/remove an entry for the specified session.
+.TP 3n
+PAM_SUCCESS
+The session was successfully started.
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(3),
+\fBpam_open_session\fR(3),
+\fBpam_sm_close_session\fR(3),
+\fBpam_strerror\fR(3),
+\fBPAM\fR(8)
diff --git a/Linux-PAM/doc/man/pam_sm_open_session.3.xml b/Linux-PAM/doc/man/pam_sm_open_session.3.xml
new file mode 100644
index 00000000..0851c345
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_open_session.3.xml
@@ -0,0 +1,100 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_sm_open_session'>
+ <refmeta>
+ <refentrytitle>pam_sm_open_session</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_sm_open_session-name">
+ <refname>pam_sm_open_session</refname>
+ <refpurpose>PAM service function to start session management</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_open_session-synopsis'>
+ <funcsynopsisinfo>#define PAM_SM_SESSION</funcsynopsisinfo>
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>PAM_EXTERN int <function>pam_sm_open_session</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ <paramdef>int <parameter>argc</parameter></paramdef>
+ <paramdef>const char **<parameter>argv</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_sm_open_session-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_sm_open_session</function> function is the service
+ module's implementation of the
+ <citerefentry>
+ <refentrytitle>pam_open_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> interface.
+ </para>
+ <para>
+ This function is called to commence a session. The only valid
+ value for <varname role='parameter'>flags</varname> is zero or:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_sm_open_session-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SESSION_ERR</term>
+ <listitem>
+ <para>
+ Cannot make/remove an entry for the specified session.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The session was successfully started.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_sm_open_session-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_open_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_sm_close_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>PAM</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_sm_setcred.3 b/Linux-PAM/doc/man/pam_sm_setcred.3
new file mode 100644
index 00000000..b4cb70e8
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_setcred.3
@@ -0,0 +1,95 @@
+.\" Title: pam_sm_setcred
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SM_SETCRED" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_sm_setcred \- PAM service function to alter credentials
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#define PAM_SM_AUTH
+.fi
+.ft
+.sp
+.ft B
+.nf
+#include <security/pam_modules.h>
+.fi
+.ft
+.HP 30
+.BI "PAM_EXTERN int pam_sm_setcred(pam_handle_t\ *" "pamh" ", int\ " "flags" ", int\ " "argc" ", const\ char\ **" "argv" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_sm_setcred\fR
+function is the service module's implementation of the
+\fBpam_setcred\fR(3)
+interface.
+.PP
+This function performs the task of altering the credentials of the user with respect to the corresponding authorization scheme. Generally, an authentication module may have access to more information about a user than their authentication token. This function is used to make such information available to the application. It should only be called
+\fIafter\fR
+the user has been authenticated but before a session has been established.
+.PP
+Valid flags, which may be logically OR'd with
+\fIPAM_SILENT\fR, are:
+.TP 3n
+PAM_SILENT
+Do not emit any messages.
+.TP 3n
+PAM_DELETE_CRED
+Delete the credentials associated with the authentication service.
+.TP 3n
+PAM_REINITIALIZE_CRED
+Reinitialize the user credentials.
+.TP 3n
+PAM_REFRESH_CRED
+Extend the lifetime of the user credentials.
+.PP
+The way the
+\fBauth\fR
+stack is navigated in order to evaluate the
+\fBpam_setcred\fR() function call, independent of the
+\fBpam_sm_setcred\fR() return codes, is exactly the same way that it was navigated when evaluating the
+\fBpam_authenticate\fR() library call. Typically, if a stack entry was ignored in evaluating
+\fBpam_authenticate\fR(), it will be ignored when libpam evaluates the
+\fBpam_setcred\fR() function call. Otherwise, the return codes from each module specific
+\fBpam_sm_setcred\fR() call are treated as
+\fBrequired\fR.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_CRED_UNAVAIL
+This module cannot retrieve the user's credentials.
+.TP 3n
+PAM_CRED_EXPIRED
+The user's credentials have expired.
+.TP 3n
+PAM_CRED_ERR
+This module was unable to set the credentials of the user.
+.TP 3n
+PAM_SUCCESS
+The user credential was successfully set.
+.TP 3n
+PAM_USER_UNKNOWN
+The user is not known to this authentication module.
+.PP
+These, non\-\fIPAM_SUCCESS\fR, return values will typically lead to the credential stack
+\fIfailing\fR. The first such error will dominate in the return value of
+\fBpam_setcred\fR().
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(3),
+\fBpam_authenticate\fR(3),
+\fBpam_setcred\fR(3),
+\fBpam_sm_authenticate\fR(3),
+\fBpam_strerror\fR(3),
+\fBPAM\fR(8)
diff --git a/Linux-PAM/doc/man/pam_sm_setcred.3.xml b/Linux-PAM/doc/man/pam_sm_setcred.3.xml
new file mode 100644
index 00000000..e4809ad7
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_sm_setcred.3.xml
@@ -0,0 +1,179 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+<refentry id='pam_sm_setcred'>
+ <refmeta>
+ <refentrytitle>pam_sm_setcred</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_sm_setcred-name">
+ <refname>pam_sm_setcred</refname>
+ <refpurpose>PAM service function to alter credentials</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_setcred-synopsis'>
+ <funcsynopsisinfo>#define PAM_SM_AUTH</funcsynopsisinfo>
+ <funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>PAM_EXTERN int <function>pam_sm_setcred</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>flags</parameter></paramdef>
+ <paramdef>int <parameter>argc</parameter></paramdef>
+ <paramdef>const char **<parameter>argv</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_sm_setcred-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_sm_setcred</function> function is the service
+ module's implementation of the
+ <citerefentry>
+ <refentrytitle>pam_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> interface.
+ </para>
+ <para>
+ This function performs the task of altering the credentials of the
+ user with respect to the corresponding authorization
+ scheme. Generally, an authentication module may have access to more
+ information about a user than their authentication token. This
+ function is used to make such information available to the
+ application. It should only be called <emphasis>after</emphasis> the
+ user has been authenticated but before a session has been established.
+ </para>
+ <para>
+ Valid flags, which may be logically OR'd with
+ <emphasis>PAM_SILENT</emphasis>, are:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SILENT</term>
+ <listitem>
+ <para>
+ Do not emit any messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_DELETE_CRED</term>
+ <listitem>
+ <para>
+ Delete the credentials associated with the authentication service.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_REINITIALIZE_CRED</term>
+ <listitem>
+ <para>
+ Reinitialize the user credentials.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_REFRESH_CRED</term>
+ <listitem>
+ <para>
+ Extend the lifetime of the user credentials.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ The way the <emphasis remap='B'>auth</emphasis> stack is
+ navigated in order to evaluate the <function>pam_setcred</function>()
+ function call, independent of the <function>pam_sm_setcred</function>()
+ return codes, is exactly the same way that it was navigated when
+ evaluating the <function>pam_authenticate</function>() library
+ call. Typically, if a stack entry was ignored in evaluating
+ <function>pam_authenticate</function>(), it will be ignored when
+ libpam evaluates the <function>pam_setcred</function>() function
+ call. Otherwise, the return codes from each module specific
+ <function>pam_sm_setcred</function>() call are treated as
+ <emphasis remap='B'>required</emphasis>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_sm_setcred-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_CRED_UNAVAIL</term>
+ <listitem>
+ <para>
+ This module cannot retrieve the user's credentials.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_EXPIRED</term>
+ <listitem>
+ <para>
+ The user's credentials have expired.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_ERR</term>
+ <listitem>
+ <para>
+ This module was unable to set the credentials of the user.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The user credential was successfully set.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ The user is not known to this authentication module.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ These, non-<emphasis>PAM_SUCCESS</emphasis>, return values will
+ typically lead to the credential stack <emphasis>failing</emphasis>.
+ The first such error will dominate in the return value of
+ <function>pam_setcred</function>().
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_sm_setcred-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_sm_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>PAM</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_start.3 b/Linux-PAM/doc/man/pam_start.3
index a912cc75..22521213 100644
--- a/Linux-PAM/doc/man/pam_start.3
+++ b/Linux-PAM/doc/man/pam_start.3
@@ -1,98 +1,80 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" $Id: pam_start.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $
-.\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@parc.power.net>
-.TH PAM_START 3 "1997 Feb 15" "Linux-PAM 0.56" "Application Programmers' Manual"
-.SH NAME
-
-pam_start, pam_end \- activating Linux-PAM
-
-.SH SYNOPSIS
-.B #include <security/pam_appl.h>
-.sp
-.BI "int pam_start(const char " *service ", const char " *user ", const struct pam_conv " *conv ", pam_handle_t " **pamh_p ");"
-.sp
-.BI "int pam_end(pam_handle_t " *pamh ", int " pam_status ");"
-.sp 2
-.SH DESCRIPTION
-.TP
-.B pam_start
-Initialize the
-.I Linux-PAM
-library. Identifying the application with a particular
-.IR service
-name. The
-.IR user "name"
-can take the value
-.IR NULL ", "
-if not known at the time the interface is initialized. The
-conversation structure is passed to the library via the
-.IR conv
-argument. (For a complete description of this and other structures
-the reader is directed to the more verbose
-.IR Linux-PAM
-application developers' guide). Upon successful initialization, an
-opaque pointer-handle for future access to the library is returned
-through the contents of the
-.IR pamh_p
-pointer.
-
-.TP
-.B pam_end
-Terminate the
-.B Linux-PAM
-library. The service application associated with the
-.IR pamh
-handle, is terminated. The argument,
-.IR pam_status ", "
-passes the value most recently returned to the application from the
-library; it indicates the manner in which the library should be
-shutdown. Besides carrying a return value, this argument may be
-logically OR'd with
-.IR PAM_DATA_SILENT
-to indicate that the module should not treat the call too
-seriously. It is generally used to indicate that the current closing
-of the library is in a
-.IR fork "(2)ed"
-process, and that the parent will take care of cleaning up things that
-exist outside of the current process space (files etc.).
-
-.SH "RETURN VALUE"
-.TP
-.B pam_start
-.TP
-.B pam_end
-On success,
-.BR PAM_SUCCESS
-is returned
-
-.SH ERRORS
-May be translated to text with
-.BR pam_strerror "(3). "
-
-.SH "CONFORMING TO"
-DCE-RFC 86.0, October 1995.
+.\" Title: pam_start
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_START" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_start \- initialization of PAM transaction
+.SH "SYNOPSIS"
.sp
-Note, the
-.BR PAM_DATA_SILENT
-flag is pending acceptance with the DCE (as of 1996/12/4).
-
-.SH BUGS
-.sp 2
-None known.
-
-.SH "SEE ALSO"
-
-.BR fork "(2), "
-.BR pam_authenticate "(3), "
-.BR pam_acct_mgmt "(3), "
-.BR pam_open_session "(3), "
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 14
+.BI "int pam_start(const\ char\ *" "service_name" ", const\ char\ *" "user" ", const\ struct\ pam_conv\ *" "pam_conversation" ", pam_handle_t\ **" "pamh" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_start\fR
+function creates the PAM context and initiates the PAM transaction. It is the first of the PAM functions that needs to be called by an application. The transaction state is contained entirely within the structure identified by this handle, so it is possible to have multiple transactions in parallel. But it is not possible to use the same handle for different transactions, a new one is needed for every new context.
+.PP
+The
+\fIservice_name\fR
+argument specifies the name of the service to apply and will be stored as PAM_SERVICE item in the new context. The policy for the service will be read from the file
+\fI/etc/pam.d/service_name\fR
+or, if that file does not exist, from
+\fI/etc/pam.conf\fR.
+.PP
+The
+\fIuser\fR
+argument can specify the name of the target user and will be stored as PAM_USER item. If the argument is NULL, the module has to ask for this item if necessary.
+.PP
+The
+\fIpam_conversation\fR
+argument points to a
+\fIstruct pam_conv\fR
+describing the conversation function to use. An application must provide this for direct communication between a loaded module and the application.
+.PP
+Following a successful return (PAM_SUCCESS) the contents of
+\fIpamh\fR
+is a handle that contains the PAM context for successive calls to the PAM functions. In an error case is the content of
+\fIpamh\fR
+undefined.
+.PP
+The
+\fIpam_handle_t\fR
+is a blind structure and the application should not attempt to probe it directly for information. Instead the PAM library provides the functions
+\fBpam_set_item\fR(3)
and
-.BR pam_chauthtok "(3)."
+\fBpam_get_item\fR(3). The PAM handle cannot be used for mulitiple authentications at the same time as long as
+\fBpam_end\fR
+was not called on it before.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_ABORT
+General failure.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_SUCCESS
+Transaction was successful created.
+.TP 3n
+PAM_SYSTEM_ERR
+System error, for example a NULL pointer was submitted instead of a pointer to data.
+.SH "SEE ALSO"
+.PP
-Also, see the three
-.BR Linux-PAM
-Guides, for
-.BR "System administrators" ", "
-.BR "module developers" ", "
-and
-.BR "application developers" ". "
+\fBpam_get_data\fR(3),
+\fBpam_set_data\fR(3),
+\fBpam_end\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/Linux-PAM/doc/man/pam_start.3.xml b/Linux-PAM/doc/man/pam_start.3.xml
new file mode 100644
index 00000000..9b370f52
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_start.3.xml
@@ -0,0 +1,147 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_start'>
+
+ <refmeta>
+ <refentrytitle>pam_start</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_start-name">
+ <refname>pam_start</refname>
+ <refpurpose>initialization of PAM transaction</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_start-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_start</function></funcdef>
+ <paramdef>const char *<parameter>service_name</parameter></paramdef>
+ <paramdef>const char *<parameter>user</parameter></paramdef>
+ <paramdef>const struct pam_conv *<parameter>pam_conversation</parameter></paramdef>
+ <paramdef>pam_handle_t **<parameter>pamh</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_start-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_start</function> function creates the PAM context
+ and initiates the PAM transaction. It is the first of the PAM
+ functions that needs to be called by an application. The transaction
+ state is contained entirely within the structure identified by this
+ handle, so it is possible to have multiple transactions in parallel.
+ But it is not possible to use the same handle for different
+ transactions, a new one is needed for every new context.
+ </para>
+
+ <para>
+ The <emphasis>service_name</emphasis> argument specifies the name
+ of the service to apply and will be stored as PAM_SERVICE item in
+ the new context. The policy for the service will be read from the
+ file <filename>/etc/pam.d/service_name</filename> or, if that file
+ does not exist, from <filename>/etc/pam.conf</filename>.
+ </para>
+
+ <para>
+ The <emphasis>user</emphasis> argument can specify the name
+ of the target user and will be stored as PAM_USER item. If
+ the argument is NULL, the module has to ask for this item if
+ necessary.
+ </para>
+
+ <para>
+ The <emphasis>pam_conversation</emphasis> argument points to
+ a <emphasis>struct pam_conv</emphasis> describing the
+ conversation function to use. An application must provide this
+ for direct communication between a loaded module and the
+ application.
+ </para>
+
+ <para>
+ Following a successful return (PAM_SUCCESS) the contents of
+ <emphasis>pamh</emphasis> is a handle that contains the PAM
+ context for successive calls to the PAM functions. In an error
+ case is the content of <emphasis>pamh</emphasis> undefined.
+ </para>
+
+ <para>
+ The <emphasis>pam_handle_t</emphasis> is a blind structure and
+ the application should not attempt to probe it directly for
+ information. Instead the PAM library provides the functions
+ <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ The PAM handle cannot be used for mulitiple authentications at the
+ same time as long as <function>pam_end</function> was not called on
+ it before.
+ </para>
+ </refsect1>
+ <refsect1 id="pam_start-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ General failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Transaction was successful created.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ System error, for example a NULL pointer was submitted
+ instead of a pointer to data.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_start-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_get_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_set_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_strerror.3 b/Linux-PAM/doc/man/pam_strerror.3
index b2318f28..2d1e8849 100644
--- a/Linux-PAM/doc/man/pam_strerror.3
+++ b/Linux-PAM/doc/man/pam_strerror.3
@@ -1,51 +1,36 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" ripped off from Rick Faith's getgroups man page
-.\" $Id: pam_strerror.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $
-.\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@linux.kernel.org>
-.TH PAM_STRERROR 3 "1999 Oct 4" "Linux-PAM 0.70" "Programmers' Manual"
-.SH NAME
-
-pam_strerror \- return a textual description of a Linux-PAM error
-
-.SH SYNOPSIS
-.B #include <security/pam_appl.h>
-.br
-or,
-.br
-.B #include <security/pam_modules.h>
+.\" Title: pam_strerror
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_STRERROR" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_strerror \- return string describing PAM error code
+.SH "SYNOPSIS"
.sp
-.BI "const char * pam_strerror( pam_handle_t " "*pamh" ", int " pam_error ");"
-.sp 2
-.SH DESCRIPTION
-.B pam_strerror
-
-This function returns some text describing the
-.BR Linux-PAM
-error associated with the
-.B pam_error
-argument.
-
-.SH "RETURN VALUE"
-
-On success this function returns a description of the indicated
-error. Should the function not recognize the error, ``Unknown
-Linux-PAM error'' is returned.
-
-.SH "CONFORMING TO"
-DCE-RFC 86.0, October 1995.
-
-.SH BUGS
-.sp 2
-This function should be internationalized.
-
+.ft B
+.nf
+#include <security/pam_appl.h>
+.fi
+.ft
+.HP 25
+.BI "const char *pam_strerror(pam_handle_t\ *" "pamh" ", int\ " "errnum" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_strerror\fR
+function returns a pointer to a string describing the error code passed in the argument
+\fIerrnum\fR, possibly using the LC_MESSAGES part of the current locale to select the appropriate language. This string must not be modified by the application. No library function will modify this string.
+.SH "RETURN VALUES"
+.PP
+This function returns always a pointer to a string.
.SH "SEE ALSO"
+.PP
-.BR pam "(8). "
-
-Also, see the three
-.BR Linux-PAM
-Guides, for
-.BR "System administrators" ", "
-.BR "module developers" ", "
-and
-.BR "application developers" ". "
+\fBpam\fR(8)
diff --git a/Linux-PAM/doc/man/pam_strerror.3.xml b/Linux-PAM/doc/man/pam_strerror.3.xml
new file mode 100644
index 00000000..954e131d
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_strerror.3.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_strerror'>
+
+ <refmeta>
+ <refentrytitle>pam_strerror</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_strerror-name">
+ <refname>pam_strerror</refname>
+ <refpurpose>return string describing PAM error code</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_strerror-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>const char *<function>pam_strerror</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>errnum</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_strerror-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_strerror</function> function returns a pointer to
+ a string describing the error code passed in the argument
+ <emphasis>errnum</emphasis>, possibly using the LC_MESSAGES part of
+ the current locale to select the appropriate language. This string
+ must not be modified by the application. No library function will
+ modify this string.
+ </para>
+ </refsect1>
+ <refsect1 id="pam_strerror-return_values">
+ <title>RETURN VALUES</title>
+ <para>
+ This function returns always a pointer to a string.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_strerror-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_syslog.3 b/Linux-PAM/doc/man/pam_syslog.3
new file mode 100644
index 00000000..112066d9
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_syslog.3
@@ -0,0 +1,61 @@
+.\" Title: pam_syslog
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SYSLOG" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_syslog, pam_vsyslog \- send messages to the system logger
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <syslog.h>
+.fi
+.ft
+.sp
+.ft B
+.nf
+#include <security/pam_ext.h>
+.fi
+.ft
+.HP 16
+.BI "void pam_syslog(pam_handle_t\ *" "pamh" ", int\ " "priority" ", const\ char\ *" "fmt" ", " "..." ");"
+.HP 17
+.BI "void pam_vsyslog(pam_handle_t\ *" "pamh" ", int\ " "priority" ", const\ char\ *" "fmt" ", va_list\ " "args" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_syslog\fR
+function logs messages using
+\fBsyslog\fR(3)
+and is intended for internal use by Linux\-PAM and PAM service modules. The
+\fIpriority\fR
+argument is formed by ORing the facility and the level values as documented in the
+\fBsyslog\fR(3)
+manual page.
+.PP
+The
+\fBpam_vsyslog\fR
+function performs the same task as
+\fBpam_syslog()\fR
+with the difference that it takes a set of arguments which have been obtained using the
+\fBstdarg\fR(3)
+variable argument list macros.
+.SH "SEE ALSO"
+.PP
+
+\fBpam\fR(8)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_syslog\fR
+and
+\fBpam_vsyslog\fR
+functions are Linux\-PAM extensions.
diff --git a/Linux-PAM/doc/man/pam_syslog.3.xml b/Linux-PAM/doc/man/pam_syslog.3.xml
new file mode 100644
index 00000000..7c5b166a
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_syslog.3.xml
@@ -0,0 +1,82 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_syslog">
+
+ <refmeta>
+ <refentrytitle>pam_syslog</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_syslog-name">
+ <refname>pam_syslog</refname>
+ <refname>pam_vsyslog</refname>
+ <refpurpose>send messages to the system logger</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv id="pam_syslog-synopsis">
+ <funcsynopsis>
+ <funcsynopsisinfo>#include &lt;syslog.h&gt;</funcsynopsisinfo>
+ <funcsynopsisinfo>#include &lt;security/pam_ext.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>void <function>pam_syslog</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>priority</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef><parameter>...</parameter></paramdef>
+ </funcprototype>
+ <funcprototype>
+ <funcdef>void <function>pam_vsyslog</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>priority</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef>va_list <parameter>args</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_syslog-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_syslog</function> function logs messages using
+ <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and is intended for internal use by Linux-PAM and
+ PAM service modules. The <emphasis>priority</emphasis> argument is
+ formed by ORing the facility and the level values as documented
+ in the <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> manual page.
+ </para>
+ <para>
+ The <function>pam_vsyslog</function> function performs the same
+ task as <function>pam_syslog()</function> with the difference
+ that it takes a set of arguments which have been obtained using
+ the <citerefentry>
+ <refentrytitle>stdarg</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> variable argument list macros.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_syslog-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_syslog-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_syslog</function> and <function>pam_vsyslog</function>
+ functions are Linux-PAM extensions.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/doc/man/pam_verror.3 b/Linux-PAM/doc/man/pam_verror.3
new file mode 100644
index 00000000..6e052ef6
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_verror.3
@@ -0,0 +1 @@
+.so man3/pam_error.3
diff --git a/Linux-PAM/doc/man/pam_vinfo.3 b/Linux-PAM/doc/man/pam_vinfo.3
new file mode 100644
index 00000000..79f3a153
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_vinfo.3
@@ -0,0 +1 @@
+.so man3/pam_info.3
diff --git a/Linux-PAM/doc/man/pam_vprompt.3 b/Linux-PAM/doc/man/pam_vprompt.3
new file mode 100644
index 00000000..bba0b1d3
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_vprompt.3
@@ -0,0 +1 @@
+.so man3/pam_prompt.3
diff --git a/Linux-PAM/doc/man/pam_vsyslog.3 b/Linux-PAM/doc/man/pam_vsyslog.3
new file mode 100644
index 00000000..b987b067
--- /dev/null
+++ b/Linux-PAM/doc/man/pam_vsyslog.3
@@ -0,0 +1 @@
+.so man3/pam_syslog.3
diff --git a/Linux-PAM/doc/man/template-man b/Linux-PAM/doc/man/template-man
deleted file mode 100644
index 11e7a061..00000000
--- a/Linux-PAM/doc/man/template-man
+++ /dev/null
@@ -1,52 +0,0 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" $Id: template-man,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $
-.\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net>
-.TH PAM_???? 2 "1997 Jan 4" "Linux-PAM 0.55" "Application Programmers' Manual"
-.SH NAME
-
-function names \- brief summary of function
-
-.SH SYNOPSIS
-.B #include <security/pam_????.h>
-.sp
-.BI "int pam_???(pam_handle_t " pamh ", int " flags);
-.sp 2
-.SH DESCRIPTION
-.TP
-.B pam_???
-Here goes the
-.I explanation
-it may be quite
-.IR long .
-.TP
-.SH "RETURN VALUE"
-.B pam_???
-On success...
-.BR PAM_SUCCESS
-is returned
-.TP
-.SH ERRORS
-May be translated to text with
-.BR pam_strerror "(2). "
-
-.SH "CONFORMING TO"
-.B pam_???
-DCE-RFC 86.0, October 1995.
-
-.SH BUGS
-.sp 2
-none known.
-
-.SH "SEE ALSO"
-
-.BR pam_??? "(2), "
-and
-.BR pam_??? "(2). "
-
-Also, see the three
-.BR Linux-PAM
-Guides, for
-.BR "System administrators" ", "
-.BR "module developers" ", "
-and
-.BR "application developers" ". "
diff --git a/Linux-PAM/doc/modules/README b/Linux-PAM/doc/modules/README
deleted file mode 100644
index 653448f3..00000000
--- a/Linux-PAM/doc/modules/README
+++ /dev/null
@@ -1,13 +0,0 @@
-$Id: README,v 1.2 2001/12/08 18:56:47 agmorgan Exp $
-
-This directory contains a number of sgml sub-files. One for each
-documented module. They contain a description of each module and give
-some indication of its reliability.
-
-Additionally, there is a 'module.sgml-template' file which should be
-used as a blank form for new module descriptions.
-
-Please feel free to submit amendments/comments etc. regarding these
-files to:
-
- Andrew G. Morgan <morgan@kernel.org>
diff --git a/Linux-PAM/doc/modules/module.sgml-template b/Linux-PAM/doc/modules/module.sgml-template
deleted file mode 100644
index 3fffc754..00000000
--- a/Linux-PAM/doc/modules/module.sgml-template
+++ /dev/null
@@ -1,170 +0,0 @@
-<!--
-
- $Id: module.sgml-template,v 1.2 2001/02/11 07:52:56 agmorgan Exp $
-
- This template file was written by Andrew G. Morgan
- <morgan@kernel.org>
-
-[
- Text that should be deleted/replaced, is enclosed within
- '[' .. ']'
- marks. For example, this text should be deleted!
-]
-
--->
-
-<sect1> [*Familiar full name of module*, eg. The "allow all" module.]
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-[
- insert the name of the module
-
- Blank is not permitted.
-]
-
-<tag><bf>Author[s]:</bf></tag>
-
-[
- Insert author names here
-
- Blank is not permitted. If in doubt, put "unknown" if the
- author wishes to remain anonymous, put "anonymous".
-]
-
-<tag><bf>Maintainer:</bf></tag>
-
-[
- Insert names and date-begun of most recent maintainer.
-]
-
-<tag><bf>Management groups provided:</bf></tag>
-
-[
- list the subset of four management groups supported by the
- module. Choose from: account; authentication; password;
- session.
-
- Blank entries are not permitted. Explicitly list all of the
- management groups. In the future more may be added to libpam!
-]
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-[
- Indicate whether this module contains code that can perform
- reversible (strong) encryption. This field is primarily to
- ensure that people redistributing it are not unwittingly
- breaking laws...
-
- Modules may also require the presence of some local library
- that performs the necessary encryption via some standard API.
- In this case "uses API" can be included in this field. The
- library in question should be added to the system requirements
- below.
-
- Blank = no cryptography is used by module.
-]
-
-<tag><bf>Security rating:</bf></tag>
-
-[
- Initially, this field should be left blank. If someone takes
- it upon themselves to test the strength of the module, it can
- later be filled.
-
- Blank = unknown.
-]
-
-<tag><bf>Clean code base:</bf></tag>
-
-[
- This will probably be filled by the libpam maintainer.
- It can be considered to be a public humiliation list. :*)
-
- I am of the opinion that "gcc -with_all_those_flags" is
- trying to tell us something about whether the program
- works as intended. Since there is currently no Security
- evaluation procedure for modules IMHO this is not a
- completely unreasonable indication (a lower bound anyway)
- of the reliability of a module.
-
- This field would indicate the number and flavor of
- warnings that gcc barfs up when trying to compile the
- module as part of the tree. Is this too tyrannical?
-
- Blank = Linux-PAM maintainer has not tested it :)
-]
-
-<tag><bf>System dependencies:</bf></tag>
-
-[
- here we list config files, dynamic libraries needed, system
- resources, kernel options.. etc.
-
- Blank = nothing more than libc required.
-]
-
-<tag><bf>Network aware:</bf></tag>
-
-[
- Does the module base its behavior on probing a network
- connection? Does it expect to be protected by the
- application?
-
- Blank = Ignorance of network.
-]
-
-</descrip>
-
-<sect2>Overview of module
-
-[
- some text describing the intended actions of the module
- general comments mainly (specifics in sections
- below).
-]
-
-[
-
- [ now we have a <sect2> level subsection for each of the
- management groups. Include as many as there are groups
- listed above in the synopsis ]
-
-<sect2>[ Account | Authentication | Password | Session ] component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-[
- List the supported arguments (leave their description for the
- description below.
-
- Blank = no arguments are read and nothing is logged to syslog
- about any arguments that are passed. Note, this
- behavior is contrary to the RFC!
-]
-
-<tag><bf>Description:</bf></tag>
-
-[
- This component of the module performs the task of ...
-]
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-[
- Here we list some doos and don'ts for this module.
-]
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_access.sgml b/Linux-PAM/doc/modules/pam_access.sgml
deleted file mode 100644
index 8a910d13..00000000
--- a/Linux-PAM/doc/modules/pam_access.sgml
+++ /dev/null
@@ -1,117 +0,0 @@
-<!--
-
- pam_access module docs added by Tim Berger <timb@transmeta.com>
-
--->
-
-<sect1> The access module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-
-<tt>pam_access</tt>
-
-
-<tag><bf>Author[s]:</bf></tag>
-
-Alexei Nogin &lt;alexei@nogin.dnttm.ru&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-
-<tag><bf>Management groups provided:</bf></tag>
-
-account
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-Requires a configuration file. By default
-<tt>/etc/security/access.conf</tt> is used but this can be overridden.
-
-<tag><bf>Network aware:</bf></tag>
-
-Through <tt/PAM_TTY/ if set, otherwise attempts getting tty name of
-the stdin file descriptor with <tt/ttyname()/. Standard
-gethostname(), <tt/yp_get_default_domain()/, <tt/gethostbyname()/
-calls. <bf/NIS/ is used for netgroup support.
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-Provides logdaemon style login access control.
-
-<sect2> Account component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tt>accessfile=<it>/path/to/file.conf</it></tt>;
-<tt>fieldsep=<it>separators</it></tt>
-
-<tag><bf>Description:</bf></tag>
-
-This module provides logdaemon style login access control based on
-login names and on host (or domain) names, internet addresses (or
-network numbers), or on terminal line names in case of non-networked
-logins. Diagnostics are reported through <tt/syslog(3)/. Wietse
-Venema's <tt/login_access.c/ from <em/logdaemon-5.6/ is used with
-several changes by A. Nogin.
-
-<p>
-The behavior of this module can be modified with the following
-arguments:
-<itemize>
-
-<item><tt>accessfile=/path/to/file.conf</tt> -
-indicate an alternative <em/access/ configuration file to override
-the default. This can be useful when different services need different
-access lists.
-
-<item><tt>fieldsep=<it>separators</it></tt> -
-this option modifies the field separator character that
-<tt/pam_access/ will recognize when parsing the access configuration
-file. For example: <tt>fieldsep=|</tt> will cause the default `:'
-character to be treated as part of a field value and `|' becomes the
-field separator. Doing this is useful in conjuction with a system that
-wants to use pam_access with X based applications, since the
-<tt/PAM_TTY/ item is likely to be of the form "hostname:0" which
-includes a `:' character in its value.
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-Use of module is recommended, for example, on administrative machines
-such as <bf/NIS/ servers and mail servers where you need several accounts
-active but don't want them all to have login capability.
-
-For <tt>/etc/pam.d</tt> style configurations where your modules live
-in <tt>/lib/security</tt>, start by adding the following line to
-<tt>/etc/pam.d/login</tt>, <tt>/etc/pam.d/rlogin</tt>,
-<tt>/etc/pam.d/rsh</tt> and <tt>/etc/pam.d/ftp</tt>:
-
-<tscreen>
-<verb>
-account required /lib/security/pam_access.so
-</verb>
-</tscreen>
-
-Note that use of this module is not effective unless your system ignores
-<tt>.rhosts</tt> files. See the the pam_rhosts_auth documentation.
-
-A sample <tt>access.conf</tt> configuration file is included with the
-distribution.
-
-</descrip>
diff --git a/Linux-PAM/doc/modules/pam_chroot.sgml b/Linux-PAM/doc/modules/pam_chroot.sgml
deleted file mode 100644
index 2366880e..00000000
--- a/Linux-PAM/doc/modules/pam_chroot.sgml
+++ /dev/null
@@ -1,86 +0,0 @@
-<!--
- $Id: pam_chroot.sgml,v 1.1.1.1 2000/06/20 22:10:59 agmorgan Exp $
-
- This file was written by Bruce Campbell <brucec@humbug.org.au>
--->
-
-<sect1>Chroot
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_chroot/
-
-<tag><bf>Author:</bf></tag>
-Bruce Campbell &lt;brucec@humbug.org.au&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author; proposed on 20/11/96 - email for status
-
-<tag><bf>Management groups provided:</bf></tag>
-account; session; authentication
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-Unwritten.
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-Expects localhost.
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module is intended to provide a transparent wrapper around the
-average user, one that puts them in a fake file-system (eg, their
-'<tt>/</tt>' is really <tt>/some/where/else</tt>).
-
-<p>
-Useful if you have several classes of users, and are slightly paranoid
-about security. Can be used to limit who else users can see on the
-system, and to limit the selection of programs they can run.
-
-<sect2>Account component:
-
-<p>
-<em/Need more info here./
-
-<sect2>Authentication component:
-
-<p>
-<em/Need more info here./
-
-<sect2>Session component:
-
-<p>
-<em/Need more info here./
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-Arguments and logging levels for the PAM version are being worked on.
-
-<tag><bf>Description:</bf></tag>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-Do provide a reasonable list of programs - just tossing 'cat', 'ls', 'rm',
-'cp' and 'ed' in there is a bit...
-<p>
-Don't take it to extremes (eg, you can set up a separate environment for
-each user, but its a big waste of your disk space.)
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_cracklib.sgml b/Linux-PAM/doc/modules/pam_cracklib.sgml
deleted file mode 100644
index d6fc0c56..00000000
--- a/Linux-PAM/doc/modules/pam_cracklib.sgml
+++ /dev/null
@@ -1,304 +0,0 @@
-<!--
- $Id: pam_cracklib.sgml,v 1.5 2001/12/08 18:56:47 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
- long password amendments are from Philip W. Dalrymple III <pwd@mdtsoft.com>
--->
-
-<sect1>Cracklib pluggable password strength-checker
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-
-pam_cracklib
-
-<tag><bf>Author:</bf></tag>
-
-Cristian Gafton &lt;gafton@redhat.com&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-
-Author.
-
-<tag><bf>Management groups provided:</bf></tag>
-
-password
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-
-Requires the system library <tt/libcrack/ and a system dictionary:
-<tt>/usr/lib/cracklib_dict</tt>.
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module can be plugged into the <tt/password/ stack of a given
-application to provide some plug-in strength-checking for passwords.
-
-<p>
-This module works in the following manner: it first calls the
-<em>Cracklib</em> routine to check the strength of the password; if
-crack likes the password, the module does an additional set of
-strength checks. These checks are:
-<itemize>
-
-<item> <bf/Palindrome/ -
-
-Is the new password a palindrome of the old one?
-
-<item> <bf/Case Change Only/ -
-
-Is the new password the the old one with only a change of case?
-
-<item> <bf/Similar/ -
-
-Is the new password too much like the old one? This is primarily
-controlled by one argument, <tt/difok/ which is a number of characters
-that if different between the old and new are enough to accept the new
-password, this defaults to 10 or 1/2 the size of the new password
-whichever is smaller.
-
-To avoid the lockup associated with trying to change a long and
-complicated password, <tt/difignore/ is available. This argument can
-be used to specify the minimum length a new password needs to be
-before the <tt/difok/ value is ignored. The default value for
-<tt/difignore/ is 23.
-
-
-<item> <bf/Simple/ -
-
-Is the new password too small? This is controlled by 5 arguments
-<tt/minlen/, <tt/dcredit/, <tt/ucredit/, <tt/lcredit/, and
-<tt/ocredit/. See the section on the arguments for the details of how
-these work and there defaults.
-
-<item> <bf/Rotated/ -
-
-Is the new password a rotated version of the old password?
-
-<item> <bf/Already used/ -
-
-Was the password used in the past? Previously used passwords are to
-be found in /etc/security/opasswd.
-
-</itemize>
-
-<p>
-This module with no arguments will work well for standard unix
-password encryption. With md5 encryption, passwords can be longer
-than 8 characters and the default settings for this module can make it
-hard for the user to choose a satisfactory new password. Notably, the
-requirement that the new password contain no more than 1/2 of the
-characters in the old password becomes a non-trivial constraint. For
-example, an old password of the form "the quick brown fox jumped over
-the lazy dogs" would be difficult to change... In addition, the
-default action is to allow passwords as small as 5 characters in
-length. For a md5 systems it can be a good idea to increase the
-required minimum size of a password. One can then allow more credit
-for different kinds of characters but accept that the new password may
-share most of these characters with the old password.
-
-<sect2>Password component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tt/debug/; <tt/type=XXX/; <tt/retry=N/; <tt/difok=N/; <tt/minlen=N/;
-<tt/dcredit=N/; <tt/ucredit=N/; <tt/lcredit=N/; <tt/ocredit=N/;
-<tt/use_authtok/;
-
-<tag><bf>Description:</bf></tag>
-
-The action of this module is to prompt the user for a password and
-check its strength against a system dictionary and a set of rules for
-identifying poor choices.
-
-<p>
-The default action is to prompt for a single password, check its
-strength and then, if it is considered strong, prompt for the password
-a second time (to verify that it was typed correctly on the first
-occasion). All being well, the password is passed on to subsequent
-modules to be installed as the new authentication token.
-
-<p>
-The default action may be modified in a number of ways using the
-arguments recognized by the module:
-<itemize>
-
-<item> <tt/debug/ -
-
-this option makes the module write information to syslog(3) indicating
-the behavior of the module (this option does <bf/not/ write password
-information to the log file).
-
-<item> <tt/type=XXX/ -
-
-the default action is for the module to use the following prompts when
-requesting passwords: ``New UNIX password: '' and ``Retype UNIX
-password: ''. Using this option you can replace the word UNIX with
-<tt/XXX/.
-
-<item> <tt/retry=N/ -
-
-the default number of times this module will request a new password
-(for strength-checking) from the user is 1. Using this argument this
-can be increased to <tt/N/.
-
-<item> <tt/difok=N/ -
-
-This argument will change the default of 10 for the number of
-characters in the new password that must not be present in the old
-password. In addition, if 1/2 of the characters in the new password
-are different then the new password will be accepted anyway.
-
-<item> <tt/minlen=N/ -
-
-The minimum acceptable size for the new password (plus one if credits
-are not disabled which is the default).
-In addition to the number of characters in the new password, credit (of
-+1 in length) is given for each different kind of character (<em>other,
-upper, lower</em> and <em/digit/). The default for this parameter is
-9 which is good for a old style UNIX password all of the same type of
-character but may be too low to exploit the added security of a md5
-system. Note that there is a pair of length limits in
-<em>Cracklib</em> itself, a "way too short" limit of 4 which is hard
-coded in and a defined limit (6) that will be checked without
-reference to <tt>minlen</tt>. If you want to allow passwords as short
-as 5 characters you should either not use this module or recompile
-the crack library and then recompile this module.
-
-<item> <tt/dcredit=N/ -
-
-(N >= 0) This is the maximum credit for having digits in the new password. If
-you have less than or <tt/N/ digits, each digit will count +1 towards
-meeting the current <tt/minlen/ value. The default for <tt/dcredit/
-is 1 which is the recommended value for <tt/minlen/ less than 10.
-(N < 0) This is the minimum number of digits that must be met for a new
-password.
-
-<item> <tt/ucredit=N/ -
-
-(N >= 0) This is the maximum credit for having upper case letters in the new
-password. If you have less than or <tt/N/ upper case letters each
-letter will count +1 towards meeting the current <tt/minlen/ value.
-The default for <tt/ucredit/ is 1 which is the recommended value for
-<tt/minlen/ less than 10. (N < 0) This is the minimum number of upper
-case letters that must be met for a new password.
-
-<item> <tt/lcredit=N/ -
-
-(N >= 0) This is the maximum credit for having lower case letters in the new
-password. If you have less than or <tt/N/ lower case letters, each
-letter will count +1 towards meeting the current <tt/minlen/ value.
-The default for <tt/lcredit/ is 1 which is the recommended value for
-<tt/minlen/ less than 10. (N < 0) This is the minimum number of lower
-case letters that must be met for a new password.
-
-<item> <tt/ocredit=N/ -
-
-(N >= 0) This is the maximum credit for having other characters in the new
-password. If you have less than or <tt/N/ other characters, each
-character will count +1 towards meeting the current <tt/minlen/ value.
-The default for <tt/ocredit/ is 1 which is the recommended value for
-<tt/minlen/ less than 10. (N < 0) This is the minimum number of other
-characters that must be met for a new password.
-
-<item> <tt/use_authtok/ -
-
-This argument is used to <em/force/ the module to not prompt the user
-for a new password but use the one provided by the previously stacked
-<tt/password/ module.
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-<p>
-For an example of the use of this module, we show how it may be
-stacked with the password component of <tt/pam_pwdb/:
-<tscreen>
-<verb>
-#
-# These lines stack two password type modules. In this example the
-# user is given 3 opportunities to enter a strong password. The
-# "use_authtok" argument ensures that the pam_pwdb module does not
-# prompt for a password, but instead uses the one provided by
-# pam_cracklib.
-#
-passwd password required pam_cracklib.so retry=3
-passwd password required pam_pwdb.so use_authtok
-</verb>
-</tscreen>
-
-<p>
-Another example (in the <tt>/etc/pam.d/passwd</tt> format) is for the
-case that you want to use md5 password encryption:
-<tscreen>
-<verb>
-#%PAM-1.0
-#
-# These lines allow a md5 systems to support passwords of at least 14
-# bytes with extra credit of 2 for digits and 2 for others the new
-# password must have at least three bytes that are not present in the
-# old password
-#
-password required pam_cracklib.so \
- difok=3 minlen=15 dcredit= 2 ocredit=2
-password required pam_pwdb.so use_authtok nullok md5
-</verb>
-</tscreen>
-
-<p>
-And here is another example in case you don't want to use credits:
-<tscreen>
-<verb>
-#%PAM-1.0
-#
-# These lines require the user to select a password with a minimum
-# length of 8 and with at least 1 digit number, 1 upper case letter,
-# and 1 other character
-#
-password required pam_cracklib.so \
- dcredit=-1 ucredit=-1 ocredit=-1 lcredit=0 minlen=8
-password required pam_pwdb.so use_authtok nullok md5
-</verb>
-</tscreen>
-
-<p>
-In this example we simply say that the password must have a minimum
-length of 8:
-<tscreen>
-<verb>
-#%PAM-1.0
-#
-# These lines require the user to select a password with a mimimum
-# length of 8. He gets no credits and he is not forced to use
-# digit numbers, upper case letters etc.
-#
-password required pam_cracklib.so \
- dcredit=0 ucredit=0 ocredit=0 lcredit=0 minlen=8
-password required pam_pwdb.so use_authtok nullok md5
-</verb>
-</tscreen>
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_deny.sgml b/Linux-PAM/doc/modules/pam_deny.sgml
deleted file mode 100644
index bf9dfd2b..00000000
--- a/Linux-PAM/doc/modules/pam_deny.sgml
+++ /dev/null
@@ -1,177 +0,0 @@
-<!--
- $Id: pam_deny.sgml,v 1.3 2002/05/10 04:03:02 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>The locking-out module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-pam_deny
-
-<tag><bf>Author:</bf></tag>
-Andrew G. Morgan &lt;morgan@kernel.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-current <bf/Linux-PAM/ maintainer
-
-<tag><bf>Management groups provided:</bf></tag>
-account; authentication; password; session
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-clean.
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module can be used to deny access. It always indicates a failure
-to the application through the PAM framework. As is commented in the
-overview section <ref id="overview-section" name="above">, this module
-might be suitable for using for default (the <tt/OTHER/) entries.
-
-<sect2>Account component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-This component does nothing other than return a failure. The
-failure type is <tt/PAM_ACCT_EXPIRED/.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-Stacking this module with type <tt/account/ will prevent the user from
-gaining access to the system via applications that refer to
-<bf/Linux-PAM/'s account management function <tt/pam_acct_mgmt()/.
-
-<p>
-The following example would make it impossible to login:
-<tscreen>
-<verb>
-#
-# add this line to your other login entries to disable all accounts
-#
-login account required pam_deny.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-This component does nothing other than return a failure. The failure
-type is <tt/PAM_AUTH_ERR/ in the case that <tt/pam_authenticate()/ is
-called (when the application tries to authenticate the user), and is
-<tt/PAM_CRED_UNAVAIL/ when the application calls <tt/pam_setcred()/
-(to establish and set the credentials of the user -- it is unlikely
-that this function will ever be called in practice).
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-To deny access to default applications with this component of the
-<tt/pam_deny/ module, you might include the following line in your
-<bf/Linux-PAM/ configuration file:
-<tscreen>
-<verb>
-#
-# add this line to your existing OTHER entries to prevent
-# authentication succeeding with default applications.
-#
-OTHER auth required pam_deny.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<sect2>Password component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-This component of the module denies the user the opportunity to change
-their password. It always responds with <tt/PAM_AUTHTOK_ERR/ when
-invoked.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-This module should be used to prevent an application from updating the
-applicant user's password. For example, to prevent <tt/login/ from
-automatically prompting for a new password when the old one has
-expired you should include the following line in your configuration
-file:
-<tscreen>
-<verb>
-#
-# add this line to your other login entries to prevent the login
-# application from being able to change the user's password.
-#
-login password required pam_deny.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<sect2>Session component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-This aspect of the module prevents an application from starting a
-session on the host computer.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-Together with another session module, that displays a message of the
-day perhaps (<tt/pam_motd/ for example), this module can be used to
-block a user from starting a shell. We might use the following entries
-in the configuration file to inform the user it is system time:
-<tscreen>
-<verb>
-#
-# An example to see how to configure login to refuse the user a
-# session (politely)
-#
-login session required pam_motd.so \
- motd=/etc/system_time
-login session required pam_deny.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_env.sgml b/Linux-PAM/doc/modules/pam_env.sgml
deleted file mode 100644
index a6361cac..00000000
--- a/Linux-PAM/doc/modules/pam_env.sgml
+++ /dev/null
@@ -1,141 +0,0 @@
-<!--
- $Id: pam_env.sgml,v 1.2 2001/03/19 01:46:41 agmorgan Exp $
-
- This file was written by Dave Kinchlea <kinch@kinch.ark.com>
- Ed. AGM
--->
-
-<sect1>Set/unset environment variables
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_env/
-
-<tag><bf>Author:</bf></tag>
-Dave Kinchlea &lt;kinch@kinch.ark.com&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author
-
-<tag><bf>Management groups provided:</bf></tag>
-Authentication (setcred)
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-<tt>/etc/security/pam_env.conf</tt>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module allows the (un)setting of environment variables. Supported
-is the use of previously set environment variables as well as
-<em>PAM_ITEM</em>s such as <tt>PAM_RHOST</tt>.
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/; <tt/conffile=/<em/configuration-file-name/;
-<tt/envfile/=<em/env-file-name/; <tt/readenv/=<em/0|1/
-
-<tag><bf>Description:</bf></tag>
-This module allows you to (un)set arbitrary environment variables
-using fixed strings, the value of previously set environment variables
-and/or <em/PAM_ITEM/s.
-
-<p>
-All is controlled via a configuration file (by default,
-<tt>/etc/security/pam_env.conf</tt> but can be overriden with
-<tt>conffile</tt> argument). Each line starts with the variable name,
-there are then two possible options for each variable <bf>DEFAULT</bf>
-and <bf>OVERRIDE</bf>. <bf>DEFAULT</bf> allows an administrator to
-set the value of the variable to some default value, if none is
-supplied then the empty string is assumed. The <bf>OVERRIDE</bf>
-option tells pam_env that it should enter in its value (overriding the
-default value) if there is one to use. <bf>OVERRIDE</bf> is not used,
-<tt>""</tt> is assumed and no override will be done.
-
-<p>
-<tscreen>
-<verb>
-VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]]
-</verb>
-</tscreen>
-
-<p>
-(Possibly non-existent) environment variables may be used in values
-using the <tt>&dollar;&lcub;string&rcub;</tt> syntax and (possibly
-non-existent) <em/PAM_ITEM/s may be used in values using the
-<tt>&commat;&lcub;string&rcub;</tt> syntax. Both the <tt>&dollar;</tt>
-and <tt>&commat;</tt> characters can be backslash-escaped to be used
-as literal values (as in <tt>&bsol;&dollar;</tt>. Double quotes may
-be used in values (but not environment variable names) when white
-space is needed <bf>the full value must be delimited by the quotes and
-embedded or escaped quotes are not supported</bf>.
-
-<p>
-This module can also parse a file with simple <tt>KEY=VAL</tt> pairs
-on seperate lines (<tt>/etc/environment</tt> by default). You can
-change the default file to parse, with the <em/envfile/ flag and turn
-it on or off by setting the <em/readenv/ flag to 1 or 0 respectively.
-
-<p>
-The behavior of this module can be modified with one of the following
-flags:
-
-<p>
-<itemize>
-
-<item><tt/debug/
-- write more information to <tt/syslog(3)/.
-
-<item><tt/conffile=/<em/filename/
-- by default the file <tt>/etc/security/pam_env.conf</tt> is used as
-the configuration file. This option overrides the default. You must
-supply a complete path + file name.
-
-<item><tt/envfile=/<em/filename/
-- by default the file <tt>/etc/environment</tt> is used to load KEY=VAL
-pairs directly into the env. This option overrides the default. You must
-supply a complete path + file name.
-
-<item><tt/readenv=/<em/0|1/
-- turns on or off the reading of the file specified by envfile (0 is off,
-1 is on). By default this option is on.
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-See sample <tt>pam_env.conf</tt> for more information and examples.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
-
-
-
-
-
-
-
-
-
-
diff --git a/Linux-PAM/doc/modules/pam_filter.sgml b/Linux-PAM/doc/modules/pam_filter.sgml
deleted file mode 100644
index e22ad9b6..00000000
--- a/Linux-PAM/doc/modules/pam_filter.sgml
+++ /dev/null
@@ -1,150 +0,0 @@
-<!--
- $Id: pam_filter.sgml,v 1.3 2001/12/08 18:56:47 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>The filter module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-
-pam_filter
-
-<tag><bf>Author:</bf></tag>
-
-Andrew G. Morgan &lt;morgan@kernel.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-
-Author.
-
-<tag><bf>Management groups provided:</bf></tag>
-
-account; authentication; password; session
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-Not yet.
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-This module compiles cleanly on Linux based systems.
-
-<tag><bf>System dependencies:</bf></tag>
-
-To function it requires <em/filters/ to be installed on the system.
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module was written to offer a plug-in alternative to programs
-like ttysnoop (XXX - need a reference). Since writing a filter that
-performs this function has not occurred, it is currently only a toy.
-The single filter provided with the module simply transposes upper and
-lower case letters in the input and output streams. (This can be very
-annoying and is not kind to termcap based editors).
-
-<sect2>Account+Authentication+Password+Session components
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tt/debug/; <tt/new_term/; <tt/non_term/; <tt/runX/
-
-<tag><bf>Description:</bf></tag>
-
-Each component of the module has the potential to invoke the desired
-filter. The filter is always <tt/execv(2)/d with the privilege of the
-calling application and <bf/not/ that of the user. For this reason it
-cannot usually be killed by the user without closing their session.
-
-<p>
-The behavior of the module can be significantly altered by the
-arguments passed to it in the <bf/Linux-PAM/ configuration file:
-<itemize>
-<item><tt/debug/ -
-
-this option increases the amount of information logged to
-<tt/syslog(3)/ as the module is executed.
-
-<item><tt/new_term/ -
-
-the default action of the filter is to set the <tt/PAM_TTY/ item to
-indicate the terminal that the user is using to connect to the
-application. This argument indicates that the filter should set
-<tt/PAM_TTY/ to the filtered pseudo-terminal.
-
-<item><tt/non_term/ -
-don't try to set the <tt/PAM_TTY/ item.
-
-<item><tt/runX/ -
-
-in order that the module can invoke a filter it should know when to
-invoke it. This argument is required to tell the filter when to do
-this. The arguments that follow this one are respectively the full
-pathname of the filter to be run and any command line arguments that
-the filter might expect.
-
-<p>
-Permitted values for <tt/X/ are <tt/1/ and <tt/2/. These indicate the
-precise time that the filter is to be run. To understand this concept
-it will be useful to have read the Linux-PAM Module developer's
-guide. Basically, for each management group there are up to two ways
-of calling the module's functions.
-
-In the case of the <em/authentication/ and <em/session/ components
-there are actually two separate functions. For the case of
-authentication, these functions are <tt/_authenticate/ and
-<tt/_setcred/ -- here <tt/run1/ means run the filter from the
-<tt/_authenticate/ function and <tt/run2/ means run the filter from
-<tt/_setcred/. In the case of the session modules, <tt/run1/ implies
-that the filter is invoked at the <tt/_open_session/ stage, and
-<tt/run2/ for <tt/_close_session/.
-
-<p>
-For the case of the account component. Either <tt/run1/ or <tt/run2/
-may be used.
-
-<p>
-For the case of the password component, <tt/run1/ is used to indicate
-that the filter is run on the first occasion <tt/_chauthtok/ is run
-(the <tt/PAM_PRELIM_CHECK/ phase) and <tt/run2/ is used to indicate
-that the filter is run on the second occasion (the
-<tt/PAM_UPDATE_AUTHTOK/ phase).
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-At the time of writing there is little real use to be made of this
-module. For fun you might try adding the following line to your
-login's configuration entries
-<tscreen>
-<verb>
-#
-# An example to see how to configure login to transpose upper and
-# lower case letters once the user has logged in(!)
-#
-login session required pam_filter.so \
- run1 /usr/sbin/pam_filter/upperLOWER
-</verb>
-</tscreen>
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_ftp.sgml b/Linux-PAM/doc/modules/pam_ftp.sgml
deleted file mode 100644
index cb4c4f33..00000000
--- a/Linux-PAM/doc/modules/pam_ftp.sgml
+++ /dev/null
@@ -1,93 +0,0 @@
-<!--
- $Id: pam_ftp.sgml,v 1.3 2001/12/08 18:56:47 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>Anonymous access module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_ftp.so/
-
-<tag><bf>Author:</bf></tag>
-Andrew G. Morgan &lt;morgan@kernel.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author.
-
-<tag><bf>Management groups provided:</bf></tag>
-authentication
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-prompts for email address of user; easily spoofed (XXX - needs work)
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-The purpose of this module is to provide a pluggable anonymous ftp
-mode of access.
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/;
-<tt/users=XXX,YYY,.../;
-<tt/ignore/
-
-<tag><bf>Description:</bf></tag>
-
-This module intercepts the user's name and password. If the name is
-``<tt/ftp/'' or ``<tt/anonymous/'', the user's password is broken up
-at the `<tt/@/' delimiter into a <tt/PAM_RUSER/ and a <tt/PAM_RHOST/
-part; these pam-items being set accordingly. The username
-(<tt/PAM_USER/) is set to ``<tt/ftp/''. In this case the module
-succeeds. Alternatively, the module sets the <tt/PAM_AUTHTOK/ item
-with the entered password and fails.
-
-<p>
-The behavior of the module can be modified with the following flags:
-<itemize>
-<item><tt/debug/ -
-log more information to with <tt/syslog(3)/.
-
-<item><tt/users=XXX,YYY,.../ -
-instead of ``<tt/ftp/'' or ``<tt/anonymous/'', provide anonymous login
-to the comma separated list of users; ``<tt/XXX,YYY,.../''. Should the
-applicant enter one of these usernames the returned username is set to
-the first in the list; ``<tt/XXX/''.
-
-<item><tt/ignore/ -
-pay no attention to the email address of the user (if supplied).
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-An example of the use of this module is provided in the configuration
-file section <ref id="configuration" name="above">. With care, this
-module could be used to provide new/temporary account anonymous
-login.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_group.sgml b/Linux-PAM/doc/modules/pam_group.sgml
deleted file mode 100644
index 2d767275..00000000
--- a/Linux-PAM/doc/modules/pam_group.sgml
+++ /dev/null
@@ -1,108 +0,0 @@
-<!--
- $Id: pam_group.sgml,v 1.2 2001/12/08 18:56:47 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>The group access module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_group/
-
-<tag><bf>Author:</bf></tag>
-Andrew G. Morgan &lt;morgan@kernel.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author.
-
-<tag><bf>Management groups provided:</bf></tag>
-authentication
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-Sensitive to <em/setgid/ status of file-systems accessible to users.
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-Requires an <tt>/etc/security/group.conf</tt> file. Can be compiled
-with or without <tt/libpwdb/.
-
-<tag><bf>Network aware:</bf></tag>
-Only through correctly set <tt/PAM_TTY/ item.
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module provides group-settings based on the user's name and the
-terminal they are requesting a given service from. It takes note of
-the time of day.
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-This module does not authenticate the user, but instead it grants
-group memberships (in the credential setting phase of the
-authentication module) to the user. Such memberships are based on the
-service they are applying for. The group memberships are listed in
-text form in the <tt>/etc/security/group.conf</tt> file.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-For this module to function correctly there must be a correctly
-formatted <tt>/etc/security/groups.conf</tt> file present. The format
-of this file is as follows. Group memberships are given based on the
-service application satisfying any combination of lines in the
-configuration file. Each line (barring comments which are preceded by
-`<tt/#/' marks) has the following
-syntax:
-<tscreen>
-<verb>
-services ; ttys ; users ; times ; groups
-</verb>
-</tscreen>
-Here the first four fields share the syntax of the <tt>pam_time</tt>
-configuration file; <tt>/etc/security/pam_time.conf</tt>, and the last
-field, the <tt/groups/ field, is a comma (or space) separated list of
-the text-names of a selection of groups. If the users application for
-service satisfies the first four fields, the user is granted membership
-of the listed groups.
-
-<p>
-As stated in above this module's usefulness relies on the file-systems
-accessible to the user. The point being that once granted the
-membership of a group, the user may attempt to create a <em/setgid/
-binary with a restricted group ownership. Later, when the user is not
-given membership to this group, they can recover group membership with
-the precompiled binary. The reason that the file-systems that the user
-has access to are so significant, is the fact that when a system is
-mounted <em/nosuid/ the user is unable to create or execute such a
-binary file. For this module to provide any level of security, all
-file-systems that the user has write access to should be mounted
-<em/nosuid/.
-
-<p>
-The <tt>pam_group</tt> module fuctions in parallel with the
-<tt>/etc/group</tt> file. If the user is granted any groups based on
-the behavior of this module, they are granted <em>in addition</em> to
-those entries <tt>/etc/group</tt> (or equivalent).
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_issue.sgml b/Linux-PAM/doc/modules/pam_issue.sgml
deleted file mode 100644
index 1f617e3b..00000000
--- a/Linux-PAM/doc/modules/pam_issue.sgml
+++ /dev/null
@@ -1,120 +0,0 @@
-<!--
-
-Ben Collins <bcollins@debian.org>
-
--->
-
-<sect1>Add issue file to user prompt
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_issue/
-
-<tag><bf>Author:</bf></tag>
-Ben Collins &lt;bcollins@debian.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author
-
-<tag><bf>Management groups provided:</bf></tag>
-Authentication (pam_sm_authenticate)
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module prepends the issue file (<em>/etc/issue</em> by default) when
-prompting for a username.
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/issue=issue-file-name/; <tt/noesc/;
-
-<tag><bf>Description:</bf></tag>
-This module allows you to prepend an issue file to the username prompt. It
-also by default parses escape codes in the issue file similar to some
-common getty's (using &bsol;x format).
-<p>
-Recognized escapes:
-<itemize>
-
-<item><tt/d/
-- current date
-
-<item><tt/s/
-- operating system name
-
-<item><tt/l/
-- name of this tty
-
-<item><tt/m/
-- architecture of this system (i686, sparc, powerpc, ...)
-
-<item><tt/n/
-- hostname of this system
-
-<item><tt/o/
-- domainname of this system
-
-<item><tt/r/
-- release number of the operation system (eg. 2.2.12)
-
-<item><tt/t/
-- current time
-
-<item><tt/u/
-- number of users currently logged in
-
-<item><tt/U/
-- same as <tt/u/, except it is suffixed with "user" or "users" (eg. "1
-user" or "10 users"
-
-<item><tt/v/
-- version/build-date of the operating system (eg. "&num;3 Mon Aug 23 14:38:16
-EDT 1999" on Linux).
-
-</itemize>
-
-<p>
-The behavior of this module can be modified with one of the following
-flags:
-
-<p>
-<itemize>
-
-<item><tt/issue/
-- the file to output if not using the default
-
-<item><tt/noesc/
-- turns off escape code parsing
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-login auth pam_issue.so issue=/etc/issue
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_krb4.sgml b/Linux-PAM/doc/modules/pam_krb4.sgml
deleted file mode 100644
index 51a46522..00000000
--- a/Linux-PAM/doc/modules/pam_krb4.sgml
+++ /dev/null
@@ -1,126 +0,0 @@
-<!--
- $Id: pam_krb4.sgml,v 1.1.1.1 2000/06/20 22:11:01 agmorgan Exp $
-
- This file was written by Derrick J. Brashear <shadow@DEMENTIA.ORG>
--->
-
-<sect1>The Kerberos 4 module.
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_krb4/
-
-<tag><bf>Author:</bf></tag>
-Derrick J. Brashear &lt;shadow@dementia.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author.
-
-<tag><bf>Management groups provided:</bf></tag>
-authentication; password; session
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-uses API
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-libraries - <tt/libkrb/, <tt/libdes/, <tt/libcom_err/, <tt/libkadm/;
-and a set of Kerberos include files.
-
-<tag><bf>Network aware:</bf></tag>
-Gets Kerberos ticket granting ticket via a Kerberos key distribution
-center reached via the network.
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module provides an interface for doing Kerberos verification of a
-user's password, getting the user a Kerberos ticket granting ticket
-for use with the Kerberos ticket granting service, destroying the
-user's tickets at logout time, and changing a Kerberos password.
-
-<sect2> Session component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-This component of the module currently sets the user's <tt/KRBTKFILE/
-environment variable (although there is currently no way to export
-this), as well as deleting the user's ticket file upon logout (until
-<tt/PAM_CRED_DELETE/ is supported by <em/login/).
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-This part of the module won't be terribly useful until we can change
-the environment from within a <tt/Linux-PAM/ module.
-
-</descrip>
-
-<sect2> Password component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/use_first_pass/; <tt/try_first_pass/
-
-<tag><bf>Description:</bf></tag>
-
-This component of the module changes a user's Kerberos password
-by first getting and using the user's old password to get
-a session key for the password changing service, then sending
-a new password to that service.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-This should only be used with a real Kerberos v4 <tt/kadmind/. It
-cannot be used with an AFS kaserver unless special provisions are
-made. Contact the module author for more information.
-
-</descrip>
-
-<sect2> Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/use_first_pass/; <tt/try_first_pass/
-
-<tag><bf>Description:</bf></tag>
-
-This component of the module verifies a user's Kerberos password
-by requesting a ticket granting ticket from the Kerberos server
-and optionally using it to attempt to retrieve the local computer's
-host key and verifying using the key file on the local machine if
-one exists.
-
-It also writes out a ticket file for the user to use later, and
-deletes the ticket file upon logout (not until <tt/PAM_CRED_DELETE/
-is called from <em/login/).
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-This module can be used with a real Kerberos server using MIT
-v4 Kerberos keys. The module or the system Kerberos libraries
-may be modified to support AFS style Kerberos keys. Currently
-this is not supported to avoid cryptography constraints.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_lastlog.sgml b/Linux-PAM/doc/modules/pam_lastlog.sgml
deleted file mode 100644
index 451bfaa2..00000000
--- a/Linux-PAM/doc/modules/pam_lastlog.sgml
+++ /dev/null
@@ -1,119 +0,0 @@
-<!--
- $Id: pam_lastlog.sgml,v 1.2 2001/02/17 01:55:38 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>The last login module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_lastlog/
-
-<tag><bf>Author:</bf></tag>
-Andrew G. Morgan &lt;morgan@kernel.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author
-
-<tag><bf>Management groups provided:</bf></tag>
-auth
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-uses information contained in the <tt>/var/log/lastlog</tt> file.
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This session module maintains the <tt>/var/log/lastlog</tt> file. Adding
-an open entry when called via the <tt>pam_open_seesion()</tt> function
-and completing it when <tt>pam_close_session()</tt> is called. This
-module can also display a line of information about the last login of
-the user. If an application already performs these tasks, it is not
-necessary to use this module.
-
-<sect2>Session component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/; <tt/nodate/; <tt/noterm/; <tt/nohost/; <tt/silent/;
-<tt/never/
-
-<tag><bf>Description:</bf></tag>
-
-<p>
-This module can be used to provide a ``Last login on ...''
-message. when the user logs into the system from what ever application
-uses the PAM libraries. In addition, the module maintains the
-<tt>/var/log/lastlog</tt> file.
-
-<p>
-The behavior of this module can be modified with one of the following
-flags:
-
-<p>
-<itemize>
-<item><tt/debug/
-- write more information to <tt/syslog(3)/.
-
-<item><tt/nodate/
-- neglect to give the date of the last login when displaying
-information about the last login on the system.
-
-<item><tt/noterm/
-- neglect to diplay the terminal name on which the last login was
-attempt.
-
-<item><tt/nohost/
-- neglect to indicate from which host the last login was attempted.
-
-<item><tt/silent/
-- neglect to inform the user about any previous login: just update
-the <tt>/var/log/lastlog</tt> file.
-
-<item><tt/never/
-- if the <tt>/var/log/lastlog</tt> file does not contain any old entries
-for the user, indicate that the user has never previously logged in
-with a ``welcome..." message.
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-This module can be used to indicate that the user has new mail when
-they <em/login/ to the system. Here is a sample entry for your
-<tt>/etc/pam.d/XXX</tt> file:
-<tscreen>
-<verb>
-#
-# When were we last here?
-#
-session optional pam_lastlog.so
-</verb>
-</tscreen>
-
-<p>
-Note, some applications may perform this function themselves. In such
-cases, this module is not necessary.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_limits.sgml b/Linux-PAM/doc/modules/pam_limits.sgml
deleted file mode 100644
index 22674d42..00000000
--- a/Linux-PAM/doc/modules/pam_limits.sgml
+++ /dev/null
@@ -1,247 +0,0 @@
-<!--
- $Id: pam_limits.sgml,v 1.7 2002/05/09 12:00:35 baggins Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
- from information compiled by Cristian Gafton (author of module)
--->
-
-<sect1>The resource limits module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_limits/
-
-<tag><bf>Authors:</bf></tag>
-Cristian Gafton &lt;gafton@redhat.com&gt; <newline>
-Thanks are also due to Elliot Lee &lt;sopwith@redhat.com&gt;
-for his comments on improving this module.
-
-<tag><bf>Maintainer:</bf></tag>
-Cristian Gafton - 1996/11/20
-
-<tag><bf>Management groups provided:</bf></tag>
-session
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-requires an <tt>/etc/security/limits.conf</tt> file and kernel support
-for resource limits. Also uses the library, <tt/libpwdb/.
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module, through the <bf/Linux-PAM/ <em/open/-session hook, sets
-limits on the system resources that can be obtained in a
-user-session. Its actions are dictated more explicitly through the
-configuration file discussed below.
-
-<sect2>Session component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/; <tt>conf=/path/to/file.conf</tt>; <tt>change_uid</tt>;
-<tt>utmp_early</tt>
-
-<tag><bf>Description:</bf></tag>
-
-Through the contents of the configuration file,
-<tt>/etc/security/limits.conf</tt>, resource limits are placed on
-users' sessions. Users of <tt/uid=0/ are not affected by this
-restriction.
-
-<p>
-The behavior of this module can be modified with the following
-arguments:
-<itemize>
-
-<item><tt/debug/ -
-verbose logging to <tt/syslog(3)/.
-
-<item><tt>conf=/path/to/file.conf</tt> -
-indicate an alternative <em/limits/ configuration file to the default.
-
-<item><tt/change_uid/ -
-change real uid to the user for who the limits are set up. Use this
-option if you have problems like login not forking a shell for user
-who has no processes. Be warned that something else may break when
-you do this.
-
-<item><tt/utmp_early/ -
-some broken applications actually allocate a utmp entry for the user
-before the user is admitted to the system. If some of the services you
-are configuring PAM for do this, you can selectively use this module
-argument to compensate for this behavior and at the same time maintain
-system-wide consistency with a single limits.conf file.
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-In order to use this module the system administrator must first create
-a <em/root-only-readable/ file (default is
-<tt>/etc/security/limits.conf</tt>). This file describes the resource
-limits the superuser wishes to impose on users and groups. No limits
-are imposed on <tt/uid=0/ accounts.
-
-<p>
-Each line of the configuration file describes a limit for a user in
-the form:
-<tscreen>
-<verb>
-<domain> <type> <item> <value>
-</verb>
-</tscreen>
-
-<p>
-The fields listed above should be filled as follows...<newline>
-<tt>&lt;domain&gt;</tt> can be:
-<itemize>
-<item> a username
-<item> a groupname, with <tt>@group</tt> syntax
-<item> the wild-card <tt/*/, for default entry
-<item> the wild-card <tt/%/, for maxlogins limit only,
-can also be used with <tt>%group</tt> syntax
-</itemize>
-
-<p>
-<tt>&lt;type&gt;</tt> can have the three values:
-<itemize>
-
-<item> <tt/hard/ for enforcing <em/hard/ resource limits. These limits
-are set by the superuser and enforced by the Linux Kernel. The user
-cannot raise his requirement of system resources above such values.
-
-<item> <tt/soft/ for enforcing <em/soft/ resource limits. These limits
-are ones that the user can move up or down within the permitted range
-by any pre-exisiting <em/hard/ limits. The values specified with this
-token can be thought of as <em/default/ values, for normal system
-usage.
-
-<item> <tt/-/ for enforcing both <em/soft/ and <em/hard/ limits
-together.
-
-</itemize>
-
-<p>
-<tt>&lt;item&gt;</tt> can be one of the following:
-<itemize>
-<item><tt/core/ - limits the core file size (KB)
-<item><tt/data/ - max data size (KB)
-<item><tt/fsize/ - maximum filesize (KB)
-<item><tt/memlock/ - max locked-in-memory address space (KB)
-<item><tt/nofile/ - max number of open files
-<item><tt/rss/ - max resident set size (KB)
-<item><tt/stack/ - max stack size (KB)
-<item><tt/cpu/ - max CPU time (MIN)
-<item><tt/nproc/ - max number of processes
-<item><tt/as/ - address space limit
-<item><tt/maxlogins/ - max number of logins for this user
-<item><tt/maxsyslogins/ - max number of logins on system
-<item><tt/priority/ - the priority to run user process with (negative
-values boost process priority)
-<item><tt/locks/ - max locked files (Linux 2.4 and higher)
-</itemize>
-
-<p>
-Note, if you specify a type of ``-'' but neglect to supply the
-<tt/item/ and <tt/value/ fields then the module will never enforce any
-limits on the corresponding user/group-members etc. . Note, the first
-entry of the form which applies to the authenticating user will
-override all other entries in the limits configuration file. In such
-cases, the <tt/pam_limits/ module will always return <tt/PAM_SUCCESS/.
-
-<p>
-In general, individual limits have priority over group limits, so if
-you impose no limits for <tt/admin/ group, but one of the members in
-this group have a limits line, the user will have its limits set
-according to this line.
-
-<p>
-Also, please note that all limit settings are set <em/per login/.
-They are not global, nor are they permanent; existing only for the
-duration of the session.
-
-<p>
-In the <em/limits/ configuration file, the ``<tt/#/'' character
-introduces a comment - after which the rest of the line is ignored.
-
-<p>
-The <tt/pam_limits/ module does its best to report configuration
-problems found in its configuration file via <tt/syslog(3)/.
-
-<p>
-The following is an example configuration file:
-<tscreen>
-<verb>
-# EXAMPLE /etc/security/limits.conf file:
-# =======================================
-# <domain> <type> <item> <value>
-* soft core 0
-* hard rss 10000
-@student hard nproc 20
-@faculty soft nproc 20
-@faculty hard nproc 50
-ftp hard nproc 0
-@student - maxlogins 4
-</verb>
-</tscreen>
-Note, the use of <tt/soft/ and <tt/hard/ limits for the same resource
-(see <tt/@faculty/) -- this establishes the <em/default/ and permitted
-<em/extreme/ level of resources that the user can obtain in a given
-service-session.
-
-<p>
-Note, that wild-cards <tt/*/ and <tt/%/ have the following meaning when
-used for maxlogins limit
-<itemize>
-<item> <tt/*/ every user
-<item> <tt/%/ all users, or entire group when <tt>%group</tt> is specified
-</itemize>
-See the following examples:
-<tscreen>
-<verb>
-# EXAMPLE /etc/security/limits.conf file:
-# <domain> <type> <item> <value>
-* - maxlogins 2
-@faculty - maxlogins 4
-% - maxlogins 30
-%student - maxlogins 10
-</verb>
-</tscreen>
-Explanation: every user can login 2 times, members of the <tt/faculty/
-group can login 4 times, there can be only 30 logins, only 10 from
-<tt/students/ group.
-
-<p>
-For the services that need resources limits (login for example) put
-the following line in <tt>/etc/pam.conf</tt> as the last line for that
-service (usually after the pam_unix session line:
-<tscreen>
-<verb>
-#
-# Resource limits imposed on login sessions via pam_limits
-#
-login session required pam_limits.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_listfile.sgml b/Linux-PAM/doc/modules/pam_listfile.sgml
deleted file mode 100644
index 1284d1b6..00000000
--- a/Linux-PAM/doc/modules/pam_listfile.sgml
+++ /dev/null
@@ -1,138 +0,0 @@
-<!--
- $Id: pam_listfile.sgml,v 1.2 2001/03/19 01:46:41 agmorgan Exp $
-
- This file was written by Michael K. Johnson <johnsonm@redhat.com>
--->
-
-<sect1>The list-file module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_listfile/
-
-<tag><bf>Author:</bf></tag>
-Elliot Lee <tt>&lt;sopwith@cuc.edu&gt;</tt>
-
-<tag><bf>Maintainer:</bf></tag>
-Red Hat Software:<newline>
-Michael K. Johnson &lt;johnsonm@redhat.com&gt; 1996/11/18<newline>
-(if unavailable, contact Elliot Lee &lt;sopwith@cuc.edu&gt;).
-
-<tag><bf>Management groups provided:</bf></tag>
-authentication
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-clean
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-The list-file module provides a way to deny or allow services based on
-an arbitrary file.
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tt>onerr=succeed|fail</tt>;
-<tt>sense=allow|deny</tt>;
-<tt>file=</tt><it>filename</it>;
-<tt>item=user|tty|rhost|ruser|group|shell</tt>
-<tt>apply=user|@group</tt>
-
-<tag><bf>Description:</bf></tag>
-
-The module gets the item of the type specified -- <tt>user</tt> specifies
-the username, <tt>PAM_USER</tt>; tty specifies the name of the terminal
-over which the request has been made, <tt>PAM_TTY</tt>; rhost specifies
-the name of the remote host (if any) from which the request was made,
-<tt>PAM_RHOST</tt>; and ruser specifies the name of the remote user
-(if available) who made the request, <tt>PAM_RUSER</tt> -- and looks for
-an instance of that item in the file <it>filename</it>. <it>filename</it>
-contains one line per item listed. If the item is found, then if
-<tt>sense=allow</tt>, <tt>PAM_SUCCESS</tt> is returned, causing the
-authorization request to succeed; else if <tt>sense=deny</tt>,
-<tt>PAM_AUTH_ERR</tt> is returned, causing the authorization
-request to fail.
-
-<p>
-If an error is encountered (for instance, if <it>filename</it>
-does not exist, or a poorly-constructed argument is encountered),
-then if <tt>onerr=succeed</tt>, <tt>PAM_SUCCESS</tt> is returned,
-otherwise if <tt>onerr=fail</tt>, <tt>PAM_AUTH_ERR</tt> or
-<tt>PAM_SERVICE_ERR</tt> (as appropriate) will be returned.
-
-<p>
-An additional argument, <tt>apply=</tt>, can be used to restrict the
-application of the above to a specific user
-(<tt>apply=</tt><em>username</em>) or a given group
-(<tt>apply=@</tt><em>groupname</em>). This added restriction is only
-meaningful when used with the <tt/tty/, <tt/rhost/ and <tt/shell/
-<em/items/.
-
-<p>
-Besides this last one, all arguments should be specified; do not count
-on any default behavior, as it is subject to change.
-
-<p>
-No credentials are awarded by this module.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-Classic ``ftpusers'' authentication can be implemented with this entry
-in <tt>/etc/pam.conf</tt>:
-<tscreen>
-<verb>
-#
-# deny ftp-access to users listed in the /etc/ftpusers file
-#
-ftp auth required pam_listfile.so \
- onerr=succeed item=user sense=deny file=/etc/ftpusers
-</verb>
-</tscreen>
-Note, users listed in <tt>/etc/ftpusers</tt> file are
-(counterintuitively) <bf/not/ allowed access to the ftp service.
-
-<p>
-To allow login access only for certain users, you can use a
-<tt/pam.conf/ entry like this:
-<tscreen>
-<verb>
-#
-# permit login to users listed in /etc/loginusers
-#
-login auth required pam_listfile.so \
- onerr=fail item=user sense=allow file=/etc/loginusers
-</verb>
-</tscreen>
-
-<p>
-For this example to work, all users who are allowed to use the login
-service should be listed in the file <tt>/etc/loginusers</tt>. Unless
-you are explicitly trying to lock out root, make sure that when you do
-this, you leave a way for root to log in, either by listing root in
-<tt>/etc/loginusers</tt>, or by listing a user who is able to <em/su/
-to the root account.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_mail.sgml b/Linux-PAM/doc/modules/pam_mail.sgml
deleted file mode 100644
index c157659a..00000000
--- a/Linux-PAM/doc/modules/pam_mail.sgml
+++ /dev/null
@@ -1,142 +0,0 @@
-<!--
- $Id: pam_mail.sgml,v 1.4 2001/12/08 18:56:47 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>The mail module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_mail/
-
-<tag><bf>Author:</bf></tag>
-Andrew G. Morgan &lt;morgan@kernel.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author
-
-<tag><bf>Management groups provided:</bf></tag>
-Authentication (credential)
-Session (open)
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-Default mail directory <tt>/var/spool/mail/</tt>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module looks at the user's mail directory and indicates
-whether the user has any mail in it.
-
-<sect2>Session component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/; <tt/dir=/<em/directory-name/; <tt/nopen/; <tt/close/;
-<tt/noenv/; <tt/empty/; <tt/hash=/<em/hashcount/; <tt/standard/;
-<tt/quiet/;
-
-<tag><bf>Description:</bf></tag>
-
-This module provides the ``you have new mail'' service to the user. It
-can be plugged into any application that has credential hooks. It gives a
-single message indicating the <em/newness/ of any mail it finds in the
-user's mail folder. This module also sets the <bf/Linux-PAM/
-environment variable, <tt/MAIL/, to the user's mail directory.
-
-<p>
-The behavior of this module can be modified with one of the following
-flags:
-
-<p>
-<itemize>
-<item><tt/debug/
-- write more information to <tt/syslog(3)/.
-
-<item><tt/dir=/<em/pathname/
-- look for the users' mail in an alternative directory given by
-<em/pathname/. The default location for mail is
-<tt>/var/spool/mail</tt>. Note, if the supplied <em/pathname/ is
-prefixed by a `<tt/&tilde;/', the directory is interpreted as
-indicating a file in the user's home directory.
-
-<item><tt/nopen/
-- instruct the module to <em/not/ print any mail information when the
-user's credentials are acquired. This flag is useful to get the <tt/MAIL/
-environment variable set, but to not display any information about it.
-
-<item><tt/close/
-- instruct the module to indicate if the user has any mail at the as
-the user's credentials are revoked.
-
-<item><tt/noenv/
-- do not set the <tt/MAIL/ environment variable.
-
-<item><tt/empty/
-- indicate that the user's mail directory is empty if this is found to
-be the case.
-
-<item><tt/hash=/<em/hashcount/
-- mail directory hash depth. For example, a <em/hashcount/ of 2 would
-make the mailfile be <tt>/var/spool/mail/u/s/user</tt>.
-
-<item><tt/standard/
-- old style "You have..." format which doesn't show the mail spool being used.
- this also implies "empty"
-
-<item><tt/quiet/
-- only report when there is new mail.
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-This module can be used to indicate that the user has new mail when
-they <em/login/ to the system. Here is a sample entry for your
-<tt>/etc/pam.conf</tt> file:
-<tscreen>
-<verb>
-#
-# do we have any mail?
-#
-login session optional pam_mail.so
-</verb>
-</tscreen>
-
-<p>
-Note, if the mail spool file (be it <tt>/var/spool/mail/$USER</tt> or
-a pathname given with the <tt>dir=</tt> parameter) is a directory then
-<tt>pam_mail</tt> assumes it is in the <it>Qmail Maildir</it> format.
-
-<p>
-Note, some applications may perform this function themselves. In such
-cases, this module is not necessary.
-
-</descrip>
-
-<sect2>Authentication component
-
-<p>
-Then authentication companent works the same as the session component,
-except that everything is done during the <tt>pam_setcred()</tt> phase.
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_mkhomedir.sgml b/Linux-PAM/doc/modules/pam_mkhomedir.sgml
deleted file mode 100644
index 8428565d..00000000
--- a/Linux-PAM/doc/modules/pam_mkhomedir.sgml
+++ /dev/null
@@ -1,83 +0,0 @@
-<!--
-
-Ben Collins <bcollins@debian.org>
-
--->
-
-<sect1>Create home directories on initial login
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_mkhomedir/
-
-<tag><bf>Author:</bf></tag>
-Jason Gunthorpe &lt;jgg@ualberta.ca&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Ben Collins &lt;bcollins@debian.org&gt;
-
-<tag><bf>Management groups provided:</bf></tag>
-Session
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-Creates home directories on the fly for authenticated users.
-
-<sect2>Session component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/skel=skeleton-dir/; <tt/umask=octal-umask/;
-
-<tag><bf>Description:</bf></tag>
-This module is useful for distributed systems where the user account is
-managed in a central database (such as NIS, NIS+, or LDAP) and accessed
-through miltiple systems. It frees the administrator from having to create
-a default home directory on each of the systems by creating it upon the
-first succesfully authenticated login of that user. The skeleton directory
-(usually /etc/skel/) is used to copy default files and also set's a umask
-for the creation.
-
-<p>
-The behavior of this module can be modified with one of the following
-flags:
-
-<p>
-<itemize>
-
-<item><tt/skel/
-- The skeleton directory for default files to copy to the new home directory.
-
-<item><tt/umask/
-- An octal for of the same format as you would pass to the shells umask command.
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_motd.sgml b/Linux-PAM/doc/modules/pam_motd.sgml
deleted file mode 100644
index 8ddc6392..00000000
--- a/Linux-PAM/doc/modules/pam_motd.sgml
+++ /dev/null
@@ -1,77 +0,0 @@
-<!--
-
-Ben Collins <bcollins@debian.org>
-
--->
-
-<sect1>Output the motd file
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_motd/
-
-<tag><bf>Author:</bf></tag>
-Ben Collins &lt;bcollins@debian.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author
-
-<tag><bf>Management groups provided:</bf></tag>
-Session (open)
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module outputs the motd file (<em>/etc/motd</em> by default) upon
-successful login.
-
-<sect2>Session component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/; <tt/motd=motd-file-name/;
-
-<tag><bf>Description:</bf></tag>
-This module allows you to have arbitrary motd's (message of the day)
-output after a succesful login. By default this file is <em>/etc/motd</em>,
-but is configurable to any file.
-
-<p>
-The behavior of this module can be modified with one of the following
-flags:
-
-<p>
-<itemize>
-
-<item><tt/motd/
-- the file to output if not using the default.
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-login session pam_motd.so motd=/etc/motd
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_nologin.sgml b/Linux-PAM/doc/modules/pam_nologin.sgml
deleted file mode 100644
index 241c24f0..00000000
--- a/Linux-PAM/doc/modules/pam_nologin.sgml
+++ /dev/null
@@ -1,81 +0,0 @@
-<!--
- $Id: pam_nologin.sgml,v 1.3 2002/06/27 05:43:28 agmorgan Exp $
-
- This file was written by Michael K. Johnson <johnsonm@redhat.com>
--->
-
-<sect1>The no-login module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_nologin/
-
-<tag><bf>Author:</bf></tag>
-Written by Michael K. Johnson &lt;johnsonm@redhat.com&gt;<newline>
-
-<tag><bf>Maintainer:</bf></tag>
-
-<tag><bf>Management groups provided:</bf></tag>
-account; authentication
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-Provides standard Unix <em/nologin/ authentication.
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-successok, file=&lt;<em/filename/&gt;
-
-<tag><bf>Description:</bf></tag>
-
-Provides standard Unix <em/nologin/ authentication. If the file
-<tt>/etc/nologin</tt> exists, only root is allowed to log in; other
-users are turned away with an error message (and the module returns
-<tt/PAM_AUTH_ERR/ or <tt/PAM_USER_UNKNOWN/). All users (root or
-otherwise) are shown the contents of <tt>/etc/nologin</tt>.
-
-<p>
-If the file <tt>/etc/nologin</tt> does not exist, this module defaults
-to returning <tt/PAM_IGNORE/, but the <tt/successok/ module argument
-causes it to return <tt/PAM_SUCCESS/ in this case.
-
-<p>
-The administrator can override the default nologin file with the
-<tt/file=/<em/pathname/ module argument.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-In order to make this module effective, all login methods should be
-secured by it. It should be used as a <tt>required</tt> method listed
-before any <tt>sufficient</tt> methods in order to get standard Unix
-nologin semantics. Note, the use of <tt/successok/ module argument
-causes the module to return <tt/PAM_SUCCESS/ and as such would break
-such a configuration - failing <tt/sufficient/ modules would lead to a
-successful login because the nologin module <em/succeeded/.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_permit.sgml b/Linux-PAM/doc/modules/pam_permit.sgml
deleted file mode 100644
index 1d6bbce4..00000000
--- a/Linux-PAM/doc/modules/pam_permit.sgml
+++ /dev/null
@@ -1,83 +0,0 @@
-<!--
- $Id: pam_permit.sgml,v 1.2 2001/12/08 18:56:47 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>The promiscuous module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-pam_permit
-
-<tag><bf>Author:</bf></tag>
-Andrew G. Morgan, &lt;morgan@kernel.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Linux-PAM maintainer.
-
-<tag><bf>Management groups provided:</bf></tag>
-account; authentication; password; session
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-VERY LOW. Use with extreme caution.
-
-<tag><bf>Clean code base:</bf></tag>
-Clean.
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module is very dangerous. It should be used with extreme
-caution. Its action is always to permit access. It does nothing else.
-
-<sect2>Account+Authentication+Password+Session components
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-No matter what management group, the action of this module is to
-simply return <tt/PAM_SUCCESS/ -- operation successful.
-
-<p>
-In the case of authentication, the user's name will be acquired. Many
-applications become confused if this name is unknown.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-It is seldom a good idea to use this module. However, it does have
-some legitimate uses. For example, if the system-administrator wishes
-to turn off the account management on a workstation, and at the same
-time continue to allow logins, then she might use the following
-configuration file entry for login:
-<tscreen>
-<verb>
-#
-# add this line to your other login entries to disable account
-# management, but continue to permit users to log in...
-#
-login account required pam_permit.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_pwdb.sgml b/Linux-PAM/doc/modules/pam_pwdb.sgml
deleted file mode 100644
index 7b237d2e..00000000
--- a/Linux-PAM/doc/modules/pam_pwdb.sgml
+++ /dev/null
@@ -1,257 +0,0 @@
-<!--
- $Id: pam_pwdb.sgml,v 1.4 2002/07/11 05:43:50 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>The Password-Database module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-pam_pwdb
-
-<tag><bf>Author:</bf></tag>
-Cristian Gafton &lt;gafton@redhat.com&gt; <newline>
-and Andrew G. Morgan &lt;morgan@kernel.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Red Hat.
-
-<tag><bf>Management groups provided:</bf></tag>
-account; authentication; password; session
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-Requires properly configured <tt/libpwdb/
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module is a pluggable replacement for the <tt/pam_unix_../
-modules. It uses the generic interface of the <em/Password Database/
-library <tt>libpwdb</tt>.
-
-<sect2>Account component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/
-
-<tag><bf>Description:</bf></tag>
-
-The <tt/debug/ argument makes the accounting functions of this module
-<tt/syslog(3)/ more information on its actions. (Remaining arguments
-supported by the other functions of this module are silently ignored,
-but others are logged as errors through <tt/syslog(3)/).
-
-Based on the following <tt/pwdb_element/s:
-<tt/expire/;
-<tt/last_change/;
-<tt/max_change/;
-<tt/defer_change/;
-<tt/warn_change/,
-this module performs the task of establishing the status of the user's
-account and password. In the case of the latter, it may offer advice
-to the user on changing their password or, through the
-<tt/PAM_AUTHTOKEN_REQD/ return, delay giving service to the user until
-they have established a new password. The entries listed above are
-documented in the <em/Password Database Library Guide/ (see pointer
-above). Should the user's record not contain one or more of these
-entries, the corresponding <em/shadow/ check is not performed.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-In its accounting mode, this module can be inserted as follows:
-<tscreen>
-<verb>
-#
-# Ensure users account and password are still active
-#
-login account required pam_pwdb.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/;
-<tt/use_first_pass/;
-<tt/try_first_pass/;
-<tt/nullok/;
-<tt/nodelay/;
-<tt/likeauth/;
-<tt/noreap/
-
-<tag><bf>Description:</bf></tag>
-
-The <tt/debug/ argument makes the authentication functions of this
-module <tt/syslog(3)/ more information on its actions.
-
-<p>
-The default action of this module is to not permit the user access to
-a service if their <em/official/ password is blank. The <tt/nullok/
-argument overrides this default.
-
-<p>
-When given the argument <tt/try_first_pass/, before prompting the user
-for their password, the module first tries the previous stacked
-<tt/auth/-module's password in case that satisfies this module as
-well. The argument <tt/use_first_pass/ forces the module to use such a
-recalled password and will never prompt the user - if no password is
-available or the password is not appropriate, the user will be denied
-access.
-
-<p>
-The argument, <tt>nodelay</tt>, can be used to discourage the
-authentication component from requesting a delay should the
-authentication as a whole fail. The default action is for the module
-to request a delay-on-failure of the order of one second.
-
-<p>
-Remaining arguments, supported by the other functions of this module,
-are silently ignored. Other arguments are logged as errors through
-<tt/syslog(3)/.
-
-<p>
-A helper binary, <tt>pwdb_chkpwd</tt>, is provided to check the user's
-password when it is stored in a read protected database. This binary
-is very simple and will only check the password of the user invoking
-it. It is called transparently on behalf of the user by the
-authenticating component of this module. In this way it is possible
-for applications like <em>xlock</em> to work without being
-setuid-root. The module, by default, will temporarily turn off
-<tt/SIGCHLD/ handling for the duration of execution of the helper
-binary. This is generally the right thing to do, as many applications
-are not prepared to handle this signal from a child they didn't know
-was <tt/fork()/d. The <tt/noreap/ module argument can be used to
-suppress this temporary shielding and may be needed for use with
-certain applications.
-
-<p>
-The <tt>likeauth</tt> argument makes the module return the same value
-when called as a credential setting module and an authentication
-module. This will help libpam take a sane path through the auth
-component of your configuration file.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-The correct functionality of this module is dictated by having an
-appropriate <tt>/etc/pwdb.conf</tt> file, the user
-databases specified there dictate the source of the authenticated
-user's record.
-
-</descrip>
-
-<sect2>Password component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/; <tt/nullok/; <tt/not_set_pass/; <tt/use_authtok/;
-<tt/try_first_pass/; <tt/use_first_pass/; <tt/md5/; <tt/bigcrypt/;
-<tt/shadow/; <tt/radius/; <tt/unix/
-
-<tag><bf>Description:</bf></tag>
-
-This part of the <tt/pam_pwdb/ module performs the task of updating
-the user's password. Thanks to the flexibility of <tt/libpwdb/ this
-module is able to move the user's password from one database to
-another, perhaps securing the user's database entry in a dynamic
-manner (<em/this is very ALPHA code at the moment!/) - this is the
-purpose of the <tt/shadow/, <tt/radius/ and <tt/unix/ arguments.
-
-<p>
-In the case of conventional unix databases (which store the password
-encrypted) the <tt/md5/ argument is used to do the encryption with the
-MD5 function as opposed to the <em/conventional/ <tt/crypt(3)/ call.
-As an alternative to this, the <tt/bigcrypt/ argument can be used to
-encrypt more than the first 8 characters of a password with DEC's
-(Digital Equipment Cooperation) `C2' extension to the standard UNIX
-<tt/crypt()/ algorithm.
-
-<p>
-The <tt/nullok/ module is used to permit the changing of a password
-<em/from/ an empty one. Without this argument, empty passwords are
-treated as account-locking ones.
-
-<p>
-The argument <tt/use_first_pass/ is used to lock the choice of old and
-new passwords to that dictated by the previously stacked <tt/password/
-module. The <tt/try_first_pass/ argument is used to avoid the user
-having to re-enter an old password when <tt/pam_pwdb/ follows a module
-that possibly shared the user's old password - if this old password is
-not correct the user will be prompted for the correct one. The
-argument <tt/use_authtok/ is used to <em/force/ this module to set the
-new password to the one provided by the previously stacked
-<tt/password/ module (this is used in an example of the stacking of
-the <em/Cracklib/ module documented above).
-
-<p>
-The <tt/not_set_pass/ argument is used to inform the module that it is
-not to pay attention to/make available the old or new passwords from/to
-other (stacked) password modules.
-
-<p>
-The <tt/debug/ argument makes the password functions of this module
-<tt/syslog(3)/ more information on its actions. Other arguments may be
-logged as erroneous to <tt/syslog(3)/.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-An example of the stacking of this module with respect to the
-pluggable password checking module, <tt/pam_cracklib/, is given in
-that modules section above.
-</descrip>
-
-<sect2>Session component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-No arguments are recognized by this module component. Its action is
-simply to log the username and the service-type to
-<tt/syslog(3)/. Messages are logged at the beginning and end of the
-user's session.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-The use of the session modules is straightforward:
-<tscreen>
-<verb>
-#
-# pwdb - unix like session opening and closing
-#
-login session required pam_pwdb.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_radius.sgml b/Linux-PAM/doc/modules/pam_radius.sgml
deleted file mode 100644
index 8ebfa0a8..00000000
--- a/Linux-PAM/doc/modules/pam_radius.sgml
+++ /dev/null
@@ -1,117 +0,0 @@
-<!--
- $Id: pam_radius.sgml,v 1.2 2001/03/19 01:46:41 agmorgan Exp $
-
- This file was written by Cristian Gafton <gafton@redhat.com>
--->
-
-<sect1>The RADIUS session module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_radius/
-
-<tag><bf>Author:</bf></tag>
-Cristian Gafton &lt;gafton@redhat.com&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author.
-
-<tag><bf>Management groups provided:</bf></tag>
-session
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-This module does not deal with passwords
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-gcc reports 1 warning when compiling <tt>/usr/include/rpc/clnt.h</tt>.
-Hey, is not my fault !
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-yes; this is a network module (independent of application).
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module is intended to provide the session service for users
-authenticated with a RADIUS server. At the present stage, the only
-option supported is the use of the RADIUS server as an accounting
-server.
-
-<sect2>Session component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tt/debug/ - verbose logging to <tt/syslog(3)/.
-
-<tag><bf>Description:</bf></tag>
-
-This module is intended to provide the session service for users
-authenticated with a RADIUS server. At the present stage, the only
-option supported is the use of the RADIUS server as an <em/accounting/
-server.
-
-<p>
-(There are few things which needs to be cleared out first in
-the PAM project until one will be able to use this module and expect
-it to magically start pppd in response to a RADIUS server command to
-use PPP for this user, or to initiate a telnet connection to another
-host, or to hang and call back the user using parameters provided in
-the RADIUS server response. Most of these things are better suited for
-the radius login application. I hope to make available Real Soon (tm)
-patches for the login apps to make it work this way.)
-
-<p>
-When opening a session, this module sends an ``Accounting-Start''
-message to the RADIUS server, which will log/update/whatever a
-database for this user. On close, an ``Accounting-Stop'' message is
-sent to the RADIUS server.
-
-<p>
-This module has no other prerequisites for making it work. One can
-install a RADIUS server just for fun and use it as a centralized
-accounting server and forget about wtmp/last/sac etc. .
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-For the services that need this module (<em/login/ for example) put
-the following line in <tt>/etc/pam.conf</tt> as the last line for that
-service (usually after the pam_unix session line):
-<tscreen>
-<verb>
-login session required pam_radius.so
-</verb>
-</tscreen>
-Replace <tt/login/ for each service you are using this module.
-
-<p>
-This module make extensive use of the API provided in libpwdb
-0.54preB or later. By default, it will read the radius server
-configuration (hostname and secret) from <tt>/etc/raddb/server</tt>.
-This is a default compiled into libpwdb, and curently there is no way to
-modify this default without recompiling libpwdb. I am working on
-extending the radius support from libpwdb to provide a possibility
-to make this runtime-configurable.
-
-Also please note that libpwdb will require also the RADIUS
-dictionary to be present (<tt>/etc/raddb/dictionary</tt>).
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
-
diff --git a/Linux-PAM/doc/modules/pam_rhosts.sgml b/Linux-PAM/doc/modules/pam_rhosts.sgml
deleted file mode 100644
index ded5697b..00000000
--- a/Linux-PAM/doc/modules/pam_rhosts.sgml
+++ /dev/null
@@ -1,164 +0,0 @@
-<!--
- $Id: pam_rhosts.sgml,v 1.2 2001/12/08 18:56:47 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>The rhosts module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_rhosts_auth/
-
-<tag><bf>Author:</bf></tag>
-Al Longyear &lt;longyear@netcom.com&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-
-<tag><bf>Management groups provided:</bf></tag>
-authentication
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-Clean.
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-Standard <tt/inet_addr()/, <tt/gethostbyname()/ function calls.
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module performs the standard network authentication for services,
-as used by traditional implementations of <em/rlogin/ and <em/rsh/
-etc.
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/no_hosts_equiv/; <tt/no_rhosts/; <tt/debug/; <tt/no_warn/;
-<tt/privategroup/; <tt/promiscuous/; <tt/suppress/
-
-<tag><bf>Description:</bf></tag>
-
-The authentication mechanism of this module is based on the contents
-of two files; <tt>/etc/hosts.equiv</tt> (or <tt/_PATH_HEQUIV/ in
-<tt>#include &lt;netdb.h&gt;</tt>) and <tt>~/.rhosts</tt>. Firstly,
-hosts listed in the former file are treated as equivalent to the
-localhost. Secondly, entries in the user's own copy of the latter file
-is used to map "<tt/remote-host remote-user/" pairs to that user's
-account on the current host. Access is granted to the user if their
-host is present in <tt>/etc/hosts.equiv</tt> and their remote account
-is identical to their local one, or if their remote account has an
-entry in their personal configuration file.
-
-<p>
-Some restrictions are applied to the attributes of the user's personal
-configuration file: it must be a regular file (as defined by
-<tt/S_ISREG(x)/ of POSIX.1); it must be owned by the <em/superuser/ or
-the user; it must not be writable by any user besides its owner.
-
-<p>
-The module authenticates a remote user (internally specified by the
-item <tt/PAM_RUSER/) connecting from the remote host (internally
-specified by the item <tt/PAM_RHOST/). Accordingly, for applications
-to be compatible this authentication module they must set these items
-prior to calling <tt/pam_authenticate()/. The module is not capable
-of independently probing the network connection for such information.
-
-<p>
-In the case of <tt/root/-access, the <tt>/etc/host.equiv</tt> file is
-<em/ignored/ unless the <tt>hosts_equiv_rootok</tt> option
-should be used. Instead, the superuser must have a correctly configured
-personal configuration file.
-
-<p>
-The behavior of the module is modified by flags:
-<itemize>
-<item>
-<tt/debug/ -
-log more information to <tt/syslog(3)/. (XXX - actually, this module
-does not do any logging currently, please volunteer to fix this!)
-
-<item>
-<tt/no_warn/ -
-do not give verbal warnings to the user about failures etc. (XXX -
-this module currently does not issue any warnings, please volunteer to
-fix this!)
-
-<item>
-<tt/no_hosts_equiv/ -
-ignore the contents of the <tt>/etc/hosts.equiv</tt> file.
-
-<item>
-<tt/hosts_equiv_rootok/ -
-allow the use of <tt>/etc/hosts.equiv</tt> for superuser. Without this
-option <tt>/etc/hosts.equiv</tt> is not consulted for the superuser account.
-This option has no effect if the <tt>no_hosts_equiv</tt> option is used.
-
-<item>
-<tt/no_rhosts/ -
-ignore the contents of all user's personal configuration file
-<tt>~/.rhosts</tt>.
-
-<item>
-<tt/privategroup/ -
-normally, the <tt>~/.rhosts</tt> file must not be writable by anyone
-other than its owner. This option overlooks group write access in the
-case that the group owner of this file has the same name as the
-user being authenticated. To lessen the security problems associated
-with this option, the module also checks that the user is the only
-member of their private group.
-
-<item>
-<tt/promiscuous/ -
-A host entry of `+' will lead to all hosts being granted
-access. Without this option, '+' entries will be ignored. Note, that
-the <tt/debug/ option will syslog a warning in this latter case.
-
-<item>
-<tt/suppress/ -
-This will prevent the module from <tt/syslog(3)/ing a warning message
-when this authentication fails. This option is mostly for keeping
-logs free of meaningless errors, in particular when the module is used
-with the <tt/sufficient/ control flag.
-
-</itemize>
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-To allow users to login from trusted remote machines, you should try
-adding the following line to your <tt>/etc/pam.conf</tt> file
-<em/before/ the line that would otherwise prompt the user for a
-password:
-<tscreen>
-<verb>
-#
-# No passwords required for users from hosts listed above.
-#
-login auth sufficient pam_rhosts_auth.so no_rhosts
-</verb>
-</tscreen>
-Note, in this example, the system administrator has turned off all
-<em/personal/ <em/rhosts/ configuration files. Also note, that this module
-can be used to <em/only/ allow remote login from hosts specified in
-the <tt>/etc/host.equiv</tt> file, by replacing <tt/sufficient/ in the
-above example with <tt/required/.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_rootok.sgml b/Linux-PAM/doc/modules/pam_rootok.sgml
deleted file mode 100644
index b5ae6921..00000000
--- a/Linux-PAM/doc/modules/pam_rootok.sgml
+++ /dev/null
@@ -1,85 +0,0 @@
-<!--
- $Id: pam_rootok.sgml,v 1.2 2001/12/08 18:56:47 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>The root access module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-pam_rootok
-
-<tag><bf>Author:</bf></tag>
-Andrew G. Morgan &lt;morgan@kernel.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-<bf>Linux-PAM</bf> maintainer
-
-<tag><bf>Management groups provided:</bf></tag>
-authentication
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-Clean.
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module is for use in situations where the superuser wishes
-to gain access to a service without having to enter a password.
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/
-
-<tag><bf>Description:</bf></tag>
-
-This module authenticates the user if their <tt/uid/ is <tt/0/.
-Applications that are created <em/setuid/-root generally retain the
-<tt/uid/ of the user but run with the authority of an enhanced
-<em/effective-/<tt/uid/. It is the real <tt/uid/ that is checked.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-In the case of the <tt/su/ application the historical usage is to
-permit the superuser to adopt the identity of a lesser user without
-the use of a password. To obtain this behavior under <tt/Linux-PAM/
-the following pair of lines are needed for the corresponding entry in
-the configuration file:
-<tscreen>
-<verb>
-#
-# su authentication. Root is granted access by default.
-#
-su auth sufficient pam_rootok.so
-su auth required pam_unix_auth.so
-</verb>
-</tscreen>
-
-<p>
-Note. For programs that are run by the superuser (or started when the
-system boots) this module should not be used to authenticate users.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_securetty.sgml b/Linux-PAM/doc/modules/pam_securetty.sgml
deleted file mode 100644
index fc89af23..00000000
--- a/Linux-PAM/doc/modules/pam_securetty.sgml
+++ /dev/null
@@ -1,72 +0,0 @@
-<!--
- $Id: pam_securetty.sgml,v 1.1.1.1 2000/06/20 22:11:04 agmorgan Exp $
-
- This file was written by Michael K. Johnson <johnsonm@redhat.com>
--->
-
-<sect1>The securetty module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_securetty/
-
-<tag><bf>Author[s]:</bf></tag>
-Elliot Lee &lt;sopwith@cuc.edu&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Red Hat Software:<newline>
-<em/currently/ Michael K. Johnson &lt;johnsonm@redhat.com&gt;<newline>
-(if unavailable, contact Elliot Lee &lt;sopwith@cuc.edu&gt;).
-
-<tag><bf>Management groups provided:</bf></tag>
-authentication
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-<tt>/etc/securetty</tt> file
-
-<tag><bf>Network aware:</bf></tag>
-
-Requires the application to fill in the <tt>PAM_TTY</tt> item
-correctly in order to act meaningfully.
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-Provides standard Unix securetty checking.
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-Provides standard Unix securetty checking, which causes authentication
-for root to fail unless <tt>PAM_TTY</tt> is set to a string listed in
-the <tt>/etc/securetty</tt> file. For all other users, it succeeds.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-For canonical usage, should be listed as a <tt>required</tt>
-authentication method before any <tt>sufficient</tt> authentication
-methods.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_tally.sgml b/Linux-PAM/doc/modules/pam_tally.sgml
deleted file mode 100644
index ee6fad46..00000000
--- a/Linux-PAM/doc/modules/pam_tally.sgml
+++ /dev/null
@@ -1,203 +0,0 @@
-<!--
-
- $Id: pam_tally.sgml,v 1.3 2005/01/16 22:12:25 toady Exp $
-
- This template file was written by Andrew G. Morgan <morgan@kernel.org>
- adapted from text provided by Tim Baverstock.
--->
-
-<sect1>The login counter (tallying) module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-pam_tally
-
-<tag><bf>Author[s]:</bf></tag>
-Tim Baverstock
-Tomas Mraz
-
-<tag><bf>Maintainer:</bf></tag>
-
-<tag><bf>Management groups provided:</bf></tag>
-auth; account
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-A faillog file (default location /var/log/faillog)
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module maintains a count of attempted accesses, can reset count
-on success, can deny access if too many attempts fail.
-
-<p>
-pam_tally comes in two parts: <tt>pam_tally.so</tt> and
-<tt>pam_tally</tt>. The former is the PAM module and the latter, a
-stand-alone program. <tt>pam_tally</tt> is an (optional) application
-which can be used to interrogate and manipulate the counter file. It
-can display users' counts, set individual counts, or clear all
-counts. Setting artificially high counts may be useful for blocking
-users without changing their passwords. For example, one might find it
-useful to clear all counts every midnight from a cron job.
-
-<p>
-The counts file is organized as a binary-word array, indexed by
-uid. You can probably make sense of it with <tt>od</tt>, if you don't
-want to use the supplied appliction.
-
-<p>
-Note, there are some outstanding issues with this module:
-<tt>pam_tally</tt> is very dependant on <tt>getpw*()</tt> - a database
-of usernames would be much more flexible
-
-<sect3>Generic options accepted by both components
-<p>
-<itemize>
-<item> <tt>onerr=</tt>(<tt>succeed</tt>|<tt>fail</tt>):
- if something weird happens, such as unable to open the file, how
- should the module react?
-<item> <tt>file=</tt><em>/where/to/keep/counts</em>:
- specify the file location for the counts.
- The default location is <tt>/var/log/faillog</tt>.
-<item> <tt>audit</tt>:
- display the username typed if the user is not found. It may be
- useful for scripts, but you should know users often type their
- password instead making your system weaker. Activate it only if you
- know what you are doing.
-</itemize>
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt>onerr=</tt>(<tt>succeed</tt>|<tt>fail</tt>);
-<tt>file=</tt>/where/to/keep/counts;
-<tt>deny=</tt><em>n</em>;
-<tt>lock_time=</tt><em>n</em>;
-<tt>unlock_time=</tt><em>n</em>;
-<tt>magic_root</tt>;
-<tt>even_deny_root_account</tt>;
-<tt>per_user</tt>;
-<tt>no_lock_time</tt>
-<tt>no_reset</tt>;
-
-<tag><bf>Description:</bf></tag>
-
-<p>
-The authentication component first checks if the user should be denied
-access and if not it increments attempted login counter.
-Then on call to <tt>pam_setcred</tt> it resets the attempts counter
-if the user is NOT magic root.
-
-<p>
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-<p>
-The <tt>deny=</tt><em>n</em> option is used to deny access if tally
-for this user exceeds <em>n</em>.
-
-<p>
-The <tt>lock_time=</tt><em>n</em> option is used to always deny access
-for at least <em>n</em> seconds after a failed attempt.
-
-<p>
-The <tt>unlock_time=</tt><em>n</em> option is used to allow access after
-<em>n</em> seconds after the last failed attempt with exceeded tally.
-If this option is used the user will be locked out only for the specified
-amount of time after he exceeded his maximum allowed attempts. Otherwise
-the lock is removed only by a manual intervention of the system administrator.
-
-<p>
-The <tt>magic_root</tt> option is used to indicate that if
-the module is invoked by a user with uid=0, then the counter is not
-incremented. The sys-admin should use this for user launched services,
-like <tt>su</tt>, otherwise this argument should be omitted.
-
-<p>
-By way of more explanation, when a process already running as root
-tries to access some service, the access is <em>magic</em>, and
-bypasses <tt>pam_tally</tt>'s checks: this is handy for <tt>su</tt>ing
-from root into an account otherwise blocked. However, for services
-like <tt>telnet</tt> or <tt>login</tt>, which always effectively run
-from the root account, root (ie everyone) shouldn't be granted this
-magic status, and the flag `magic_root' should not be set in this
-situation, as noted in the summary above.
-
-<p>
-Normally, failed attempts to access root will <bf>NOT</bf> cause the
-root account to become blocked, to prevent denial-of-service: if your
-users aren't given shell accounts and root may only login via
-<tt>su</tt> or at the machine console (not
-<tt>telnet</tt>/<tt>rsh</tt>, etc), this is safe. If you really want
-root to be blocked for some given service, use
-<tt>even_deny_root_account</tt>.
-
-<p>
-If <tt>/var/log/faillog</tt> contains a non-zero <tt>.fail_max/.fail_locktime</tt>
-field for this user then the <tt>per_user</tt> module argument will
-ensure that the module uses this value and not the global
-<tt>deny/lock_time=</tt><em>n</em> parameter.
-
-<p>
-The <tt>no_lock_time</tt> option is for ensuring that the module does
-not use the <tt>.fail_locktime</tt> field in /var/log/faillog for this
-user.
-
-<p>
-The <tt>no_reset</tt> option is used to instruct the module to not reset
-the count on successful entry.
-
-</descrip>
-
-<sect2>Account component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt>onerr=</tt>(<tt>succeed</tt>|<tt>fail</tt>);
-<tt>file=</tt>/where/to/keep/counts;
-<tt>magic_root</tt>;
-<tt>no_reset</tt>;
-
-<tag><bf>Description:</bf></tag>
-
-<p>
-The account component resets attempts counter if the user is NOT
-magic root. This phase can be used optionaly for services which don't call
-pam_setcred correctly or if the reset should be done regardless
-of the failure of the account phase of other modules.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-<p>
-The <tt>magic_root</tt> option is used to indicate that if
-the module is invoked by a user with uid=0, then the counter is not
-decremented/reset. The sys-admin should use this for user launched services,
-like <tt>su</tt>, otherwise this argument should be omitted.
-
-<p>
-The <tt>no_reset</tt> option is used to instruct the module to not reset
-the count on successful entry.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_time.sgml b/Linux-PAM/doc/modules/pam_time.sgml
deleted file mode 100644
index ef761223..00000000
--- a/Linux-PAM/doc/modules/pam_time.sgml
+++ /dev/null
@@ -1,166 +0,0 @@
-<!--
- $Id: pam_time.sgml,v 1.4 2002/05/10 04:03:02 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>Time control
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_time/
-
-<tag><bf>Author:</bf></tag>
-Andrew G. Morgan <tt>&lt;morgan@kernel.org&gt;</tt>
-
-<tag><bf>Maintainer:</bf></tag>
-Author
-
-<tag><bf>Management groups provided:</bf></tag>
-account
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-Requires a configuration file <tt>/etc/security/time.conf</tt>
-
-<tag><bf>Network aware:</bf></tag>
-Through the <tt/PAM_TTY/ item only
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-Running a well regulated system occasionally involves restricting
-access to certain services in a selective manner. This module offers
-some time control for access to services offered by a system. Its
-actions are determined with a configuration file. This module can be
-configured to deny access to (individual) users based on their name,
-the time of day, the day of week, the service they are applying for
-and their terminal from which they are making their request.
-
-<sect2>Account component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-This module bases its actions on the rules listed in its configuration
-file: <tt>/etc/security/time.conf</tt>. Each rule has the following
-form,
-<tscreen>
-<em/services/<tt/;/<em/ttys/<tt/;/<em/users/<tt/;/<em/times/
-</tscreen>
-In words, each rule occupies a line, terminated with a newline or the
-beginning of a comment; a `<tt/#/'. It contains four fields separated
-with semicolons, `<tt/;/'. The fields are as follows:
-
-<p>
-<itemize>
-<item><em/services/ -
-a logic list of service names that are affected by this rule.
-
-<item><em/ttys/ -
-a logic list of terminal names indicating those terminals covered by
-the rule.
-
-<item><em/user/ -
-a logic list of usernames to which this rule applies
-
-<p>
-By a logic list we mean a sequence of tokens (associated with the
-appropriate <tt/PAM_/ item), containing no more than one wildcard
-character; `<tt/*/', and optionally prefixed with a negation operator;
-`<tt/!/'. Such a sequence is concatenated with one of two logical
-operators: <tt/&amp;/ (logical AND) and <tt/|/ (logical OR). Two
-examples are: <tt>!morgan&amp;!root</tt>, indicating that this rule
-does not apply to the user <tt>morgan</tt> nor to <tt>root</tt>; and
-<tt>tty*&amp;!ttyp*</tt>, which indicates that the rule applies only
-to console terminals but not pseudoterminals.
-
-<item><em/times/ - a logic list of times at which this rule
-applies. The format of each element is a day/time-range. The days are
-specified by a sequence of two character entries. For example,
-<tt/MoTuSa/, indicates Monday Tuesday and Saturday. Note that
-repeated days are <em/unset/; <tt/MoTuMo/ indicates Tuesday, and
-<tt/MoWk/ means all weekdays bar Monday. The two character
-combinations accepted are,
-<tscreen>
-<verb>
-Mo Tu We Th Fr Sa Su Wk Wd Al
-</verb>
-</tscreen>
-The last two of these being <em/weekend/ days and <em/all 7 days/ of
-the week respectively.
-
-<p>
-The time range part is a pair of 24-hour times, <em/HHMM/, separated
-by a hyphen -- indicating the start and finish time for the rule. If
-the finsish time is smaller than the start time, it is assumed to
-apply on the following day. For an example, <tt/Mo1800-0300/ indicates
-that the permitted times are Monday night from 6pm to 3am the
-following morning.
-
-</itemize>
-
-<p>
-Note, that the given time restriction is only applied when the first
-three fields are satisfied by a user's application for service.
-
-<p>
-For convenience and readability a rule can be extended beyond a single
-line with a `<tt>&bsol;</tt><em/newline/'.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-The use of this module is initiated with an entry in the
-<bf/Linux-PAM/ configuration file of the following type:
-<tscreen>
-<verb>
-#
-# apply pam_time accounting to login requests
-#
-login account required pam_time.so
-</verb>
-</tscreen>
-where, here we are applying the module to the <em/login/ application.
-
-<p>
-Some examples of rules that can be placed in the
-<tt>/etc/security/time.conf</tt> configuration file are the following:
-<descrip>
-
-<tag><tt>login ; tty* &amp; !ttyp* ; !root ; !Al0000-2400</tt></tag>
-all users except for <tt/root/ are denied access to console-login at
-all times.
-
-<tag><tt>games ; * ; !waster ; Wd0000-2400 | Wk1800-0800</tt></tag>
-games (configured to use Linux-PAM) are only to be accessed out of
-working hours. This rule does not apply to the user <tt/waster/.
-
-</descrip>
-
-<p>
-Note, currently there is no daemon enforcing the end of a session.
-This needs to be remedied.
-
-<p>
-Poorly formatted rules are logged as errors using <tt/syslog(3)/.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_unix.sgml b/Linux-PAM/doc/modules/pam_unix.sgml
deleted file mode 100644
index 86c584a8..00000000
--- a/Linux-PAM/doc/modules/pam_unix.sgml
+++ /dev/null
@@ -1,296 +0,0 @@
-<!--
- This file was written by Andrew G. Morgan <morgan@kernel.org>
-
- Converted from the pam_pwdb.sgml file for pam_unix by Ben Collins <bcollins@debian.org>
--->
-
-<sect1>The Unix Password module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-pam_unix
-
-<tag><bf>Author:</bf></tag>
-
-<tag><bf>Maintainer:</bf></tag>
-
-<tag><bf>Management groups provided:</bf></tag>
-account; authentication; password; session
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This is the standard Unix authentication module. It uses standard calls
-from the system's libraries to retrieve and set account information as
-well as authentication. Usually this is obtained from the /etc/passwd
-and the /etc/shadow file as well if shadow is enabled.
-
-<sect2>Account component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/; <tt/audit/
-
-<tag><bf>Description:</bf></tag>
-
-The <tt/debug/ argument makes the accounting functions of this module
-<tt/syslog(3)/ more information on its actions. (Remaining arguments
-supported by the other functions of this module are silently ignored,
-but others are logged as errors through <tt/syslog(3)/). The <tt/audit/
-argument causes even more logging.
-
-Based on the following <tt/shadow/ elements:
-<tt/expire/;
-<tt/last_change/;
-<tt/max_change/;
-<tt/min_change/;
-<tt/warn_change/,
-this module performs the task of establishing the status of the user's
-account and password. In the case of the latter, it may offer advice
-to the user on changing their password or, through the
-<tt/PAM_AUTHTOKEN_REQD/ return, delay giving service to the user until
-they have established a new password. The entries listed above are
-documented in the <em/GNU Libc/ info documents. Should the user's record
-not contain one or more of these entries, the corresponding <em/shadow/
-check is not performed.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-In its accounting mode, this module can be inserted as follows:
-<tscreen>
-<verb>
-#
-# Ensure users account and password are still active
-#
-login account required pam_unix.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/;
-<tt/audit/;
-<tt/use_first_pass/;
-<tt/try_first_pass/;
-<tt/nullok/;
-<tt/nodelay/;
-<tt/noreap/
-
-<tag><bf>Description:</bf></tag>
-
-The <tt/debug/ argument makes the authentication functions of this
-module <tt/syslog(3)/ more information on its actions. The <tt/audit/
-causes even more information to be logged.
-
-<p>
-The default action of this module is to not permit the user access to
-a service if their <em/official/ password is blank. The <tt/nullok/
-argument overrides this default.
-
-<p>
-When given the argument <tt/try_first_pass/, before prompting the user
-for their password, the module first tries the previous stacked
-<tt/auth/-module's password in case that satisfies this module as
-well. The argument <tt/use_first_pass/ forces the module to use such a
-recalled password and will never prompt the user - if no password is
-available or the password is not appropriate, the user will be denied
-access.
-
-<p>
-The argument, <tt>nodelay</tt>, can be used to discourage the
-authentication component from requesting a delay should the
-authentication as a whole fail. The default action is for the module
-to request a delay-on-failure of the order of one second.
-
-<p>
-A helper binary, <tt>unix_chkpwd</tt>, is provided to check the user's
-password when it is stored in a read protected database. This binary
-is very simple and will only check the password of the user invoking
-it. It is called transparently on behalf of the user by the
-authenticating component of this module. In this way it is possible
-for applications like <em>xlock</em> to work without being
-setuid-root. The module, by default, will temporarily turn off
-<tt/SIGCHLD/ handling for the duration of execution of the helper
-binary. This is generally the right thing to do, as many applications
-are not prepared to handle this signal from a child they didn't know
-was <tt/fork()/d. The <tt/noreap/ module argument can be used to
-suppress this temporary shielding and may be needed for use with
-certain applications.
-
-<p>
-Remaining arguments, supported by the other functions of this module,
-are silently ignored. Other arguments are logged as errors through
-<tt/syslog(3)/.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-The correct functionality of this module is dictated by having an
-appropriate <tt>/etc/nsswitch.conf</tt> file, the user
-databases specified there dictate the source of the authenticated
-user's record.
-<p>
-In its authentication mode, this module can be inserted as follows:
-<tscreen>
-<verb>
-#
-# Authenticate the user
-#
-login auth required pam_unix.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<sect2>Password component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/;
-<tt/audit/;
-<tt/nullok/;
-<tt/not_set_pass/;
-<tt/use_authtok/;
-<tt/try_first_pass/;
-<tt/use_first_pass/;
-<tt/md5/;
-<tt/bigcrypt/;
-<tt/shadow/;
-<tt/nis/;
-<tt/remember/
-
-<tag><bf>Description:</bf></tag>
-
-This part of the <tt/pam_unix/ module performs the task of updating
-the user's password.
-
-<p>
-In the case of conventional unix databases (which store the password
-encrypted) the <tt/md5/ argument is used to do the encryption with the
-MD5 function as opposed to the <em/conventional/ <tt/crypt(3)/ call.
-As an alternative to this, the <tt/bigcrypt/ argument can be used to
-encrypt more than the first 8 characters of a password with DEC's
-(Digital Equipment Cooperation) `C2' extension to the standard UNIX
-<tt/crypt()/ algorithm.
-
-<p>
-The <tt/nullok/ argument is used to permit the changing of a password
-<em/from/ an empty one. Without this argument, empty passwords are
-treated as account-locking ones.
-
-<p>
-The argument <tt/use_first_pass/ is used to lock the choice of old and
-new passwords to that dictated by the previously stacked <tt/password/
-module. The <tt/try_first_pass/ argument is used to avoid the user
-having to re-enter an old password when <tt/pam_unix/ follows a module
-that possibly shared the user's old password - if this old password is
-not correct the user will be prompted for the correct one. The
-argument <tt/use_authtok/ is used to <em/force/ this module to set the
-new password to the one provided by the previously stacked
-<tt/password/ module (this is used in an example of the stacking of
-the <em/Cracklib/ module documented above).
-
-<p>
-The <tt/not_set_pass/ argument is used to inform the module that it is
-not to pay attention to/make available the old or new passwords from/to
-other (stacked) password modules.
-
-<p>
-The <tt/debug/ argument makes the password functions of this module
-<tt/syslog(3)/ more information on its actions. Other arguments may be
-logged as erroneous to <tt/syslog(3)/. The <tt/audit/ argument causes
-even more information to be logged.
-
-<p>
-With the <tt/nis/ argument, <tt/pam_unix/ will attempt to use NIS RPC
-for setting new passwords.
-
-<p>
-The <tt/remember/ argument takes one value. This is the number of most
-recent passwords to save for each user. These are saved in
-<tt>/etc/security/opasswd</tt> in order to force password change history
-and keep the user from alternating between the same password too frequently.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-Standard usage:
-<tscreen>
-<verb>
-#
-# Change the users password
-#
-passwd password required pam_unix.so
-</verb>
-</tscreen>
-
-<p>
-An example of the stacking of this module with respect to the
-pluggable password checking module, <tt/pam_cracklib/:
-<tscreen>
-<verb>
-#
-# Change the users password
-#
-passwd password required pam_cracklib.so retry=3 minlen=6 difok=3
-passwd password required pam_unix.so use_authtok nullok md5
-</verb>
-</tscreen>
-
-</descrip>
-
-<sect2>Session component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-No arguments are recognized by this module component. Its action is
-simply to log the username and the service-type to
-<tt/syslog(3)/. Messages are logged at the beginning and end of the
-user's session.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-The use of the session modules is straightforward:
-<tscreen>
-<verb>
-#
-# session opening and closing
-#
-login session required pam_unix.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_userdb.sgml b/Linux-PAM/doc/modules/pam_userdb.sgml
deleted file mode 100644
index 155a2668..00000000
--- a/Linux-PAM/doc/modules/pam_userdb.sgml
+++ /dev/null
@@ -1,126 +0,0 @@
-<!--
- This file was written by Cristian Gafton <gafton@redhat.com>
--->
-
-<sect1>The userdb module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_userdb/
-
-<tag><bf>Author:</bf></tag>
-Cristian Gafton &lt;gafton@redhat.com&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author.
-
-<tag><bf>Management groups provided:</bf></tag>
-authentication
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-Requires Berkeley DB.
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-Look up users in a .db database and verify their password against
-what is contained in that database.
-
-<sect2>Authentication component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/;
-<tt/icase/;
-<tt/dump/;
-<tt/db=XXXX/;
-<tt/use_authtok/;
-<tt/unknown_ok/;
-
-<tag><bf>Description:</bf></tag>
-
-This module is used to verify a username/password pair against values stored in
-a Berkeley DB database. The database is indexed by the username, and the data
-fields corresponding to the username keys are the passwords, in unencrypted form,
-so caution must be exercised over the access rights to the DB database itself..
-
-The module will read the password from the user using the conversation mechanism. If
-you are using this module on top of another authentication module (like <tt/pam_pwdb/;)
-then you should tell that module to read the entered password from the PAM_AUTHTOK field, which is set by this module.
-
-<p>
-The action of the module may be modified from this default by one or
-more of the following flags in the <tt>/etc/pam.d/&lt;service&gt;</tt> file.
-<itemize>
-<item>
-<tt/debug/ -
-Supply more debugging information to <tt/syslog(3)/.
-
-<item>
-<tt/icase/ -
-Perform the password comparisons case insensitive.
-
-<item>
-<tt/dump/ -
-dump all the entries in the database to the log (eek,
-don't do this by default!)
-
-<item>
-<tt/db=XXXX/ -
-use the database found on pathname XXXX. Note that Berkeley DB usually adds the
-needed filename extension for you, so you should use something like <tt>/etc/foodata</tt>
-instead of <tt>/etc/foodata.db</tt>.
-
-<item> <tt/use_authtok/ -
-use the authentication token previously obtained by another module that did the
-conversation with the application. If this token can not be obtained then
-the module will try to converse again. This option can be used for stacking
-different modules that need to deal with the authentication tokens.
-
-<item>
-<tt/unknown_ok/ -
-do not return error when checking for a user that is not in the database.
-This can be used to stack more than one pam_userdb module that will check a
-username/password pair in more than a database.
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-This is a normal ftp configuration file (usually placed as <tt>/etc/pam.d/ftp</tt>
-on most systems) that will accept for login users whose username/password pairs are
-provided in the <tt>/tmp/dbtest.db</tt> file:
-
-<tscreen>
-<verb>
-#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
-auth sufficient pam_userdb.so icase db=/tmp/dbtest
-auth required pam_pwdb.so shadow nullok try_first_pass
-auth required pam_shells.so
-account required pam_pwdb.so
-session required pam_pwdb.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_warn.sgml b/Linux-PAM/doc/modules/pam_warn.sgml
deleted file mode 100644
index b015554d..00000000
--- a/Linux-PAM/doc/modules/pam_warn.sgml
+++ /dev/null
@@ -1,67 +0,0 @@
-<!--
- $Id: pam_warn.sgml,v 1.2 2001/12/08 18:56:47 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
--->
-
-<sect1>Warning logger module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_warn/
-
-<tag><bf>Author:</bf></tag>
-Andrew G. Morgan &lt;morgan@kernel.org&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author.
-
-<tag><bf>Management groups provided:</bf></tag>
-authentication; password
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-logs information about the remote user and host (if pam-items are known)
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-This module is principally for logging information about a
-proposed authentication or application to update a password.
-
-<sect2>Authentication+Password component
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-
-<tag><bf>Description:</bf></tag>
-
-Log the service, terminal, user, remote user and remote host to
-<tt/syslog(3)/. The items are not probed for, but instead obtained
-from the standard pam-items.
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-an example is provided in the configuration file section <ref
-id="configuration" name="above">.
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/modules/pam_wheel.sgml b/Linux-PAM/doc/modules/pam_wheel.sgml
deleted file mode 100644
index e4dc501a..00000000
--- a/Linux-PAM/doc/modules/pam_wheel.sgml
+++ /dev/null
@@ -1,131 +0,0 @@
-<!--
- $Id: pam_wheel.sgml,v 1.3 2002/07/13 05:48:19 agmorgan Exp $
-
- This file was written by Andrew G. Morgan <morgan@kernel.org>
- from notes provided by Cristian Gafton.
--->
-
-<sect1>The wheel module
-
-<sect2>Synopsis
-
-<p>
-<descrip>
-
-<tag><bf>Module Name:</bf></tag>
-<tt/pam_wheel/
-
-<tag><bf>Author:</bf></tag>
-Cristian Gafton &lt;gafton@redhat.com&gt;
-
-<tag><bf>Maintainer:</bf></tag>
-Author.
-
-<tag><bf>Management groups provided:</bf></tag>
-authentication; account
-
-<tag><bf>Cryptographically sensitive:</bf></tag>
-
-<tag><bf>Security rating:</bf></tag>
-
-<tag><bf>Clean code base:</bf></tag>
-
-<tag><bf>System dependencies:</bf></tag>
-
-<tag><bf>Network aware:</bf></tag>
-
-</descrip>
-
-<sect2>Overview of module
-
-<p>
-Only permit root access to members of the wheel (<tt/gid=0/) group.
-
-<sect2>Authentication and Account components
-
-<p>
-<descrip>
-
-<tag><bf>Recognized arguments:</bf></tag>
-<tt/debug/;
-<tt/use_uid/;
-<tt/trust/;
-<tt/deny/;
-<tt/group=XXXX/
-
-<tag><bf>Description:</bf></tag>
-
-This module is used to enforce the so-called <em/wheel/ group. By
-default, it permits root access to the system if the applicant user is
-a member of the <tt/wheel/ group (first, the module checks for the
-existence of a '<tt/wheel/' group. Otherwise the module defines the
-group with group-id <tt/0/ to be the <em/wheel/ group).
-
-<p>
-The module can be used as either an '<tt/auth/' or an '<tt/account/'
-module.
-
-<p>
-The action of the module may be modified from this default by one or
-more of the following flags in the <tt>/etc/pam.conf</tt> file.
-<itemize>
-<item>
-<tt/debug/ -
-Supply more debugging information to <tt/syslog(3)/.
-
-<item>
-<tt/use_uid/ -
-This option modifies the behavior of the module by using the current
-<tt/uid/ of the process and not the <tt/getlogin(3)/ name of the user.
-This option is useful for being able to jump from one account to
-another, for example with 'su'.
-
-<item>
-<tt/trust/ -
-This option instructs the module to return <tt/PAM_SUCCESS/ should it
-find the user applying for root privilege is a member of the wheel
-group. The default action is to return <tt/PAM_IGNORE/ in this
-situation. By using the <tt/trust/ option it is possible to arrange
-for <tt/wheel/-group members to become root without typing a
-password. <bf/USE WITH CARE/.
-
-<item>
-<tt/deny/ -
-This is used to reverse the logic of the module's behavior. If the
-user is trying to get <tt/uid=0/ access and is a member of the wheel
-group, deny access (for the wheel group, this is perhaps nonsense!):
-it is intended for use in conjunction with the <tt/group=/ argument...
-Conversely, if the user is not in the group, return <tt/PAM_IGNORE/
-(unless <tt/trust/ was also specified, in which case we return
-<tt/PAM_SUCCESS/).
-
-<item>
-<tt/group=XXXX/ -
-Instead of checking the <tt/gid=0/ group, use the user's <tt/XXXX/
-group membership for the authentication. Here, <tt/XXXX/ is the name
-of the group and <bf/not/ its numeric identifier.
-
-</itemize>
-
-<tag><bf>Examples/suggested usage:</bf></tag>
-
-To restrict access to superuser status to the members of the
-<tt/wheel/ group, use the following entries in your configuration
-file:
-<tscreen>
-<verb>
-#
-# root gains access by default (rootok), only wheel members can
-# become root (wheel) but Unix authenticate non-root applicants.
-#
-su auth sufficient pam_rootok.so
-su auth required pam_wheel.so
-su auth required pam_unix.so
-</verb>
-</tscreen>
-
-</descrip>
-
-<!--
-End of sgml insert for this module.
--->
diff --git a/Linux-PAM/doc/mwg/Linux-PAM_MWG.xml b/Linux-PAM/doc/mwg/Linux-PAM_MWG.xml
new file mode 100644
index 00000000..a7d97e4e
--- /dev/null
+++ b/Linux-PAM/doc/mwg/Linux-PAM_MWG.xml
@@ -0,0 +1,656 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<book id="mwg">
+ <bookinfo>
+ <title>The Linux-PAM Module Writers' Guide</title>
+ <authorgroup>
+ <author>
+ <firstname>Andrew G.</firstname>
+ <surname>Morgan</surname>
+ <email>morgan@kernel.org</email>
+ </author>
+ <author>
+ <firstname>Thorsten</firstname>
+ <surname>Kukuk</surname>
+ <email>kukuk@thkukuk.de</email>
+ </author>
+ </authorgroup>
+ <releaseinfo>Version 0.99.6.0, 5. August 2006</releaseinfo>
+ <abstract>
+ <para>
+ This manual documents what a programmer needs to know in order
+ to write a module that conforms to the
+ <emphasis remap='B'>Linux-PAM</emphasis> standard.It also
+ discusses some security issues from the point of view of the
+ module programmer.
+ </para>
+ </abstract>
+ </bookinfo>
+
+ <chapter id="mwg-introduction">
+ <title>Introduction</title>
+ <section id="mwg-introduction-description">
+ <title>Description</title>
+ <para>
+ <emphasis remap='B'>Linux-PAM</emphasis> (Pluggable Authentication
+ Modules for Linux) is a library that enables the local system
+ administrator to choose how individual applications authenticate
+ users. For an overview of the
+ <emphasis remap='B'>Linux-PAM</emphasis> library see the
+ <emphasis>Linux-PAM System Administrators' Guide</emphasis>.
+ </para>
+ <para>
+ A <emphasis remap='B'>Linux-PAM</emphasis> module is a single
+ executable binary file that can be loaded by the
+ <emphasis remap='B'>Linux-PAM</emphasis> interface library.
+ This PAM library is configured locally with a system file,
+ <filename>/etc/pam.conf</filename>, to authenticate a user
+ request via the locally available authentication modules. The
+ modules themselves will usually be located in the directory
+ <filename>/lib/security</filename> (or
+ <filename>/lib64/security</filename>, depending on the architecture)
+ and take the form of dynamically loadable object files (see
+ <citerefentry>
+ <refentrytitle>dlopen</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>. Alternatively, the modules can be statically
+ linked into the <emphasis remap='B'>Linux-PAM</emphasis> library;
+ this is mostly to allow <emphasis remap='B'>Linux-PAM</emphasis> to
+ be used on platforms without dynamic linking available, but this is
+ a <emphasis>deprecated</emphasis> functionality. It is the
+ <emphasis remap='B'>Linux-PAM</emphasis> interface that is called
+ by an application and it is the responsibility of the library to
+ locate, load and call the appropriate functions in a
+ <emphasis remap='B'>Linux-PAM</emphasis>-module.
+ </para>
+ <para>
+ Except for the immediate purpose of interacting with the user
+ (entering a password etc..) the module should never call the
+ application directly. This exception requires a "conversation
+ mechanism" which is documented below.
+ </para>
+ </section>
+
+ <section id="mwg-introducton-synopsis">
+ <title>Synopsis</title>
+ <programlisting>
+#include &lt;security/pam_modules.h&gt;
+
+gcc -fPIC -c pam_module.c
+gcc -shared -o pam_module.so pam_module.o -lpam
+ </programlisting>
+ </section>
+ </chapter>
+
+ <chapter id="mwg-expected-by-module">
+ <title>What can be expected by the module</title>
+ <para>
+ Here we list the interface that the conventions that all
+ <emphasis remap='B'>Linux-PAM</emphasis> modules must adhere to.
+ </para>
+ <section id="mwg-expected-by-module-item">
+ <title>
+ Getting and setting <emphasis>PAM_ITEM</emphasis>s and
+ <emphasis>data</emphasis>
+ </title>
+ <para>
+ First, we cover what the module should expect from the
+ <emphasis remap='B'>Linux-PAM</emphasis> library and a
+ <emphasis remap='B'>Linux-PAM</emphasis> aware application.
+ Essesntially this is the <filename>libpam.*</filename> library.
+ </para>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_set_data.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_get_data.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_set_item.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_get_item.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_get_user.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_conv.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_putenv.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_getenv.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_getenvlist.xml"/>
+ </section>
+ <section id="mwg-expected-by-module-other">
+ <title>
+ Other functions provided by <filename>libpam</filename>
+ </title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_strerror.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_fail_delay.xml"/>
+ </section>
+ </chapter>
+
+ <chapter id="mwg-expected-of-module">
+ <title>What is expected of a module</title>
+ <para>
+ The module must supply a sub-set of the six functions listed
+ below. Together they define the function of a
+ <emphasis remap='B'>Linux-PAM module</emphasis>. Module developers
+ are strongly urged to read the comments on security that follow
+ this list.
+ </para>
+ <section id="mwg-expected-of-module-overview">
+ <title>Overview</title>
+ <para>
+ The six module functions are grouped into four independent
+ management groups. These groups are as follows:
+ <emphasis>authentication</emphasis>, <emphasis>account</emphasis>,
+ <emphasis>session</emphasis> and <emphasis>password</emphasis>.
+ To be properly defined, a module must define all functions within
+ at least one of these groups. A single module may contain the
+ necessary functions for <emphasis>all</emphasis> four groups.
+ </para>
+ <section id="mwg-expected-of-module-overview-1">
+ <title>Functional independence</title>
+ <para>
+ The independence of the four groups of service a module can
+ offer means that the module should allow for the possibility
+ that any one of these four services may legitimately be called
+ in any order. Thus, the module writer should consider the
+ appropriateness of performing a service without the prior
+ success of some other part of the module.
+ </para>
+ <para>
+ As an informative example, consider the possibility that an
+ application applies to change a user's authentication token,
+ without having first requested that
+ <emphasis remap='B'>Linux-PAM</emphasis> authenticate the
+ user. In some cases this may be deemed appropriate: when
+ <command>root</command> wants to change the authentication
+ token of some lesser user. In other cases it may not be
+ appropriate: when <command>joe</command> maliciously wants
+ to reset <command>alice</command>'s password; or when anyone
+ other than the user themself wishes to reset their
+ <emphasis>KERBEROS</emphasis> authentication token. A policy
+ for this action should be defined by any reasonable
+ authentication scheme, the module writer should consider
+ this when implementing a given module.
+ </para>
+ </section>
+ <section id="mwg-expected-of-module-overview-2">
+ <title>Minimizing administration problems</title>
+ <para>
+ To avoid system administration problems and the poor
+ construction of a <filename>/etc/pam.conf</filename> file,
+ the module developer may define all six of the following
+ functions. For those functions that would not be called,
+ the module should return <errorname>PAM_SERVICE_ERR</errorname>
+ and write an appropriate message to the system log. When
+ this action is deemed inappropriate, the function would
+ simply return <errorname>PAM_IGNORE</errorname>.
+ </para>
+ </section>
+ <section id="mwg-expected-of-module-overview-3">
+ <title>Arguments supplied to the module</title>
+ <para>
+ The <parameter>flags</parameter> argument of each of
+ the following functions can be logically OR'd with
+ <parameter>PAM_SILENT</parameter>, which is used to inform the
+ module to not pass any <emphasis>text</emphasis> (errors or
+ warnings) application.
+ </para>
+ <para>
+ The <parameter>argc</parameter> and <parameter>argv</parameter>
+ arguments are taken from the line appropriate to this
+ module---that is, with the <emphasis>service_name</emphasis>
+ matching that of the application---in the configuration file
+ (see the <emphasis remap='B'>Linux-PAM</emphasis>
+ System Administrators' Guide). Together these two parameters
+ provide the number of arguments and an array of pointers to
+ the individual argument tokens. This will be familiar to C
+ programmers as the ubiquitous method of passing command arguments
+ to the function <function>main()</function>. Note, however, that
+ the first argument (<parameter>argv[0]</parameter>) is a true
+ argument and <emphasis>not</emphasis> the name of the module.
+ </para>
+ </section>
+ </section>
+ <section id="mwg-expected-of-module-auth">
+ <title>Authentication management</title>
+ <para>
+ To be correctly initialized, <parameter>PAM_SM_AUTH</parameter>
+ must be <command>#define</command>'d prior to including
+ <function>&lt;security/pam_modules.h&gt;</function>. This will
+ ensure that the prototypes for static modules are properly declared.
+ </para>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_sm_authenticate.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_sm_setcred.xml"/>
+ </section>
+ <section id="mwg-expected-of-module-acct">
+ <title>Account management</title>
+ <para>
+ To be correctly initialized, <parameter>PAM_SM_ACCOUNT</parameter>
+ must be <command>#define</command>'d prior to including
+ <function>&lt;security/pam_modules.h&gt;</function>. This will
+ ensure that the prototypes for static modules are properly declared.
+ </para>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_sm_acct_mgmt.xml"/>
+ </section>
+ <section id="mwg-expected-of-module-session">
+ <title>Session management</title>
+ <para>
+ To be correctly initialized, <parameter>PAM_SM_SESSION</parameter>
+ must be <command>#define</command>'d prior to including
+ <function>&lt;security/pam_modules.h&gt;</function>. This will
+ ensure that the prototypes for static modules are properly declared.
+ </para>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_sm_open_session.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_sm_close_session.xml"/>
+ </section>
+ <section id="mwg-expected-of-module-chauthtok">
+ <title>Authentication token management</title>
+ <para>
+ To be correctly initialized, <parameter>PAM_SM_PASSWORD</parameter>
+ must be <command>#define</command>'d prior to including
+ <function>&lt;security/pam_modules.h&gt;</function>. This will
+ ensure that the prototypes for static modules are properly declared.
+ </para>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_sm_chauthtok.xml"/>
+ </section>
+ </chapter>
+
+ <chapter id="mwg-see-options">
+ <title>Generic optional arguments</title>
+ <para>
+ Here we list the generic arguments that all modules can expect to
+ be passed. They are not mandatory, and their absence should be
+ accepted without comment by the module.
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>debug</term>
+ <listitem>
+ <para>
+ Use the <citerefentry>
+ <refentrytitle>pam_syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> call to log debugging information to the system
+ log files.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>use_first_pass</term>
+ <listitem>
+ <para>
+ The module should not prompt the user for a password.
+ Instead, it should obtain the previously typed password
+ (by a call to <function>pam_get_item()</function> for the
+ <parameter>PAM_AUTHTOK</parameter> item), and use that. If
+ that doesn't work, then the user will not be authenticated.
+ (This option is intended for <command>auth</command> and
+ <command>passwd</command> modules only).
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </chapter>
+
+ <chapter id="mwg-see-programming">
+ <title>Programming notes</title>
+ <para>
+ Here we collect some pointers for the module writer to bear in mind
+ when writing/developing a <emphasis remap='B'>Linux-PAM</emphasis>
+ compatible module.
+ </para>
+
+ <section id="mwg-see-programming-sec">
+ <title>Security issues for module creation</title>
+ <section id="mwg-see-programming-sec-res">
+ <title>Sufficient resources</title>
+ <para>
+ Care should be taken to ensure that the proper execution
+ of a module is not compromised by a lack of system resources.
+ If a module is unable to open sufficient files to perform its
+ task, it should fail gracefully, or request additional resources.
+ Specifically, the quantities manipulated by the <citerefentry>
+ <refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry> family of commands should be taken into
+ consideration.
+ </para>
+ </section>
+ <section id="mwg-see-programming-sec-who">
+ <title>Who´s who?</title>
+ <para>
+ Generally, the module may wish to establish the identity of
+ the user requesting a service. This may not be the same as
+ the username returned by <function>pam_get_user()</function>.
+ Indeed, that is only going to be the name of the user under
+ whose identity the service will be given. This is not
+ necessarily the user that requests the service.
+ </para>
+ <para>
+ In other words, user X runs a program that is setuid-Y, it
+ grants the user to have the permissions of Z. A specific example
+ of this sort of service request is the <command>su</command>
+ program: user <command>joe</command> executes
+ <command>su</command> to become the user <command>jane</command>.
+ In this situation X=<command>joe</command>, Y=<command>root</command>
+ and Z=<command>jane</command>. Clearly, it is important that
+ the module does not confuse these different users and grant an
+ inappropriate level of privilege.
+ </para>
+ <para>
+ The following is the convention to be adhered to when juggling
+ user-identities.
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ X, the identity of the user invoking the service request.
+ This is the user identifier; returned by the function
+ <citerefentry>
+ <refentrytitle>getuid</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Y, the privileged identity of the application used to
+ grant the requested service. This is the
+ <emphasis>effective</emphasis> user identifier;
+ returned by the function <citerefentry>
+ <refentrytitle>geteuid</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Z, the user under whose identity the service will be granted.
+ This is the username returned by
+ <function>pam_get_user()</function> and also stored in the
+ <emphasis remap='B'>Linux-PAM</emphasis> item,
+ <emphasis>PAM_USER</emphasis>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <emphasis remap='B'>Linux-PAM</emphasis> has a place for
+ an additional user identity that a module may care to make
+ use of. This is the <emphasis>PAM_RUSER</emphasis> item.
+ Generally, network sensitive modules/applications may wish
+ to set/read this item to establish the identity of the user
+ requesting a service from a remote location.
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ Note, if a module wishes to modify the identity of either the
+ <emphasis>uid</emphasis> or <emphasis>euid</emphasis> of the
+ running process, it should take care to restore the original
+ values prior to returning control to the
+ <emphasis remap='B'>Linux-PAM</emphasis> library.
+ </para>
+ </section>
+ <section id="mwg-see-programming-sec-conv">
+ <title>Using the conversation function</title>
+ <para>
+ Prior to calling the conversation function, the module should
+ reset the contents of the pointer that will return the applications
+ response. This is a good idea since the application may fail
+ to fill the pointer and the module should be in a position to
+ notice!
+ </para>
+ <para>
+ The module should be prepared for a failure from the
+ conversation. The generic error would be
+ <emphasis>PAM_CONV_ERR</emphasis>, but anything other than
+ <emphasis>PAM_SUCCESS</emphasis> should be treated as
+ indicating failure.
+ </para>
+ </section>
+ <section id="mwg-see-programming-sec-token">
+ <title>Authentication tokens</title>
+ <para>
+ To ensure that the authentication tokens are not left lying
+ around the items, <emphasis>PAM_AUTHTOK</emphasis> and
+ <emphasis>PAM_OLDAUTHTOK</emphasis>, are not available to
+ the application: they are defined in
+ <filename>&lt;security/pam_modules.h&gt;</filename>. This
+ is ostensibly for security reasons, but a maliciously
+ programmed application will always have access to all memory
+ of the process, so it is only superficially enforced. As a
+ general rule the module should overwrite authentication tokens
+ as soon as they are no longer needed. Especially before
+ <function>free()</function>'ing them. The
+ <emphasis remap='B'>Linux-PAM</emphasis> library is
+ required to do this when either of these authentication
+ token items are (re)set.
+ </para>
+ <para>
+ Not to dwell too little on this concern; should the module
+ store the authentication tokens either as (automatic) function
+ variables or using <function>pam_[gs]et_data()</function> the
+ associated memory should be over-written explicitly before it
+ is released. In the case of the latter storage mechanism, the
+ associated <function>cleanup()</function> function should
+ explicitly overwrite the <varname>*data</varname> before
+ <function>free()</function>'ing it: for example,
+ <programlisting>
+/*
+ * An example cleanup() function for releasing memory that was used to
+ * store a password.
+ */
+
+int cleanup(pam_handle_t *pamh, void *data, int error_status)
+{
+ char *xx;
+
+ if ((xx = data)) {
+ while (*xx)
+ *xx++ = '\0';
+ free(data);
+ }
+ return PAM_SUCCESS;
+}
+ </programlisting>
+ </para>
+ </section>
+ </section>
+ <section id="mwg-see-programming-syslog">
+ <title>Use of <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry></title>
+ <para>
+ Only rarely should error information be directed to the user.
+ Usually, this is to be limited to
+ <quote><emphasis>sorry you cannot login now</emphasis></quote>
+ type messages. Information concerning errors in the configuration
+ file, <filename>/etc/pam.conf</filename>, or due to some system
+ failure encountered by the module, should be written to
+ <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> with <emphasis>facility-type</emphasis>
+ <emphasis remap='B'>LOG_AUTHPRIV</emphasis>.
+ </para>
+ <para>
+ With a few exceptions, the level of logging is, at the discretion
+ of the module developer. Here is the recommended usage of different
+ logging levels:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ As a general rule, errors encountered by a module should be
+ logged at the <emphasis>LOG_ERR</emphasis> level. However,
+ information regarding an unrecognized argument, passed to a
+ module from an entry in the <filename>/etc/pam.conf</filename>
+ file, is <emphasis>required</emphasis> to be logged at the
+ <emphasis>LOG_ERR</emphasis> level.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Debugging information, as activated by the
+ <command>debug</command> argument to the module in
+ <filename>/etc/pam.conf</filename>, should be logged
+ at the <emphasis>LOG_DEBUG</emphasis> level.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ If a module discovers that its personal configuration
+ file or some system file it uses for information is
+ corrupted or somehow unusable, it should indicate this
+ by logging messages at level, <emphasis>LOG_ALERT</emphasis>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Shortages of system resources, such as a failure to
+ manipulate a file or <function>malloc()</function> failures
+ should be logged at level <emphasis>LOG_CRIT</emphasis>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Authentication failures, associated with an incorrectly
+ typed password should be logged at level,
+ <emphasis>LOG_NOTICE</emphasis>.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section id="mwg-see-programming-libs">
+ <title>Modules that require system libraries</title>
+ <para>
+ Writing a module is much like writing an application. You
+ have to provide the "conventional hooks" for it to work
+ correctly, like <function>pam_sm_authenticate()</function>
+ etc., which would correspond to the <function>main()</function>
+ function in a normal function.
+ </para>
+ <para>
+ Typically, the author may want to link against some standard system
+ libraries. As when one compiles a normal program, this can be
+ done for modules too: you simply append the
+ <parameter>-l</parameter><emphasis>XXX</emphasis> arguments
+ for the desired libraries when you create the shared module object.
+ To make sure a module is linked to the
+ <command>libwhatever.so</command> library
+ when it is <function>dlopen()</function>ed, try:
+ <programlisting>
+% gcc -shared -o pam_module.so pam_module.o -lwhatever
+ </programlisting>
+ </para>
+ </section>
+ </chapter>
+
+ <chapter id="mwg-example">
+ <title>An example module</title>
+ <para>
+ At some point, we may include a fully commented example of a module in
+ this document. For now, please look at the modules directory of the
+ <emphasis remap='B'>Linux-PAM</emphasis> sources.
+ </para>
+ </chapter>
+
+ <chapter id="mwg-see-also">
+ <title>See also</title>
+ <itemizedlist>
+ <listitem>
+ <para>
+ The Linux-PAM System Administrators' Guide.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The Linux-PAM Application Developers' Guide.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The V. Samar and R. Schemers (SunSoft), ``UNIFIED LOGIN WITH
+ PLUGGABLE AUTHENTICATION MODULES'', Open Software Foundation
+ Request For Comments 86.0, October 1995.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </chapter>
+
+ <chapter id='mwg-author'>
+ <title>Author/acknowledgments</title>
+ <para>
+ This document was written by Andrew G. Morgan (morgan@kernel.org)
+ with many contributions from
+ Chris Adams, Peter Allgeyer, Tim Baverstock, Tim Berger, Craig S. Bell,
+ Derrick J. Brashear, Ben Buxton, Seth Chaiklin, Oliver Crow, Chris Dent,
+ Marc Ewing, Cristian Gafton, Emmanuel Galanos, Brad M. Garcia,
+ Eric Hester, Roger Hu, Eric Jacksch, Michael K. Johnson, David Kinchlea,
+ Olaf Kirch, Marcin Korzonek, Thorsten Kukuk, Stephen Langasek,
+ Nicolai Langfeldt, Elliot Lee, Luke Kenneth Casson Leighton,
+ Al Longyear, Ingo Luetkebohle, Marek Michalkiewicz, Robert Milkowski,
+ Aleph One, Martin Pool, Sean Reifschneider, Jan Rekorajski, Erik Troan,
+ Theodore Ts'o, Jeff Uphoff, Myles Uyema, Savochkin Andrey Vladimirovich,
+ Ronald Wahl, David Wood, John Wilmes, Joseph S. D. Yao
+ and Alex O. Yuriev.
+ </para>
+ <para>
+ Thanks are also due to Sun Microsystems, especially to Vipin Samar and
+ Charlie Lai for their advice. At an early stage in the development of
+ <emphasis remap='B'>Linux-PAM</emphasis>, Sun graciously made the
+ documentation for their implementation of PAM available. This act
+ greatly accelerated the development of
+ <emphasis remap='B'>Linux-PAM</emphasis>.
+ </para>
+ </chapter>
+
+ <chapter id='mwg-copyright'>
+ <title>Copyright information for this document</title>
+ <programlisting>
+Copyright (c) 2006 Thorsten Kukuk &lt;kukuk@thkukuk.de&gt;
+Copyright (c) 1996-2002 Andrew G. Morgan &lt;morgan@kernel.org&gt;
+ </programlisting>
+ <para>
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ </para>
+ <programlisting>
+1. Redistributions of source code must retain the above copyright
+ notice, and the entire permission notice in its entirety,
+ including the disclaimer of warranties.
+
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+3. The name of the author may not be used to endorse or promote
+ products derived from this software without specific prior
+ written permission.
+ </programlisting>
+ <para>
+ Alternatively, this product may be distributed under the terms of
+ the GNU General Public License (GPL), in which case the provisions
+ of the GNU GPL are required instead of the above restrictions.
+ (This clause is necessary due to a potential bad interaction between
+ the GNU GPL and the restrictions contained in a BSD-style copyright.)
+ </para>
+ <programlisting>
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ </programlisting>
+ </chapter>
+</book>
diff --git a/Linux-PAM/doc/mwg/Makefile.am b/Linux-PAM/doc/mwg/Makefile.am
new file mode 100644
index 00000000..77296189
--- /dev/null
+++ b/Linux-PAM/doc/mwg/Makefile.am
@@ -0,0 +1,97 @@
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+CLEANFILES = Linux-PAM_MWG.fo *~
+
+EXTRA_DIST = $(XMLS)
+
+XMLS = Linux-PAM_MWG.xml $(shell ls $(srcdir)/pam_*.xml)
+DEP_XMLS = $(shell ls $(top_srcdir)/doc/man/pam_*.xml)
+
+if ENABLE_REGENERATE_MAN
+MAINTAINERCLEANFILES = Linux-PAM_MWG.txt Linux-PAM_MWG.pdf html/*.html
+
+all: Linux-PAM_MWG.txt html/Linux-PAM_MWG.html Linux-PAM_MWG.pdf
+
+Linux-PAM_MWG.pdf: $(XMLS) $(DEP_XMLS)
+if ENABLE_GENERATE_PDF
+ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+ $(XSLTPROC) --stringparam generate.toc "book toc" \
+ --stringparam section.autolabel 1 \
+ --stringparam section.label.includes.component.label 1 \
+ --stringparam toc.max.depth 3 --xinclude --nonet \
+ http://docbook.sourceforge.net/release/xsl/current/fo/docbook.xsl $< > Linux-PAM_MWG.fo
+ $(FO2PDF) Linux-PAM_MWG.fo $@
+else
+ echo "No fo2pdf processor installed, skip PDF generation"
+endif
+
+Linux-PAM_MWG.txt: $(XMLS) $(DEP_XMLS)
+ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+ $(XSLTPROC) --stringparam generate.toc "book toc" \
+ --stringparam section.autolabel 1 \
+ --stringparam section.label.includes.component.label 1 \
+ --stringparam toc.max.depth 3 --xinclude --nonet \
+ http://docbook.sourceforge.net/release/xsl/current/html/docbook.xsl $< | $(BROWSER) > $@
+
+html/Linux-PAM_MWG.html: $(XMLS) $(DEP_XMLS)
+ @test -d html || mkdir -p html
+ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+ $(XSLTPROC) --stringparam base.dir html/ \
+ --stringparam root.filename Linux-PAM_MWG \
+ --stringparam use.id.as.filename 1 \
+ --stringparam chunk.first.sections 1 \
+ --stringparam section.autolabel 1 \
+ --stringparam section.label.includes.component.label 1 \
+ --stringparam toc.max.depth 3 --xinclude --nonet \
+ http://docbook.sourceforge.net/release/xsl/current/html/chunk.xsl $<
+
+distclean-local:
+ -rm -rf html Linux-PAM_MWG.txt Linux-PAM_MWG.pdf
+
+endif
+
+install-data-local:
+ $(mkinstalldirs) $(DESTDIR)$(docdir)
+ $(mkinstalldirs) $(DESTDIR)$(pdfdir)
+ $(mkinstalldirs) $(DESTDIR)$(htmldir)
+ test -f html/Linux-PAM_MWG.html || exit 0; \
+ $(install_sh_DATA) html/Linux-PAM_MWG.html html/mwg-*.html \
+ $(DESTDIR)$(htmldir)/ || \
+ $(install_sh_DATA) $(srcdir)/html/Linux-PAM_MWG.html \
+ $(srcdir)/html/sag-*.html \
+ $(DESTDIR)$(htmldir)/
+ test -f Linux-PAM_MWG.txt || exit 0; \
+ $(install_sh_DATA) Linux-PAM_MWG.txt $(DESTDIR)$(docdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_MWG.txt \
+ $(DESTDIR)$(docdir)/
+ test -f Linux-PAM_MWG.pdf || exit 0; \
+ $(install_sh_DATA) Linux-PAM_MWG.pdf $(DESTDIR)$(pdfdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_MWG.pdf \
+ $(DESTDIR)$(pdfdir)/
+
+uninstall-local:
+ -rm $(DESTDIR)$(htmldir)/Linux-PAM_MWG.html
+ -rm $(DESTDIR)$(htmldir)/mwg-*.html
+ -rm $(DESTDIR)$(docdir)/Linux-PAM_MWG.txt
+ -rm $(DESTDIR)$(pdfdir)/Linux-PAM_MWG.pdf
+
+releasedocs: all
+ $(mkinstalldirs) $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/html
+ test -f html/Linux-PAM_MWG.html || exit 0; \
+ cp -ap html/Linux-PAM_MWG.html html/mwg-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/html/ || \
+ cp -ap $(srcdir)/html/Linux-PAM_MWG.html \
+ $(srcdir)/html/mwg-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/html/
+ test -f Linux-PAM_MWG.txt || exit 0; \
+ cp -p Linux-PAM_MWG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/ || \
+ cp -p $(srcdir)/Linux-PAM_MWG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/
+ test -f Linux-PAM_MWG.pdf || exit 0; \
+ cp -p Linux-PAM_MWG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/ || \
+ cp -p $(srcdir)/Linux-PAM_MWG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/
diff --git a/Linux-PAM/doc/mwg/Makefile.in b/Linux-PAM/doc/mwg/Makefile.in
new file mode 100644
index 00000000..891768fc
--- /dev/null
+++ b/Linux-PAM/doc/mwg/Makefile.in
@@ -0,0 +1,470 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = doc/mwg
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+SOURCES =
+DIST_SOURCES =
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = Linux-PAM_MWG.fo *~
+EXTRA_DIST = $(XMLS)
+XMLS = Linux-PAM_MWG.xml $(shell ls $(srcdir)/pam_*.xml)
+DEP_XMLS = $(shell ls $(top_srcdir)/doc/man/pam_*.xml)
+@ENABLE_REGENERATE_MAN_TRUE@MAINTAINERCLEANFILES = Linux-PAM_MWG.txt Linux-PAM_MWG.pdf html/*.html
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/mwg/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu doc/mwg/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+tags: TAGS
+TAGS:
+
+ctags: CTAGS
+CTAGS:
+
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+ -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
+@ENABLE_REGENERATE_MAN_FALSE@distclean-local:
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-local
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-data-local
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-local
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am check check-am clean clean-generic clean-libtool \
+ distclean distclean-generic distclean-libtool distclean-local \
+ distdir dvi dvi-am html html-am info info-am install \
+ install-am install-data install-data-am install-data-local \
+ install-dvi install-dvi-am install-exec install-exec-am \
+ install-html install-html-am install-info install-info-am \
+ install-man install-pdf install-pdf-am install-ps \
+ install-ps-am install-strip installcheck installcheck-am \
+ installdirs maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+ ps ps-am uninstall uninstall-am uninstall-local
+
+
+@ENABLE_REGENERATE_MAN_TRUE@all: Linux-PAM_MWG.txt html/Linux-PAM_MWG.html Linux-PAM_MWG.pdf
+
+@ENABLE_REGENERATE_MAN_TRUE@Linux-PAM_MWG.pdf: $(XMLS) $(DEP_XMLS)
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam generate.toc "book toc" \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.autolabel 1 \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.label.includes.component.label 1 \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ --stringparam toc.max.depth 3 --xinclude --nonet \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ http://docbook.sourceforge.net/release/xsl/current/fo/docbook.xsl $< > Linux-PAM_MWG.fo
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ $(FO2PDF) Linux-PAM_MWG.fo $@
+@ENABLE_GENERATE_PDF_FALSE@@ENABLE_REGENERATE_MAN_TRUE@ echo "No fo2pdf processor installed, skip PDF generation"
+
+@ENABLE_REGENERATE_MAN_TRUE@Linux-PAM_MWG.txt: $(XMLS) $(DEP_XMLS)
+@ENABLE_REGENERATE_MAN_TRUE@ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam generate.toc "book toc" \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.autolabel 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.label.includes.component.label 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam toc.max.depth 3 --xinclude --nonet \
+@ENABLE_REGENERATE_MAN_TRUE@ http://docbook.sourceforge.net/release/xsl/current/html/docbook.xsl $< | $(BROWSER) > $@
+
+@ENABLE_REGENERATE_MAN_TRUE@html/Linux-PAM_MWG.html: $(XMLS) $(DEP_XMLS)
+@ENABLE_REGENERATE_MAN_TRUE@ @test -d html || mkdir -p html
+@ENABLE_REGENERATE_MAN_TRUE@ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam base.dir html/ \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam root.filename Linux-PAM_MWG \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam use.id.as.filename 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam chunk.first.sections 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.autolabel 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.label.includes.component.label 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam toc.max.depth 3 --xinclude --nonet \
+@ENABLE_REGENERATE_MAN_TRUE@ http://docbook.sourceforge.net/release/xsl/current/html/chunk.xsl $<
+
+@ENABLE_REGENERATE_MAN_TRUE@distclean-local:
+@ENABLE_REGENERATE_MAN_TRUE@ -rm -rf html Linux-PAM_MWG.txt Linux-PAM_MWG.pdf
+
+install-data-local:
+ $(mkinstalldirs) $(DESTDIR)$(docdir)
+ $(mkinstalldirs) $(DESTDIR)$(pdfdir)
+ $(mkinstalldirs) $(DESTDIR)$(htmldir)
+ test -f html/Linux-PAM_MWG.html || exit 0; \
+ $(install_sh_DATA) html/Linux-PAM_MWG.html html/mwg-*.html \
+ $(DESTDIR)$(htmldir)/ || \
+ $(install_sh_DATA) $(srcdir)/html/Linux-PAM_MWG.html \
+ $(srcdir)/html/sag-*.html \
+ $(DESTDIR)$(htmldir)/
+ test -f Linux-PAM_MWG.txt || exit 0; \
+ $(install_sh_DATA) Linux-PAM_MWG.txt $(DESTDIR)$(docdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_MWG.txt \
+ $(DESTDIR)$(docdir)/
+ test -f Linux-PAM_MWG.pdf || exit 0; \
+ $(install_sh_DATA) Linux-PAM_MWG.pdf $(DESTDIR)$(pdfdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_MWG.pdf \
+ $(DESTDIR)$(pdfdir)/
+
+uninstall-local:
+ -rm $(DESTDIR)$(htmldir)/Linux-PAM_MWG.html
+ -rm $(DESTDIR)$(htmldir)/mwg-*.html
+ -rm $(DESTDIR)$(docdir)/Linux-PAM_MWG.txt
+ -rm $(DESTDIR)$(pdfdir)/Linux-PAM_MWG.pdf
+
+releasedocs: all
+ $(mkinstalldirs) $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/html
+ test -f html/Linux-PAM_MWG.html || exit 0; \
+ cp -ap html/Linux-PAM_MWG.html html/mwg-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/html/ || \
+ cp -ap $(srcdir)/html/Linux-PAM_MWG.html \
+ $(srcdir)/html/mwg-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/html/
+ test -f Linux-PAM_MWG.txt || exit 0; \
+ cp -p Linux-PAM_MWG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/ || \
+ cp -p $(srcdir)/Linux-PAM_MWG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/
+ test -f Linux-PAM_MWG.pdf || exit 0; \
+ cp -p Linux-PAM_MWG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/ || \
+ cp -p $(srcdir)/Linux-PAM_MWG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/mwg/
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/doc/mwg/pam_conv.xml b/Linux-PAM/doc/mwg/pam_conv.xml
new file mode 100644
index 00000000..a2b470af
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_conv.xml
@@ -0,0 +1,35 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_conv'>
+ <title>The conversation function</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_conv.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_conv-synopsis"]/*)'/>
+ </funcsynopsis>
+ <programlisting>
+struct pam_message {
+ int msg_style;
+ const char *msg;
+};
+
+struct pam_response {
+ char *resp;
+ int resp_retcode;
+};
+
+struct pam_conv {
+ int (*conv)(int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *appdata_ptr);
+ void *appdata_ptr;
+};
+ </programlisting>
+ <section id='mwg-pam_conv-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_conv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_conv-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_conv-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_conv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_conv-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_fail_delay.xml b/Linux-PAM/doc/mwg/pam_fail_delay.xml
new file mode 100644
index 00000000..589e1148
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_fail_delay.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_fail_delay'>
+ <title>Request a delay on failure</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_fail_delay.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_fail_delay-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_fail_delay-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_fail_delay.3.xml" xpointer='xpointer(//refsect1[@id = "pam_fail_delay-description"]/*)'/>
+ </section>
+ <section id='adg-pam_fail_delay-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_fail_delay.3.xml" xpointer='xpointer(//refsect1[@id = "pam_fail_delay-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_get_data.xml b/Linux-PAM/doc/mwg/pam_get_data.xml
new file mode 100644
index 00000000..b1afdb3f
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_get_data.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_get_data'>
+ <title>Get module internal data</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_data.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_get_data-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_get_data-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_data.3.xml" xpointer='xpointer(//refsect1[@id = "pam_get_data-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_get_data-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_data.3.xml" xpointer='xpointer(//refsect1[@id = "pam_get_data-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_get_item.xml b/Linux-PAM/doc/mwg/pam_get_item.xml
new file mode 100644
index 00000000..370a10a1
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_get_item.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_get_item'>
+ <title>Getting PAM items</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_item.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_get_item-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_get_item-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_item.3.xml" xpointer='xpointer(//refsect1[@id = "pam_get_item-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_get_item-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_item.3.xml" xpointer='xpointer(//refsect1[@id = "pam_get_item-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_get_user.xml b/Linux-PAM/doc/mwg/pam_get_user.xml
new file mode 100644
index 00000000..1cb7fdf3
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_get_user.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_get_user'>
+ <title>Get user name</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_user.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_get_user-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_get_user-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_user.3.xml" xpointer='xpointer(//refsect1[@id = "pam_get_user-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_get_user-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_get_user.3.xml" xpointer='xpointer(//refsect1[@id = "pam_get_user-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_getenv.xml b/Linux-PAM/doc/mwg/pam_getenv.xml
new file mode 100644
index 00000000..61d69c33
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_getenv.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_getenv'>
+ <title>Get a PAM environment variable</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenv.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_getenv-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_getenv-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_getenv-description"]/*)'/>
+ </section>
+ <section id='adg-pam_getenv-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_getenv-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_getenvlist.xml b/Linux-PAM/doc/mwg/pam_getenvlist.xml
new file mode 100644
index 00000000..d3c2fcd3
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_getenvlist.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_getenvlist'>
+ <title>Getting the PAM environment</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenvlist.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_getenvlist-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_getenvlist-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenvlist.3.xml" xpointer='xpointer(//refsect1[@id = "pam_getenvlist-description"]/*)'/>
+ </section>
+ <section id='adg-pam_getenvlist-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_getenvlist.3.xml" xpointer='xpointer(//refsect1[@id = "pam_getenvlist-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_putenv.xml b/Linux-PAM/doc/mwg/pam_putenv.xml
new file mode 100644
index 00000000..e55f1a42
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_putenv.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_putenv'>
+ <title>Set or change PAM environment variable</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_putenv.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_putenv-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_putenv-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_putenv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_putenv-description"]/*)'/>
+ </section>
+ <section id='adg-pam_putenv-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_putenv.3.xml" xpointer='xpointer(//refsect1[@id = "pam_putenv-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_set_data.xml b/Linux-PAM/doc/mwg/pam_set_data.xml
new file mode 100644
index 00000000..18b2711b
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_set_data.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_set_data'>
+ <title>Set module internal data</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_set_data.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_set_data-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_set_data-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_set_data.3.xml" xpointer='xpointer(//refsect1[@id = "pam_set_data-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_set_data-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_set_data.3.xml" xpointer='xpointer(//refsect1[@id = "pam_set_data-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_set_item.xml b/Linux-PAM/doc/mwg/pam_set_item.xml
new file mode 100644
index 00000000..7d19925e
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_set_item.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_set_item'>
+ <title>Setting PAM items</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_set_item.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_set_item-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_set_item-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_set_item.3.xml" xpointer='xpointer(//refsect1[@id = "pam_set_item-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_set_item-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_set_item.3.xml" xpointer='xpointer(//refsect1[@id = "pam_set_item-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_sm_acct_mgmt.xml b/Linux-PAM/doc/mwg/pam_sm_acct_mgmt.xml
new file mode 100644
index 00000000..10b3c9e9
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_sm_acct_mgmt.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_sm_acct_mgmt'>
+ <title>Service function for account management</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_acct_mgmt.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_sm_acct_mgmt-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_sm_acct_mgmt-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_acct_mgmt.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_acct_mgmt-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_sm_acct_mgmt-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_acct_mgmt.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_acct_mgmt-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_sm_authenticate.xml b/Linux-PAM/doc/mwg/pam_sm_authenticate.xml
new file mode 100644
index 00000000..54c79af6
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_sm_authenticate.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_sm_authenticate'>
+ <title>Service function for user authentication</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_authenticate.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_sm_authenticate-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_sm_authenticate-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_authenticate.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_authenticate-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_sm_authenticate-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_authenticate.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_authenticate-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_sm_chauthtok.xml b/Linux-PAM/doc/mwg/pam_sm_chauthtok.xml
new file mode 100644
index 00000000..a1364315
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_sm_chauthtok.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_sm_chauthtok'>
+ <title>Service function to alter authentication token</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_chauthtok.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_sm_chauthtok-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_sm_chauthtok-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_chauthtok.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_chauthtok-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_sm_chauthtok-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_chauthtok.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_chauthtok-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_sm_close_session.xml b/Linux-PAM/doc/mwg/pam_sm_close_session.xml
new file mode 100644
index 00000000..9346c506
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_sm_close_session.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-close.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_sm_close_session'>
+ <title>Service function to terminate session management</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_close_session.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_sm_close_session-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_sm_close_session-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_close_session.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_close_session-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_sm_close_session-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_close_session.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_close_session-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_sm_open_session.xml b/Linux-PAM/doc/mwg/pam_sm_open_session.xml
new file mode 100644
index 00000000..b8e3fa90
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_sm_open_session.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_sm_open_session'>
+ <title>Service function to start session management</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_open_session.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_sm_open_session-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_sm_open_session-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_open_session.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_open_session-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_sm_open_session-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_open_session.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_open_session-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_sm_setcred.xml b/Linux-PAM/doc/mwg/pam_sm_setcred.xml
new file mode 100644
index 00000000..eee8e1d6
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_sm_setcred.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='mwg-pam_sm_setcred'>
+ <title>Service function to alter credentials</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_setcred.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_sm_setcred-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='mwg-pam_sm_setcred-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_setcred.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_setcred-description"]/*)'/>
+ </section>
+ <section id='mwg-pam_sm_setcred-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_sm_setcred.3.xml" xpointer='xpointer(//refsect1[@id = "pam_sm_setcred-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/mwg/pam_strerror.xml b/Linux-PAM/doc/mwg/pam_strerror.xml
new file mode 100644
index 00000000..35b08a27
--- /dev/null
+++ b/Linux-PAM/doc/mwg/pam_strerror.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='adg-pam_strerror'>
+ <title>Strings describing PAM error codes</title>
+ <funcsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_strerror.3.xml" xpointer='xpointer(//funcsynopsis[@id = "pam_strerror-synopsis"]/*)'/>
+ </funcsynopsis>
+ <section id='adg-pam_strerror-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_strerror.3.xml" xpointer='xpointer(//refsect1[@id = "pam_strerror-description"]/*)'/>
+ </section>
+ <section id='adg-pam_strerror-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam_strerror.3.xml" xpointer='xpointer(//refsect1[@id = "pam_strerror-return_values"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/pam_appl.sgml b/Linux-PAM/doc/pam_appl.sgml
deleted file mode 100644
index 33fdcba6..00000000
--- a/Linux-PAM/doc/pam_appl.sgml
+++ /dev/null
@@ -1,1777 +0,0 @@
-<!doctype linuxdoc system>
-
-<!--
-
- $Id: pam_appl.sgml,v 1.10 2004/09/22 09:37:47 kukuk Exp $
-
- Copyright (C) Andrew G. Morgan 1996-2001. All rights reserved.
-
-Redistribution and use in source (sgml) and binary (derived) forms,
-with or without modification, are permitted provided that the
-following conditions are met:
-
-1. Redistributions of source code must retain the above copyright
- notice, and the entire permission notice in its entirety,
- including the disclaimer of warranties.
-
-2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
-3. The name of the author may not be used to endorse or promote
- products derived from this software without specific prior
- written permission.
-
-ALTERNATIVELY, this product may be distributed under the terms of the
-GNU General Public License, in which case the provisions of the GNU
-GPL are required INSTEAD OF the above restrictions. (This clause is
-necessary due to a potential bad interaction between the GNU GPL and
-the restrictions contained in a BSD-style copyright.)
-
-THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
-OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
-TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
-USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGE.
-
- -->
-
-<article>
-
-<title>The Linux-PAM Application Developers' Guide
-<author>Andrew G. Morgan, <tt>morgan@kernel.org</tt>
-<date>DRAFT v0.76 2001/12/08
-<abstract>
-This manual documents what an application developer needs to know
-about the <bf>Linux-PAM</bf> library. It describes how an application
-might use the <bf>Linux-PAM</bf> library to authenticate users. In
-addition it contains a description of the funtions to be found in
-<tt/libpam_misc/ library, that can be used in general applications.
-Finally, it contains some comments on PAM related security issues for
-the application developer.
-</abstract>
-
-<toc>
-
-<sect>Introduction
-
-<sect1>Synopsis
-
-<p>
-For general applications that wish to use the services provided by
-<bf/Linux-PAM/ the following is a summary of the relevant linking
-information:
-<tscreen>
-<verb>
-#include <security/pam_appl.h>
-
-cc -o application .... -lpam -ldl
-</verb>
-</tscreen>
-
-<p>
-In addition to <tt/libpam/, there is a library of miscellaneous
-functions that make the job of writing <em/PAM-aware/ applications
-easier (this library is not covered in the DCE-RFC for PAM and is
-specific to the Linux-PAM distribution):
-<tscreen>
-<verb>
-...
-#include <security/pam_misc.h>
-
-cc -o application .... -lpam -lpam_misc -ldl
-</verb>
-</tscreen>
-
-<sect1> Description
-
-<p>
-<bf>Linux-PAM</bf> (Pluggable Authentication Modules for Linux) is a
-library that enables the local system administrator to choose how
-individual applications authenticate users. For an overview of the
-<bf>Linux-PAM</bf> library see the <bf/Linux-PAM/ System
-Administrators' Guide.
-
-<p>
-It is the purpose of the <bf>Linux-PAM</bf> project to liberate the
-development of privilege granting software from the development of
-secure and appropriate authentication schemes. This is accomplished
-by providing a documented library of functions that an application may
-use for all forms of user authentication management. This library
-dynamically loads locally configured authentication modules that
-actually perform the authentication tasks.
-
-<p>
-From the perspective of an application developer the information
-contained in the local configuration of the PAM library should not be
-important. Indeed it is intended that an application treat the
-functions documented here as a ``black box'' that will deal with all
-aspects of user authentication. ``All aspects'' includes user
-verification, account management, session initialization/termination
-and also the resetting of passwords (<em/authentication tokens/).
-
-<sect>Overview
-
-<p>
-Most service-giving applications are restricted. In other words,
-their service is not available to all and every prospective client.
-Instead, the applying client must jump through a number of hoops to
-convince the serving application that they are authorized to obtain
-service.
-
-The process of <em/authenticating/ a client is what PAM is designed to
-manage. In addition to authentication, PAM provides account
-management, credential management, session management and
-authentication-token (password changing) management services. It is
-important to realize when writing a PAM based application that these
-services are provided in a manner that is <bf>transparent</bf> to
-the application. That is to say, when the application is written, no
-assumptions can be made about <em>how</em> the client will be
-authenticated.
-
-<p>
-The process of authentication is performed by the PAM library via a
-call to <tt>pam_authenticate()</tt>. The return value of this
-function will indicate whether a named client (the <em>user</em>) has
-been authenticated. If the PAM library needs to prompt the user for
-any information, such as their <em>name</em> or a <em>password</em>
-then it will do so. If the PAM library is configured to authenticate
-the user using some silent protocol, it will do this too. (This
-latter case might be via some hardware interface for example.)
-
-<p>
-It is important to note that the application must leave all decisions
-about when to prompt the user at the discretion of the PAM library.
-
-<p>
-The PAM library, however, must work equally well for different styles
-of application. Some applications, like the familiar <tt>login</tt>
-and <tt>passwd</tt> are terminal based applications, exchanges of
-information with the client in these cases is as plain text messages.
-Graphically based applications, however, have a more sophisticated
-interface. They generally interact with the user via specially
-constructed dialogue boxes. Additionally, network based services
-require that text messages exchanged with the client are specially
-formatted for automated processing: one such example is <tt>ftpd</tt>
-which prefixes each exchanged message with a numeric identifier.
-
-<p>
-The presentation of simple requests to a client is thus something very
-dependent on the protocol that the serving application will use. In
-spite of the fact that PAM demands that it drives the whole
-authentication process, it is not possible to leave such protocol
-subtleties up to the PAM library. To overcome this potential problem,
-the application provides the PAM library with a <em>conversation</em>
-function. This function is called from <bf>within</bf> the PAM
-library and enables the PAM to directly interact with the client. The
-sorts of things that this conversation function must be able to do are
-prompt the user with text and/or obtain textual input from the user
-for processing by the PAM library. The details of this function are
-provided in a later section.
-
-<p>
-For example, the conversation function may be called by the PAM library
-with a request to prompt the user for a password. Its job is to
-reformat the prompt request into a form that the client will
-understand. In the case of <tt>ftpd</tt>, this might involve prefixing
-the string with the number <tt>331</tt> and sending the request over
-the network to a connected client. The conversation function will
-then obtain any reply and, after extracting the typed password, will
-return this string of text to the PAM library. Similar concerns need
-to be addressed in the case of an X-based graphical server.
-
-<p>
-There are a number of issues that need to be addressed when one is
-porting an existing application to become PAM compliant. A section
-below has been devoted to this: Porting legacy applications.
-
-<p>
-Besides authentication, PAM provides other forms of management.
-Session management is provided with calls to
-<tt>pam_open_session()</tt> and <tt>pam_close_session()</tt>. What
-these functions actually do is up to the local administrator. But
-typically, they could be used to log entry and exit from the system or
-for mounting and unmounting the user's home directory. If an
-application provides continuous service for a period of time, it
-should probably call these functions, first open after the user is
-authenticated and then close when the service is terminated.
-
-<p>
-Account management is another area that an application developer
-should include with a call to <tt/pam_acct_mgmt()/. This call will
-perform checks on the good health of the user's account (has it
-expired etc.). One of the things this function may check is whether
-the user's authentication token has expired - in such a case the
-application may choose to attempt to update it with a call to
-<tt/pam_chauthtok()/, although some applications are not suited to
-this task (<em>ftp</em> for example) and in this case the application
-should deny access to the user.
-
-<p>
-PAM is also capable of setting and deleting the users credentials with
-the call <tt>pam_setcred()</tt>. This function should always be
-called after the user is authenticated and before service is offered
-to the user. By convention, this should be the last call to the PAM
-library before the PAM session is opened. What exactly a credential
-is, is not well defined. However, some examples are given in the
-glossary below.
-
-<sect>The public interface to <bf>Linux-PAM</bf>
-
-<p>
-Firstly, the relevant include file for the <bf>Linux-PAM</bf> library
-is <tt>&lt;security/pam_appl.h&gt;</tt>. It contains the definitions
-for a number of functions. After listing these functions, we collect
-some guiding remarks for programmers.
-
-<sect1>What can be expected by the application
-
-<p>
-Below we document those functions in the <bf/Linux-PAM/ library that
-may be called from an application.
-
-<sect2>Initialization of Linux-PAM
-<label id="pam-start-section">
-
-<p>
-<tscreen>
-<verb>
-extern int pam_start(const char *service_name, const char *user,
- const struct pam_conv *pam_conversation,
- pam_handle_t **pamh);
-</verb>
-</tscreen>
-
-<p>
-This is the first of the <bf>Linux-PAM</bf> functions that must be
-called by an application. It initializes the interface and reads the
-system configuration file, <tt>/etc/pam.conf</tt> (see the
-<bf/Linux-PAM/ System Administrators' Guide). Following a successful
-return (<tt/PAM_SUCCESS/) the contents of <tt/*pamh/ is a handle that
-provides continuity for successive calls to the <bf/Linux-PAM/
-library. The arguments expected by <tt/pam_start/ are as follows: the
-<tt/service_name/ of the program, the <tt/user/name of the individual
-to be authenticated, a pointer to an application-supplied
-<tt/pam_conv/ structure and a pointer to a <tt/pam_handle_t/
-<em/pointer/.
-
-<p>
-The <tt>pam_conv</tt> structure is discussed more fully in the section
-<ref id="the-conversation-function" name="below">. The
-<tt>pam_handle_t</tt> is a <em>blind</em> structure and the
-application should not attempt to probe it directly for information.
-Instead the <bf>Linux-PAM</bf> library provides the functions
-<tt>pam_set_item</tt> and <tt>pam_get_item</tt>. These functions are
-documented below.
-
-<sect2>Termination of the library
-<label id="pam-end-section">
-
-<p>
-<tscreen>
-<verb>
-extern int pam_end(pam_handle_t *pamh, int pam_status);
-</verb>
-</tscreen>
-
-<p>
-This function is the last function an application should call in the
-<bf>Linux-PAM</bf> library. Upon return the handle <tt/pamh/ is no
-longer valid and all memory associated with it will be invalid (likely
-to cause a segmentation fault if accessed).
-
-<p>
-Under normal conditions the argument <tt/pam_status/ has the value
-PAM_SUCCESS, but in the event of an unsuccessful application for
-service the appropriate <bf/Linux-PAM/ error-return value should be
-used here. Note, <tt/pam_end()/ unconditionally shuts down the
-authentication stack associated with the <tt/pamh/ handle. The value
-taken by <tt/pam_status/ is used as an argument to the module specific
-callback functions, <tt/cleanup()/ (see the <bf/Linux-PAM/ <htmlurl
-url="pam_modules.html" name="Module Developers' Guide">). In this way,
-the module can be given notification of the pass/fail nature of the
-tear-down process, and perform any last minute tasks that are
-appropriate to the module before it is unlinked.
-
-<sect2>Setting PAM items
-<label id="pam-set-item-section">
-
-<p>
-<tscreen>
-<verb>
-extern int pam_set_item(pam_handle_t *pamh, int item_type,
- const void *item);
-</verb>
-</tscreen>
-
-<p>This function is used to (re)set the value of one of the following
-<bf/item_type/s:
-
-<p><descrip>
-<tag><tt/PAM_SERVICE/</tag>
-
- The service name (which identifies that PAM stack that
- <tt/libpam/ will use to authenticate the program).
-
-<tag><tt/PAM_USER/</tag>
-
- The username of the entity under who's identity service will
- be given. That is, following authentication, <tt/PAM_USER/
- identifies the local entity that gets to use the
- service. Note, this value can be mapped from something (eg.,
- "<tt/anonymous/") to something else (eg. "<tt/guest119/") by
- any module in the PAM stack. As such an application should
- consult the value of <tt/PAM_USER/ after each call to a
- <tt/pam_*()/ function.
-
-<tag><tt/PAM_USER_PROMPT/</tag>
-
- The string used when prompting for a user's name. The default
- value for this string is ``Please enter username: ''.
-
-<tag><tt/PAM_TTY/</tag>
-
- The terminal name: prefixed by <tt>/dev/</tt> if it is a
- device file; for graphical, X-based, applications the value
- for this item should be the <tt/&dollar;DISPLAY/ variable.
-
-<tag><tt/PAM_RUSER/</tag>
-
- The requesting entity: user's username for a locally
- requesting user or a remote requesting user - generally an
- application or module will attempt to supply the value that is
- most strongly authenticated (a local account before a remote
- one. The level of trust in this value is embodied in the
- actual authentication stack associated with the application,
- so it is ultimately at the discretion of the system
- administrator. It should generally match the current
- <tt/PAM_RHOST/ value. That is, "<tt/PAM_RUSER@PAM_RHOST/"
- should always identify the requesting user. In some cases,
- <tt/PAM_RUSER/ may be NULL. In such situations, it is unclear
- who the requesting entity is.
-
-<tag><tt/PAM_RHOST/</tag>
-
- The requesting hostname (the hostname of the machine from
- which the <tt/PAM_RUSER/ entity is requesting service). That
- is "<tt/PAM_RUSER@PAM_RHOST/" does identify the requesting
- user. "<tt/luser@localhost/" or "<tt/evil@evilcom.com/" are
- valid "<tt/PAM_RUSER@PAM_RHOST/" examples. In some
- applications, <tt/PAM_RHOST/ may be NULL. In such situations,
- it is unclear where the authentication request is originating
- from.
-
-<tag><tt/PAM_CONV/</tag>
-
- The conversation structure (see section <ref
- id="the-conversation-function" name="below">).
-
-<tag><tt/PAM_FAIL_DELAY/</tag> A function pointer to redirect
- centrally managed failure delays (see section <ref
- id="the-failure-delay-function" name="below">).
-
-</descrip>
-
-<p>
-For all <tt/item_type/s, other than <tt/PAM_CONV/ and
-<tt/PAM_FAIL_DELAY/, <tt/item/ is a pointer to a <tt>&lt;NUL&gt;</tt>
-terminated character string. In the case of <tt/PAM_CONV/, <tt/item/
-points to an initialized <tt/pam_conv/ structure (see section <ref
-id="the-conversation-function" name="below">). In the case of
-<tt/PAM_FAIL_DELAY/, <tt/item/ is a function pointer: <tt/void
-(*delay_fn)(int retval, unsigned usec_delay, void *appdata_ptr)/ (see
-section <ref id="the-failure-delay-function" name="below">).
-
-<p>
-A successful call to this function returns <tt/PAM_SUCCESS/. However,
-the application should expect at least one the following errors:
-
-<p>
-<descrip>
-<tag><tt/PAM_SYSTEM_ERR/</tag>
- The <tt/pam_handle_t/ passed as a first argument to this
- function was invalid.
-<tag><tt/PAM_PERM_DENIED/</tag>
- An attempt was made to replace the conversation structure with
- a <tt/NULL/ value.
-<tag><tt/PAM_BUF_ERR/</tag>
- The function ran out of memory making a copy of the item.
-<tag><tt/PAM_BAD_ITEM/</tag>
- The application attempted to set an undefined or inaccessible
- item.
-</descrip>
-
-<sect2>Getting PAM items
-<label id="pam-get-item-section">
-
-<p>
-<tscreen>
-<verb>
-extern int pam_get_item(const pam_handle_t *pamh, int item_type,
- const void **item);
-</verb>
-</tscreen>
-
-<p>
-This function is used to obtain the value of the indicated
-<tt/item_type/. Upon successful return, <tt/*item/ contains a pointer
-to the value of the corresponding item. Note, this is a pointer to
-the <em/actual/ data and should <em/not/ be <tt/free()/'ed or
-over-written!
-
-<p>
-A successful call is signaled by a return value of <tt/PAM_SUCCESS/.
-However, the application should expect one of the following errors:
-
-<p>
-<descrip>
-<tag><tt/PAM_SYSTEM_ERR/</tag>
- The <tt/pam_handle_t/ passed as a first argument to this
- function was invalid.
-<tag><tt/PAM_PERM_DENIED/</tag>
- The value of <tt/item/ was <tt/NULL/.
-<tag><tt/PAM_BAD_ITEM/</tag>
- The application attempted to set an undefined or inaccessible
- item.
-</descrip>
-
-<p>
-In the case of an error, the contents of <tt/item/ is set to <tt/NULL/.
-
-<sect2>Understanding errors
-<label id="pam-strerror-section">
-
-<p>
-<tscreen>
-<verb>
-extern const char *pam_strerror(pam_handle_t *pamh, int errnum);
-</verb>
-</tscreen>
-
-<p>
-This function returns some text describing the <bf>Linux-PAM</bf>
-error associated with the argument <tt/errnum/. If the error is not
-recognized ``<tt/Unknown Linux-PAM error/'' is returned.
-
-<sect2>Planning for delays
-<label id="the-failure-delay-function">
-
-<p>
-<tscreen>
-<verb>
-extern int pam_fail_delay(pam_handle_t *pamh, unsigned int micro_sec);
-</verb>
-</tscreen>
-
-<p>
-This function is offered by <bf/Linux-PAM/ to facilitate time delays
-following a failed call to <tt/pam_authenticate()/ and before control
-is returned to the application. When using this function the
-application programmer should check if it is available with,
-<tscreen>
-<verb>
-#ifdef PAM_FAIL_DELAY
- ....
-#endif /* PAM_FAIL_DELAY */
-</verb>
-</tscreen>
-
-
-<p>
-Generally, an application requests that a user is authenticated by
-<bf/Linux-PAM/ through a call to <tt/pam_authenticate()/ or
-<tt/pam_chauthtok()/. These functions call each of the <em/stacked/
-authentication modules listed in the relevant <bf/Linux-PAM/
-configuration file. As directed by this file, one of more of the
-modules may fail causing the <tt/pam_...()/ call to return an error.
-It is desirable for there to also be a pause before the application
-continues. The principal reason for such a delay is security: a delay
-acts to discourage <em/brute force/ dictionary attacks primarily, but
-also helps hinder <em/timed/ (covert channel) attacks.
-
-<p>
-The <tt/pam_fail_delay()/ function provides the mechanism by which an
-application or module can suggest a minimum delay (of <tt/micro_sec/
-<em/micro-seconds/). <bf/Linux-PAM/ keeps a record of the longest time
-requested with this function. Should <tt/pam_authenticate()/ fail,
-the failing return to the application is delayed by an amount of time
-randomly distributed (by up to 25%) about this longest value.
-
-<p>
-Independent of success, the delay time is reset to its zero default
-value when <bf/Linux-PAM/ returns control to the application.
-
-<p>
-For applications written with a single thread that are event driven in
-nature, <tt/libpam/ generating this delay may be undesirable. Instead,
-the application may want to register the delay in some other way. For
-example, in a single threaded server that serves multiple
-authentication requests from a single event loop, the application
-might want to simply mark a given connection as blocked until an
-application timer expires. For this reason, <bf/Linux-PAM/ supplies
-the <tt/PAM_FAIL_DELAY/ item. It can be queried and set with
-<tt/pam_get_item()/ and <tt/pam_set_item()/ respectively. The value
-used to set it should be a function pointer of the following
-prototype:
-
-<tscreen>
-<verb>
-void (*delay_fn)(int retval, unsigned usec_delay, void *appdata_ptr);
-</verb>
-</tscreen>
-
-The arguments being the <tt/retval/ return code of the module stack,
-the <tt/usec_delay/ micro-second delay that libpam is requesting and
-the <tt/appdata_ptr/ that the application has associated with the
-current <tt/pamh/ (<tt/pam_handle_t/). This last value was set by the
-application when it called <tt/pam_start/ or explicitly with
-<tt/pam_set_item(... , PAM_CONV, ...)/. Note, if <tt/PAM_FAIL_DELAY/
-is unset (or set to <tt/NULL/), then <tt/libpam/ will perform any
-delay.
-
-<sect2>Authenticating the user
-
-<p>
-<tscreen>
-<verb>
-extern int pam_authenticate(pam_handle_t *pamh, int flags);
-</verb>
-</tscreen>
-
-<p>
-This function serves as an interface to the authentication mechanisms
-of the loaded modules. The single <em/optional/ flag, which may be
-logically OR'd with <tt/PAM_SILENT/, takes the following value,
-
-<p><descrip>
-
-<tag><tt/PAM_DISALLOW_NULL_AUTHTOK/</tag>
- Instruct the authentication modules to return
-<tt/PAM_AUTH_ERR/ if the user does not have a registered
-authorization token---it is set to <tt/NULL/ in the system database.
-</descrip>
-
-<p>
-The value returned by this function is one of the following:
-
-<p><descrip>
-
-<tag><tt/PAM_AUTH_ERR/</tag>
- The user was not authenticated
-<tag><tt/PAM_CRED_INSUFFICIENT/</tag>
- For some reason the application does not have sufficient
-credentials to authenticate the user.
-<tag><tt/PAM_AUTHINFO_UNAVAIL/</tag>
- The modules were not able to access the authentication
-information. This might be due to a network or hardware failure etc.
-<tag><tt/PAM_USER_UNKNOWN/</tag>
- The supplied username is not known to the authentication
-service
-<tag><tt/PAM_MAXTRIES/</tag>
- One or more of the authentication modules has reached its
-limit of tries authenticating the user. Do not try again.
-
-</descrip>
-
-<p>
-If one or more of the authentication modules fails to load, for
-whatever reason, this function will return <tt/PAM_ABORT/.
-
-<sect2>Setting user credentials
-<label id="pam-setcred-section">
-
-<p>
-<tscreen>
-<verb>
-extern int pam_setcred(pam_handle_t *pamh, int flags);
-</verb>
-</tscreen>
-
-<p>
-This function is used to set the module-specific credentials of the
-user. It is usually called after the user has been authenticated,
-after the account management function has been called but before a
-session has been opened for the user.
-
-<p>
-A credential is something that the user possesses. It is some
-property, such as a <em>Kerberos</em> ticket, or a supplementary group
-membership that make up the uniqueness of a given user. On a Linux
-(or UN*X system) the user's <tt>UID</tt> and <tt>GID</tt>'s are
-credentials too. However, it has been decided that these properties
-(along with the default supplementary groups of which the user is a
-member) are credentials that should be set directly by the application
-and not by PAM.
-
-<p>
-This function simply calls the <tt/pam_sm_setcred/ functions of each
-of the loaded modules. Valid <tt/flags/, any one of which, may be
-logically OR'd with <tt/PAM_SILENT/, are:
-
-<p><descrip>
-<tag><tt/PAM_ESTABLISH_CRED/</tag>
- Set the credentials for the authentication service,
-<tag><tt/PAM_DELETE_CRED/</tag>
- Delete the credentials associated with the authentication service,
-<tag><tt/PAM_REINITIALIZE_CRED/</tag>
- Reinitialize the user credentials, and
-<tag><tt/PAM_REFRESH_CRED/</tag>
- Extend the lifetime of the user credentials.
-</descrip>
-
-<p>
-A successful return is signalled with <tt/PAM_SUCCESS/. Errors that
-are especially relevant to this function are the following:
-
-<p><descrip>
-<tag><tt/PAM_CRED_UNAVAIL/</tag>
- A module cannot retrieve the user's credentials.
-<tag><tt/PAM_CRED_EXPIRED/</tag>
- The user's credentials have expired.
-<tag><tt/PAM_USER_UNKNOWN/</tag>
- The user is not known to an authentication module.
-<tag><tt/PAM_CRED_ERR/</tag>
- A module was unable to set the credentials of the user.
-</descrip>
-
-<sect2>Account management
-
-<p>
-<tscreen>
-<verb>
-extern int pam_acct_mgmt(pam_handle_t *pamh, int flags);
-</verb>
-</tscreen>
-
-<p>
-This function is typically called after the user has been
-authenticated. It establishes whether the user's account is healthy.
-That is to say, whether the user's account is still active and whether
-the user is permitted to gain access to the system at this time.
-Valid flags, any one of which, may be logically OR'd with
-<tt/PAM_SILENT/, and are the same as those applicable to the
-<tt/flags/ argument of <tt/pam_authenticate/.
-
-<p>
-This function simply calls the corresponding functions of each of the
-loaded modules, as instructed by the configuration file,
-<tt>/etc/pam.conf</tt>.
-
-<p>
-The normal response from this function is <tt/PAM_SUCCESS/, however,
-specific failures are indicated by the following error returns:
-
-<descrip>
-<tag><tt/PAM_AUTHTOKEN_REQD/</tag>
-The user <bf/is/ valid but their authentication token has
-<em/expired/. The correct response to this return-value is to require
-that the user satisfies the <tt/pam_chauthtok()/ function before
-obtaining service. It may not be possible for some applications to do
-this. In such cases, the user should be denied access until such time
-as they can update their password.
-
-<tag><tt/PAM_ACCT_EXPIRED/</tag>
- The user is no longer permitted to access the system.
-<tag><tt/PAM_AUTH_ERR/</tag>
- There was an authentication error.
-
-<tag><tt/PAM_PERM_DENIED/</tag>
- The user is not permitted to gain access at this time.
-<tag><tt/PAM_USER_UNKNOWN/</tag>
- The user is not known to a module's account management
-component.
-
-</descrip>
-
-<sect2>Updating authentication tokens
-<label id="pam-chauthtok-section">
-
-<p>
-<tscreen>
-<verb>
-extern int pam_chauthtok(pam_handle_t *pamh, const int flags);
-</verb>
-</tscreen>
-
-<p>
-This function is used to change the authentication token for a given
-user (as indicated by the state associated with the handle,
-<tt/pamh/). The following is a valid but optional flag which may be
-logically OR'd with <tt/PAM_SILENT/,
-
-<descrip>
-<tag><tt/PAM_CHANGE_EXPIRED_AUTHTOK/</tag>
- This argument indicates to the modules that the users
-authentication token (password) should only be changed if it has
-expired.
-</descrip>
-
-<p>
-Note, if this argument is not passed, the application requires that
-<em/all/ authentication tokens are to be changed.
-
-<p>
-<tt/PAM_SUCCESS/ is the only successful return value, valid
-error-returns are:
-
-<descrip>
-<tag><tt/PAM_AUTHTOK_ERR/</tag>
- A module was unable to obtain the new authentication token.
-
-<tag><tt/PAM_AUTHTOK_RECOVERY_ERR/</tag>
- A module was unable to obtain the old authentication token.
-
-<tag><tt/PAM_AUTHTOK_LOCK_BUSY/</tag>
- One or more of the modules was unable to change the
-authentication token since it is currently locked.
-
-<tag><tt/PAM_AUTHTOK_DISABLE_AGING/</tag>
- Authentication token aging has been disabled for at least one
-of the modules.
-
-<tag><tt/PAM_PERM_DENIED/</tag>
- Permission denied.
-
-<tag><tt/PAM_TRY_AGAIN/</tag>
- Not all of the modules were in a position to update the
-authentication token(s). In such a case none of the user's
-authentication tokens are updated.
-
-<tag><tt/PAM_USER_UNKNOWN/</tag>
- The user is not known to the authentication token changing
-service.
-
-</descrip>
-
-<sect2>Session initialization
-<label id="pam-open-session-section">
-
-<p>
-<tscreen>
-<verb>
-extern int pam_open_session(pam_handle_t *pamh, int flags);
-</verb>
-</tscreen>
-
-<p>
-This function is used to indicate that an authenticated session has
-begun. It is used to inform the modules that the user is currently in
-a session. It should be possible for the <bf>Linux-PAM</bf> library
-to open a session and close the same session (see section <ref
-id="pam-close-session-section" name="below">) from different
-applications.
-
-<p>
-Currently, this function simply calls each of the corresponding
-functions of the loaded modules. The only valid flag is
-<tt/PAM_SILENT/ and this is, of course, <em/optional/.
-
-<p>
-If any of the <em/required/ loaded modules are unable to open a
-session for the user, this function will return <tt/PAM_SESSION_ERR/.
-
-<sect2>Terminating sessions
-<label id="pam-close-session-section">
-
-<p>
-<tscreen>
-<verb>
-extern int pam_close_session(pam_handle_t *pamh, int flags);
-</verb>
-</tscreen>
-
-<p>
-This function is used to indicate that an authenticated session has
-ended. It is used to inform the modules that the user is exiting a
-session. It should be possible for the <bf>Linux-PAM</bf> library to
-open a session and close the same session from different applications.
-
-<p>
-This function simply calls each of the corresponding functions of the
-loaded modules in the same order that they were invoked with
-<tt/pam_open_session()/. The only valid flag is <tt/PAM_SILENT/ and
-this is, of course, <em/optional/.
-
-<p>
-If any of the <em/required/ loaded modules are unable to close a
-session for the user, this function will return <tt/PAM_SESSION_ERR/.
-
-<sect2>Setting PAM environment variables
-<label id="pam-putenv-section">
-
-<p>
-The <tt/libpam/ library associates with each PAM-handle (<tt/pamh/), a
-set of <it/PAM environment variables/. These variables are intended to
-hold the session environment variables that the user will inherit when
-the session is granted and the authenticated user obtains access to
-the requested service. For example, when <tt/login/ has finally given
-the user a shell, the environment (as viewed with the command
-<tt/env/) will be what <tt/libpam/ was maintaining as the PAM
-environment for that service application. Note, these variables are not
-the environment variables of the <tt/login/ application. This is
-principally for two reasons: <tt/login/ may want to have an
-environment that cannot be seen or manipulated by a user; and
-<tt/login/ (or whatever the serving application is) may be maintaining
-a number of parallel sessions, via different <tt/pamh/ values, at the
-same time and a single environment may not be appropriately shared
-between each of these. The PAM environment may contain variables
-seeded by the applicant user's client program, for example, and as
-such it is not appropriate for one applicant to interfere with the
-environment of another applicant.
-
-<p>
-<tscreen>
-<verb>
-extern int pam_putenv(pam_handle_t *pamh, const char *name_value);
-</verb>
-</tscreen>
-
-<p>
-This function attempts to (re)set a <bf/Linux-PAM/ environment
-variable. The <tt/name_value/ argument is a single <tt/NUL/ terminated
-string of one of the following forms:
-<descrip>
-<tag>``<tt/NAME=value of variable/''</tag>
-
-In this case the environment variable of the given <tt/NAME/ is set to
-the indicated value: ``<tt/value of variable/''. If this variable is
-already known, it is overwritten. Otherwise it is added to the
-<bf/Linux-PAM/ environment.
-
-<tag>``<tt/NAME=/''</tag>
-
-This function sets the variable to an empty value. It is listed
-separately to indicate that this is the correct way to achieve such a
-setting.
-
-<tag>``<tt/NAME/''</tag>
-
-Without an `<tt/=/' the <tt/pam_putenv()/ function will delete the
-corresponding variable from the <bf/Linux-PAM/ environment.
-
-</descrip>
-
-<p>
-Success is indicated with a return value of <tt/PAM_SUCCESS/. Failure
-is indicated by one of the following returns:
-
-<descrip>
-<tag><tt/PAM_PERM_DENIED/</tag>
- name given is a <tt/NULL/ pointer
-
-<tag><tt/PAM_BAD_ITEM/</tag>
- variable requested (for deletion) is not currently set
-
-<tag><tt/PAM_ABORT/</tag>
- the <bf/Linux-PAM/ handle, <tt/pamh/, is corrupt
-
-<tag><tt/PAM_BUF_ERR/</tag>
- failed to allocate memory when attempting update
-
-</descrip>
-
-<sect2>Getting a PAM environment variable
-<label id="pam-getenv-section">
-
-<p>
-<tscreen>
-<verb>
-extern const char *pam_getenv(pam_handle_t *pamh, const char *name);
-</verb>
-</tscreen>
-
-<p>
-Obtain the value of the indicated <bf/Linux-PAM/ environment
-variable. On error, internal failure or the unavailability of the
-given variable (unspecified), this function simply returns <tt/NULL/.
-
-<sect2>Getting the PAM environment
-<label id="pam-getenvlist-section">
-
-<p>
-<tscreen>
-<verb>
-extern const char * const *pam_getenvlist(pam_handle_t *pamh);
-</verb>
-</tscreen>
-
-<p>
-The PAM environment variables (see section <ref
-id="pam-putenv-section" name="above">) are a complete set of enviroment
-variables that are associated with a PAM-handle (<tt/pamh/). They
-represent the contents of the <it/regular/ environment variables of
-the authenticated user when service is granted.
-
-<p>
-Th function, <tt>pam_getenvlist()</tt> returns a pointer to a complete,
-<tt/malloc()/'d, copy of the PAM environment. It is a pointer to a
-duplicated list of environment variables. It should be noted that
-this memory will never be <tt/free()'d/ by <tt/libpam/. Once obtained
-by a call to <tt/pam_getenvlist()/, <bf>it is the responsibility of
-the calling application</bf> to <tt/free()/ this memory.
-
-<p>
-The format of the memory is a <tt/malloc()/'d array of <tt/char */
-pointers, the last element of which is set to <tt/NULL/. Each of the
-non-<tt/NULL/ entries in this array point to a <tt/NUL/ terminated and
-<tt/malloc()/'d <tt/char/ string of the form:
-<tt/"/<it/name/<tt/=/<it/value/<tt/"/.
-
-<p>
-It is by design, and not a coincidence, that the format and contents
-of the returned array matches that required for the third argument of
-the <tt/execle(3)/ function call.
-
-<sect1>What is expected of an application
-
-<sect2>The conversation function
-<label id="the-conversation-function">
-
-<p>
-An application must provide a ``conversation function''. It is used
-for direct communication between a loaded module and the application
-and will typically provide a means for the module to prompt the user
-for a password etc. . The structure, <tt/pam_conv/, is defined by
-including <tt>&lt;security/pam_appl.h&gt</tt>; to be,
-
-<p>
-<tscreen>
-<verb>
-struct pam_conv {
- int (*conv)(int num_msg,
- const struct pam_message **msg,
- struct pam_response **resp,
- void *appdata_ptr);
- void *appdata_ptr;
-};
-</verb>
-</tscreen>
-
-<p>
-It is initialized by the application before it is passed to the
-library. The <em/contents/ of this structure are attached to the
-<tt/*pamh/ handle. The point of this argument is to provide a
-mechanism for any loaded module to interact directly with the
-application program. This is why it is called a <em/conversation/
-structure.
-
-<p>
-When a module calls the referenced <tt/conv()/ function, the argument
-<tt/*appdata_ptr/ is set to the second element of this structure.
-
-<p>
-The other arguments of a call to <tt/conv()/ concern the information
-exchanged by module and application. That is to say, <tt/num_msg/
-holds the length of the array of pointers, <tt/msg/. After a
-successful return, the pointer <tt/*resp/ points to an array of
-<tt/pam_response/ structures, holding the application supplied text.
-Note, <tt/*resp/ is an <tt/struct pam_response/ array and <em/not/ an
-array of pointers.
-
-<p>
-The message (from the module to the application) passing structure is
-defined by <tt>&lt;security/pam_appl.h&gt;</tt> as:
-
-<p>
-<tscreen>
-<verb>
-struct pam_message {
- int msg_style;
- const char *msg;
-};
-</verb>
-</tscreen>
-
-<p>
-Valid choices for <tt/msg_style/ are:
-
-<p><descrip>
-<tag><tt/PAM_PROMPT_ECHO_OFF/</tag>
- Obtain a string without echoing any text
-<tag><tt/PAM_PROMPT_ECHO_ON/</tag>
- Obtain a string whilst echoing text
-<tag><tt/PAM_ERROR_MSG/</tag>
- Display an error
-<tag><tt/PAM_TEXT_INFO/</tag>
- Display some text.
-</descrip>
-
-<p>
-The point of having an array of messages is that it becomes possible
-to pass a number of things to the application in a single call from
-the module. It can also be convenient for the application that related
-things come at once: a windows based application can then present a
-single form with many messages/prompts on at once.
-
-<p>
-In passing, it is worth noting that there is a descrepency between the
-way Linux-PAM handles the <tt/const struct pam_message **msg/
-conversation function argument from the way that Solaris' PAM (and
-derivitives, known to include HP/UX, <em/are there others?/)
-does. Linux-PAM interprets the <tt/msg/ argument as entirely
-equivalent to the following prototype <tt/const struct pam_message
-*msg[]/ (which, in spirit, is consistent with the commonly used
-prototypes for <tt/argv/ argument to the familiar <tt/main()/
-function: <tt/char **argv/; and <tt/char *argv[]/). Said another way
-Linux-PAM interprets the <tt/msg/ argument as a pointer to an array of
-<tt/num_meg/ read only 'struct pam_message' <em/pointers/. Solaris'
-PAM implementation interprets this argument as a pointer to a pointer
-to an array of <tt/num_meg/ <tt/pam_message/ structures. Fortunately,
-perhaps, for most module/application developers when <tt/num_msg/ has
-a value of one these two definitions are entirely
-equivalent. Unfortunately, casually raising this number to two has led
-to unanticipated compatibility problems.
-
-<p>
-For what its worth the two known module writer work-arounds for trying
-to maintain source level compatibility with both PAM implementations
-are:
-<itemize>
-<item> never call the conversation function with <tt/num_msg/ greater
-than one.
-<item> set up <tt/msg/ as doubly referenced so both types of
-conversation function can find the messages. That is, make
-<p><tscreen>
-<verb>
-msg[n] = & (( *msg )[n])
-</verb>
-</tscreen>
-</itemize>
-<p>
-The response (from the application to the module) passing structure is
-defined by including <tt>&lt;security/pam_appl.h&gt;</tt> as:
-
-<p><tscreen><verb>
-struct pam_response {
- char *resp;
- int resp_retcode;
-};
-</verb></tscreen>
-
-<p>
-Currently, there are no definitions for <tt/resp_retcode/ values; the
-normal value is <tt/0/.
-
-<p>
-Prior to the 0.59 release of Linux-PAM, the length of the returned
-<tt/pam_response/ array was equal to the number of <em/prompts/ (types
-<tt/PAM_PROMPT_ECHO_OFF/ and <tt/PAM_PROMPT_ECHO_ON/) in the
-<tt/pam_message/ array with which the conversation function was
-called. This meant that it was not always necessary for the module to
-<tt/free(3)/ the responses if the conversation function was only used
-to display some text.
-
-<p>
-Post Linux-PAM-0.59. The number of responses is always equal to the
-<tt/num_msg/ conversation function argument. This is slightly easier
-to program but does require that the response array is <tt/free(3)/'d
-after every call to the conversation function. The index of the
-responses corresponds directly to the prompt index in the
-<tt/pam_message/ array.
-
-<p>
-The maximum length of the <tt/pam_msg.msg/ and <tt/pam_response.resp/
-character strings is <tt/PAM_MAX_MSG_SIZE/. (This is not enforced by
-Linux-PAM.)
-
-<p>
-<tt/PAM_SUCCESS/ is the expected return value of this
-function. However, should an error occur the application should not
-set <tt/*resp/ but simply return <tt/PAM_CONV_ERR/.
-
-<p>
-Note, if an application wishes to use two conversation functions, it
-should activate the second with a call to <tt/pam_set_item()/.
-
-<p>
-<bf>Notes:</bf> New item types are being added to the conversation
-protocol. Currently Linux-PAM supports: <tt>PAM_BINARY_PROMPT</tt>
-and <tt>PAM_BINARY_MSG</tt>. These two are intended for server-client
-hidden information exchange and may be used as an interface for
-maching-machine authentication.
-
-<sect1>Programming notes
-
-<p>
-Note, all of the authentication service function calls accept the
-token <tt/PAM_SILENT/, which instructs the modules to not send
-messages to the application. This token can be logically OR'd with any
-one of the permitted tokens specific to the individual function calls.
-<tt/PAM_SILENT/ does not override the prompting of the user for
-passwords etc., it only stops informative messages from being
-generated.
-
-<sect>Security issues of <bf>Linux-PAM</bf>
-
-<p>
-PAM, from the perspective of an application, is a convenient API for
-authenticating users. PAM modules generally have no increased
-privilege over that possessed by the application that is making use of
-it. For this reason, the application must take ultimate responsibility
-for protecting the environment in which PAM operates.
-
-<p>
-A poorly (or maliciously) written application can defeat any
-<bf/Linux-PAM/ module's authentication mechanisms by simply ignoring
-it's return values. It is the applications task and responsibility to
-grant privileges and access to services. The <bf/Linux-PAM/ library
-simply assumes the responsibility of <em/authenticating/ the user;
-ascertaining that the user <em/is/ who they say they are. Care should
-be taken to anticipate all of the documented behavior of the
-<bf/Linux-PAM/ library functions. A failure to do this will most
-certainly lead to a future security breach.
-
-<sect1>Care about standard library calls
-
-<p>
-In general, writers of authorization-granting applications should
-assume that each module is likely to call any or <em/all/ `libc'
-functions. For `libc' functions that return pointers to
-static/dynamically allocated structures (ie. the library allocates the
-memory and the user is not expected to `<tt/free()/' it) any module
-call to this function is likely to corrupt a pointer previously
-obtained by the application. The application programmer should either
-re-call such a `libc' function after a call to the <bf/Linux-PAM/
-library, or copy the structure contents to some safe area of memory
-before passing control to the <bf/Linux-PAM/ library.
-
-<p>
-Two important function classes that fall into this category are
-<tt>getpwnam(3)</tt> and <tt>syslog(3)</tt>.
-
-<sect1>Choice of a service name
-
-<p>
-When picking the <em/service-name/ that corresponds to the first entry
-in the <bf/Linux-PAM/ configuration file, the application programmer
-should <bf/avoid/ the temptation of choosing something related to
-<tt/argv[0]/. It is a trivial matter for any user to invoke any
-application on a system under a different name and this should not be
-permitted to cause a security breach.
-
-<p>
-In general, this is always the right advice if the program is setuid,
-or otherwise more privileged than the user that invokes it. In some
-cases, avoiding this advice is convenient, but as an author of such an
-application, you should consider well the ways in which your program
-will be installed and used. (Its often the case that programs are not
-intended to be setuid, but end up being installed that way for
-convenience. If your program falls into this category, don't fall into
-the trap of making this mistake.)
-
-<p>
-To invoke some <tt/target/ application by another name, the user may
-symbolically link the target application with the desired name. To be
-precise all the user need do is,
-<tscreen>
-<verb>
-ln -s /target/application ./preferred_name
-</verb>
-</tscreen>
-and then <em/run/ <tt>./preferred_name</tt>
-
-<p>
-By studying the <bf/Linux-PAM/ configuration file(s), an attacker can
-choose the <tt/preferred_name/ to be that of a service enjoying
-minimal protection; for example a game which uses <bf/Linux-PAM/ to
-restrict access to certain hours of the day. If the service-name were
-to be linked to the filename under which the service was invoked, it
-is clear that the user is effectively in the position of dictating
-which authentication scheme the service uses. Needless to say, this
-is not a secure situation.
-
-<p>
-The conclusion is that the application developer should carefully
-define the service-name of an application. The safest thing is to make
-it a single hard-wired name.
-
-<sect1>The conversation function
-
-<p>
-Care should be taken to ensure that the <tt/conv()/ function is
-robust. Such a function is provided in the library <tt/libpam_misc/
-(see <ref id="libpam-misc-section" name="below">).
-
-<sect1>The identity of the user
-
-<p>
-The <bf/Linux-PAM/ modules will need to determine the identity of the
-user who requests a service, and the identity of the user who grants
-the service. These two users will seldom be the same. Indeed there
-is generally a third user identity to be considered, the new (assumed)
-identity of the user once the service is granted.
-
-<p>
-The need for keeping tabs on these identities is clearly an issue of
-security. One convention that is actively used by some modules is
-that the identity of the user requesting a service should be the
-current <tt/uid/ (userid) of the running process; the identity of the
-privilege granting user is the <tt/euid/ (effective userid) of the
-running process; the identity of the user, under whose name the
-service will be executed, is given by the contents of the
-<tt/PAM_USER/ <tt/pam_get_item(3)/. Note, modules can change the
-values of <tt/PAM_USER/ and <tt/PAM_RUSER/ during any of the
-<tt/pam_*()/ library calls. For this reason, the application should
-take care to use the <tt/pam_get_item()/ every time it wishes to
-establish who the authenticated user is (or will currently be).
-
-<p>
-For network-serving databases and other applications that provide
-their own security model (independent of the OS kernel) the above
-scheme is insufficient to identify the requesting user.
-
-<p>
-A more portable solution to storing the identity of the requesting
-user is to use the <tt/PAM_RUSER/ <tt/pam_get_item(3)/. The
-application should supply this value before attempting to authenticate
-the user with <tt/pam_authenticate()/. How well this name can be
-trusted will ultimately be at the discretion of the local
-administrator (who configures PAM for your application) and a selected
-module may attempt to override the value where it can obtain more
-reliable data. If an application is unable to determine the identity
-of the requesting entity/user, it should not call <tt/pam_set_item(3)/
-to set <tt/PAM_RUSER/.
-
-<p>
-In addition to the <tt/PAM_RUSER/ item, the application should supply
-the <tt/PAM_RHOST/ (<em/requesting host/) item. As a general rule, the
-following convention for its value can be assumed: <tt/&lt;unset&gt;/
-= unknown; <tt/localhost/ = invoked directly from the local system;
-<em/other.place.xyz/ = some component of the user's connection
-originates from this remote/requesting host. At present, PAM has no
-established convention for indicating whether the application supports
-a trusted path to communication from this host.
-
-<sect1>Sufficient resources
-
-<p>
-Care should be taken to ensure that the proper execution of an
-application is not compromised by a lack of system resources. If an
-application is unable to open sufficient files to perform its service,
-it should fail gracefully, or request additional resources.
-Specifically, the quantities manipulated by the <tt/setrlimit(2)/
-family of commands should be taken into consideration.
-
-<p>
-This is also true of conversation prompts. The application should not
-accept prompts of arbitrary length with out checking for resource
-allocation failure and dealing with such extreme conditions gracefully
-and in a mannor that preserves the PAM API. Such tolerance may be
-especially important when attempting to track a malicious adversary.
-
-<sect>A library of miscellaneous helper functions
-<label id="libpam-misc-section">
-
-<p>
-To aid the work of the application developer a library of
-miscellaneous functions is provided. It is called <tt/libpam_misc/,
-and contains functions for allocating memory (securely), a text based
-conversation function, and routines for enhancing the standard
-PAM-environment variable support.
-
-<sect1>Requirements
-
-<p>
-The functions, structures and macros, made available by this library
-can be defined by including <tt>&lt;security/pam_misc.h&gt;</tt>. It
-should be noted that this library is specific to <bf/Linux-PAM/ and is
-not referred to in the defining DCE-RFC (see <ref id="bibliography"
-name="the bibliography">) below.
-
-<sect1>Macros supplied
-
-<sect2>Safe duplication of strings
-
-<p>
-<tscreen>
-<verb>
-x_strdup(const char *s)
-</verb>
-</tscreen>
-
-<p>
-This macro is a replacement for the <tt/xstrdup()/ function that was
-present in earlier versions of the library and which clashed horribly
-with a number of applications. It returns a duplicate copy of the
-<tt/NUL/ terminated string, <tt/s/. <tt/NULL/ is returned if there is
-insufficient memory available for the duplicate or if <tt/s/ is
-<tt/NULL/ to begin with.
-
-<sect1>Functions supplied
-
-<sect2>A text based conversation function
-
-<p>
-<tscreen>
-<verb>
-extern int misc_conv(int num_msg, const struct pam_message **msgm,
- struct pam_response **response, void *appdata_ptr);
-</verb>
-</tscreen>
-
-<p>
-This is a function that will prompt the user with the appropriate
-comments and obtain the appropriate inputs as directed by
-authentication modules.
-
-<p>
-In addition to simply slotting into the appropriate <tt/struct
-pam_conv/, this function provides some time-out facilities. The
-function exports five variables that can be used by an application
-programmer to limit the amount of time this conversation function will
-spend waiting for the user to type something.
-
-<p>
-The five variables are as follows:
-<descrip>
-<tag><tt>extern time_t pam_misc_conv_warn_time;</tt></tag>
-
-This variable contains the <em/time/ (as returned by <tt/time()/) that
-the user should be first warned that the clock is ticking. By default
-it has the value <tt/0/, which indicates that no such warning will be
-given. The application may set its value to sometime in the future,
-but this should be done prior to passing control to the <bf/Linux-PAM/
-library.
-
-<tag><tt>extern const char *pam_misc_conv_warn_line;</tt></tag>
-
-Used in conjuction with <tt/pam_misc_conv_warn_time/, this variable is
-a pointer to the string that will be displayed when it becomes time to
-warn the user that the timeout is approaching. Its default value is
-``..&bsol;a.Time is running out...&bsol;n'', but this can be changed
-by the application prior to passing control to <bf/Linux-PAM/.
-
-<tag><tt>extern time_t pam_misc_conv_die_time;</tt></tag>
-
-This variable contains the <em/time/ (as returned by <tt/time()/) that
-the conversation will time out. By default it has the value <tt/0/,
-which indicates that the conversation function will not timeout. The
-application may set its value to sometime in the future, this should
-be done prior to passing control to the <bf/Linux-PAM/ library.
-
-<tag><tt>extern const char *pam_misc_conv_die_line;</tt></tag>
-
-Used in conjuction with <tt/pam_misc_conv_die_time/, this variable is
-a pointer to the string that will be displayed when the conversation
-times out. Its default value is ``..&bsol;a.Sorry, your time is
-up!&bsol;n'', but this can be changed by the application prior to
-passing control to <bf/Linux-PAM/.
-
-<tag><tt>extern int pam_misc_conv_died;</tt></tag>
-
-Following a return from the <bf/Linux-PAM/ libraray, the value of this
-variable indicates whether the conversation has timed out. A value of
-<tt/1/ indicates the time-out occurred.
-
-</descrip>
-
-<p>
-The following two function pointers are available for supporting binary
-prompts in the conversation function. They are optimized for the
-current incarnation of the <tt/libpamc/ library and are subject to
-change.
-<descrip>
-<tag><tt>extern int (*pam_binary_handler_fn)(void *appdata, pamc_bp_t
-*prompt_p);</tt></tag>
-
-This function pointer is initialized to <tt/NULL/ but can be filled
-with a function that provides machine-machine (hidden) message
-exchange. It is intended for use with hidden authentication protocols
-such as RSA or Diffie-Hellman key exchanges. (This is still under
-development.)
-
-<tag><tt>extern int (*pam_binary_handler_free)(void *appdata,
-pamc_bp_t *delete_me);</tt></tag>
-
-This function pointer is initialized to <tt/PAM_BP_RENEW(delete_me, 0,
-0)/, but can be redefined as desired by the application.
-
-</descrip>
-
-<sect2>Transcribing an environment to that of Linux-PAM
-<p>
-<tscreen>
-<verb>
-extern int pam_misc_paste_env(pam_handle_t *pamh,
- const char * const * user_env);
-</verb>
-</tscreen>
-
-This function takes the supplied list of environment pointers and
-<em/uploads/ its contents to the <bf/Linux-PAM/ environment. Success
-is indicated by <tt/PAM_SUCCESS/.
-
-<sect2>Liberating a locally saved environment
-<p>
-<tscreen>
-<verb>
-extern char **pam_misc_drop_env(char **env);
-</verb>
-</tscreen>
-
-This function is defined to complement the <tt/pam_getenvlist()/
-function. It liberates the memory associated with <tt/env/,
-<em/overwriting/ with <tt/0/ all memory before <tt/free()/ing it.
-
-<sect2>BSD like Linux-PAM environment variable setting
-<p>
-<tscreen>
-<verb>
-extern int pam_misc_setenv(pam_handle_t *pamh, const char *name,
- const char *value, int readonly);
-</verb>
-</tscreen>
-
-This function performs a task equivalent to <tt/pam_putenv()/, its
-syntax is, however, more like the BSD style function; <tt/setenv()/.
-The <tt/name/ and <tt/value/ are concatenated with an ``<tt/=/'' to
-form a <tt/name_value/ and passed to <tt/pam_putenv()/. If, however,
-the <bf/Linux-PAM/ variable is already set, the replacement will only
-be applied if the last argument, <tt/readonly/, is zero.
-
-<sect>Porting legacy applications
-
-<p>
-The following is extracted from an email. I'll tidy it up later.
-
-<p>
-The point of PAM is that the application is not supposed to have any
-idea how the attached authentication modules will choose to
-authenticate the user. So all they can do is provide a conversation
-function that will talk directly to the user(client) on the modules'
-behalf.
-
-<p>
-Consider the case that you plug a retinal scanner into the login
-program. In this situation the user would be prompted: "please look
-into the scanner". No username or password would be needed - all this
-information could be deduced from the scan and a database lookup. The
-point is that the retinal scanner is an ideal task for a "module".
-
-<p>
-While it is true that a pop-daemon program is designed with the POP
-protocol in mind and no-one ever considered attaching a retinal
-scanner to it, it is also the case that the "clean" PAM'ification of
-such a daemon would allow for the possibility of a scanner module
-being be attached to it. The point being that the "standard"
-pop-authentication protocol(s) [which will be needed to satisfy
-inflexible/legacy clients] would be supported by inserting an
-appropriate pam_qpopper module(s). However, having rewritten popd
-once in this way any new protocols can be implemented in-situ.
-
-<p>
-One simple test of a ported application would be to insert the
-<tt/pam_permit/ module and see if the application demands you type a
-password... In such a case, <tt/xlock/ would fail to lock the
-terminal - or would at best be a screen-saver, ftp would give password
-free access to all etc.. Neither of these is a very secure thing to
-do, but they do illustrate how much flexibility PAM puts in the hands
-of the local admin.
-
-<p>
-The key issue, in doing things correctly, is identifying what is part
-of the authentication procedure (how many passwords etc..) the
-exchange protocol (prefixes to prompts etc., numbers like 331 in the
-case of ftpd) and what is part of the service that the application
-delivers. PAM really needs to have total control in the
-authentication "procedure", the conversation function should only
-deal with reformatting user prompts and extracting responses from raw
-input.
-
-<sect>Glossary of PAM related terms
-
-<p>
-The following are a list of terms used within this document.
-
-<p>
-<descrip>
-
-<tag>Authentication token</tag>
-Generally, this is a password. However, a user can authenticate
-him/herself in a variety of ways. Updating the user's authentication
-token thus corresponds to <em>refreshing</em> the object they use to
-authenticate themself with the system. The word password is avoided
-to keep open the possibility that the authentication involves a
-retinal scan or other non-textual mode of challenge/response.
-
-<tag>Credentials</tag>
-Having successfully authenticated the user, PAM is able to establish
-certain characteristics/attributes of the user. These are termed
-<em>credentials</em>. Examples of which are group memberships to
-perform privileged tasks with, and <em>tickets</em> in the form of
-environment variables etc. . Some user-credentials, such as the
-user's UID and GID (plus default group memberships) are not deemed to
-be PAM-credentials. It is the responsibility of the application to
-grant these directly.
-
-</descrip>
-
-<sect>An example application
-
-<p>
-To get a flavor of the way a <tt/Linux-PAM/ application is written we
-include the following example. It prompts the user for their password
-and indicates whether their account is valid on the standard output,
-its return code also indicates the success (<tt/0/ for success; <tt/1/
-for failure).
-
-<p>
-<tscreen>
-<verb>
-/*
- This program was contributed by Shane Watts
- [modifications by AGM]
-
- You need to add the following (or equivalent) to the /etc/pam.conf file.
- # check authorization
- check_user auth required /usr/lib/security/pam_unix_auth.so
- check_user account required /usr/lib/security/pam_unix_acct.so
- */
-
-#include <security/pam_appl.h>
-#include <security/pam_misc.h>
-#include <stdio.h>
-
-static struct pam_conv conv = {
- misc_conv,
- NULL
-};
-
-int main(int argc, char *argv[])
-{
- pam_handle_t *pamh=NULL;
- int retval;
- const char *user="nobody";
-
- if(argc == 2) {
- user = argv[1];
- }
-
- if(argc > 2) {
- fprintf(stderr, "Usage: check_user [username]\n");
- exit(1);
- }
-
- retval = pam_start("check_user", user, &ero;conv, &ero;pamh);
-
- if (retval == PAM_SUCCESS)
- retval = pam_authenticate(pamh, 0); /* is user really user? */
-
- if (retval == PAM_SUCCESS)
- retval = pam_acct_mgmt(pamh, 0); /* permitted access? */
-
- /* This is where we have been authorized or not. */
-
- if (retval == PAM_SUCCESS) {
- fprintf(stdout, "Authenticated\n");
- } else {
- fprintf(stdout, "Not Authenticated\n");
- }
-
- if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */
- pamh = NULL;
- fprintf(stderr, "check_user: failed to release authenticator\n");
- exit(1);
- }
-
- return ( retval == PAM_SUCCESS ? 0:1 ); /* indicate success */
-}
-</verb>
-</tscreen>
-
-<sect>Files
-
-<p><descrip>
-
-<tag><tt>/usr/include/security/pam_appl.h</tt></tag>
-
-header file for <bf/Linux-PAM/ applications interface
-
-<tag><tt>/usr/include/security/pam_misc.h</tt></tag>
-
-header file for useful library functions for making applications
-easier to write
-
-<tag><tt>/usr/lib/libpam.so.*</tt></tag>
-
-the shared library providing applications with access to
-<bf/Linux-PAM/.
-
-<tag><tt>/etc/pam.conf</tt></tag>
-
-the <bf/Linux-PAM/ configuration file.
-
-<tag><tt>/usr/lib/security/pam_*.so</tt></tag>
-
-the primary location for <bf/Linux-PAM/ dynamically loadable object
-files; the modules.
-
-</descrip>
-
-<sect>See also
-<label id="bibliography">
-
-<p><itemize>
-
-<item>The <bf/Linux-PAM/
-<htmlurl url="pam.html" name="System Administrators' Guide">.
-
-<item>The <bf/Linux-PAM/
-<htmlurl url="pam_modules.html" name="Module Writers' Guide">.
-
-<item>The V. Samar and R. Schemers (SunSoft), ``UNIFIED LOGIN WITH
-PLUGGABLE AUTHENTICATION MODULES'', Open Software Foundation Request
-For Comments 86.0, October 1995.
-
-</itemize>
-
-<sect>Notes
-
-<p>
-I intend to put development comments here... like ``at the moment
-this isn't actually supported''. At release time what ever is in
-this section will be placed in the Bugs section below! :)
-
-<p>
-<itemize>
-
-<item> <tt/pam_strerror()/ should be internationalized....
-
-<item>
-Note, the <tt/resp_retcode/ of struct <tt/pam_message/, has no
-purpose at the moment. Ideas/suggestions welcome!
-
-<item> more security issues are required....
-
-</itemize>
-
-<sect>Author/acknowledgments
-
-<p>
-This document was written by Andrew G. Morgan
-(morgan@kernel.org) with many contributions from
-<!-- insert credits here -->
-<!--
- an sgml list of people to credit for their contributions to Linux-PAM
- $Id: pam_appl.sgml,v 1.10 2004/09/22 09:37:47 kukuk Exp $
- -->
-Chris Adams,
-Peter Allgeyer,
-Tim Baverstock,
-Tim Berger,
-Craig S. Bell,
-Derrick J. Brashear,
-Ben Buxton,
-Seth Chaiklin,
-Oliver Crow,
-Chris Dent,
-Marc Ewing,
-Cristian Gafton,
-Emmanuel Galanos,
-Brad M. Garcia,
-Eric Hester,
-Roger Hu,
-Eric Jacksch,
-Michael K. Johnson,
-David Kinchlea,
-Olaf Kirch,
-Marcin Korzonek,
-Stephen Langasek,
-Nicolai Langfeldt,
-Elliot Lee,
-Luke Kenneth Casson Leighton,
-Al Longyear,
-Ingo Luetkebohle,
-Marek Michalkiewicz,
-Robert Milkowski,
-Aleph One,
-Martin Pool,
-Sean Reifschneider,
-Jan Rekorajski,
-Erik Troan,
-Theodore Ts'o,
-Jeff Uphoff,
-Myles Uyema,
-Savochkin Andrey Vladimirovich,
-Ronald Wahl,
-David Wood,
-John Wilmes,
-Joseph S. D. Yao
-and
-Alex O. Yuriev.
-
-<p>
-Thanks are also due to Sun Microsystems, especially to Vipin Samar and
-Charlie Lai for their advice. At an early stage in the development of
-<bf/Linux-PAM/, Sun graciously made the documentation for their
-implementation of PAM available. This act greatly accelerated the
-development of <bf/Linux-PAM/.
-
-<sect>Bugs/omissions
-
-<p>
-This manual is hopelessly unfinished. Only a partial list of people is
-credited for all the good work they have done.
-
-<sect>Copyright information for this document
-
-<p>
-Copyright (c) Andrew G. Morgan 1996-9,2000-1. All rights reserved.
-<newline>
-Email: <tt>&lt;morgan@kernel.org&gt;</tt>
-
-<p>
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-<p>
-<itemize>
-
-<item>
-1. Redistributions of source code must retain the above copyright
- notice, and the entire permission notice in its entirety,
- including the disclaimer of warranties.
-
-<item>
-2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
-<item>
-3. The name of the author may not be used to endorse or promote
- products derived from this software without specific prior
- written permission.
-
-</itemize>
-
-<p>
-<bf/Alternatively/, this product may be distributed under the terms of
-the GNU General Public License (GPL), in which case the provisions of
-the GNU GPL are required <bf/instead of/ the above restrictions.
-(This clause is necessary due to a potential bad interaction between
-the GNU GPL and the restrictions contained in a BSD-style copyright.)
-
-<p>
-THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
-OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
-TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
-USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGE.
-
-<p>
-<tt>$Id: pam_appl.sgml,v 1.10 2004/09/22 09:37:47 kukuk Exp $</tt>
-
-</article>
diff --git a/Linux-PAM/doc/pam_modules.sgml b/Linux-PAM/doc/pam_modules.sgml
deleted file mode 100644
index 9d77b25f..00000000
--- a/Linux-PAM/doc/pam_modules.sgml
+++ /dev/null
@@ -1,1505 +0,0 @@
-<!doctype linuxdoc system>
-
-<!--
-
- $Id: pam_modules.sgml,v 1.9 2002/05/10 06:00:12 agmorgan Exp $
-
- Copyright (c) Andrew G. Morgan 1996-2001. All rights reserved.
-
- ** some sections, in this document, were contributed by other
- ** authors. They carry individual copyrights.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-1. Redistributions of source code must retain the above copyright
- notice, and the entire permission notice in its entirety,
- including the disclaimer of warranties.
-
-2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
-3. The name of the author may not be used to endorse or promote
- products derived from this software without specific prior
- written permission.
-
-ALTERNATIVELY, this product may be distributed under the terms of the
-GNU General Public License, in which case the provisions of the GNU
-GPL are required INSTEAD OF the above restrictions. (This clause is
-necessary due to a potential bad interaction between the GNU GPL and
-the restrictions contained in a BSD-style copyright.)
-
-THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
-OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
-TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
-USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGE.
-
- -->
-
-<article>
-
-<title>The Linux-PAM Module Writers' Guide
-<author>Andrew G. Morgan, <tt>morgan@kernel.org</tt>
-<date>DRAFT v0.76 2002/05/09
-<abstract>
-This manual documents what a programmer needs to know in order to
-write a module that conforms to the <bf/Linux-PAM/ standard. It also
-discusses some security issues from the point of view of the module
-programmer.
-</abstract>
-
-<toc>
-
-<sect>Introduction
-
-<sect1> Synopsis
-<p>
-<tscreen>
-<verb>
-#include <security/pam_modules.h>
-
-gcc -fPIC -c pam_module-name.c
-ld -x --shared -o pam_module-name.so pam_module-name.o
-</verb>
-</tscreen>
-
-<sect1> Description
-
-<p>
-<bf/Linux-PAM/ (Pluggable Authentication Modules for Linux) is a
-library that enables the local system administrator to choose how
-individual applications authenticate users. For an overview of the
-<bf/Linux-PAM/ library see the <bf/Linux-PAM/ System Administrators'
-Guide.
-
-<p>
-A <bf/Linux-PAM/ module is a single executable binary file that can be
-loaded by the <bf/Linux-PAM/ interface library. This PAM library is
-configured locally with a system file, <tt>/etc/pam.conf</tt>, to
-authenticate a user request via the locally available authentication
-modules. The modules themselves will usually be located in the
-directory <tt>/usr/lib/security</tt> and take the form of dynamically
-loadable object files (see dlopen(3)). Alternatively, the modules can
-be statically linked into the <bf/Linux-PAM/ library; this is mostly to
-allow <bf/Linux-PAM/ to be used on platforms without dynamic linking
-available, but the two forms can be used together. It is the
-<bf/Linux-PAM/ interface that is called by an application and it is
-the responsibility of the library to locate, load and call the
-appropriate functions in a <bf/Linux-PAM/-module.
-
-<p>
-Except for the immediate purpose of interacting with the user
-(entering a password etc..) the module should never call the
-application directly. This exception requires a "conversation
-mechanism" which is documented below.
-
-<sect>What can be expected by the module
-
-<p>
-Here we list the interface that the conventions that all
-<bf/Linux-PAM/ modules must adhere to.
-
-<sect1>Getting and setting <tt/PAM_ITEM/s and <em/data/
-
-<p>
-First, we cover what the module should expect from the <bf/Linux-PAM/
-library and a <bf/Linux-PAM/ <em/aware/ application. Essesntially this
-is the <tt/libpam.*/ library.
-
-<sect2>
-Setting data
-
-<p>
-Synopsis:
-<tscreen>
-<verb>
-extern int pam_set_data(pam_handle_t *pamh,
- const char *module_data_name,
- void *data,
- void (*cleanup)(pam_handle_t *pamh,
- void *data, int error_status) );
-</verb>
-</tscreen>
-
-<p>
-The modules may be dynamically loadable objects. In general such files
-should not contain <tt/static/ variables. This and the subsequent
-function provide a mechanism for a module to associate some data with
-the handle <tt/pamh/. Typically a module will call the
-<tt/pam_set_data()/ function to register some data under a (hopefully)
-unique <tt/module_data_name/. The data is available for use by other
-modules too but <em/not/ by an application.
-
-<p>
-The function <tt/cleanup()/ is associated with the <tt/data/ and, if
-non-<tt/NULL/, it is called when this data is over-written or
-following a call to <tt/pam_end()/ (see the Linux-PAM Application
-Developers' Guide).
-
-<p>
-The <tt/error_status/ argument is used to indicate to the module the
-sort of action it is to take in cleaning this data item. As an
-example, Kerberos creates a ticket file during the authentication
-phase, this file might be associated with a data item. When
-<tt/pam_end()/ is called by the module, the <tt/error_status/
-carries the return value of the <tt/pam_authenticate()/ or other
-<tt/libpam/ function as appropriate. Based on this value the Kerberos
-module may choose to delete the ticket file (<em/authentication
-failure/) or leave it in place.
-
-<p>
-The <tt/error_status/ may have been logically OR'd with either of the
-following two values:
-
-<p>
-<descrip>
-<tag><tt/PAM_DATA_REPLACE/</tag>
- When a data item is being replaced (through a second call to
-<tt/pam_set_data()/) this mask is used. Otherwise, the call is assumed
-to be from <tt/pam_end()/.
-
-<tag><tt/PAM_DATA_SILENT/</tag>
- Which indicates that the process would prefer to perform the
-<tt/cleanup()/ quietly. That is, discourages logging/messages to the
-user.
-
-</descrip>
-
-
-<sect2>
-Getting data
-
-<p>
-Synopsis:
-<tscreen>
-<verb>
-extern int pam_get_data(const pam_handle_t *pamh,
- const char *module_data_name,
- const void **data);
-</verb>
-</tscreen>
-
-<p>
-This function together with the previous one provides a method of
-associating module-specific data with the handle <tt/pamh/. A
-successful call to <tt/pam_get_data/ will result in <tt/*data/
-pointing to the data associated with the <tt/module_data_name/. Note,
-this data is <em/not/ a copy and should be treated as <em/constant/
-by the module.
-
-<p>
-Note, if there is an entry but it has the value <tt/NULL/, then this
-call returns <tt/PAM_NO_MODULE_DATA/.
-
-<sect2>
-Setting items
-
-<p>
-Synopsis:
-<tscreen>
-<verb>
-extern int pam_set_item(pam_handle_t *pamh,
- int item_type,
- const void *item);
-</verb>
-</tscreen>
-
-<p>
-This function is used to (re)set the value of one of the
-<tt/item_type/s. The reader is urged to read the entry for this
-function in the <bf/Linux-PAM/ application developers' manual.
-
-<p>
-In addition to the <tt/item/s listed there, the module can set the
-following two <tt/item_type/s:
-
-<p>
-<descrip>
-<tag><tt/PAM_AUTHTOK/</tag>
-
-The authentication token (often a password). This token should be
-ignored by all module functions besides <tt/pam_sm_authenticate()/ and
-<tt/pam_sm_chauthtok()/. In the former function it is used to pass the
-most recent authentication token from one stacked module to
-another. In the latter function the token is used for another
-purpose. It contains the currently active authentication token.
-
-<tag><tt/PAM_OLDAUTHTOK/</tag>
-
-The old authentication token. This token should be ignored by all
-module functions except <tt/pam_sm_chauthtok()/.
-
-</descrip>
-
-<p>
-Both of these items are reset before returning to the application.
-When resetting these items, the <bf/Linux-PAM/ library first writes
-<tt/0/'s to the current tokens and then <tt/free()/'s the associated
-memory.
-
-<p>
-The return values for this function are listed in the
-<bf>Linux-PAM</bf> Application Developers' Guide.
-
-<sect2>
-Getting items
-
-<p>
-Synopsis:
-<tscreen>
-<verb>
-extern int pam_get_item(const pam_handle_t *pamh,
- int item_type,
- const void **item);
-</verb>
-</tscreen>
-
-<p>
-This function is used to obtain the value of the specified
-<tt/item_type/. It is better documented in the <bf/Linux-PAM/
-Application Developers' Guide. However, there are three things worth
-stressing here:
-<itemize>
-
-<item>
-Generally, if the module wishes to obtain the name of the user, it
-should not use this function, but instead perform a call to
-<tt/pam_get_user()/ (see section <ref id="pam-get-user"
-name="below">).
-
-<item>
-The module is additionally privileged to read the authentication
-tokens, <tt/PAM_AUTHTOK/ and <tt/PAM_OLDAUTHTOK/ (see the section
-above on <tt/pam_set_data()/).
-
-<item>
-The module should <em/not/ <tt/free()/ or alter the data pointed to by
-<tt/*item/ after a successful return from <tt/pam_get_item()/. This
-pointer points directly at the data contained within the <tt/*pamh/
-structure. Should a module require that a change is made to the this
-<tt/ITEM/ it should make the appropriate call to <tt/pam_set_item()/.
-</itemize>
-
-<sect2>The <em/conversation/ mechanism
-
-<p>
-Following the call <tt>pam_get_item(pamh,PAM_CONV,&amp;item)</tt>, the
-pointer <tt/item/ points to a structure containing an a pointer to a
-<em/conversation/-function that provides limited but direct access to
-the application. The purpose of this function is to allow the module
-to prompt the user for their password and pass other information in a
-manner consistent with the application. For example, an X-windows
-based program might pop up a dialog box to report a login
-failure. Just as the application should not be concerned with the
-method of authentication, so the module should not dictate the manner
-in which input (output) is obtained from (presented to) to the user.
-
-<p>
-<bf>The reader is strongly urged to read the more complete description of
-the <tt/pam_conv/ structure, written from the perspective of the
-application developer, in the <bf/Linux-PAM/ Application Developers'
-Guide.</bf>
-
-<p>
-The return values for this function are listed in the
-<bf>Linux-PAM</bf> Application Developers' Guide.
-
-<p>
-The <tt/pam_response/ structure returned after a call to the
-<tt/pam_conv/ function must be <tt/free()/'d by the module. Since the
-call to the conversation function originates from the module, it is
-clear that this <tt/pam_response/ structure could be either statically
-or dynamically (using <tt/malloc()/ etc.) allocated within the
-application. Repeated calls to the conversation function would likely
-overwrite static memory, so it is required that for a successful
-return from the conversation function the memory for the response
-structure is dynamically allocated by the application with one of the
-<tt/malloc()/ family of commands and <em/must/ be <tt/free()/'d by the
-module.
-
-<p>
-If the <tt/pam_conv/ mechanism is used to enter authentication tokens,
-the module should either pass the result to the <tt/pam_set_item()/
-library function, or copy it itself. In such a case, once the token
-has been stored (by one of these methods or another one), the memory
-returned by the application should be overwritten with <tt/0/'s, and
-then <tt/free()/'d.
-
-There is a handy macro <tt/_pam_drop_reply()/ to be found in
-<tt>&lt;security/_pam_macros.h&gt;</tt> that can be used to
-conveniently cleanup a <tt/pam_response/ structure. (Note, this
-include file is specific to the Linux-PAM sources, and whilst it will
-work with Sun derived PAM implementations, it is not generally
-distributed by Sun.)
-
-<sect2>Getting the name of a user<label id="pam-get-user">
-
-<p>
-Synopsis:
-<tscreen>
-<verb>
-extern int pam_get_user(pam_handle_t *pamh,
- const char **user,
- const char *prompt);
-</verb>
-</tscreen>
-
-<p>
-This is a <bf/Linux-PAM/ library function that returns the
-(prospective) name of the user. To determine the username it does the
-following things, in this order:
-<itemize>
-
-<item> checks what <tt/pam_get_item(pamh, PAM_USER, ... );/ would have
-returned. If this is not <tt/NULL/ this is what it returns. Otherwise,
-
-<item> obtains a username from the application via the <tt/pam_conv/
-mechanism, it prompts the user with the first non-<tt/NULL/ string in
-the following list:
-<itemize>
-
-<item> The <tt/prompt/ argument passed to the function
-<item> What is returned by <tt/pam_get_item(pamh,PAM_USER_PROMPT, ... );/
-<item> The default prompt: ``Please enter username: ''
-
-</itemize>
-</itemize>
-
-<p>
-By whatever means the username is obtained, a pointer to it is
-returned as the contents of <tt/*user/. Note, this memory should
-<em/not/ be <tt/free()/'d by the module. Instead, it will be liberated
-on the next call to <tt/pam_get_user()/, or by <tt/pam_end()/ when the
-application ends its interaction with <bf/Linux-PAM/.
-
-<p>
-Also, in addition, it should be noted that this function sets the
-<tt/PAM_USER/ item that is associated with the <tt/pam_[gs]et_item()/
-function.
-
-<p>
-The return value of this function is one of the following:
-<itemize>
-
-<item> <tt/PAM_SUCCESS/ - username obtained.
-
-<item> <tt/PAM_CONV_AGAIN/ - converstation did not complete and the
-caller is required to return control to the application, until such
-time as the application has completed the conversation process. A
-module calling <tt/pam_get_user()/ that obtains this return code,
-should return <tt/PAM_INCOMPLETE/ and be prepared (when invoked the
-next time) to recall <tt/pam_get_user()/ to fill in the user's name,
-and then pick up where it left off as if nothing had happened. This
-procedure is needed to support an event-driven application programming
-model.
-
-<item> <tt/PAM_CONV_ERR/ - the conversation method supplied by the
-application failed to obtain the username.
-
-</itemize>
-
-<sect2>Setting a Linux-PAM environment variable
-
-<p>
-Synopsis:
-<tscreen>
-<verb>
-extern int pam_putenv(pam_handle_t *pamh, const char *name_value);
-</verb>
-</tscreen>
-
-<p>
-<bf/Linux-PAM/ comes equipped with a series of functions for
-maintaining a set of <em/environment/ variables. The environment is
-initialized by the call to <tt/pam_start()/ and is <bf/erased/ with a
-call to <tt/pam_end()/. This <em/environment/ is associated with the
-<tt/pam_handle_t/ pointer returned by the former call.
-
-<p>
-The default environment is all but empty. It contains a single
-<tt/NULL/ pointer, which is always required to terminate the
-variable-list. The <tt/pam_putenv()/ function can be used to add a
-new environment variable, replace an existing one, or delete an old
-one.
-
-<p>
-<itemize>
-<item>Adding/replacing a variable<newline>
-
-To add or overwrite a <bf/Linux-PAM/ environment variable the value of
-the argument <tt/name_value/, should be of the following form:
-<tscreen>
-<verb>
-name_value="VARIABLE=VALUE OF VARIABLE"
-</verb>
-</tscreen>
-Here, <tt/VARIABLE/ is the environment variable's name and what
-follows the `<tt/=/' is its (new) value. (Note, that <tt/"VARIABLE="/
-is a valid value for <tt/name_value/, indicating that the variable is
-set to <tt/""/.)
-
-<item> Deleting a variable<newline>
-
-To delete a <bf/Linux-PAM/ environment variable the value of
-the argument <tt/name_value/, should be of the following form:
-<tscreen>
-<verb>
-name_value="VARIABLE"
-</verb>
-</tscreen>
-Here, <tt/VARIABLE/ is the environment variable's name and the absence
-of an `<tt/=/' indicates that the variable should be removed.
-
-</itemize>
-
-<p>
-In all cases <tt/PAM_SUCCESS/ indicates success.
-
-<sect2>Getting a Linux-PAM environment variable
-
-<p>
-Synopsis:
-<tscreen>
-<verb>
-extern const char *pam_getenv(pam_handle_t *pamh, const char *name);
-</verb>
-</tscreen>
-
-<p>
-This function can be used to return the value of the given
-variable. If the returned value is <tt/NULL/, the variable is not
-known.
-
-<sect2>Listing the Linux-PAM environment
-
-<p>
-Synopsis:
-<tscreen>
-<verb>
-extern char * const *pam_getenvlist(pam_handle_t *pamh);
-</verb>
-</tscreen>
-
-<p>
-This function returns a pointer to the entire <bf/Linux-PAM/
-environment array. At first sight the <em/type/ of the returned data
-may appear a little confusing. It is basically a <em/read-only/ array
-of character pointers, that lists the <tt/NULL/ terminated list of
-environment variables set so far.
-
-<p>
-Although, this is not a concern for the module programmer, we mention
-here that an application should be careful to copy this entire array
-before executing <tt/pam_end()/ otherwise all the variable information
-will be lost. (There are functions in <tt/libpam_misc/ for this
-purpose: <tt/pam_misc_copy_env()/ and <tt/pam_misc_drop_env()/.)
-
-<sect1>Other functions provided by <tt/libpam/
-
-<sect2>Understanding errors
-
-<p>
-<itemize>
-
-<item>
-<tt>extern const char *pam_strerror(pam_handle_t *pamh, int errnum);</tt>
-
-<p>
-This function returns some text describing the <bf/Linux-PAM/ error
-associated with the argument <tt/errnum/. If the error is not
-recognized <tt/``Unknown Linux-PAM error''/ is returned.
-
-</itemize>
-
-<sect2>Planning for delays
-
-<p>
-<itemize>
-
-<item>
-<tt>extern int pam_fail_delay(pam_handle_t *pamh, unsigned int
-micro_sec)</tt>
-
-<p>
-This function is offered by <bf/Linux-PAM/ to facilitate time delays
-following a failed call to <tt/pam_authenticate()/ and before control
-is returned to the application. When using this function the module
-programmer should check if it is available with,
-<tscreen>
-<verb>
-#ifdef PAM_FAIL_DELAY
- ....
-#endif /* PAM_FAIL_DELAY */
-</verb>
-</tscreen>
-
-<p>
-Generally, an application requests that a user is authenticated by
-<bf/Linux-PAM/ through a call to <tt/pam_authenticate()/ or
-<tt/pam_chauthtok()/. These functions call each of the <em/stacked/
-authentication modules listed in the <bf/Linux-PAM/ configuration
-file. As directed by this file, one of more of the modules may fail
-causing the <tt/pam_...()/ call to return an error. It is desirable
-for there to also be a pause before the application continues. The
-principal reason for such a delay is security: a delay acts to
-discourage <em/brute force/ dictionary attacks primarily, but also
-helps hinder <em/timed/ (cf. covert channel) attacks.
-
-<p>
-The <tt/pam_fail_delay()/ function provides the mechanism by which an
-application or module can suggest a minimum delay (of <tt/micro_sec/
-<em/micro-seconds/). <bf/Linux-PAM/ keeps a record of the longest time
-requested with this function. Should <tt/pam_authenticate()/ fail,
-the failing return to the application is delayed by an amount of time
-randomly distributed (by up to 25%) about this longest value.
-
-<p>
-Independent of success, the delay time is reset to its zero default
-value when <bf/Linux-PAM/ returns control to the application.
-
-</itemize>
-
-<sect>What is expected of a module
-
-<p>
-The module must supply a sub-set of the six functions listed
-below. Together they define the function of a <bf/Linux-PAM
-module/. Module developers are strongly urged to read the comments on
-security that follow this list.
-
-<sect1> Overview
-
-<p>
-The six module functions are grouped into four independent management
-groups. These groups are as follows: <em/authentication/,
-<em/account/, <em/session/ and <em/password/. To be properly defined,
-a module must define all functions within at least one of these
-groups. A single module may contain the necessary functions for
-<em/all/ four groups.
-
-<sect2> Functional independence
-
-<p>
-The independence of the four groups of service a module can offer
-means that the module should allow for the possibility that any one of
-these four services may legitimately be called in any order. Thus, the
-module writer should consider the appropriateness of performing a
-service without the prior success of some other part of the module.
-
-<p>
-As an informative example, consider the possibility that an
-application applies to change a user's authentication token, without
-having first requested that <bf/Linux-PAM/ authenticate the user. In
-some cases this may be deemed appropriate: when <tt/root/ wants to
-change the authentication token of some lesser user. In other cases it
-may not be appropriate: when <tt/joe/ maliciously wants to reset
-<tt/alice/'s password; or when anyone other than the user themself
-wishes to reset their <em/KERBEROS/ authentication token. A policy for
-this action should be defined by any reasonable authentication scheme,
-the module writer should consider this when implementing a given
-module.
-
-<sect2> Minimizing administration problems
-
-<p>
-To avoid system administration problems and the poor construction of a
-<tt>/etc/pam.conf</tt> file, the module developer may define all
-six of the following functions. For those functions that would not be
-called, the module should return <tt/PAM_SERVICE_ERR/ and write an
-appropriate message to the system log. When this action is deemed
-inappropriate, the function would simply return <tt/PAM_IGNORE/.
-
-<sect2> Arguments supplied to the module
-
-<p>
-The <tt/flags/ argument of each of the following functions can be
-logically OR'd with <tt/PAM_SILENT/, which is used to inform the
-module to not pass any <em/text/ (errors or warnings) to the
-application.
-
-<p>
-The <tt/argc/ and <tt/argv/ arguments are taken from the line
-appropriate to this module---that is, with the <em/service_name/
-matching that of the application---in the configuration file (see the
-<bf/Linux-PAM/ System Administrators' Guide). Together these two
-parameters provide the number of arguments and an array of pointers to
-the individual argument tokens. This will be familiar to C programmers
-as the ubiquitous method of passing command arguments to the function
-<tt/main()/. Note, however, that the first argument (<tt/argv[0]/) is
-a true argument and <bf/not/ the name of the module.
-
-<sect1> Authentication management
-
-<p>
-To be correctly initialized, <tt/PAM_SM_AUTH/ must be <tt/#define/'d
-prior to including <tt>&lt;security/pam_modules.h&gt;</tt>. This will
-ensure that the prototypes for static modules are properly declared.
-
-<p>
-<itemize>
-
-<item>
-<tt>PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
-int argc, const char **argv);</tt>
-
-<p>
-This function performs the task of authenticating the user.
-
-<p>
-The <tt/flags/ argument can be a logically OR'd with <tt/PAM_SILENT/
-and optionally take the following value:
-
-<p><descrip>
-<tag><tt/PAM_DISALLOW_NULL_AUTHTOK/</tag>
- return <tt/PAM_AUTH_ERR/ if the database of authentication
-tokens for this authentication mechanism has a <tt/NULL/ entry for the
-user. Without this flag, such a <tt/NULL/ token will lead to a success
-without the user being prompted.
-</descrip>
-
-<p>
-Besides <tt/PAM_SUCCESS/ return values that can be sent by this
-function are one of the following:
-
-<descrip>
-
-<tag><tt/PAM_AUTH_ERR/</tag>
- The user was not authenticated
-<tag><tt/PAM_CRED_INSUFFICIENT/</tag>
- For some reason the application does not have sufficient
-credentials to authenticate the user.
-<tag><tt/PAM_AUTHINFO_UNAVAIL/</tag>
- The modules were not able to access the authentication
-information. This might be due to a network or hardware failure etc.
-<tag><tt/PAM_USER_UNKNOWN/</tag>
- The supplied username is not known to the authentication
-service
-<tag><tt/PAM_MAXTRIES/</tag>
- One or more of the authentication modules has reached its
-limit of tries authenticating the user. Do not try again.
-
-</descrip>
-
-<item>
-<tt>PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int
-argc, const char **argv);</tt>
-
-<p>
-This function performs the task of altering the credentials of the
-user with respect to the corresponding authorization
-scheme. Generally, an authentication module may have access to more
-information about a user than their authentication token. This
-function is used to make such information available to the
-application. It should only be called <em/after/ the user has been
-authenticated but before a session has been established.
-
-<p>
-Permitted flags, one of which, may be logically OR'd with
-<tt/PAM_SILENT/ are,
-
-<p><descrip>
-<tag><tt/PAM_ESTABLISH_CRED/</tag>
- Set the credentials for the authentication service,
-<tag><tt/PAM_DELETE_CRED/</tag>
- Delete the credentials associated with the authentication service,
-<tag><tt/PAM_REINITIALIZE_CRED/</tag>
- Reinitialize the user credentials, and
-<tag><tt/PAM_REFRESH_CRED/</tag>
- Extend the lifetime of the user credentials.
-</descrip>
-
-<p>
-Prior to <bf/Linux-PAM-0.75/, and due to a deficiency with the way the
-<tt/auth/ stack was handled in the case of the setcred stack being
-processed, the module was required to attempt to return the same error
-code as <tt/pam_sm_authenticate/ did. This was necessary to preserve
-the logic followed by libpam as it executes the stack of
-<em/authentication/ modules, when the application called either
-<tt/pam_authenticate()/ or <tt/pam_setcred()/. Failing to do this,
-led to confusion on the part of the System Administrator.
-
-<p>
-For <bf/Linux-PAM-0.75/ and later, libpam handles the credential stack
-much more sanely. The way the <tt/auth/ stack is navigated in order to
-evaluate the <tt/pam_setcred()/ function call, independent of the
-<tt/pam_sm_setcred()/ return codes, is exactly the same way that it
-was navigated when evaluating the <tt/pam_authenticate()/ library
-call. Typically, if a stack entry was ignored in evaluating
-<tt/pam_authenticate()/, it will be ignored when libpam evaluates the
-<tt/pam_setcred()/ function call. Otherwise, the return codes from
-each module specific <tt/pam_sm_setcred()/ call are treated as
-<tt/required/.
-
-<p>
-Besides <tt/PAM_SUCCESS/, the module may return one of the following
-errors:
-
-<p><descrip>
-<tag><tt/PAM_CRED_UNAVAIL/</tag>
- This module cannot retrieve the user's credentials.
-<tag><tt/PAM_CRED_EXPIRED/</tag>
- The user's credentials have expired.
-<tag><tt/PAM_USER_UNKNOWN/</tag>
- The user is not known to this authentication module.
-<tag><tt/PAM_CRED_ERR/</tag>
- This module was unable to set the credentials of the user.
-</descrip>
-
-<p>
-these, non-<tt/PAM_SUCCESS/, return values will typically lead to the
-credential stack <em/failing/. The first such error will dominate in
-the return value of <tt/pam_setcred()/.
-
-</itemize>
-
-<sect1> Account management
-
-<p>
-To be correctly initialized, <tt/PAM_SM_ACCOUNT/ must be
-<tt/#define/'d prior to including <tt>&lt;security/pam_modules.h&gt;</tt>.
-This will ensure that the prototype for a static module is properly
-declared.
-
-<p>
-<itemize>
-
-<item>
-<tt>PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int
-argc, const char **argv);</tt>
-
-<p>
-This function performs the task of establishing whether the user is
-permitted to gain access at this time. It should be understood that
-the user has previously been validated by an authentication
-module. This function checks for other things. Such things might be:
-the time of day or the date, the terminal line, remote
-hostname, etc. .
-
-<p>
-This function may also determine things like the expiration on
-passwords, and respond that the user change it before continuing.
-
-<p>
-Valid flags, which may be logically OR'd with <tt/PAM_SILENT/, are the
-same as those applicable to the <tt/flags/ argument of
-<tt/pam_sm_authenticate/.
-
-<p>
-This function may return one of the following errors,
-
-<descrip>
-
-<tag><tt/PAM_ACCT_EXPIRED/</tag>
- The user is no longer permitted access to the system.
-<tag><tt/PAM_AUTH_ERR/</tag>
- There was an authentication error.
-<tag><tt/PAM_AUTHTOKEN_REQD/</tag>
- The user's authentication token has expired. Before calling
-this function again the application will arrange for a new one to be
-given. This will likely result in a call to <tt/pam_sm_chauthtok()/.
-<tag><tt/PAM_USER_UNKNOWN/</tag>
- The user is not known to the module's account management
-component.
-
-</descrip>
-
-</itemize>
-
-<sect1> Session management
-
-<p>
-To be correctly initialized, <tt/PAM_SM_SESSION/ must be
-<tt/#define/'d prior to including
-<tt>&lt;security/pam_modules.h&gt;</tt>. This will ensure that the
-prototypes for static modules are properly declared.
-
-<p>
-The following two functions are defined to handle the
-initialization/termination of a session. For example, at the beginning
-of a session the module may wish to log a message with the system
-regarding the user. Similarly, at the end of the session the module
-would inform the system that the user's session has ended.
-
-<p>
-It should be possible for sessions to be opened by one application and
-closed by another. This either requires that the module uses only
-information obtained from <tt/pam_get_item()/, or that information
-regarding the session is stored in some way by the operating system
-(in a file for example).
-
-<p>
-<itemize>
-
-<item>
-<tt>PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int
-argc, const char **argv);</tt>
-
-<p>
-This function is called to commence a session. The only valid, but
-optional, flag is <tt/PAM_SILENT/.
-
-<p>
-As a return value, <tt/PAM_SUCCESS/ signals success and
-<tt/PAM_SESSION_ERR/ failure.
-
-<item>
-<tt>PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int
-argc, const char **argv);</tt>
-
-<p>
-This function is called to terminate a session. The only valid, but
-optional, flag is <tt/PAM_SILENT/.
-
-<p>
-As a return value, <tt/PAM_SUCCESS/ signals success and
-<tt/PAM_SESSION_ERR/ failure.
-
-</itemize>
-
-<sect1> Password management
-
-<p>
-To be correctly initialized, <tt/PAM_SM_PASSWORD/ must be
-<tt/#define/'d prior to including <tt>&lt;security/pam_modules.h&gt;</tt>.
-This will ensure that the prototype for a static module is properly
-declared.
-
-<p>
-<itemize>
-
-<item>
-<tt>PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int
-argc, const char **argv);</tt>
-
-<p>
-This function is used to (re-)set the authentication token of the
-user. A valid flag, which may be logically OR'd with <tt/PAM_SILENT/,
-can be built from the following list,
-
-<descrip>
-<tag><tt/PAM_CHANGE_EXPIRED_AUTHTOK/</tag>
- This argument indicates to the module that the users
-authentication token (password) should only be changed if it has
-expired. This flag is optional and <em/must/ be combined with one of
-the following two flags. Note, however, the following two options are
-<em/mutually exclusive/.
-
-<tag><tt/PAM_PRELIM_CHECK/</tag>
- This indicates that the modules are being probed as to their
-ready status for altering the user's authentication token. If the
-module requires access to another system over some network it should
-attempt to verify it can connect to this system on receiving this
-flag. If a module cannot establish it is ready to update the user's
-authentication token it should return <tt/PAM_TRY_AGAIN/, this
-information will be passed back to the application.
-
-<tag><tt/PAM_UPDATE_AUTHTOK/</tag>
- This informs the module that this is the call it should change
-the authorization tokens. If the flag is logically OR'd with
-<tt/PAM_CHANGE_EXPIRED_AUTHTOK/, the token is only changed if it has
-actually expired.
-
-</descrip>
-
-<p>
-Note, the <bf/Linux-PAM/ library calls this function twice in
-succession. The first time with <tt/PAM_PRELIM_CHECK/ and then, if the
-module does not return <tt/PAM_TRY_AGAIN/, subsequently with
-<tt/PAM_UPDATE_AUTHTOK/. It is only on the second call that the
-authorization token is (possibly) changed.
-
-<p>
-<tt/PAM_SUCCESS/ is the only successful return value, valid
-error-returns are:
-
-<descrip>
-<tag><tt/PAM_AUTHTOK_ERR/</tag>
- The module was unable to obtain the new authentication token.
-
-<tag><tt/PAM_AUTHTOK_RECOVERY_ERR/</tag>
- The module was unable to obtain the old authentication token.
-
-<tag><tt/PAM_AUTHTOK_LOCK_BUSY/</tag>
- Cannot change the authentication token since it is currently
-locked.
-
-<tag><tt/PAM_AUTHTOK_DISABLE_AGING/</tag>
- Authentication token aging has been disabled.
-
-<tag><tt/PAM_PERM_DENIED/</tag>
- Permission denied.
-
-<tag><tt/PAM_TRY_AGAIN/</tag>
- Preliminary check was unsuccessful. Signals an immediate return
-to the application is desired.
-
-<tag><tt/PAM_USER_UNKNOWN/</tag>
- The user is not known to the authentication token changing
-service.
-
-</descrip>
-
-</itemize>
-
-<sect>Generic optional arguments
-
-<p>
-Here we list the generic arguments that all modules can expect to
-be passed. They are not mandatory, and their absence should be
-accepted without comment by the module.
-
-<p>
-<descrip>
-<tag><tt/debug/</tag>
-
-Use the <tt/syslog(3)/ call to log debugging information to the system
-log files.
-
-<tag><tt/no_warn/</tag>
-
-Instruct module to not give warning messages to the application.
-
-<tag><tt/use_first_pass/</tag>
-
-The module should not prompt the user for a password. Instead, it
-should obtain the previously typed password (by a call to
-<tt/pam_get_item()/ for the <tt/PAM_AUTHTOK/ item), and use that. If
-that doesn't work, then the user will not be authenticated. (This
-option is intended for <tt/auth/ and <tt/passwd/ modules only).
-
-<tag><tt/try_first_pass/</tag>
-
-The module should attempt authentication with the previously typed
-password (by a call to <tt/pam_get_item()/ for the <tt/PAM_AUTHTOK/
-item). If that doesn't work, then the user is prompted for a
-password. (This option is intended for <tt/auth/ modules only).
-
-<tag><tt/use_mapped_pass/</tag>
-
-<bf/WARNING:/ coding this functionality may cause the module writer to
-break <em/local/ encryption laws. For example, in the U.S. there are
-restrictions on the export computer code that is capable of strong
-encryption. It has not been established whether this option is
-affected by this law, but one might reasonably assume that it does
-until told otherwise. For this reason, this option is not supported
-by any of the modules distributed with <bf/Linux-PAM/.
-
-The intended function of this argument, however, is that the module
-should take the existing authentication token from a previously
-invoked module and use it as a key to retrieve the authentication
-token for this module. For example, the module might create a strong
-hash of the <tt/PAM_AUTHTOK/ item (established by a previously
-executed module). Then, with logical-exclusive-or, use the result as a
-<em/key/ to safely store/retrieve the authentication token for this
-module in/from a local file <em/etc/. .
-
-<tag><tt/expose_account/</tag>
-
-<p>
-In general the leakage of some information about user accounts is not
-a secure policy for modules to adopt. Sometimes information such as
-users names or home directories, or preferred shell, can be used to
-attack a user's account. In some circumstances, however, this sort of
-information is not deemed a threat: displaying a user's full name when
-asking them for a password in a secured environment could also be
-called being 'friendly'. The <tt/expose_account/ argument is a
-standard module argument to encourage a module to be less discrete
-about account information as it is deemed appropriate by the local
-administrator.
-
-</descrip>
-
-<sect>Programming notes
-
-<p>
-Here we collect some pointers for the module writer to bear in mind
-when writing/developing a <bf/Linux-PAM/ compatible module.
-
-<sect1>Security issues for module creation
-
-<sect2>Sufficient resources
-
-<p>
-Care should be taken to ensure that the proper execution of a module
-is not compromised by a lack of system resources. If a module is
-unable to open sufficient files to perform its task, it should fail
-gracefully, or request additional resources. Specifically, the
-quantities manipulated by the <tt/setrlimit(2)/ family of commands
-should be taken into consideration.
-
-<sect2>Who's who?
-
-<p>
-Generally, the module may wish to establish the identity of the user
-requesting a service. This may not be the same as the username
-returned by <tt/pam_get_user()/. Indeed, that is only going to be the
-name of the user under whose identity the service will be given. This
-is not necessarily the user that requests the service.
-
-<p>
-In other words, user X runs a program that is setuid-Y, it grants the
-user to have the permissions of Z. A specific example of this sort of
-service request is the <em/su/ program: user <tt/joe/ executes
-<em/su/ to become the user <em/jane/. In this situation X=<tt/joe/,
-Y=<tt/root/ and Z=<tt/jane/. Clearly, it is important that the module
-does not confuse these different users and grant an inappropriate
-level of privilege.
-
-<p>
-The following is the convention to be adhered to when juggling
-user-identities.
-
-<p>
-<itemize>
-<item>X, the identity of the user invoking the service request.
-This is the user identifier; returned by the function <tt/getuid(2)/.
-
-<item>Y, the privileged identity of the application used to grant the
-requested service. This is the <em/effective/ user identifier;
-returned by the function <tt/geteuid(2)/.
-
-<item>Z, the user under whose identity the service will be granted.
-This is the username returned by <tt/pam_get_user(2)/ and also stored
-in the <bf/Linux-PAM/ item, <tt/PAM_USER/.
-
-<item><bf/Linux-PAM/ has a place for an additional user identity that
-a module may care to make use of. This is the <tt/PAM_RUSER/ item.
-Generally, network sensitive modules/applications may wish to set/read
-this item to establish the identity of the user requesting a service
-from a remote location.
-
-</itemize>
-
-<p>
-Note, if a module wishes to modify the identity of either the <tt/uid/
-or <tt/euid/ of the running process, it should take care to restore
-the original values prior to returning control to the <bf/Linux-PAM/
-library.
-
-<sect2>Using the conversation function
-<p>
-Prior to calling the conversation function, the module should reset
-the contents of the pointer that will return the applications
-response. This is a good idea since the application may fail to fill
-the pointer and the module should be in a position to notice!
-
-<p>
-The module should be prepared for a failure from the conversation. The
-generic error would be <tt/PAM_CONV_ERR/, but anything other than
-<tt/PAM_SUCCESS/ should be treated as indicating failure.
-
-<sect2>Authentication tokens
-
-<p>
-To ensure that the authentication tokens are not left lying around the
-items, <tt/PAM_AUTHTOK/ and <tt/PAM_OLDAUTHTOK/, are not available to
-the application: they are defined in
-<tt>&lt;security/pam_modules.h&gt;</tt>. This is ostensibly for
-security reasons, but a maliciously programmed application will always
-have access to all memory of the process, so it is only superficially
-enforced. As a general rule the module should overwrite
-authentication tokens as soon as they are no longer needed.
-Especially before <tt/free()/'ing them. The <bf/Linux-PAM/ library is
-required to do this when either of these authentication token items
-are (re)set.
-
-<p>
-Not to dwell too little on this concern; should the module store the
-authentication tokens either as (automatic) function variables or
-using <tt/pam_[gs]et_data()/ the associated memory should be
-over-written explicitly before it is released. In the case of the
-latter storage mechanism, the associated <tt/cleanup()/ function
-should explicitly overwrite the <tt/*data/ before <tt/free()/'ing it:
-for example,
-
-<tscreen>
-<verb>
-/*
- * An example cleanup() function for releasing memory that was used to
- * store a password.
- */
-
-int cleanup(pam_handle_t *pamh, void *data, int error_status)
-{
- char *xx;
-
- if ((xx = data)) {
- while (*xx)
- *xx++ = '\0';
- free(data);
- }
- return PAM_SUCCESS;
-}
-</verb>
-</tscreen>
-
-<sect1>Use of <tt/syslog(3)/
-
-<p>
-Only rarely should error information be directed to the user. Usually,
-this is to be limited to ``<em/sorry you cannot login now/'' type
-messages. Information concerning errors in the configuration file,
-<tt>/etc/pam.conf</tt>, or due to some system failure encountered by
-the module, should be written to <tt/syslog(3)/ with
-<em/facility-type/ <tt/LOG_AUTHPRIV/.
-
-<p>
-With a few exceptions, the level of logging is, at the discretion of
-the module developer. Here is the recommended usage of different
-logging levels:
-
-<p>
-<itemize>
-
-<item>
-As a general rule, errors encountered by a module should be logged at
-the <tt/LOG_ERR/ level. However, information regarding an unrecognized
-argument, passed to a module from an entry in the
-<tt>/etc/pam.conf</tt> file, is <bf/required/ to be logged at the
-<tt/LOG_ERR/ level.
-
-<item>
-Debugging information, as activated by the <tt/debug/ argument to the
-module in <tt>/etc/pam.conf</tt>, should be logged at the
-<tt/LOG_DEBUG/ level.
-
-<item>
-If a module discovers that its personal configuration file or some
-system file it uses for information is corrupted or somehow unusable,
-it should indicate this by logging messages at level, <tt/LOG_ALERT/.
-
-<item>
-Shortages of system resources, such as a failure to manipulate a file
-or <tt/malloc()/ failures should be logged at level <tt/LOG_CRIT/.
-
-<item>
-Authentication failures, associated with an incorrectly typed password
-should be logged at level, <tt/LOG_NOTICE/.
-
-</itemize>
-
-<sect1> Modules that require system libraries
-
-<p>
-Writing a module is much like writing an application. You have to
-provide the "conventional hooks" for it to work correctly, like
-<tt>pam_sm_authenticate()</tt> etc., which would correspond to the
-<tt/main()/ function in a normal function.
-
-<p>
-Typically, the author may want to link against some standard system
-libraries. As when one compiles a normal program, this can be done for
-modules too: you simply append the <tt>-l</tt><em>XXX</em> arguments
-for the desired libraries when you create the shared module object. To
-make sure a module is linked to the <tt>lib<em>whatever</em>.so</tt>
-library when it is <tt>dlopen()</tt>ed, try:
-<tscreen>
-<verb>
-% gcc -shared -Xlinker -x -o pam_module.so pam_module.o -lwhatever
-</verb>
-</tscreen>
-
-<sect1> Added requirements for <em/statically/ loaded modules.
-
-<!--
- Copyright (C) Michael K. Johnson 1996.
- Last modified: AGM 1996/5/31.
- -->
-
-<p>
-Modules may be statically linked into libpam. This should be true of
-all the modules distributed with the basic <bf/Linux-PAM/
-distribution. To be statically linked, a module needs to export
-information about the functions it contains in a manner that does not
-clash with other modules.
-
-The extra code necessary to build a static module should be delimited
-with <tt/#ifdef PAM_STATIC/ and <tt/#endif/. The static code should do
-the following:
-<itemize>
-<item> Define a single structure, <tt/struct pam_module/, called
-<tt>_pam_<it>modname</it>_modstruct</tt>, where
-<tt><it>modname</it></tt> is the name of the module <bf/as used in the
-filesystem/ but without the leading directory name (generally
-<tt>/usr/lib/security/</tt> or the suffix (generally <tt/.so/).
-
-</itemize>
-
-<p>
-As a simple example, consider the following module code which defines
-a module that can be compiled to be <em/static/ or <em/dynamic/:
-
-<p>
-<tscreen>
-<verb>
-#include <stdio.h> /* for NULL define */
-
-#define PAM_SM_PASSWORD /* the only pam_sm_... function declared */
-#include <security/pam_modules.h>
-
-PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
-{
- return PAM_SUCCESS;
-}
-
-#ifdef PAM_STATIC /* for the case that this module is static */
-
-struct pam_module _pam_modname_modstruct = { /* static module data */
- "pam_modname",
- NULL,
- NULL,
- NULL,
- NULL,
- NULL,
- pam_sm_chauthtok,
-};
-
-#endif /* end PAM_STATIC */
-</verb>
-</tscreen>
-
-<p>
-To be linked with <em/libpam/, staticly-linked modules must be built
-from within the <tt>Linux-PAM-X.YY/modules/</tt> subdirectory of the
-<bf/Linux-PAM/ source directory as part of a normal build of the
-<bf/Linux-PAM/ system.
-
-The <em/Makefile/, for the module in question, must execute the
-<tt/register_static/ shell script that is located in the
-<tt>Linux-PAM-X.YY/modules/</tt> subdirectory. This is to ensure that
-the module is properly registered with <em/libpam/.
-
-The <bf/two/ manditory arguments to <tt/register_static/ are the
-title, and the pathname of the object file containing the module's
-code. The pathname is specified relative to the
-<tt>Linux-PAM-X.YY/modules</tt> directory. The pathname may be an
-empty string---this is for the case that a single object file needs to
-register more than one <tt/struct pam_module/. In such a case, exactly
-one call to <tt/register_static/ must indicate the object file.
-
-<p>
-Here is an example; a line in the <em/Makefile/ might look like this:
-<tscreen>
-<verb>
-register:
-ifdef STATIC
- (cd ..; ./register_static pam_modname pam_modname/pam_modname.o)
-endif
-</verb>
-</tscreen>
-
-For some further examples, see the <tt>modules</tt> subdirectory of
-the current <bf/Linux-PAM/ distribution.
-
-<sect>An example module file
-
-<p>
-At some point, we may include a fully commented example of a module in
-this document. For now, we point the reader to these two locations in
-the public CVS repository:
-<itemize>
-<item> A module that always succeeds: <tt><htmlurl
-url="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/pam/Linux-PAM/modules/pam_permit/"
-name="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/pam/Linux-PAM/modules/pam_permit/"
-></tt>
-<item> A module that always fails: <tt><htmlurl
-url="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/pam/Linux-PAM/modules/pam_deny/"
-name="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/pam/Linux-PAM/modules/pam_deny/"
-></tt>
-</itemize>
-
-<sect>Files
-
-<p><descrip>
-
-<tag><tt>/usr/lib/libpam.so.*</tt></tag>
-
-the shared library providing applications with access to
-<bf/Linux-PAM/.
-
-<tag><tt>/etc/pam.conf</tt></tag>
-
-the <bf/Linux-PAM/ configuration file.
-
-<tag><tt>/usr/lib/security/pam_*.so</tt></tag>
-
-the primary location for <bf/Linux-PAM/ dynamically loadable object
-files; the modules.
-
-</descrip>
-
-<sect>See also
-
-<p><itemize>
-<item>The <bf/Linux-PAM/ System Administrators' Guide.
-<item>The <bf/Linux-PAM/ Application Writers' Guide.
-<item>
-V. Samar and R. Schemers (SunSoft), ``UNIFIED LOGIN WITH PLUGGABLE
-AUTHENTICATION MODULES'', Open Software Foundation Request For
-Comments 86.0, October 1995.
-</itemize>
-
-<sect>Notes
-
-<p>
-I intend to put development comments here... like ``at the moment
-this isn't actually supported''. At release time what ever is in
-this section will be placed in the Bugs section below! :)
-
-<p>
-<itemize>
-<item>
-Perhaps we should keep a registry of data-names as used by
-<tt/pam_[gs]et_data()/ so there are no unintentional problems due to
-conflicts?
-
-<item>
-<tt/pam_strerror()/ should be internationalized....
-
-<item>
-There has been some debate about whether <tt/initgroups()/ should be
-in an application or in a module. It was settled by Sun who stated
-that initgroups is an action of the <em/application/. The modules are
-permitted to add additional groups, however.
-
-<item>
-Refinements/futher suggestions to <tt/syslog(3)/ usage by modules are
-needed.
-
-</itemize>
-
-<sect>Author/acknowledgments
-
-<p>
-This document was written by Andrew G. Morgan
-(<tt/morgan@kernel.org/) with many contributions from
-<!-- insert credits here -->
-<!--
- an sgml list of people to credit for their contributions to Linux-PAM
- $Id: pam_modules.sgml,v 1.9 2002/05/10 06:00:12 agmorgan Exp $
- -->
-Chris Adams,
-Peter Allgeyer,
-Tim Baverstock,
-Tim Berger,
-Craig S. Bell,
-Derrick J. Brashear,
-Ben Buxton,
-Seth Chaiklin,
-Oliver Crow,
-Chris Dent,
-Marc Ewing,
-Cristian Gafton,
-Emmanuel Galanos,
-Brad M. Garcia,
-Eric Hester,
-Roger Hu,
-Eric Jacksch,
-Michael K. Johnson,
-David Kinchlea,
-Olaf Kirch,
-Marcin Korzonek,
-Stephen Langasek,
-Nicolai Langfeldt,
-Elliot Lee,
-Luke Kenneth Casson Leighton,
-Al Longyear,
-Ingo Luetkebohle,
-Marek Michalkiewicz,
-Robert Milkowski,
-Aleph One,
-Martin Pool,
-Sean Reifschneider,
-Jan Rekorajski,
-Erik Troan,
-Theodore Ts'o,
-Jeff Uphoff,
-Myles Uyema,
-Savochkin Andrey Vladimirovich,
-Ronald Wahl,
-David Wood,
-John Wilmes,
-Joseph S. D. Yao
-and
-Alex O. Yuriev.
-
-<p>
-Thanks are also due to Sun Microsystems, especially to Vipin Samar and
-Charlie Lai for their advice. At an early stage in the development of
-<bf/Linux-PAM/, Sun graciously made the documentation for their
-implementation of PAM available. This act greatly accelerated the
-development of <bf/Linux-PAM/.
-
-<sect>Bugs/omissions
-
-<p>
-Few PAM modules currently exist. Few PAM-aware applications exist.
-This document is hopelessly unfinished. Only a partial list of people is
-credited for all the good work they have done.
-
-<sect>Copyright information for this document
-
-<p>
-Copyright (c) Andrew G. Morgan 1996-2002. All rights reserved.
-<newline>
-Email: <tt>&lt;morgan@kernel.org&gt;</tt>
-
-<p>
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-<p>
-<itemize>
-
-<item>
-1. Redistributions of source code must retain the above copyright
- notice, and the entire permission notice in its entirety,
- including the disclaimer of warranties.
-
-<item>
-2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
-<item>
-3. The name of the author may not be used to endorse or promote
- products derived from this software without specific prior
- written permission.
-
-</itemize>
-
-<p>
-<bf/Alternatively/, this product may be distributed under the terms of
-the GNU General Public License (GPL), in which case the provisions of
-the GNU GPL are required <bf/instead of/ the above restrictions.
-(This clause is necessary due to a potential bad interaction between
-the GNU GPL and the restrictions contained in a BSD-style copyright.)
-
-<p>
-THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
-OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
-TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
-USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGE.
-
-<p>
-<tt>$Id: pam_modules.sgml,v 1.9 2002/05/10 06:00:12 agmorgan Exp $</tt>
-
-</article>
diff --git a/Linux-PAM/doc/pam_source.sgml b/Linux-PAM/doc/pam_source.sgml
deleted file mode 100644
index 9ec0bbe6..00000000
--- a/Linux-PAM/doc/pam_source.sgml
+++ /dev/null
@@ -1,1166 +0,0 @@
-<!doctype linuxdoc system>
-
-<!--
-
- $Id: pam_source.sgml,v 1.13 2004/09/28 13:48:46 kukuk Exp $
-
- Copyright (c) Andrew G. Morgan 1996-2002. All rights reserved.
-
-Redistribution and use in source (sgml) and binary (derived) forms,
-with or without modification, are permitted provided that the
-following conditions are met:
-
-1. Redistributions of source code must retain the above copyright
- notice, and the entire permission notice in its entirety,
- including the disclaimer of warranties.
-
-2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
-3. The name of the author may not be used to endorse or promote
- products derived from this software without specific prior
- written permission.
-
-ALTERNATIVELY, this product may be distributed under the terms of the
-GNU General Public License, in which case the provisions of the GNU
-GPL are required INSTEAD OF the above restrictions. (This clause is
-necessary due to a potential bad interaction between the GNU GPL and
-the restrictions contained in a BSD-style copyright.)
-
-THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
-OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
-TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
-USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGE.
-
- -->
-
-<article>
-
-<title>The Linux-PAM System Administrators' Guide
-<author>Andrew G. Morgan, <tt>morgan@kernel.org</tt>
-<date>DRAFT v0.77 2002/07/10
-<abstract>
-This manual documents what a system-administrator needs to know about
-the <bf>Linux-PAM</bf> library. It covers the correct syntax of the
-PAM configuration file and discusses strategies for maintaining a
-secure system.
-</abstract>
-
-<!-- Table of contents -->
-<toc>
-
-<!-- Begin the document -->
-
-<sect>Introduction
-
-<p><bf/Linux-PAM/ (Pluggable Authentication Modules for Linux) is a
-suite of shared libraries that enable the local system administrator
-to choose how applications authenticate users.
-
-<p>In other words, without (rewriting and) recompiling a PAM-aware
-application, it is possible to switch between the authentication
-mechanism(s) it uses. Indeed, one may entirely upgrade the local
-authentication system without touching the applications themselves.
-
-<p>Historically an application that has required a given user to be
-authenticated, has had to be compiled to use a specific authentication
-mechanism. For example, in the case of traditional UN*X systems, the
-identity of the user is verified by the user entering a correct
-password. This password, after being prefixed by a two character
-``salt'', is encrypted (with crypt(3)). The user is then authenticated
-if this encrypted password is identical to the second field of the
-user's entry in the system password database (the <tt>/etc/passwd</tt>
-file). On such systems, most if not all forms of privileges are
-granted based on this single authentication scheme. Privilege comes in
-the form of a personal user-identifier (<tt/uid/) and membership of
-various groups. Services and applications are available based on the
-personal and group identity of the user. Traditionally, group
-membership has been assigned based on entries in the
-<tt>/etc/group</tt> file.
-
-<p>
-Unfortunately, increases in the speed of computers and the
-widespread introduction of network based computing, have made once
-secure authentication mechanisms, such as this, vulnerable to
-attack. In the light of such realities, new methods of authentication
-are continuously being developed.
-
-<p>
-It is the purpose of the <bf/Linux-PAM/ project to separate the
-development of privilege granting software from the development of
-secure and appropriate authentication schemes. This is accomplished
-by providing a library of functions that an application may use to
-request that a user be authenticated. This PAM library is configured
-locally with a system file, <tt>/etc/pam.conf</tt> (or a series of
-configuration files located in <tt>/etc/pam.d/</tt>) to authenticate a
-user request via the locally available authentication modules. The
-modules themselves will usually be located in the directory
-<tt>/lib/security</tt> and take the form of dynamically loadable
-object files (see <tt/dlopen(3)/).
-
-<sect>Some comments on the text<label id="text-conventions">
-
-<p>
-Before proceeding to read the rest of this document, it should be
-noted that the text assumes that certain files are placed in certain
-directories. Where they have been specified, the conventions we adopt
-here for locating these files are those of the relevant RFC (RFC-86.0,
-see <ref id="see-also-sec" name="bibliography">). If you are using a
-distribution of Linux (or some other operating system) that supports
-PAM but chooses to distribute these files in a diferent way you should
-be careful when copying examples directly from the text.
-
-<p>
-As an example of the above, where it is explicit, the text assumes
-that PAM loadable object files (the <em/modules/) are to be located in
-the following directory: <tt>/lib/security/</tt>. This is generally
-the location that seems to be compatible with the Linux File System
-Standard (the FSSTND). On Solaris, which has its own licensed version
-of PAM, and some other implementations of UN*X, these files can be
-found in <tt>/usr/lib/security</tt>. Please be careful to perform the
-necessary transcription when using the examples from the text.
-
-<sect>Overview<label id="overview-section">
-
-<p>
-For the uninitiated, we begin by considering an example. We take an
-application that grants some service to users; <em/login/ is one such
-program. <em/Login/ does two things, it first establishes that the
-requesting user is whom they claim to be and second provides them with
-the requested service: in the case of <em/login/ the service is a
-command shell (<em>bash, tcsh, zsh, etc.</em>) running with the
-identity of the user.
-
-<p>
-Traditionally, the former step is achieved by the <em/login/
-application prompting the user for a password and then verifying that
-it agrees with that located on the system; hence verifying that
-as far as the system is concerned the user is who they claim to be.
-This is the task that is delegated to <bf/Linux-PAM/.
-
-<p>
-From the perspective of the application programmer (in this case the
-person that wrote the <em/login/ application), <bf/Linux-PAM/ takes
-care of this authentication task -- verifying the identity of the user.
-
-<p>
-The flexibility of <bf/Linux-PAM/ is that <em/you/, the system
-administrator, have the freedom to stipulate which authentication
-scheme is to be used. You have the freedom to set the scheme for
-any/all PAM-aware applications on your Linux system. That is, you can
-authenticate from anything as naive as <em/simple trust/
-(<tt/pam_permit/) to something as paranoid as a combination of a
-retinal scan, a voice print and a one-time password!
-
-<p>
-To illustrate the flexibility you face, consider the following
-situation: a system administrator (parent) wishes to improve the
-mathematical ability of her users (children). She can configure their
-favorite ``Shoot 'em up game'' (PAM-aware of course) to authenticate
-them with a request for the product of a couple of random numbers less
-than 12. It is clear that if the game is any good they will soon learn
-their <em/multiplication tables/. As they mature, the authentication
-can be upgraded to include (long) division!
-
-<p>
-<bf/Linux-PAM/ deals with four separate types of (management)
-task. These are: <em/authentication management/; <em/account
-management/; <em/session management/; and <em/password management/.
-The association of the preferred management scheme with the behavior
-of an application is made with entries in the relevant <bf/Linux-PAM/
-configuration file. The management functions are performed by
-<em/modules/ specified in the configuration file. The syntax for this
-file is discussed in the section <ref id="configuration"
-name="below">.
-
-<p>
-Here is a figure that describes the overall organization of
-<bf/Linux-PAM/.
-<tscreen>
-<verb>
- +----------------+
- | application: X |
- +----------------+ / +----------+ +================+
- | authentication-[---->--\--] Linux- |--<--| PAM config file|
- | + [----<--/--] PAM | |================|
- |[conversation()][--+ \ | | | X auth .. a.so |
- +----------------+ | / +-n--n-----+ | X auth .. b.so |
- | | | __| | | _____/
- | service user | A | | |____,-----'
- | | | V A
- +----------------+ +------|-----|---------+ -----+------+
- +---u-----u----+ | | |
- | auth.... |--[ a ]--[ b ]--[ c ]
- +--------------+
- | acct.... |--[ b ]--[ d ]
- +--------------+
- | password |--[ b ]--[ c ]
- +--------------+
- | session |--[ e ]--[ c ]
- +--------------+
-</verb>
-</tscreen>
-By way of explanation, the left of the figure represents the
-application; application X. Such an application interfaces with the
-<bf/Linux-PAM/ library and knows none of the specifics of its
-configured authentication method. The <bf/Linux-PAM/ library (in the
-center) consults the contents of the PAM configuration file and loads
-the modules that are appropriate for application-X. These modules fall
-into one of four management groups (lower-center) and are stacked in
-the order they appear in the configuration file. These modules, when
-called by <bf/Linux-PAM/, perform the various authentication tasks for
-the application. Textual information, required from/or offered to the
-user, can be exchanged through the use of the application-supplied
-<em/conversation/ function.
-
-<sect1>Getting started
-
-<p>
-The following text was contributed by Seth Chaiklin:
-<tscreen>
-<verb>
-To this point, we have described how PAM should work in an
-ideal world, in which all applications are coded properly.
-However, at the present time (October 1998), this is far
-from the case. Therefore, here are some practical considerations
-in trying to use PAM in your system.
-
-Why bother, is it really worth all the trouble?
-
-If you running Linux as a single user system, or in an
-environment where all the users are trusted, then there
-is no real advantage for using PAM.
-</verb>
-</tscreen>
-
-<p>
-<BF>Ed:</BF> there is actually an advantage since you can <em/dummy
-down/ the authentication to the point where you don't have
-any... Almost like Win95.
-<p>
-In a networked environment, it is clear that you need to think a
-little more about how users etc., are authenticated:]
-
-<p>
-<tscreen>
-<verb>
-If you are running Linux as a server, where several different
-services are being provided (e.g., WWW with areas restricted by
-password control, PPP), then there can be some real and interesting
-value for PAM. In particular, through the use of modules, PAM can
-enable a program to search through several different password
-databases, even if that program is not explicitly coded for
-that particular database. Here are some examples of the possibilities
-that this enables.
-
- o Apache has a module that provides PAM services. Now
- authentication
- to use particular directories can be conducted by PAM, which
- means that the range of modules that are available to PAM can
- be used, including RADIUS, NIS, NCP (which means that Novell
- password databases can be used).
-
- o pppd has a PAMified version (available from Red Hat) Now it is
- possible to use a series of databases to authenticate ppp users.
- In addition to the normal Linux-based password databases (such
- as /etc/passwd and /etc/shadow), you can use PAM modules to
- authenticate against Novell password databases or NT-based
- password databases.
-
- o The preceding two examples can be combined. Imagaine that the
- persons in your office/department are already registered with a
- username and password in a Novell or NT LAN. If you wanted to
- use this database on your Linux server (for PPP access, for
- web access, or even for normal shell access), you can use PAM
- to authenticate against this existing database, rather than
- maintain a separate database on both Linux and the LAN server.
-
-
-Can I use PAM for any program that requires authentication?
-
-Yes and no. Yes, if you have access to the source code, and can
-add the appropriate PAM functions. No, if you do not have access
-to the source code, and the binary does not have the PAM functions
-included.
-
-In other words, if a program is going to use PAM, then it has to
-have PAM functions explicitly coded into the program. If they
-are not, then it is not possible to use PAM.
-
-How can I tell whether a program has PAM coded into it or not?
-
-A quick-and-dirty (but not always reliable) method is to ldd
-<programname>
-If libpam and libpam_misc are not among the libraries that the program
-uses, then it is not going to work with PAM. However, it is possible
-that the libraries are included, but there are still problems, because
-the PAM coding in the program does not work as it should. So a
-more reliable method is to make the follow tests.
-
-In the /etc/pam.d directory, one needs to make a configuration file
-for the program that one wants to run. The exact name of the
-configuration
-file is hard-coded into the program. Usually, it is the same name as
-the
-program, but not always. For sake of illustration, let's assume that
-the program is named "pamprog" and the name of the configuration file
-is /etc/pam.d/pamprog.
-
-In the /etc/pam.d/pamprog but the following two lines:
-
-auth required pam_permit.so
-auth required pam_warn.so
-
-
-Now try to use pamprog. The first line in the configuration file
-says that all users are permitted. The second line will write a
-warning to your syslog file (or whether you syslog is writing
-
-messages). If this test succeeds, then you know that you have
-a program that can understand pam, and you can start the more
-interesting work of deciding how to stack modules in your
-/etc/pam.d/pamprog file.
-</verb>
-</tscreen>
-
-<sect>The Linux-PAM configuration file
-<label id="configuration">
-
-<p>
-<bf/Linux-PAM/ is designed to provide the system administrator with a
-great deal of flexibility in configuring the privilege granting
-applications of their system. The local configuration of those aspects
-of system security controlled by <tt/Linux-PAM/ is contained in one of
-two places: either the single system file, <tt>/etc/pam.conf</tt>; or
-the <tt>/etc/pam.d/</tt> directory. In this section we discuss the
-correct syntax of and generic options respected by entries to these
-files.
-
-<sect1>Configuration file syntax
-
-<p>
-The reader should note that the <bf/Linux-PAM/ specific tokens in this
-file are case <em/insensitive/. The module paths, however, are case
-sensitive since they indicate a file's <em/name/ and reflect the case
-dependence of typical Linux file-systems. The case-sensitivity of the
-arguments to any given module is defined for each module in turn.
-
-<p>
-In addition to the lines described below, there are two <em/special/
-characters provided for the convenience of the system administrator:
-comments are preceded by a `<tt/&num;/' and extend to the
-next end-of-line; also, module specification lines may be extended
-with a `<tt/&bsol;/' escaped newline.
-
-<p>
-A general configuration line of the <tt>/etc/pam.conf</tt> file has
-the following form:
-<tscreen>
-<verb>
-service-name module-type control-flag module-path args
-</verb>
-</tscreen>
-Below, we explain the meaning of each of these tokens. The second (and
-more recently adopted) way of configuring <bf/Linux-PAM/ is via the
-contents of the <tt>/etc/pam.d/</tt> directory. Once we have explained
-the meaning of the above tokens, we will describe this method.
-
-<p>
-<descrip>
-<tag><tt/service-name/</tag>
-The name of the service associated with this entry. Frequently the
-service name is the conventional name of the given application. For
-example, `<tt/ftpd/', `<tt/rlogind/' and `<tt/su/', <em/etc./ .
-
-<p>
-There is a special <tt/service-name/, reserved for defining a default
-authentication mechanism. It has the name `<tt/OTHER/' and may be
-specified in either lower or upper case characters. Note, when there
-is a module specified for a named service, the `<tt/OTHER/' entries
-are ignored.
-
-<tag><tt/module-type/</tag>
-One of (currently) four types of module. The four types are as
-follows:
-<itemize>
-<item> <tt/auth/; this module type provides two aspects of
-authenticating the user. Firstly, it establishes that the user is who
-they claim to be, by instructing the application to prompt the user
-for a password or other means of identification. Secondly, the module
-can grant <tt/group/ membership (independently of the
-<tt>/etc/groups</tt> file discussed above) or other privileges through
-its <em/credential/ granting properties.
-
-<item> <tt/account/; this module performs non-authentication based
-account management. It is typically used to restrict/permit access to
-a service based on the time of day, currently available system
-resources (maximum number of users) or perhaps the location of the
-applicant user---`<tt/root/' login only on the console.
-
-<item> <tt/session/; primarily, this module is associated with doing
-things that need to be done for the user before/after they can be
-given service. Such things include the logging of information
-concerning the opening/closing of some data exchange with a user,
-mounting directories, etc. .
-
-<item> <tt/password/; this last module type is required for updating the
-authentication token associated with the user. Typically, there is one
-module for each `challenge/response' based authentication (<tt/auth/)
-module-type.
-
-</itemize>
-
-<tag><tt/control-flag/</tag>
-
-The control-flag is used to indicate how the PAM library will react to
-the success or failure of the module it is associated with. Since
-modules can be <em/stacked/ (modules of the same type execute in
-series, one after another), the control-flags determine the relative
-importance of each module. The application is not made aware of the
-individual success or failure of modules listed in the
-`<tt>/etc/pam.conf</tt>' file. Instead, it receives a summary
-<em/success/ or <em/fail/ response from the <bf/Linux-PAM/ library.
-The order of execution of these modules is that of the entries in the
-<tt>/etc/pam.conf</tt> file; earlier entries are executed before later
-ones. As of Linux-PAM v0.60, this <em/control-flag/ can be defined
-with one of two syntaxes.
-
-<p>
-The simpler (and historical) syntax for the control-flag is a single
-keyword defined to indicate the severity of concern associated with
-the success or failure of a specific module. There are four such
-keywords: <tt/required/, <tt/requisite/, <tt/sufficient/,
-<tt/optional/ and <tt/include/.
-
-<p>
-The Linux-PAM library interprets these keywords in the following
-manner:
-
-<itemize>
-
-<item> <tt/required/; this indicates that the success of the module is
-required for the <tt/module-type/ facility to succeed. Failure of this
-module will not be apparent to the user until all of the remaining
-modules (of the same <tt/module-type/) have been executed.
-
-<item> <tt/requisite/; like <tt/required/, however, in the case that
-such a module returns a failure, control is directly returned to the
-application. The return value is that associated with the <em/first/
-<tt/required/ or <tt/requisite/ module to fail. Note, this flag can be
-used to protect against the possibility of a user getting the
-opportunity to enter a password over an unsafe medium. It is
-conceivable that such behavior might inform an attacker of valid
-accounts on a system. This possibility should be weighed against the
-not insignificant concerns of exposing a sensitive password in a
-hostile environment.
-
-<item> <tt/sufficient/; the success of this module is deemed
-`<em/sufficient/' to satisfy the <bf/Linux-PAM/ library that this
-module-type has succeeded in its purpose. In the event that no
-previous <tt/required/ module has failed, no more `<em/stacked/'
-modules of this type are invoked. (Note, in this case subsequent
-<tt/required/ modules are <bf/not/ invoked.). A failure of this module
-is not deemed as fatal to satisfying the application that this
-<tt/module-type/ has succeeded.
-
-<item> <tt/optional/; as its name suggests, this <tt/control-flag/
-marks the module as not being critical to the success or failure of
-the user's application for service. In general, <bf/Linux-PAM/
-ignores such a module when determining if the module stack will
-succeed or fail. However, in the absence of any definite successes or
-failures of previous or subsequent stacked modules this module will
-determine the nature of the response to the application. One example
-of this latter case, is when the other modules return something like
-<tt/PAM_IGNORE/.
-
-<item> <tt/include/; this tells PAM to include all lines of given type
-from the configuration file specified as an argument to this control.
-The whole idea is to create few "systemwide" pam configs and include
-parts of them in application pam configs.
-
-
-</itemize>
-
-<p>
-The more elaborate (newer) syntax is much more specific and gives the
-administrator a great deal of control over how the user is
-authenticated. This form of the control flag is delimeted with square
-brackets and consists of a series of <tt/value=action/ tokens:
-<tscreen>
-<verb>
- [value1=action1 value2=action2 ...]
-</verb>
-</tscreen>
-
-<p>
-Here, <tt/valueI/ is one of the following <em/return values/:
-<tt/success/; <tt/open_err/; <tt/symbol_err/; <tt/service_err/;
-<tt/system_err/; <tt/buf_err/; <tt/perm_denied/; <tt/auth_err/;
-<tt/cred_insufficient/; <tt/authinfo_unavail/; <tt/user_unknown/;
-<tt/maxtries/; <tt/new_authtok_reqd/; <tt/acct_expired/;
-<tt/session_err/; <tt/cred_unavail/; <tt/cred_expired/; <tt/cred_err/;
-<tt/no_module_data/; <tt/conv_err/; <tt/authtok_err/;
-<tt/authtok_recover_err/; <tt/authtok_lock_busy/;
-<tt/authtok_disable_aging/; <tt/try_again/; <tt/ignore/; <tt/abort/;
-<tt/authtok_expired/; <tt/module_unknown/; <tt/bad_item/; and
-<tt/default/. The last of these (<tt/default/) can be used to set the
-action for those return values that are not explicitly defined.
-
-<p>
-The <tt/actionI/ can be a positive integer or one of the following
-tokens: <tt/ignore/; <tt/ok/; <tt/done/; <tt/bad/; <tt/die/; and
-<tt/reset/. A positive integer, <tt/J/, when specified as the action,
-can be used to indicate that the next <em/J/ modules of the current
-module-type will be skipped. In this way, the administrator can
-develop a moderately sophisticated stack of modules with a number of
-different paths of execution. Which path is taken can be determined
-by the reactions of individual modules.
-
-<p>
-<itemize>
-<item><tt/ignore/ - when used with a stack of modules, the module's
- return status will not contribute to the return code the application
- obtains.
-<item><tt/bad/ - this action indicates that the return code should be
- thought of as indicative of the module failing. If this module is
- the first in the stack to fail, its status value will be used for
- that of the whole stack.
-<item><tt/die/ - equivalent to <tt/bad/ with the side effect of
- terminating the module stack and PAM immediately returning to the
- application.
-<item><tt/ok/ - this tells <bf/PAM/ that the administrator thinks this
- return code should contribute directly to the return code of the full
- stack of modules. In other words, if the former state of the stack
- would lead to a return of <tt/PAM_SUCCESS/, the module's return code
- will override this value. Note, if the former state of the stack
- holds some value that is indicative of a modules failure, this 'ok'
- value will not be used to override that value.
-<item><tt/done/ - equivalent to <tt/ok/ with the side effect of
- terminating the module stack and PAM immediately returning to the
- application.
-<item><tt/reset/ - clear all memory of the state of the module stack and
- start again with the next stacked module.
-</itemize>
-
-<p>
-Each of the four keywords: <tt/required/; <tt/requisite/;
-<tt/sufficient/; and <tt/optional/, have an equivalent expression in
-terms of the <tt/[...]/ syntax. They are as follows:
-<itemize>
-<item><tt/required/ is equivalent to
-<tt/[success=ok new_authtok_reqd=ok ignore=ignore default=bad]/
-<item><tt/requisite/ is equivalent to
-<tt/[success=ok new_authtok_reqd=ok ignore=ignore default=die]/
-<item><tt/sufficient/ is equivalent to
-<tt/[success=done new_authtok_reqd=done default=ignore]/
-<item><tt/optional/ is equivalent to
-<tt/[success=ok new_authtok_reqd=ok default=ignore]/
-</itemize>
-
-<p>
-Just to get a feel for the power of this new syntax, here is a taste
-of what you can do with it. With <bf/Linux-PAM-0.63/, the notion of
-client plug-in agents was introduced. This is something that makes it
-possible for PAM to support machine-machine authentication using the
-transport protocol inherent to the client/server application. With
-the ``<tt/[ ... value=action ... ]/'' control syntax, it is possible
-for an application to be configured to support binary prompts with
-compliant clients, but to gracefully fall over into an alternative
-authentication mode for older, legacy, applications.
-
-<tag> <tt/module-path/</tag>
-
-The path-name of the dynamically loadable object file; <em/the
-pluggable module/ itself. If the first character of the module path is
-`<tt>/</tt>', it is assumed to be a complete path. If this is not the
-case, the given module path is appended to the default module path:
-<tt>/lib/security</tt> (but see the notes <ref id="text-conventions"
-name="above">).
-
-<tag> <tt/args/</tag>
-
-The <tt/args/ are a list of tokens that are passed to the module when
-it is invoked. Much like arguments to a typical Linux shell command.
-Generally, valid arguments are optional and are specific to any given
-module. Invalid arguments are ignored by a module, however, when
-encountering an invalid argument, the module is required to write an
-error to <tt/syslog(3)/. For a list of <em/generic/ options see the
-next section.
-
-Note, if you wish to include spaces in an argument, you should
-surround that argument with square brackets. For example:
-<tscreen>
-<verb>
-squid auth required pam_mysql.so user=passwd_query passwd=mada \
- db=eminence [query=select user_name from internet_service where \
- user_name='%u' and password=PASSWORD('%p') and \
- service='web_proxy']
-</verb>
-</tscreen>
-Note, when using this convention, you can include `<tt/[/' characters
-inside the string, and if you wish to include a `<tt/]/' character
-inside the string that will survive the argument parsing, you should
-use `<tt/\[/'. In other words:
-<tscreen>
-<verb>
-[..[..\]..] --> ..[..]..
-</verb>
-</tscreen>
-
-</descrip>
-
-<p>
-Any line in (one of) the configuration file(s), that is not formatted
-correctly, will generally tend (erring on the side of caution) to make
-the authentication process fail. A corresponding error is written to
-the system log files with a call to <tt/syslog(3)/.
-
-<sect1>Directory based configuration
-
-<p>
-More flexible than the single configuration file, as of version 0.56,
-it is possible to configure <tt>libpam</tt> via the contents of the
-<tt>/etc/pam.d/</tt> directory. In this case the directory is filled
-with files each of which has a filename equal to a service-name (in
-lower-case): it is the personal configuration file for the named
-service.
-
-<p>
-<bf/Linux-PAM/ can be compiled in one of two modes. The preferred
-mode uses either <tt>/etc/pam.d/</tt> or <tt>/etc/pam.conf</tt>
-configuration but not both. That is to say, if there is a
-<tt>/etc/pam.d/</tt> directory then libpam only uses the files
-contained in this directory. However, in the absence of the
-<tt>/etc/pam.d/</tt> directory the <tt>/etc/pam.conf</tt> file is used
-(this is likely to be the mode your preferred distribution uses). The
-other mode is to use both <tt>/etc/pam.d/</tt> and
-<tt>/etc/pam.conf</tt> in sequence. In this mode, entries in
-<tt>/etc/pam.d/</tt> override those of <tt>/etc/pam.conf</tt>.
-
-The syntax of each file in <tt>/etc/pam.d/</tt> is similar to that of
-the <tt>/etc/pam.conf</tt> file and is made up of lines of the
-following form:
-<tscreen>
-<verb>
-module-type control-flag module-path arguments
-</verb>
-</tscreen>
-The only difference being that the <tt>service-name</tt> is not
-present. The service-name is of course the name of the given
-configuration file. For example, <tt>/etc/pam.d/login</tt> contains
-the configuration for the <em>login</em> service.
-
-<p>
-This method of configuration has a number of advantages over the
-single file approach. We list them here to assist the reader in
-deciding which scheme to adopt:
-
-<p>
-<itemize>
-
-<item>A lower chance of misconfiguring an application. There is one
-less field to mis-type when editing the configuration files by hand.
-
-<item>Easier to maintain. One application may be reconfigured without
-risk of interfering with other applications on the system.
-
-<item>It is possible to symbolically link different services
-configuration files to a single file. This makes it easier to keep the
-system policy for access consistent across different applications.
-(It should be noted, to conserve space, it is equally possible to
-<em>hard</em> link a number of configuration files. However, care
-should be taken when administering this arrangement as editing a hard
-linked file is likely to break the link.)
-
-<item>A potential for quicker configuration file parsing. Only the
-relevant entries are parsed when a service gets bound to its modules.
-
-<item>It is possible to limit read access to individual <bf/Linux-PAM/
-configuration files using the file protections of the filesystem.
-
-<item>Package management becomes simpler. Every time a new
-application is installed, it can be accompanied by an
-<tt>/etc/pam.d/</tt><em>xxxxxx</em> file.
-
-</itemize>
-
-<sect1>Generic optional arguments
-
-<p>
-The following are optional arguments which are likely to be understood
-by any module. Arguments (including these) are in general
-<em/optional/.
-
-<p>
-<descrip>
-<tag><tt/debug/</tag>
-
-Use the <tt/syslog(3)/ call to log debugging information to the system
-log files.
-
-<tag> <tt/no_warn/</tag>
-
-Instruct module to not give warning messages to the application.
-
-<tag> <tt/use_first_pass/</tag>
-
-The module should not prompt the user for a password. Instead, it
-should obtain the previously typed password (from the preceding
-<tt/auth/ module), and use that. If that doesn't work, then the user
-will not be authenticated. (This option is intended for <tt/auth/
-and <tt/password/ modules only).
-
-<tag> <tt/try_first_pass/</tag>
-
-The module should attempt authentication with the previously typed
-password (from the preceding <tt/auth/ module). If that doesn't work,
-then the user is prompted for a password. (This option is intended for
-<tt/auth/ modules only).
-
-<tag> <tt/use_mapped_pass/</tag>
-
-This argument is not currently supported by any of the modules in the
-<bf/Linux-PAM/ distribution because of possible consequences
-associated with U.S. encryption exporting restrictions. Within the
-U.S., module developers are, of course, free to implement it (as are
-developers in other countries). For compatibility reasons we describe
-its use as suggested in the <bf/DCE-RFC 86.0/, see section <ref
-id="see-also-sec" name="bibliography"> for a pointer to this document.
-
-<p>
-The <tt/use_mapped_pass/ argument instructs the module to take the
-clear text authentication token entered by a previous module (that
-requests such a token) and use it to generate an encryption/decryption
-key with which to safely store/retrieve the authentication token
-required for this module. In this way the user can enter a single
-authentication token and be quietly authenticated by a number of
-stacked modules. Obviously a convenient feature that necessarily
-requires some reliably strong encryption to make it secure.
-This argument is intended for the <tt/auth/ and <tt/password/ module
-types only.
-
-<tag><tt/expose_account/</tag>
-
-<p>
-In general the leakage of some information about user accounts is not
-a secure policy for modules to adopt. Sometimes information such as
-users names or home directories, or preferred shell, can be used to
-attack a user's account. In some circumstances, however, this sort of
-information is not deemed a threat: displaying a user's full name when
-asking them for a password in a secured environment could also be
-called being 'friendly'. The <tt/expose_account/ argument is a
-standard module argument to encourage a module to be less discrete
-about account information as it is deemed appropriate by the local
-administrator.
-
-</descrip>
-
-<sect1>Example configuration file entries
-
-<p>
-In this section, we give some examples of entries that can be present
-in the <bf/Linux-PAM/ configuration file. As a first attempt at
-configuring your system you could do worse than to implement these.
-
-<sect2>Default policy
-
-<p>
-If a system is to be considered secure, it had better have a
-reasonably secure `<tt/OTHER/' entry. The following is a paranoid
-setting (which is not a bad place to start!):
-<tscreen>
-<verb>
-#
-# default; deny access
-#
-OTHER auth required pam_deny.so
-OTHER account required pam_deny.so
-OTHER password required pam_deny.so
-OTHER session required pam_deny.so
-</verb>
-</tscreen>
-Whilst fundamentally a secure default, this is not very sympathetic to
-a misconfigured system. For example, such a system is vulnerable to
-locking everyone out should the rest of the file become badly written.
-
-<p>
-The module <tt/pam_deny/ (documented in a later section) is not very
-sophisticated. For example, it logs no information when it is invoked
-so unless the users of a system contact the administrator when failing
-to execute a service application, the administrator may go for a long
-while in ignorance of the fact that his system is misconfigured.
-
-<p>
-The addition of the following line before those in the above example
-would provide a suitable warning to the administrator.
-<tscreen>
-<verb>
-#
-# default; wake up! This application is not configured
-#
-OTHER auth required pam_warn.so
-OTHER password required pam_warn.so
-</verb>
-</tscreen>
-Having two ``<tt/OTHER auth/'' lines is an example of stacking.
-
-<p>
-On a system that uses the <tt>/etc/pam.d/</tt> configuration, the
-corresponding default setup would be achieved with the following file:
-<tscreen>
-<verb>
-#
-# default configuration: /etc/pam.d/other
-#
-auth required pam_warn.so
-auth required pam_deny.so
-account required pam_deny.so
-password required pam_warn.so
-password required pam_deny.so
-session required pam_deny.so
-</verb>
-</tscreen>
-This is the only explicit example we give for an <tt>/etc/pam.d/</tt>
-file. In general, it should be clear how to transpose the remaining
-examples to this configuration scheme.
-
-<p>
-On a less sensitive computer, one on which the system administrator
-wishes to remain ignorant of much of the power of <tt/Linux-PAM/, the
-following selection of lines (in <tt>/etc/pam.conf</tt>) is likely to
-mimic the historically familiar Linux setup.
-<tscreen>
-<verb>
-#
-# default; standard UN*X access
-#
-OTHER auth required pam_unix.so
-OTHER account required pam_unix.so
-OTHER password required pam_unix.so
-OTHER session required pam_unix.so
-</verb>
-</tscreen>
-In general this will provide a starting place for most applications.
-Unfortunately, most is not all. One application that might require
-additional lines is <em/ftpd/ if you wish to enable
-<em/anonymous-ftp/.
-
-<p>
-To enable anonymous-ftp, the following lines might be used to replace
-the default (<tt/OTHER/) ones. (<bf/*WARNING*/ as of 1996/12/28 this
-does not work correctly with any ftpd. Consequently, this description
-may be subject to change or the application will be fixed.)
-<tscreen>
-<verb>
-#
-# ftpd; add ftp-specifics. These lines enable anonymous ftp over
-# standard UN*X access (the listfile entry blocks access to
-# users listed in /etc/ftpusers)
-#
-ftpd auth sufficient pam_ftp.so
-ftpd auth required pam_unix_auth.so use_first_pass
-ftpd auth required pam_listfile.so \
- onerr=succeed item=user sense=deny file=/etc/ftpusers
-</verb>
-</tscreen>
-Note, the second line is necessary since the default entries are
-ignored by a service application (here <em/ftpd/) if there are
-<em/any/ entries in <tt>/etc/pam.conf</tt> for that specified service.
-Again, this is an example of authentication module stacking. Note the
-use of the <tt/sufficient/ control-flag. It says that ``if this module
-authenticates the user, ignore the subsequent <tt/auth/
-modules''. Also note the use of the ``<tt/use_first_pass/''
-module-argument, this instructs the UN*X authentication module that it
-is not to prompt for a password but rely on one already having been
-obtained by the <tt/pam_ftp/ module.
-
-<sect>Security issues of Linux-PAM
-
-<p>
-This section will discuss good practices for using PAM in a secure
-manner. <em>It is currently sadly lacking...suggestions are
-welcome!</em>
-
-<sect1>If something goes wrong
-
-<p>
-<bf/Linux-PAM/ has the potential to seriously change the security of
-your system. You can choose to have no security or absolute security
-(no access permitted). In general, <bf/Linux-PAM/ errs towards the
-latter. Any number of configuration errors can dissable access to
-your system partially, or completely.
-
-<p>
-The most dramatic problem that is likely to be encountered when
-configuring <bf/Linux-PAM/ is that of <em>deleting</em> the
-configuration file(s): <tt>/etc/pam.d/*</tt> and/or
-<tt>/etc/pam.conf</tt>. This will lock you out of your own system!
-
-<p>
-To recover, your best bet is to reboot the system in single user mode
-and set about correcting things from there. The following has been
-<em>adapted</em> from a life-saving email on the subject from David
-Wood:
-<verb>
-> What the hell do I do now?
-
-OK, don't panic. The first thing you have to realize is that
-this happens to 50% of users who ever do anything with PAM.
-It happened here, not once, not twice, but three times, all
-different, and in the end, the solution was the same every
-time.
-
-First, I hope you installed LILO with a delay. If you can,
-reboot, hit shift or tab or something and type:
-
- LILO boot: linux single
-
-(Replace 'linux' with 'name-of-your-normal-linux-image').
-This will let you in without logging in. Ever wondered how
-easy it is to break into a linux machine from the console?
-Now you know.
-
-If you can't do that, then get yourself a bootkernel floppy
-and a root disk a-la slackware's rescue.gz. (Red Hat's
-installation disks can be used in this mode too.)
-
-In either case, the point is to get back your root prompt.
-
-Second, I'm going to assume that you haven't completely
-nuked your pam installation - just your configuration files.
-Here's how you make your configs nice again:
-
- cd /etc
- mv pam.conf pam.conf.orig
- mv pam.d pam.d.orig
- mkdir pam.d
- cd pam.d
-
-and then use vi to create a file called "other" in this
-directory. It should contain the following four lines:
-
- auth required pam_unix.so
- account required pam_unix.so
- password required pam_unix.so
- session required pam_unix.so
-
-Now you have the simplest possible PAM configuration that
-will work the way you're used to. Everything should
-magically start to work again. Try it out by hitting ALT-F2
-and logging in on another virtual console. If it doesn't
-work, you have bigger problems, or you've mistyped
-something. One of the wonders of this system (seriously,
-perhaps) is that if you mistype anything in the conf files,
-you usually get no error reporting of any kind on the
-console - just some entries in the log file. So look there!
-(Try 'tail /var/log/messages'.)
-
-From here you can go back and get a real configuration
-going, hopefully after you've tested it first on a machine
-you don't care about screwing up. :/
-
-Some pointers (to make everything "right" with Red Hat...):
-
- Install the newest pam, pamconfig, and pwdb from the
- redhat current directory, and do it all on the same
- command line with rpm...
-
- rpm -Uvh [maybe --force too] pam-* pamconfig-* pwdb-*
-
- Then make sure you install (or reinstall) the newest
- version of libc, util-linux, wuftp, and NetKit. For
- kicks you might try installing the newest versions of
- the affected x apps, like xlock, but I haven't gotten
- those to work at all yet.
-
-</verb>
-
-<sect1>Avoid having a weak `other' configuration
-
-<p>
-It is not a good thing to have a weak default (<tt/OTHER/) entry.
-This service is the default configuration for all PAM aware
-applications and if it is weak, your system is likely to be vulnerable
-to attack.
-
-<p>
-Here is a sample "other" configuration file. The <em/pam_deny/ module will
-deny access and the <em/pam_warn/ module will send a syslog message to
-<tt/auth.notice/:
-
-<p>
-<tscreen>
-<verb>
-#
-# The PAM configuration file for the `other' service
-#
-auth required pam_deny.so
-auth required pam_warn.so
-account required pam_deny.so
-account required pam_warn.so
-password required pam_deny.so
-password required pam_warn.so
-session required pam_deny.so
-session required pam_warn.so
-</verb>
-</tscreen>
-
-<sect>A reference guide for available modules
-
-<p>
-Here, we collect together some descriptions of the various modules
-available for <bf/Linux-PAM/. In general these modules should be
-freely available. Where this is not the case, it will be indicated.
-
-<p>
-Also please note the comments contained in the section <ref
-id="text-conventions" name="on text conventions above"> when copying
-the examples listed below.
-
-<!-- insert-file MODULES-SGML -->
-
-<sect>Files
-
-<p><descrip>
-
-<tag><tt>/lib/libpam.so.*</tt></tag>
-
-the shared library providing applications with access to
-<bf/Linux-PAM/.
-
-<tag><tt>/etc/pam.conf</tt></tag>
-
-the <bf/Linux-PAM/ configuration file.
-
-<tag><tt>/lib/security/pam_*.so</tt></tag>
-
-the primary location for <bf/Linux-PAM/ dynamically loadable object
-files; the modules.
-
-</descrip>
-
-<sect>See also<label id="see-also-sec">
-
-<p><itemize>
-
-<item>The <bf/Linux-PAM/ Application Writers' Guide.
-
-<item>The <bf/Linux-PAM/ Module Writers' Guide.
-
-<item>The V. Samar and R. Schemers (SunSoft), ``UNIFIED LOGIN WITH
-PLUGGABLE AUTHENTICATION MODULES'', Open Software Foundation Request
-For Comments 86.0, October 1995. See this url:
-<tt><htmlurl
-url="http://www.kernel.org/pub/linux/libs/pam/pre/doc/rfc86.0.txt.gz"
-name="http://www.kernel.org/pub/linux/libs/pam/pre/doc/rfc86.0.txt.gz"></tt>
-
-</itemize>
-
-<sect>Notes
-
-<p>
-I intend to put development comments here... like ``at the moment
-this isn't actually supported''. At release time what ever is in
-this section will be placed in the Bugs section below! :)
-
-<p>
-Are we going to be able to support the <tt/use_mapped_pass/ module
-argument? Anyone know a cheap (free) good lawyer?!
-
-<p>
-<itemize>
-<item>
-This issue may go away, as Sun have investigated adding a new
-management group for mappings. In this way, libpam would have mapping
-modules that could securely store passwords using strong cryptography
-and in such a way that they need not be distributed with Linux-PAM.
-</itemize>
-
-<sect>Author/acknowledgments
-
-<p>
-This document was written by Andrew G. Morgan (morgan@kernel.org)
-with many contributions from
-<!-- insert-file CREDITS -->
-
-<p>
-Thanks are also due to Sun Microsystems, especially to Vipin Samar and
-Charlie Lai for their advice. At an early stage in the development of
-<bf/Linux-PAM/, Sun graciously made the documentation for their
-implementation of PAM available. This act greatly accelerated the
-development of <bf/Linux-PAM/.
-
-<sect>Bugs/omissions
-
-<p>
-More PAM modules are being developed all the time. It is unlikely that
-this document will ever be truely up to date!
-
-<p>
-This manual is unfinished. Only a partial list of people is credited
-for all the good work they have done.
-
-<sect>Copyright information for this document
-
-<p>
-Copyright (c) Andrew G. Morgan 1996-2002. All rights reserved.
-<newline>
-Email: <tt>&lt;morgan@kernel.org&gt;</tt>
-
-<p>
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-<p>
-<itemize>
-
-<item>
-1. Redistributions of source code must retain the above copyright
- notice, and the entire permission notice in its entirety,
- including the disclaimer of warranties.
-
-<item>
-2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
-<item>
-3. The name of the author may not be used to endorse or promote
- products derived from this software without specific prior
- written permission.
-
-</itemize>
-
-<p>
-<bf/Alternatively/, this product may be distributed under the terms of
-the GNU General Public License (GPL), in which case the provisions of
-the GNU GPL are required <bf/instead of/ the above restrictions.
-(This clause is necessary due to a potential bad interaction between
-the GNU GPL and the restrictions contained in a BSD-style copyright.)
-
-<p>
-THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
-OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
-TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
-USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGE.
-
-<p>
-<tt>$Id: pam_source.sgml,v 1.13 2004/09/28 13:48:46 kukuk Exp $</tt>
-
-</article>
diff --git a/Linux-PAM/doc/pdf/README b/Linux-PAM/doc/pdf/README
deleted file mode 100644
index 5cae4e68..00000000
--- a/Linux-PAM/doc/pdf/README
+++ /dev/null
@@ -1,3 +0,0 @@
-$Id: README,v 1.1 2002/05/29 04:14:11 agmorgan Exp $
-
-a directory for PDF versions of the documentation
diff --git a/Linux-PAM/doc/ps/README b/Linux-PAM/doc/ps/README
deleted file mode 100644
index 18ab6329..00000000
--- a/Linux-PAM/doc/ps/README
+++ /dev/null
@@ -1,3 +0,0 @@
-$Id: README,v 1.2 2001/11/27 05:37:30 agmorgan Exp $
-
-this is the directory for the PostScript documentation
diff --git a/Linux-PAM/doc/sag/Linux-PAM_SAG.xml b/Linux-PAM/doc/sag/Linux-PAM_SAG.xml
new file mode 100644
index 00000000..84dece31
--- /dev/null
+++ b/Linux-PAM/doc/sag/Linux-PAM_SAG.xml
@@ -0,0 +1,570 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<book id="sag">
+ <bookinfo>
+ <title>The Linux-PAM System Administrators' Guide</title>
+ <authorgroup>
+ <author>
+ <firstname>Andrew G.</firstname>
+ <surname>Morgan</surname>
+ <email>morgan@kernel.org</email>
+ </author>
+ <author>
+ <firstname>Thorsten</firstname>
+ <surname>Kukuk</surname>
+ <email>kukuk@thkukuk.de</email>
+ </author>
+ </authorgroup>
+ <releaseinfo>Version 0.99.7.0, 16. January 2007</releaseinfo>
+ <abstract>
+ <para>
+ This manual documents what a system-administrator needs to know about
+ the <emphasis remap='B'>Linux-PAM</emphasis> library. It covers the
+ correct syntax of the PAM configuration file and discusses strategies
+ for maintaining a secure system.
+ </para>
+ </abstract>
+ </bookinfo>
+
+ <chapter id='sag-introductoin'>
+ <title>Introduction</title>
+ <para>
+ <emphasis remap='B'>Linux-PAM</emphasis> (Pluggable Authentication
+ Modules for Linux) is a suite of shared libraries that enable the
+ local system administrator to choose how applications authenticate users.
+ </para>
+ <para>
+ In other words, without (rewriting and) recompiling a PAM-aware
+ application, it is possible to switch between the authentication
+ mechanism(s) it uses. Indeed, one may entirely upgrade the local
+ authentication system without touching the applications themselves.
+ </para>
+ <para>
+ Historically an application that has required a given user to be
+ authenticated, has had to be compiled to use a specific authentication
+ mechanism. For example, in the case of traditional UN*X systems, the
+ identity of the user is verified by the user entering a correct
+ password. This password, after being prefixed by a two character
+ ``salt'', is encrypted (with crypt(3)). The user is then authenticated
+ if this encrypted password is identical to the second field of the
+ user's entry in the system password database (the
+ <filename>/etc/passwd</filename> file). On such systems, most if
+ not all forms of privileges are granted based on this single
+ authentication scheme. Privilege comes in the form of a personal
+ user-identifier (UID) and membership of various groups. Services and
+ applications are available based on the personal and group identity
+ of the user. Traditionally, group membership has been assigned based
+ on entries in the <filename>/etc/group</filename> file.
+ </para>
+ <para>
+ It is the purpose of the <emphasis remap='B'>Linux-PAM</emphasis>
+ project to separate the development of privilege granting software
+ from the development of secure and appropriate authentication schemes.
+ This is accomplished by providing a library of functions that an
+ application may use to request that a user be authenticated. This
+ PAM library is configured locally with a system file,
+ <filename>/etc/pam.conf</filename> (or a series of configuration
+ files located in <filename>/etc/pam.d/</filename>) to authenticate a
+ user request via the locally available authentication modules. The
+ modules themselves will usually be located in the directory
+ <filename>/lib/security</filename> or
+ <filename>/lib64/security</filename> and take the form of dynamically
+ loadable object files (see <citerefentry>
+ <refentrytitle>dlopen</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>).
+ </para>
+ </chapter>
+
+ <chapter id="sag-text-conventions">
+ <title>Some comments on the text</title>
+ <para>
+ Before proceeding to read the rest of this document, it should be
+ noted that the text assumes that certain files are placed in certain
+ directories. Where they have been specified, the conventions we adopt
+ here for locating these files are those of the relevant RFC (RFC-86.0,
+ see <link linkend="sag-see-also">bibliography"</link>). If you are
+ using a distribution of Linux (or some other operating system) that
+ supports PAM but chooses to distribute these files in a diferent way
+ you should be careful when copying examples directly from the text.
+ </para>
+ <para>
+ As an example of the above, where it is explicit, the text assumes
+ that PAM loadable object files (the
+ <emphasis remap='B'>modules</emphasis>) are to be located in
+ the following directory: <filename>/lib/security/</filename> or
+ <filename>/lib64/security</filename> depending on the architecture.
+ This is generally the location that seems to be compatible with the
+ Filesystem Hierarchy Standard (FHS). On Solaris, which has its own
+ licensed version of PAM, and some other implementations of UN*X,
+ these files can be found in <filename>/usr/lib/security</filename>.
+ Please be careful to perform the necessary transcription when using
+ the examples from the text.
+ </para>
+ </chapter>
+
+ <chapter id="sag-overview">
+ <title>Overview</title>
+ <para>
+ For the uninitiated, we begin by considering an example. We take an
+ application that grants some service to users;
+ <command>login</command> is one such program.
+ <command>Login</command> does two things, it first establishes that
+ the requesting user is whom they claim to be and second provides
+ them with the requested service: in the case of
+ <command>login</command> the service is a command shell
+ (bash, tcsh, zsh, etc.) running with the identity of the user.
+ </para>
+ <para>
+ Traditionally, the former step is achieved by the
+ <command>login</command> application prompting the user for a
+ password and then verifying that it agrees with that located on
+ the system; hence verifying that as far as the system is concerned
+ the user is who they claim to be. This is the task that is delegated
+ to <emphasis remap='B'>Linux-PAM</emphasis>.
+ </para>
+ <para>
+ From the perspective of the application programmer (in this case
+ the person that wrote the <command>login</command> application),
+ <emphasis remap='B'>Linux-PAM</emphasis> takes care of this
+ authentication task -- verifying the identity of the user.
+ </para>
+ <para>
+ The flexibility of <emphasis remap='B'>Linux-PAM</emphasis> is
+ that <emphasis>you</emphasis>, the system administrator, have
+ the freedom to stipulate which authentication scheme is to be
+ used. You have the freedom to set the scheme for any/all
+ PAM-aware applications on your Linux system. That is, you can
+ authenticate from anything as naive as
+ <emphasis>simple trust</emphasis> (<command>pam_permit</command>)
+ to something as paranoid as a combination of a retinal scan, a
+ voice print and a one-time password!
+ </para>
+ <para>
+ To illustrate the flexibility you face, consider the following
+ situation: a system administrator (parent) wishes to improve the
+ mathematical ability of her users (children). She can configure
+ their favorite ``Shoot 'em up game'' (PAM-aware of course) to
+ authenticate them with a request for the product of a couple of
+ random numbers less than 12. It is clear that if the game is any
+ good they will soon learn their
+ <emphasis>multiplication tables</emphasis>. As they mature, the
+ authentication can be upgraded to include (long) division!
+ </para>
+ <para>
+ <emphasis remap='B'>Linux-PAM</emphasis> deals with four
+ separate types of (management) task. These are:
+ <emphasis>authentication management</emphasis>;
+ <emphasis>account management</emphasis>;
+ <emphasis>session management</emphasis>; and
+ <emphasis>password management</emphasis>.
+ The association of the preferred management scheme with the behavior
+ of an application is made with entries in the relevant
+ <emphasis remap='B'>Linux-PAM</emphasis> configuration file.
+ The management functions are performed by <emphasis>modules</emphasis>
+ specified in the configuration file. The syntax for this
+ file is discussed in the section
+ <link linkend="sag-configuration">below</link>.
+ </para>
+ <para>
+ Here is a figure that describes the overall organization of
+ <emphasis remap='B'>Linux-PAM</emphasis>:
+ <programlisting>
+ +----------------+
+ | application: X |
+ +----------------+ / +----------+ +================+
+ | authentication-[----&gt;--\--] Linux- |--&lt;--| PAM config file|
+ | + [----&lt;--/--] PAM | |================|
+ |[conversation()][--+ \ | | | X auth .. a.so |
+ +----------------+ | / +-n--n-----+ | X auth .. b.so |
+ | | | __| | | _____/
+ | service user | A | | |____,-----'
+ | | | V A
+ +----------------+ +------|-----|---------+ -----+------+
+ +---u-----u----+ | | |
+ | auth.... |--[ a ]--[ b ]--[ c ]
+ +--------------+
+ | acct.... |--[ b ]--[ d ]
+ +--------------+
+ | password |--[ b ]--[ c ]
+ +--------------+
+ | session |--[ e ]--[ c ]
+ +--------------+
+ </programlisting>
+ By way of explanation, the left of the figure represents the
+ application; application X. Such an application interfaces with the
+ <emphasis remap='B'>Linux-PAM</emphasis> library and knows none of
+ the specifics of its configured authentication method. The
+ <emphasis remap='B'>Linux-PAM</emphasis> library (in the center)
+ consults the contents of the PAM configuration file and loads the
+ modules that are appropriate for application-X. These modules fall
+ into one of four management groups (lower-center) and are stacked in
+ the order they appear in the configuration file. These modules, when
+ called by <emphasis remap='B'>Linux-PAM</emphasis>, perform the
+ various authentication tasks for the application. Textual information,
+ required from/or offered to the user, can be exchanged through the
+ use of the application-supplied <emphasis>conversation</emphasis>
+ function.
+ </para>
+ <para>
+ If a program is going to use PAM, then it has to have PAM
+ functions explicitly coded into the program. If you have
+ access to the source code you can add the appropriate PAM
+ functions. If you do not have accessto the source code, and
+ the binary does not have the PAM functions included, then
+ it is not possible to use PAM.
+ </para>
+ </chapter>
+
+ <chapter id="sag-configuration">
+ <title>The Linux-PAM configuration file</title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam.conf-desc.xml"
+ xpointer='xpointer(//section[@id = "pam.conf-desc"]/*)' />
+ <section id='sag-configuration-file'>
+ <title>Configuration file syntax</title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam.conf-syntax.xml"
+ xpointer='xpointer(//section[@id = "pam.conf-syntax"]/*)' />
+ </section>
+ <section id='sag-configuratin-dirctory'>
+ <title>Directory based configuration</title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../man/pam.conf-dir.xml"
+ xpointer='xpointer(//section[@id = "pam.conf-dir"]/*)' />
+ </section>
+ <section id='sag-configuration-example'>
+ <title>Example configuration file entries</title>
+ <para>
+ In this section, we give some examples of entries that can
+ be present in the <emphasis remap='B'>Linux-PAM</emphasis>
+ configuration file. As a first attempt at configuring your
+ system you could do worse than to implement these.
+ </para>
+ <para>
+ If a system is to be considered secure, it had better have a
+ reasonably secure '<emphasis remap='B'>other</emphasis> entry.
+ The following is a paranoid setting (which is not a bad place
+ to start!):
+ </para>
+ <programlisting>
+#
+# default; deny access
+#
+other auth required pam_deny.so
+other account required pam_deny.so
+other password required pam_deny.so
+other session required pam_deny.so
+ </programlisting>
+ <para>
+ Whilst fundamentally a secure default, this is not very
+ sympathetic to a misconfigured system. For example, such
+ a system is vulnerable to locking everyone out should the
+ rest of the file become badly written.
+ </para>
+ <para>
+ The module <command>pam_deny</command> (documented in a
+ <link linkend="sag-pam_deny">later section</link>) is not very
+ sophisticated. For example, it logs no information when it
+ is invoked so unless the users of a system contact the
+ administrator when failing to execute a service application,
+ the administrator may go for a long while in ignorance of the
+ fact that his system is misconfigured.
+ </para>
+ <para>
+ The addition of the following line before those in the above
+ example would provide a suitable warning to the administrator.
+ </para>
+ <programlisting>
+#
+# default; wake up! This application is not configured
+#
+other auth required pam_warn.so
+other password required pam_warn.so
+ </programlisting>
+ <para>
+ Having two '<command>other auth</command>' lines is an
+ example of stacking.
+ </para>
+ <para>
+ On a system that uses the <filename>/etc/pam.d/</filename>
+ configuration, the corresponding default setup would be
+ achieved with the following file:
+ </para>
+ <programlisting>
+#
+# default configuration: /etc/pam.d/other
+#
+auth required pam_warn.so
+auth required pam_deny.so
+account required pam_deny.so
+password required pam_warn.so
+password required pam_deny.so
+session required pam_deny.so
+ </programlisting>
+ <para>
+ This is the only explicit example we give for an
+ <filename>/etc/pam.d/</filename> file. In general, it
+ should be clear how to transpose the remaining examples
+ to this configuration scheme.
+ </para>
+ <para>
+ On a less sensitive computer, one on which the system
+ administrator wishes to remain ignorant of much of the
+ power of <emphasis remap='B'>Linux-PAM</emphasis>, the
+ following selection of lines (in
+ <filename>/etc/pam.d/other</filename>) is likely to
+ mimic the historically familiar Linux setup.
+ </para>
+ <programlisting>
+#
+# default; standard UN*X access
+#
+auth required pam_unix.so
+account required pam_unix.so
+password required pam_unix.so
+session required pam_unix.so
+ </programlisting>
+ <para>
+ In general this will provide a starting place for most applications.
+ </para>
+ </section>
+ </chapter>
+
+ <chapter id='sag-security-issues'>
+ <title>Security issues</title>
+ <section id='sag-scurity-issues-wrong'>
+ <title>If something goes wrong</title>
+ <para>
+ <emphasis remap='B'>Linux-PAM</emphasis> has the potential
+ to seriously change the security of your system. You can
+ choose to have no security or absolute security (no access
+ permitted). In general, <emphasis remap='B'>Linux-PAM</emphasis>
+ errs towards the latter. Any number of configuration errors
+ can dissable access to your system partially, or completely.
+ </para>
+ <para>
+ The most dramatic problem that is likely to be encountered when
+ configuring <emphasis remap='B'>Linux-PAM</emphasis> is that of
+ <emphasis>deleting</emphasis> the configuration file(s):
+ <filename>/etc/pam.d/*</filename> and/or
+ <filename>/etc/pam.conf</filename>. This will lock you out of
+ your own system!
+ </para>
+ <para>
+ To recover, your best bet is to restore the system from a
+ backup or boot the system into a rescue system and correct
+ things from there.
+ </para>
+ </section>
+ <section id='sag-security-issues-other'>
+ <title>Avoid having a weak `other' configuration</title>
+ <para>
+ It is not a good thing to have a weak default
+ (<emphasis remap='B'>other</emphasis>) entry.
+ This service is the default configuration for all PAM aware
+ applications and if it is weak, your system is likely to be
+ vulnerable to attack.
+ </para>
+ <para>
+ Here is a sample "other" configuration file. The
+ <command>pam_deny</command> module will deny access and the
+ <command>pam_warn</command> module will send a syslog message
+ to <emphasis>auth.notice</emphasis>:
+ </para>
+ <programlisting>
+#
+# The PAM configuration file for the `other' service
+#
+auth required pam_deny.so
+auth required pam_warn.so
+account required pam_deny.so
+account required pam_warn.so
+password required pam_deny.so
+password required pam_warn.so
+session required pam_deny.so
+session required pam_warn.so
+ </programlisting>
+ </section>
+ </chapter>
+
+ <chapter id='sag-module-reference'>
+ <title>A reference guide for available modules</title>
+ <para>
+ Here, we collect together the descriptions of the various modules
+ coming with Linux-PAM.
+ </para>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_access.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_cracklib.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_debug.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_deny.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_echo.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_env.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_exec.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_faildelay.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_filter.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_ftp.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_group.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_issue.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_keyinit.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_lastlog.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_limits.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_listfile.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_localuser.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_loginuid.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mail.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mkhomedir.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_motd.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_namespace.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_nologin.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_permit.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rootok.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_securetty.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_selinux.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_shells.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_succeed_if.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_tally.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_time.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_umask.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_unix.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_userdb.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_warn.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_wheel.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_xauth.xml"/>
+ </chapter>
+
+ <chapter id="sag-see-also">
+ <title>See also</title>
+ <itemizedlist>
+ <listitem>
+ <para>
+ The Linux-PAM Application Writers' Guide.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The Linux-PAM Module Writers' Guide.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The V. Samar and R. Schemers (SunSoft), ``UNIFIED LOGIN WITH
+ PLUGGABLE AUTHENTICATION MODULES'', Open Software Foundation
+ Request For Comments 86.0, October 1995.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </chapter>
+
+ <chapter id='sag-author'>
+ <title>Author/acknowledgments</title>
+ <para>
+ This document was written by Andrew G. Morgan (morgan@kernel.org)
+ with many contributions from
+ Chris Adams, Peter Allgeyer, Tim Baverstock, Tim Berger,
+ Craig S. Bell, Derrick J. Brashear, Ben Buxton, Seth Chaiklin,
+ Oliver Crow, Chris Dent, Marc Ewing, Cristian Gafton,
+ Emmanuel Galanos, Brad M. Garcia, Eric Hester, Michel D'Hooge,
+ Roger Hu, Eric Jacksch, Michael K. Johnson, David Kinchlea,
+ Olaf Kirch, Marcin Korzonek, Thorsten Kukuk, Stephen Langasek,
+ Nicolai Langfeldt, Elliot Lee, Luke Kenneth Casson Leighton,
+ Al Longyear, Ingo Luetkebohle, Marek Michalkiewicz,
+ Robert Milkowski, Aleph One, Martin Pool, Sean Reifschneider,
+ Jan Rekorajski, Erik Troan, Theodore Ts'o, Jeff Uphoff, Myles Uyema,
+ Savochkin Andrey Vladimirovich, Ronald Wahl, David Wood, John Wilmes,
+ Joseph S. D. Yao and Alex O. Yuriev.
+ </para>
+ <para>
+ Thanks are also due to Sun Microsystems, especially to Vipin Samar and
+ Charlie Lai for their advice. At an early stage in the development of
+ <emphasis remap='B'>Linux-PAM</emphasis>, Sun graciously made the
+ documentation for their implementation of PAM available. This act
+ greatly accelerated the development of
+ <emphasis remap='B'>Linux-PAM</emphasis>.
+ </para>
+ </chapter>
+
+ <chapter id='sag-copyright'>
+ <title>Copyright information for this document</title>
+ <programlisting>
+Copyright (c) 2006 Thorsten Kukuk &lt;kukuk@thkukuk.de&gt;
+Copyright (c) 1996-2002 Andrew G. Morgan &lt;morgan@kernel.org&gt;
+ </programlisting>
+ <para>
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ </para>
+ <programlisting>
+1. Redistributions of source code must retain the above copyright
+ notice, and the entire permission notice in its entirety,
+ including the disclaimer of warranties.
+
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+3. The name of the author may not be used to endorse or promote
+ products derived from this software without specific prior
+ written permission.
+ </programlisting>
+ <para>
+ Alternatively, this product may be distributed under the terms of
+ the GNU General Public License (GPL), in which case the provisions
+ of the GNU GPL are required instead of the above restrictions.
+ (This clause is necessary due to a potential bad interaction between
+ the GNU GPL and the restrictions contained in a BSD-style copyright.)
+ </para>
+ <programlisting>
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ </programlisting>
+ </chapter>
+</book>
diff --git a/Linux-PAM/doc/sag/Makefile.am b/Linux-PAM/doc/sag/Makefile.am
new file mode 100644
index 00000000..26b5f5b8
--- /dev/null
+++ b/Linux-PAM/doc/sag/Makefile.am
@@ -0,0 +1,97 @@
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+CLEANFILES = Linux-PAM_SAG.fo *~
+
+EXTRA_DIST = $(XMLS)
+
+XMLS = Linux-PAM_SAG.xml $(shell ls $(srcdir)/pam_*.xml)
+
+DEP_XMLS = $(shell ls $(top_srcdir)/modules/pam_*/pam_*.xml)
+
+if ENABLE_REGENERATE_MAN
+MAINTAINERCLEANFILES = Linux-PAM_SAG.txt Linux-PAM_SAG.pdf html/*.html
+
+all: Linux-PAM_SAG.txt html/Linux-PAM_SAG.html Linux-PAM_SAG.pdf
+
+Linux-PAM_SAG.pdf: $(XMLS) $(DEP_XMLS)
+if ENABLE_GENERATE_PDF
+ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+ $(XSLTPROC) --stringparam generate.toc "book toc" \
+ --stringparam section.autolabel 1 \
+ --stringparam section.label.includes.component.label 1 \
+ --stringparam toc.max.depth 2 --xinclude --nonet \
+ http://docbook.sourceforge.net/release/xsl/current/fo/docbook.xsl $< > Linux-PAM_SAG.fo
+ $(FO2PDF) Linux-PAM_SAG.fo $@
+else
+ echo "No fo2pdf processor installed, skip PDF generation"
+endif
+
+Linux-PAM_SAG.txt: $(XMLS) $(DEP_XMLS)
+ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+ $(XSLTPROC) --stringparam generate.toc "book toc" \
+ --stringparam section.autolabel 1 \
+ --stringparam section.label.includes.component.label 1 \
+ --stringparam toc.max.depth 2 --xinclude --nonet \
+ http://docbook.sourceforge.net/release/xsl/current/html/docbook.xsl $< | $(BROWSER) > $@
+
+html/Linux-PAM_SAG.html: $(XMLS) $(DEP_XMLS)
+ @test -d html || mkdir -p html
+ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+ $(XSLTPROC) --stringparam base.dir html/ \
+ --stringparam root.filename Linux-PAM_SAG \
+ --stringparam use.id.as.filename 1 \
+ --stringparam chunk.first.sections 1 \
+ --stringparam section.autolabel 1 \
+ --stringparam section.label.includes.component.label 1 \
+ --stringparam toc.max.depth 2 --xinclude --nonet \
+ http://docbook.sourceforge.net/release/xsl/current/html/chunk.xsl $<
+
+distclean-local:
+ -rm -rf html Linux-PAM_SAG.txt Linux-PAM_SAG.pdf
+endif
+
+install-data-local:
+ $(mkinstalldirs) $(DESTDIR)$(docdir)
+ $(mkinstalldirs) $(DESTDIR)$(pdfdir)
+ $(mkinstalldirs) $(DESTDIR)$(htmldir)
+ test -f html/Linux-PAM_SAG.html || exit 0; \
+ $(install_sh_DATA) html/Linux-PAM_SAG.html html/sag-*.html \
+ $(DESTDIR)$(htmldir)/ || \
+ $(install_sh_DATA) $(srcdir)/html/Linux-PAM_SAG.html \
+ $(srcdir)/html/sag-*.html \
+ $(DESTDIR)$(htmldir)/
+ test -f Linux-PAM_SAG.txt || exit 0; \
+ $(install_sh_DATA) Linux-PAM_SAG.txt $(DESTDIR)$(docdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_SAG.txt \
+ $(DESTDIR)$(docdir)/
+ test -f Linux-PAM_SAG.pdf || exit 0; \
+ $(install_sh_DATA) Linux-PAM_SAG.pdf $(DESTDIR)$(pdfdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_SAG.pdf \
+ $(DESTDIR)$(pdfdir)/
+
+uninstall-local:
+ -rm $(DESTDIR)$(htmldir)/Linux-PAM_SAG.html
+ -rm $(DESTDIR)$(htmldir)/sag-*.html
+ -rm $(DESTDIR)$(docdir)/Linux-PAM_SAG.txt
+ -rm $(DESTDIR)$(pdfdir)/Linux-PAM_SAG.pdf
+
+releasedocs: all
+ $(mkinstalldirs) $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/html
+ test -f html/Linux-PAM_SAG.html || exit 0; \
+ cp -ap html/Linux-PAM_SAG.html html/sag-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/html/ || \
+ cp -ap $(srcdir)/html/Linux-PAM_SAG.html \
+ $(srcdir)/html/sag-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/html/
+ test -f Linux-PAM_SAG.txt || exit 0; \
+ cp -p Linux-PAM_SAG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/ || \
+ cp -p $(srcdir)/Linux-PAM_SAG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/
+ test -f Linux-PAM_SAG.pdf || exit 0; \
+ cp -p Linux-PAM_SAG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/ || \
+ cp -p $(srcdir)/Linux-PAM_SAG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/
diff --git a/Linux-PAM/doc/sag/Makefile.in b/Linux-PAM/doc/sag/Makefile.in
new file mode 100644
index 00000000..007316a4
--- /dev/null
+++ b/Linux-PAM/doc/sag/Makefile.in
@@ -0,0 +1,470 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = doc/sag
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+SOURCES =
+DIST_SOURCES =
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = Linux-PAM_SAG.fo *~
+EXTRA_DIST = $(XMLS)
+XMLS = Linux-PAM_SAG.xml $(shell ls $(srcdir)/pam_*.xml)
+DEP_XMLS = $(shell ls $(top_srcdir)/modules/pam_*/pam_*.xml)
+@ENABLE_REGENERATE_MAN_TRUE@MAINTAINERCLEANFILES = Linux-PAM_SAG.txt Linux-PAM_SAG.pdf html/*.html
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/sag/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu doc/sag/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+tags: TAGS
+TAGS:
+
+ctags: CTAGS
+CTAGS:
+
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+ -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
+@ENABLE_REGENERATE_MAN_FALSE@distclean-local:
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-local
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-data-local
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-local
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am check check-am clean clean-generic clean-libtool \
+ distclean distclean-generic distclean-libtool distclean-local \
+ distdir dvi dvi-am html html-am info info-am install \
+ install-am install-data install-data-am install-data-local \
+ install-dvi install-dvi-am install-exec install-exec-am \
+ install-html install-html-am install-info install-info-am \
+ install-man install-pdf install-pdf-am install-ps \
+ install-ps-am install-strip installcheck installcheck-am \
+ installdirs maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+ ps ps-am uninstall uninstall-am uninstall-local
+
+
+@ENABLE_REGENERATE_MAN_TRUE@all: Linux-PAM_SAG.txt html/Linux-PAM_SAG.html Linux-PAM_SAG.pdf
+
+@ENABLE_REGENERATE_MAN_TRUE@Linux-PAM_SAG.pdf: $(XMLS) $(DEP_XMLS)
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam generate.toc "book toc" \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.autolabel 1 \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.label.includes.component.label 1 \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ --stringparam toc.max.depth 2 --xinclude --nonet \
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ http://docbook.sourceforge.net/release/xsl/current/fo/docbook.xsl $< > Linux-PAM_SAG.fo
+@ENABLE_GENERATE_PDF_TRUE@@ENABLE_REGENERATE_MAN_TRUE@ $(FO2PDF) Linux-PAM_SAG.fo $@
+@ENABLE_GENERATE_PDF_FALSE@@ENABLE_REGENERATE_MAN_TRUE@ echo "No fo2pdf processor installed, skip PDF generation"
+
+@ENABLE_REGENERATE_MAN_TRUE@Linux-PAM_SAG.txt: $(XMLS) $(DEP_XMLS)
+@ENABLE_REGENERATE_MAN_TRUE@ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam generate.toc "book toc" \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.autolabel 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.label.includes.component.label 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam toc.max.depth 2 --xinclude --nonet \
+@ENABLE_REGENERATE_MAN_TRUE@ http://docbook.sourceforge.net/release/xsl/current/html/docbook.xsl $< | $(BROWSER) > $@
+
+@ENABLE_REGENERATE_MAN_TRUE@html/Linux-PAM_SAG.html: $(XMLS) $(DEP_XMLS)
+@ENABLE_REGENERATE_MAN_TRUE@ @test -d html || mkdir -p html
+@ENABLE_REGENERATE_MAN_TRUE@ $(XMLLINT) --nonet --xinclude --postvalid --noent --noout $<
+@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam base.dir html/ \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam root.filename Linux-PAM_SAG \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam use.id.as.filename 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam chunk.first.sections 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.autolabel 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam section.label.includes.component.label 1 \
+@ENABLE_REGENERATE_MAN_TRUE@ --stringparam toc.max.depth 2 --xinclude --nonet \
+@ENABLE_REGENERATE_MAN_TRUE@ http://docbook.sourceforge.net/release/xsl/current/html/chunk.xsl $<
+
+@ENABLE_REGENERATE_MAN_TRUE@distclean-local:
+@ENABLE_REGENERATE_MAN_TRUE@ -rm -rf html Linux-PAM_SAG.txt Linux-PAM_SAG.pdf
+
+install-data-local:
+ $(mkinstalldirs) $(DESTDIR)$(docdir)
+ $(mkinstalldirs) $(DESTDIR)$(pdfdir)
+ $(mkinstalldirs) $(DESTDIR)$(htmldir)
+ test -f html/Linux-PAM_SAG.html || exit 0; \
+ $(install_sh_DATA) html/Linux-PAM_SAG.html html/sag-*.html \
+ $(DESTDIR)$(htmldir)/ || \
+ $(install_sh_DATA) $(srcdir)/html/Linux-PAM_SAG.html \
+ $(srcdir)/html/sag-*.html \
+ $(DESTDIR)$(htmldir)/
+ test -f Linux-PAM_SAG.txt || exit 0; \
+ $(install_sh_DATA) Linux-PAM_SAG.txt $(DESTDIR)$(docdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_SAG.txt \
+ $(DESTDIR)$(docdir)/
+ test -f Linux-PAM_SAG.pdf || exit 0; \
+ $(install_sh_DATA) Linux-PAM_SAG.pdf $(DESTDIR)$(pdfdir)/ || \
+ $(install_sh_DATA) $(srcdir)/Linux-PAM_SAG.pdf \
+ $(DESTDIR)$(pdfdir)/
+
+uninstall-local:
+ -rm $(DESTDIR)$(htmldir)/Linux-PAM_SAG.html
+ -rm $(DESTDIR)$(htmldir)/sag-*.html
+ -rm $(DESTDIR)$(docdir)/Linux-PAM_SAG.txt
+ -rm $(DESTDIR)$(pdfdir)/Linux-PAM_SAG.pdf
+
+releasedocs: all
+ $(mkinstalldirs) $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/html
+ test -f html/Linux-PAM_SAG.html || exit 0; \
+ cp -ap html/Linux-PAM_SAG.html html/sag-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/html/ || \
+ cp -ap $(srcdir)/html/Linux-PAM_SAG.html \
+ $(srcdir)/html/sag-*.html \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/html/
+ test -f Linux-PAM_SAG.txt || exit 0; \
+ cp -p Linux-PAM_SAG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/ || \
+ cp -p $(srcdir)/Linux-PAM_SAG.txt \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/
+ test -f Linux-PAM_SAG.pdf || exit 0; \
+ cp -p Linux-PAM_SAG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/ || \
+ cp -p $(srcdir)/Linux-PAM_SAG.pdf \
+ $(top_builddir)/Linux-PAM-$(VERSION)/doc/sag/
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/doc/sag/pam_access.xml b/Linux-PAM/doc/sag/pam_access.xml
new file mode 100644
index 00000000..9e2837ca
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_access.xml
@@ -0,0 +1,42 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_access'>
+ <title>pam_access - logdaemon style login access control</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_access/pam_access.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_access-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_access-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_access/pam_access.8.xml" xpointer='xpointer(//refsect1[@id = "pam_access-description"]/*)'/>
+ </section>
+ <section id='sag-access.conf-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_access/access.conf.5.xml" xpointer='xpointer(//refsect1[@id = "access.conf-description"]/*)'/>
+ </section>
+ <section id='sag-pam_access-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_access/pam_access.8.xml" xpointer='xpointer(//refsect1[@id = "pam_access-options"]/*)'/>
+ </section>
+ <section id='sag-pam_access-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_access/pam_access.8.xml" xpointer='xpointer(//refsect1[@id = "pam_access-services"]/*)'/>
+ </section>
+ <section id='sag-pam_access-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_access/pam_access.8.xml" xpointer='xpointer(//refsect1[@id = "pam_access-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_access-files'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_access/pam_access.8.xml" xpointer='xpointer(//refsect1[@id = "pam_access-files"]/*)'/>
+ </section>
+ <section id='sag-access.conf-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_access/access.conf.5.xml" xpointer='xpointer(//refsect1[@id = "access.conf-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_access-authors'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_access/pam_access.8.xml" xpointer='xpointer(//refsect1[@id = "pam_access-authors"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_cracklib.xml b/Linux-PAM/doc/sag/pam_cracklib.xml
new file mode 100644
index 00000000..58f0edb0
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_cracklib.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_cracklib'>
+ <title>pam_cracklib - checks the password against dictionary words</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_cracklib/pam_cracklib.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_cracklib-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_cracklib-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_cracklib/pam_cracklib.8.xml" xpointer='xpointer(//refsect1[@id = "pam_cracklib-description"]/*)'/>
+ </section>
+ <section id='sag-pam_cracklib-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_cracklib/pam_cracklib.8.xml" xpointer='xpointer(//refsect1[@id = "pam_cracklib-options"]/*)'/>
+ </section>
+ <section id='sag-pam_cracklib-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_cracklib/pam_cracklib.8.xml" xpointer='xpointer(//refsect1[@id = "pam_cracklib-services"]/*)'/>
+ </section>
+ <section id='sag-pam_cracklib-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_cracklib/pam_cracklib.8.xml" xpointer='xpointer(//refsect1[@id = "pam_cracklib-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_cracklib-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_cracklib/pam_cracklib.8.xml" xpointer='xpointer(//refsect1[@id = "pam_cracklib-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_cracklib-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_cracklib/pam_cracklib.8.xml" xpointer='xpointer(//refsect1[@id = "pam_cracklib-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_debug.xml b/Linux-PAM/doc/sag/pam_debug.xml
new file mode 100644
index 00000000..6ec398b8
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_debug.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_debug'>
+ <title>pam_debug - debug the PAM stack</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_debug/pam_debug.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_debug-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_debug-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_debug/pam_debug.8.xml" xpointer='xpointer(//refsect1[@id = "pam_debug-description"]/*)'/>
+ </section>
+ <section id='sag-pam_debug-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_debug/pam_debug.8.xml" xpointer='xpointer(//refsect1[@id = "pam_debug-options"]/*)'/>
+ </section>
+ <section id='sag-pam_debug-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_debug/pam_debug.8.xml" xpointer='xpointer(//refsect1[@id = "pam_debug-services"]/*)'/>
+ </section>
+ <section id='sag-pam_debug-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_debug/pam_debug.8.xml" xpointer='xpointer(//refsect1[@id = "pam_debug-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_debug-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_debug/pam_debug.8.xml" xpointer='xpointer(//refsect1[@id = "pam_debug-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_debug-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_debug/pam_debug.8.xml" xpointer='xpointer(//refsect1[@id = "pam_debug-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_deny.xml b/Linux-PAM/doc/sag/pam_deny.xml
new file mode 100644
index 00000000..eaaada3b
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_deny.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_deny'>
+ <title>pam_deny - locking-out PAM module</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_deny/pam_deny.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_deny-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_deny-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_deny/pam_deny.8.xml" xpointer='xpointer(//refsect1[@id = "pam_deny-description"]/*)'/>
+ </section>
+ <section id='sag-pam_deny-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_deny/pam_deny.8.xml" xpointer='xpointer(//refsect1[@id = "pam_deny-options"]/*)'/>
+ </section>
+ <section id='sag-pam_deny-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_deny/pam_deny.8.xml" xpointer='xpointer(//refsect1[@id = "pam_deny-services"]/*)'/>
+ </section>
+ <section id='sag-pam_deny-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_deny/pam_deny.8.xml" xpointer='xpointer(//refsect1[@id = "pam_deny-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_deny-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_deny/pam_deny.8.xml" xpointer='xpointer(//refsect1[@id = "pam_deny-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_deny-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_deny/pam_deny.8.xml" xpointer='xpointer(//refsect1[@id = "pam_deny-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_echo.xml b/Linux-PAM/doc/sag/pam_echo.xml
new file mode 100644
index 00000000..95baa0aa
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_echo.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_echo'>
+ <title>pam_echo - print text messages</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_echo/pam_echo.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_echo-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_echo-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_echo/pam_echo.8.xml" xpointer='xpointer(//refsect1[@id = "pam_echo-description"]/*)'/>
+ </section>
+ <section id='sag-pam_echo-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_echo/pam_echo.8.xml" xpointer='xpointer(//refsect1[@id = "pam_echo-options"]/*)'/>
+ </section>
+ <section id='sag-pam_echo-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_echo/pam_echo.8.xml" xpointer='xpointer(//refsect1[@id = "pam_echo-services"]/*)'/>
+ </section>
+ <section id='sag-pam_echo-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_echo/pam_echo.8.xml" xpointer='xpointer(//refsect1[@id = "pam_echo-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_echo-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_echo/pam_echo.8.xml" xpointer='xpointer(//refsect1[@id = "pam_echo-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_echo-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_echo/pam_echo.8.xml" xpointer='xpointer(//refsect1[@id = "pam_echo-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_env.xml b/Linux-PAM/doc/sag/pam_env.xml
new file mode 100644
index 00000000..d1c561e0
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_env.xml
@@ -0,0 +1,42 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_env'>
+ <title>pam_env - set/unset environment variables</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_env/pam_env.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_env-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_env-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_env/pam_env.8.xml" xpointer='xpointer(//refsect1[@id = "pam_env-description"]/*)'/>
+ </section>
+ <section id='sag-pam_env.conf-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_env/pam_env.conf.5.xml" xpointer='xpointer(//refsect1[@id = "pam_env.conf-description"]/*)'/>
+ </section>
+ <section id='sag-pam_env-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_env/pam_env.8.xml" xpointer='xpointer(//refsect1[@id = "pam_env-options"]/*)'/>
+ </section>
+ <section id='sag-pam_env-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_env/pam_env.8.xml" xpointer='xpointer(//refsect1[@id = "pam_env-services"]/*)'/>
+ </section>
+ <section id='sag-pam_env-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_env/pam_env.8.xml" xpointer='xpointer(//refsect1[@id = "pam_env-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_env-files'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_env/pam_env.8.xml" xpointer='xpointer(//refsect1[@id = "pam_env-files"]/*)'/>
+ </section>
+ <section id='sag-pam_env.conf-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_env/pam_env.conf.5.xml" xpointer='xpointer(//refsect1[@id = "pam_env.conf-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_env-authors'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_env/pam_env.8.xml" xpointer='xpointer(//refsect1[@id = "pam_env-authors"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_exec.xml b/Linux-PAM/doc/sag/pam_exec.xml
new file mode 100644
index 00000000..38245ed8
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_exec.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_exec'>
+ <title>pam_exec - call an external command</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_exec/pam_exec.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_exec-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_exec-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_exec/pam_exec.8.xml" xpointer='xpointer(//refsect1[@id = "pam_exec-description"]/*)'/>
+ </section>
+ <section id='sag-pam_exec-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_exec/pam_exec.8.xml" xpointer='xpointer(//refsect1[@id = "pam_exec-options"]/*)'/>
+ </section>
+ <section id='sag-pam_exec-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_exec/pam_exec.8.xml" xpointer='xpointer(//refsect1[@id = "pam_exec-services"]/*)'/>
+ </section>
+ <section id='sag-pam_exec-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_exec/pam_exec.8.xml" xpointer='xpointer(//refsect1[@id = "pam_exec-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_exec-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_exec/pam_exec.8.xml" xpointer='xpointer(//refsect1[@id = "pam_exec-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_exec-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_exec/pam_exec.8.xml" xpointer='xpointer(//refsect1[@id = "pam_exec-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_faildelay.xml b/Linux-PAM/doc/sag/pam_faildelay.xml
new file mode 100644
index 00000000..312fee8e
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_faildelay.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_faildelay'>
+ <title>pam_faildelay - change the delay on failure per-application</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faildelay/pam_faildelay.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_faildelay-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_faildelay-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faildelay/pam_faildelay.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faildelay-description"]/*)'/>
+ </section>
+ <section id='sag-pam_faildelay-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faildelay/pam_faildelay.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faildelay-options"]/*)'/>
+ </section>
+ <section id='sag-pam_faildelay-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faildelay/pam_faildelay.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faildelay-services"]/*)'/>
+ </section>
+ <section id='sag-pam_faildelay-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faildelay/pam_faildelay.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faildelay-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_faildelay-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faildelay/pam_faildelay.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faildelay-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_faildelay-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faildelay/pam_faildelay.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faildelay-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_filter.xml b/Linux-PAM/doc/sag/pam_filter.xml
new file mode 100644
index 00000000..4248704d
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_filter.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_filter'>
+ <title>pam_filter - filter module</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_filter/pam_filter.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_filter-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_filter-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_filter/pam_filter.8.xml" xpointer='xpointer(//refsect1[@id = "pam_filter-description"]/*)'/>
+ </section>
+ <section id='sag-pam_filter-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_filter/pam_filter.8.xml" xpointer='xpointer(//refsect1[@id = "pam_filter-options"]/*)'/>
+ </section>
+ <section id='sag-pam_filter-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_filter/pam_filter.8.xml" xpointer='xpointer(//refsect1[@id = "pam_filter-services"]/*)'/>
+ </section>
+ <section id='sag-pam_filter-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_filter/pam_filter.8.xml" xpointer='xpointer(//refsect1[@id = "pam_filter-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_filter-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_filter/pam_filter.8.xml" xpointer='xpointer(//refsect1[@id = "pam_filter-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_filter-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_filter/pam_filter.8.xml" xpointer='xpointer(//refsect1[@id = "pam_filter-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_ftp.xml b/Linux-PAM/doc/sag/pam_ftp.xml
new file mode 100644
index 00000000..c53139ca
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_ftp.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_ftp'>
+ <title>pam_ftp - module for anonymous access</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_ftp/pam_ftp.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_ftp-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_ftp-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_ftp/pam_ftp.8.xml" xpointer='xpointer(//refsect1[@id = "pam_ftp-description"]/*)'/>
+ </section>
+ <section id='sag-pam_ftp-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_ftp/pam_ftp.8.xml" xpointer='xpointer(//refsect1[@id = "pam_ftp-options"]/*)'/>
+ </section>
+ <section id='sag-pam_ftp-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_ftp/pam_ftp.8.xml" xpointer='xpointer(//refsect1[@id = "pam_ftp-services"]/*)'/>
+ </section>
+ <section id='sag-pam_ftp-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_ftp/pam_ftp.8.xml" xpointer='xpointer(//refsect1[@id = "pam_ftp-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_ftp-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_ftp/pam_ftp.8.xml" xpointer='xpointer(//refsect1[@id = "pam_ftp-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_ftp-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_ftp/pam_ftp.8.xml" xpointer='xpointer(//refsect1[@id = "pam_ftp-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_group.xml b/Linux-PAM/doc/sag/pam_group.xml
new file mode 100644
index 00000000..f83ccc58
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_group.xml
@@ -0,0 +1,42 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_group'>
+ <title>pam_group - module to modify group access</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_group/pam_group.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_group-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_group-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_group/pam_group.8.xml" xpointer='xpointer(//refsect1[@id = "pam_group-description"]/*)'/>
+ </section>
+ <section id='sag-group.conf-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_group/group.conf.5.xml" xpointer='xpointer(//refsect1[@id = "group.conf-description"]/*)'/>
+ </section>
+ <section id='sag-pam_group-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_group/pam_group.8.xml" xpointer='xpointer(//refsect1[@id = "pam_group-options"]/*)'/>
+ </section>
+ <section id='sag-pam_group-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_group/pam_group.8.xml" xpointer='xpointer(//refsect1[@id = "pam_group-services"]/*)'/>
+ </section>
+ <section id='sag-pam_group-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_group/pam_group.8.xml" xpointer='xpointer(//refsect1[@id = "pam_group-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_group-files'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_group/pam_group.8.xml" xpointer='xpointer(//refsect1[@id = "pam_group-files"]/*)'/>
+ </section>
+ <section id='sag-group.conf-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_group/group.conf.5.xml" xpointer='xpointer(//refsect1[@id = "group.conf-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_group-authors'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_group/pam_group.8.xml" xpointer='xpointer(//refsect1[@id = "pam_group-authors"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_issue.xml b/Linux-PAM/doc/sag/pam_issue.xml
new file mode 100644
index 00000000..f9283de6
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_issue.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_issue'>
+ <title>pam_issue - add issue file to user prompt</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_issue/pam_issue.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_issue-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_issue-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_issue/pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-description"]/*)'/>
+ </section>
+ <section id='sag-pam_issue-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_issue/pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-options"]/*)'/>
+ </section>
+ <section id='sag-pam_issue-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_issue/pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-services"]/*)'/>
+ </section>
+ <section id='sag-pam_issue-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_issue/pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_issue-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_issue/pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_issue-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_issue/pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_keyinit.xml b/Linux-PAM/doc/sag/pam_keyinit.xml
new file mode 100644
index 00000000..4925900b
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_keyinit.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_keyinit'>
+ <title>pam_keyinit - display the keyinit file</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_keyinit/pam_keyinit.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_keyinit-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_keyinit-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_keyinit/pam_keyinit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_keyinit-description"]/*)'/>
+ </section>
+ <section id='sag-pam_keyinit-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_keyinit/pam_keyinit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_keyinit-options"]/*)'/>
+ </section>
+ <section id='sag-pam_keyinit-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_keyinit/pam_keyinit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_keyinit-services"]/*)'/>
+ </section>
+ <section id='sag-pam_keyinit-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_keyinit/pam_keyinit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_keyinit-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_keyinit-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_keyinit/pam_keyinit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_keyinit-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_keyinit-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_keyinit/pam_keyinit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_keyinit-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_lastlog.xml b/Linux-PAM/doc/sag/pam_lastlog.xml
new file mode 100644
index 00000000..a8012b1c
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_lastlog.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_lastlog'>
+ <title>pam_lastlog - display date of last login</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_lastlog/pam_lastlog.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_lastlog-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_lastlog-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_lastlog/pam_lastlog.8.xml" xpointer='xpointer(//refsect1[@id = "pam_lastlog-description"]/*)'/>
+ </section>
+ <section id='sag-pam_lastlog-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_lastlog/pam_lastlog.8.xml" xpointer='xpointer(//refsect1[@id = "pam_lastlog-options"]/*)'/>
+ </section>
+ <section id='sag-pam_lastlog-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_lastlog/pam_lastlog.8.xml" xpointer='xpointer(//refsect1[@id = "pam_lastlog-services"]/*)'/>
+ </section>
+ <section id='sag-pam_lastlog-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_lastlog/pam_lastlog.8.xml" xpointer='xpointer(//refsect1[@id = "pam_lastlog-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_lastlog-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_lastlog/pam_lastlog.8.xml" xpointer='xpointer(//refsect1[@id = "pam_lastlog-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_lastlog-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_lastlog/pam_lastlog.8.xml" xpointer='xpointer(//refsect1[@id = "pam_lastlog-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_limits.xml b/Linux-PAM/doc/sag/pam_limits.xml
new file mode 100644
index 00000000..25e14e1c
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_limits.xml
@@ -0,0 +1,42 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_limits'>
+ <title>pam_limits - limit resources</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_limits/pam_limits.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_limits-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_limits-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_limits/pam_limits.8.xml" xpointer='xpointer(//refsect1[@id = "pam_limits-description"]/*)'/>
+ </section>
+ <section id='sag-limits.conf-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_limits/limits.conf.5.xml" xpointer='xpointer(//refsect1[@id = "limits.conf-description"]/*)'/>
+ </section>
+ <section id='sag-pam_limits-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_limits/pam_limits.8.xml" xpointer='xpointer(//refsect1[@id = "pam_limits-options"]/*)'/>
+ </section>
+ <section id='sag-pam_limits-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_limits/pam_limits.8.xml" xpointer='xpointer(//refsect1[@id = "pam_limits-services"]/*)'/>
+ </section>
+ <section id='sag-pam_limits-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_limits/pam_limits.8.xml" xpointer='xpointer(//refsect1[@id = "pam_limits-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_limits-files'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_limits/pam_limits.8.xml" xpointer='xpointer(//refsect1[@id = "pam_limits-files"]/*)'/>
+ </section>
+ <section id='sag-limits.conf-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_limits/limits.conf.5.xml" xpointer='xpointer(//refsect1[@id = "limits.conf-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_limits-authors'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_limits/pam_limits.8.xml" xpointer='xpointer(//refsect1[@id = "pam_limits-authors"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_listfile.xml b/Linux-PAM/doc/sag/pam_listfile.xml
new file mode 100644
index 00000000..fe3f6b0c
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_listfile.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_listfile'>
+ <title>pam_listfile - deny or allow services based on an arbitrary file</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_listfile/pam_listfile.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_listfile-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_listfile-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_listfile/pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-description"]/*)'/>
+ </section>
+ <section id='sag-pam_listfile-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_listfile/pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-options"]/*)'/>
+ </section>
+ <section id='sag-pam_listfile-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_listfile/pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-services"]/*)'/>
+ </section>
+ <section id='sag-pam_listfile-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_listfile/pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_listfile-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_listfile/pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_listfile-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_listfile/pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_localuser.xml b/Linux-PAM/doc/sag/pam_localuser.xml
new file mode 100644
index 00000000..0f13d368
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_localuser.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_localuser'>
+ <title>pam_localuser - require users to be listed in /etc/passwd</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_localuser/pam_localuser.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_localuser-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_localuser-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_localuser/pam_localuser.8.xml" xpointer='xpointer(//refsect1[@id = "pam_localuser-description"]/*)'/>
+ </section>
+ <section id='sag-pam_localuser-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_localuser/pam_localuser.8.xml" xpointer='xpointer(//refsect1[@id = "pam_localuser-options"]/*)'/>
+ </section>
+ <section id='sag-pam_localuser-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_localuser/pam_localuser.8.xml" xpointer='xpointer(//refsect1[@id = "pam_localuser-services"]/*)'/>
+ </section>
+ <section id='sag-pam_localuser-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_localuser/pam_localuser.8.xml" xpointer='xpointer(//refsect1[@id = "pam_localuser-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_localuser-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_localuser/pam_localuser.8.xml" xpointer='xpointer(//refsect1[@id = "pam_localuser-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_localuser-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_localuser/pam_localuser.8.xml" xpointer='xpointer(//refsect1[@id = "pam_localuser-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_loginuid.xml b/Linux-PAM/doc/sag/pam_loginuid.xml
new file mode 100644
index 00000000..6166d99f
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_loginuid.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_loginuid'>
+ <title>pam_loginuid - record user's login uid to the process attribute</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_loginuid/pam_loginuid.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_loginuid-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_loginuid-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_loginuid/pam_loginuid.8.xml" xpointer='xpointer(//refsect1[@id = "pam_loginuid-description"]/*)'/>
+ </section>
+ <section id='sag-pam_loginuid-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_loginuid/pam_loginuid.8.xml" xpointer='xpointer(//refsect1[@id = "pam_loginuid-options"]/*)'/>
+ </section>
+ <section id='sag-pam_loginuid-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_loginuid/pam_loginuid.8.xml" xpointer='xpointer(//refsect1[@id = "pam_loginuid-services"]/*)'/>
+ </section>
+ <section id='sag-pam_loginuid-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_loginuid/pam_loginuid.8.xml" xpointer='xpointer(//refsect1[@id = "pam_loginuid-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_loginuid-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_loginuid/pam_loginuid.8.xml" xpointer='xpointer(//refsect1[@id = "pam_loginuid-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_loginuid-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_loginuid/pam_loginuid.8.xml" xpointer='xpointer(//refsect1[@id = "pam_loginuid-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_mail.xml b/Linux-PAM/doc/sag/pam_mail.xml
new file mode 100644
index 00000000..879c8940
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_mail.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_mail'>
+ <title>pam_mail - inform about available mail</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mail/pam_mail.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_mail-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_mail-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mail/pam_mail.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mail-description"]/*)'/>
+ </section>
+ <section id='sag-pam_mail-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mail/pam_mail.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mail-options"]/*)'/>
+ </section>
+ <section id='sag-pam_mail-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mail/pam_mail.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mail-services"]/*)'/>
+ </section>
+ <section id='sag-pam_mail-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mail/pam_mail.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mail-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_mail-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mail/pam_mail.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mail-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_mail-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mail/pam_mail.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mail-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_mkhomedir.xml b/Linux-PAM/doc/sag/pam_mkhomedir.xml
new file mode 100644
index 00000000..a1465439
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_mkhomedir.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_mkhomedir'>
+ <title>pam_mkhomedir - create users home directory</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mkhomedir/pam_mkhomedir.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_mkhomedir-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_mkhomedir-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mkhomedir/pam_mkhomedir.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mkhomedir-description"]/*)'/>
+ </section>
+ <section id='sag-pam_mkhomedir-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mkhomedir/pam_mkhomedir.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mkhomedir-options"]/*)'/>
+ </section>
+ <section id='sag-pam_mkhomedir-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mkhomedir/pam_mkhomedir.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mkhomedir-services"]/*)'/>
+ </section>
+ <section id='sag-pam_mkhomedir-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mkhomedir/pam_mkhomedir.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mkhomedir-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_mkhomedir-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mkhomedir/pam_mkhomedir.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mkhomedir-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_mkhomedir-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_mkhomedir/pam_mkhomedir.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mkhomedir-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_motd.xml b/Linux-PAM/doc/sag/pam_motd.xml
new file mode 100644
index 00000000..847a047c
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_motd.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_motd'>
+ <title>pam_motd - display the motd file</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_motd/pam_motd.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_motd-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_motd-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_motd/pam_motd.8.xml" xpointer='xpointer(//refsect1[@id = "pam_motd-description"]/*)'/>
+ </section>
+ <section id='sag-pam_motd-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_motd/pam_motd.8.xml" xpointer='xpointer(//refsect1[@id = "pam_motd-options"]/*)'/>
+ </section>
+ <section id='sag-pam_motd-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_motd/pam_motd.8.xml" xpointer='xpointer(//refsect1[@id = "pam_motd-services"]/*)'/>
+ </section>
+ <section id='sag-pam_motd-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_motd/pam_motd.8.xml" xpointer='xpointer(//refsect1[@id = "pam_motd-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_motd-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_motd/pam_motd.8.xml" xpointer='xpointer(//refsect1[@id = "pam_motd-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_motd-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_motd/pam_motd.8.xml" xpointer='xpointer(//refsect1[@id = "pam_motd-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_namespace.xml b/Linux-PAM/doc/sag/pam_namespace.xml
new file mode 100644
index 00000000..6a4f59e7
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_namespace.xml
@@ -0,0 +1,42 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_namespace'>
+ <title>pam_namespace - setup a private namespace</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_namespace/pam_namespace.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_namespace-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_namespace-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_namespace/pam_namespace.8.xml" xpointer='xpointer(//refsect1[@id = "pam_namespace-description"]/*)'/>
+ </section>
+ <section id='sag-namespace.conf-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_namespace/namespace.conf.5.xml" xpointer='xpointer(//refsect1[@id = "namespace.conf-description"]/*)'/>
+ </section>
+ <section id='sag-pam_namespace-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_namespace/pam_namespace.8.xml" xpointer='xpointer(//refsect1[@id = "pam_namespace-options"]/*)'/>
+ </section>
+ <section id='sag-pam_namespace-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_namespace/pam_namespace.8.xml" xpointer='xpointer(//refsect1[@id = "pam_namespace-services"]/*)'/>
+ </section>
+ <section id='sag-pam_namespace-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_namespace/pam_namespace.8.xml" xpointer='xpointer(//refsect1[@id = "pam_namespace-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_namespace-files'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_namespace/pam_namespace.8.xml" xpointer='xpointer(//refsect1[@id = "pam_namespace-files"]/*)'/>
+ </section>
+ <section id='sag-namespace.conf-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_namespace/namespace.conf.5.xml" xpointer='xpointer(//refsect1[@id = "namespace.conf-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_namespace-authors'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_namespace/pam_namespace.8.xml" xpointer='xpointer(//refsect1[@id = "pam_namespace-authors"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_nologin.xml b/Linux-PAM/doc/sag/pam_nologin.xml
new file mode 100644
index 00000000..b05652f5
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_nologin.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_nologin'>
+ <title>pam_nologin - prevent non-root users from login</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_nologin/pam_nologin.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_nologin-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_nologin-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_nologin/pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-description"]/*)'/>
+ </section>
+ <section id='sag-pam_nologin-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_nologin/pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-options"]/*)'/>
+ </section>
+ <section id='sag-pam_nologin-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_nologin/pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-services"]/*)'/>
+ </section>
+ <section id='sag-pam_nologin-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_nologin/pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_nologin-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_nologin/pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_nologin-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_nologin/pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_permit.xml b/Linux-PAM/doc/sag/pam_permit.xml
new file mode 100644
index 00000000..82febe01
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_permit.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_permit'>
+ <title>pam_permit - the promiscuous module</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_permit/pam_permit.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_permit-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_permit-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_permit/pam_permit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_permit-description"]/*)'/>
+ </section>
+ <section id='sag-pam_permit-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_permit/pam_permit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_permit-options"]/*)'/>
+ </section>
+ <section id='sag-pam_permit-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_permit/pam_permit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_permit-services"]/*)'/>
+ </section>
+ <section id='sag-pam_permit-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_permit/pam_permit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_permit-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_permit-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_permit/pam_permit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_permit-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_permit-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_permit/pam_permit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_permit-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_rhosts.xml b/Linux-PAM/doc/sag/pam_rhosts.xml
new file mode 100644
index 00000000..10ae9361
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_rhosts.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_rhosts'>
+ <title>pam_rhosts - grant access using .rhosts file</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rhosts/pam_rhosts.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_rhosts-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_rhosts-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rhosts/pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-description"]/*)'/>
+ </section>
+ <section id='sag-pam_rhosts-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rhosts/pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-options"]/*)'/>
+ </section>
+ <section id='sag-pam_rhosts-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rhosts/pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-services"]/*)'/>
+ </section>
+ <section id='sag-pam_rhosts-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rhosts/pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_rhosts-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rhosts/pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_rhosts-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rhosts/pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_rootok.xml b/Linux-PAM/doc/sag/pam_rootok.xml
new file mode 100644
index 00000000..6907bd89
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_rootok.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_rootok'>
+ <title>pam_rootok - gain only root access</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rootok/pam_rootok.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_rootok-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_rootok-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rootok/pam_rootok.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rootok-description"]/*)'/>
+ </section>
+ <section id='sag-pam_rootok-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rootok/pam_rootok.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rootok-options"]/*)'/>
+ </section>
+ <section id='sag-pam_rootok-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rootok/pam_rootok.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rootok-services"]/*)'/>
+ </section>
+ <section id='sag-pam_rootok-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rootok/pam_rootok.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rootok-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_rootok-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rootok/pam_rootok.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rootok-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_rootok-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_rootok/pam_rootok.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rootok-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_securetty.xml b/Linux-PAM/doc/sag/pam_securetty.xml
new file mode 100644
index 00000000..061546cc
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_securetty.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_securetty'>
+ <title>pam_securetty - limit root login to special devices</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_securetty/pam_securetty.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_securetty-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_securetty-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_securetty/pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-description"]/*)'/>
+ </section>
+ <section id='sag-pam_securetty-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_securetty/pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-options"]/*)'/>
+ </section>
+ <section id='sag-pam_securetty-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_securetty/pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-services"]/*)'/>
+ </section>
+ <section id='sag-pam_securetty-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_securetty/pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_securetty-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_securetty/pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_securetty-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_securetty/pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_selinux.xml b/Linux-PAM/doc/sag/pam_selinux.xml
new file mode 100644
index 00000000..a0fb293b
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_selinux.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_selinux'>
+ <title>pam_selinux - set the default security context</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_selinux/pam_selinux.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_selinux-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_selinux-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_selinux/pam_selinux.8.xml" xpointer='xpointer(//refsect1[@id = "pam_selinux-description"]/*)'/>
+ </section>
+ <section id='sag-pam_selinux-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_selinux/pam_selinux.8.xml" xpointer='xpointer(//refsect1[@id = "pam_selinux-options"]/*)'/>
+ </section>
+ <section id='sag-pam_selinux-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_selinux/pam_selinux.8.xml" xpointer='xpointer(//refsect1[@id = "pam_selinux-services"]/*)'/>
+ </section>
+ <section id='sag-pam_selinux-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_selinux/pam_selinux.8.xml" xpointer='xpointer(//refsect1[@id = "pam_selinux-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_selinux-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_selinux/pam_selinux.8.xml" xpointer='xpointer(//refsect1[@id = "pam_selinux-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_selinux-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_selinux/pam_selinux.8.xml" xpointer='xpointer(//refsect1[@id = "pam_selinux-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_shells.xml b/Linux-PAM/doc/sag/pam_shells.xml
new file mode 100644
index 00000000..87bc6fdb
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_shells.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_shells'>
+ <title>pam_shells - check for valid login shell</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_shells/pam_shells.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_shells-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_shells-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_shells/pam_shells.8.xml" xpointer='xpointer(//refsect1[@id = "pam_shells-description"]/*)'/>
+ </section>
+ <section id='sag-pam_shells-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_shells/pam_shells.8.xml" xpointer='xpointer(//refsect1[@id = "pam_shells-options"]/*)'/>
+ </section>
+ <section id='sag-pam_shells-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_shells/pam_shells.8.xml" xpointer='xpointer(//refsect1[@id = "pam_shells-services"]/*)'/>
+ </section>
+ <section id='sag-pam_shells-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_shells/pam_shells.8.xml" xpointer='xpointer(//refsect1[@id = "pam_shells-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_shells-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_shells/pam_shells.8.xml" xpointer='xpointer(//refsect1[@id = "pam_shells-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_shells-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_shells/pam_shells.8.xml" xpointer='xpointer(//refsect1[@id = "pam_shells-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_succeed_if.xml b/Linux-PAM/doc/sag/pam_succeed_if.xml
new file mode 100644
index 00000000..0d7304a4
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_succeed_if.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_succeed_if'>
+ <title>pam_succeed_if - test account characteristics</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_succeed_if/pam_succeed_if.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_succeed_if-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_succeed_if-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_succeed_if/pam_succeed_if.8.xml" xpointer='xpointer(//refsect1[@id = "pam_succeed_if-description"]/*)'/>
+ </section>
+ <section id='sag-pam_succeed_if-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_succeed_if/pam_succeed_if.8.xml" xpointer='xpointer(//refsect1[@id = "pam_succeed_if-options"]/*)'/>
+ </section>
+ <section id='sag-pam_succeed_if-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_succeed_if/pam_succeed_if.8.xml" xpointer='xpointer(//refsect1[@id = "pam_succeed_if-services"]/*)'/>
+ </section>
+ <section id='sag-pam_succeed_if-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_succeed_if/pam_succeed_if.8.xml" xpointer='xpointer(//refsect1[@id = "pam_succeed_if-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_succeed_if-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_succeed_if/pam_succeed_if.8.xml" xpointer='xpointer(//refsect1[@id = "pam_succeed_if-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_succeed_if-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_succeed_if/pam_succeed_if.8.xml" xpointer='xpointer(//refsect1[@id = "pam_succeed_if-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_tally.xml b/Linux-PAM/doc/sag/pam_tally.xml
new file mode 100644
index 00000000..df34a511
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_tally.xml
@@ -0,0 +1,38 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_tally'>
+ <title>pam_tally - login counter (tallying) module</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_tally/pam_tally.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_tally-cmdsynopsis1"]/*)'/>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_tally/pam_tally.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_tally-cmdsynopsis2"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_tally-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_tally/pam_tally.8.xml" xpointer='xpointer(//refsect1[@id = "pam_tally-description"]/*)'/>
+ </section>
+ <section id='sag-pam_tally-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_tally/pam_tally.8.xml" xpointer='xpointer(//refsect1[@id = "pam_tally-options"]/*)'/>
+ </section>
+ <section id='sag-pam_tally-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_tally/pam_tally.8.xml" xpointer='xpointer(//refsect1[@id = "pam_tally-services"]/*)'/>
+ </section>
+ <section id='sag-pam_tally-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_tally/pam_tally.8.xml" xpointer='xpointer(//refsect1[@id = "pam_tally-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_tally-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_tally/pam_tally.8.xml" xpointer='xpointer(//refsect1[@id = "pam_tally-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_tally-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_tally/pam_tally.8.xml" xpointer='xpointer(//refsect1[@id = "pam_tally-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_time.xml b/Linux-PAM/doc/sag/pam_time.xml
new file mode 100644
index 00000000..c53ebcab
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_time.xml
@@ -0,0 +1,42 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_time'>
+ <title>pam_time - time controled access</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_time/pam_time.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_time-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_time-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_time/pam_time.8.xml" xpointer='xpointer(//refsect1[@id = "pam_time-description"]/*)'/>
+ </section>
+ <section id='sag-time.conf-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_time/time.conf.5.xml" xpointer='xpointer(//refsect1[@id = "time.conf-description"]/*)'/>
+ </section>
+ <section id='sag-pam_time-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_time/pam_time.8.xml" xpointer='xpointer(//refsect1[@id = "pam_time-options"]/*)'/>
+ </section>
+ <section id='sag-pam_time-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_time/pam_time.8.xml" xpointer='xpointer(//refsect1[@id = "pam_time-services"]/*)'/>
+ </section>
+ <section id='sag-pam_time-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_time/pam_time.8.xml" xpointer='xpointer(//refsect1[@id = "pam_time-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_time-files'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_time/pam_time.8.xml" xpointer='xpointer(//refsect1[@id = "pam_time-files"]/*)'/>
+ </section>
+ <section id='sag-time.conf-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_time/time.conf.5.xml" xpointer='xpointer(//refsect1[@id = "time.conf-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_time-authors'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_time/pam_time.8.xml" xpointer='xpointer(//refsect1[@id = "pam_time-authors"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_umask.xml b/Linux-PAM/doc/sag/pam_umask.xml
new file mode 100644
index 00000000..af68f647
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_umask.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_umask'>
+ <title>pam_umask - set the file mode creation mask</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_umask/pam_umask.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_umask-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_umask-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_umask/pam_umask.8.xml" xpointer='xpointer(//refsect1[@id = "pam_umask-description"]/*)'/>
+ </section>
+ <section id='sag-pam_umask-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_umask/pam_umask.8.xml" xpointer='xpointer(//refsect1[@id = "pam_umask-options"]/*)'/>
+ </section>
+ <section id='sag-pam_umask-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_umask/pam_umask.8.xml" xpointer='xpointer(//refsect1[@id = "pam_umask-services"]/*)'/>
+ </section>
+ <section id='sag-pam_umask-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_umask/pam_umask.8.xml" xpointer='xpointer(//refsect1[@id = "pam_umask-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_umask-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_umask/pam_umask.8.xml" xpointer='xpointer(//refsect1[@id = "pam_umask-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_umask-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_umask/pam_umask.8.xml" xpointer='xpointer(//refsect1[@id = "pam_umask-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_unix.xml b/Linux-PAM/doc/sag/pam_unix.xml
new file mode 100644
index 00000000..57b2f9d2
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_unix.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_unix'>
+ <title>pam_unix - traditional password authentication</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_unix/pam_unix.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_unix-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_unix-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_unix/pam_unix.8.xml" xpointer='xpointer(//refsect1[@id = "pam_unix-description"]/*)'/>
+ </section>
+ <section id='sag-pam_unix-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_unix/pam_unix.8.xml" xpointer='xpointer(//refsect1[@id = "pam_unix-options"]/*)'/>
+ </section>
+ <section id='sag-pam_unix-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_unix/pam_unix.8.xml" xpointer='xpointer(//refsect1[@id = "pam_unix-services"]/*)'/>
+ </section>
+ <section id='sag-pam_unix-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_unix/pam_unix.8.xml" xpointer='xpointer(//refsect1[@id = "pam_unix-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_unix-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_unix/pam_unix.8.xml" xpointer='xpointer(//refsect1[@id = "pam_unix-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_unix-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_unix/pam_unix.8.xml" xpointer='xpointer(//refsect1[@id = "pam_unix-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_userdb.xml b/Linux-PAM/doc/sag/pam_userdb.xml
new file mode 100644
index 00000000..ae934cf6
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_userdb.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_userdb'>
+ <title>pam_userdb - authenticate against a db database</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_userdb/pam_userdb.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_userdb-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_userdb-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_userdb/pam_userdb.8.xml" xpointer='xpointer(//refsect1[@id = "pam_userdb-description"]/*)'/>
+ </section>
+ <section id='sag-pam_userdb-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_userdb/pam_userdb.8.xml" xpointer='xpointer(//refsect1[@id = "pam_userdb-options"]/*)'/>
+ </section>
+ <section id='sag-pam_userdb-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_userdb/pam_userdb.8.xml" xpointer='xpointer(//refsect1[@id = "pam_userdb-services"]/*)'/>
+ </section>
+ <section id='sag-pam_userdb-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_userdb/pam_userdb.8.xml" xpointer='xpointer(//refsect1[@id = "pam_userdb-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_userdb-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_userdb/pam_userdb.8.xml" xpointer='xpointer(//refsect1[@id = "pam_userdb-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_userdb-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_userdb/pam_userdb.8.xml" xpointer='xpointer(//refsect1[@id = "pam_userdb-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_warn.xml b/Linux-PAM/doc/sag/pam_warn.xml
new file mode 100644
index 00000000..3d42a757
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_warn.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_warn'>
+ <title>pam_warn - logs all PAM items</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_warn/pam_warn.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_warn-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_warn-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_warn/pam_warn.8.xml" xpointer='xpointer(//refsect1[@id = "pam_warn-description"]/*)'/>
+ </section>
+ <section id='sag-pam_warn-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_warn/pam_warn.8.xml" xpointer='xpointer(//refsect1[@id = "pam_warn-options"]/*)'/>
+ </section>
+ <section id='sag-pam_warn-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_warn/pam_warn.8.xml" xpointer='xpointer(//refsect1[@id = "pam_warn-services"]/*)'/>
+ </section>
+ <section id='sag-pam_warn-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_warn/pam_warn.8.xml" xpointer='xpointer(//refsect1[@id = "pam_warn-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_warn-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_warn/pam_warn.8.xml" xpointer='xpointer(//refsect1[@id = "pam_warn-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_warn-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_warn/pam_warn.8.xml" xpointer='xpointer(//refsect1[@id = "pam_warn-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_wheel.xml b/Linux-PAM/doc/sag/pam_wheel.xml
new file mode 100644
index 00000000..69175124
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_wheel.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_wheel'>
+ <title>pam_wheel - only permit root access to members of group wheel</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_wheel/pam_wheel.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_wheel-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_wheel-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_wheel/pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-description"]/*)'/>
+ </section>
+ <section id='sag-pam_wheel-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_wheel/pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-options"]/*)'/>
+ </section>
+ <section id='sag-pam_wheel-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_wheel/pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-services"]/*)'/>
+ </section>
+ <section id='sag-pam_wheel-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_wheel/pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_wheel-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_wheel/pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_wheel-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_wheel/pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/sag/pam_xauth.xml b/Linux-PAM/doc/sag/pam_xauth.xml
new file mode 100644
index 00000000..84ca5ddb
--- /dev/null
+++ b/Linux-PAM/doc/sag/pam_xauth.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_xauth'>
+ <title>pam_xauth - forward xauth keys between users</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_xauth/pam_xauth.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_xauth-cmdsynopsis"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_xauth-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_xauth/pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-description"]/*)'/>
+ </section>
+ <section id='sag-pam_xauth-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_xauth/pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-options"]/*)'/>
+ </section>
+ <section id='sag-pam_xauth-services'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_xauth/pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-services"]/*)'/>
+ </section>
+ <section id='sag-pam_xauth-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_xauth/pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_xauth-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_xauth/pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_xauth-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_xauth/pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-author"]/*)'/>
+ </section>
+</section>
diff --git a/Linux-PAM/doc/specs/Makefile.am b/Linux-PAM/doc/specs/Makefile.am
new file mode 100644
index 00000000..595c09bf
--- /dev/null
+++ b/Linux-PAM/doc/specs/Makefile.am
@@ -0,0 +1,22 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = draft-morgan-pam-current.txt *~
+
+EXTRA_DIST = draft-morgan-pam.raw std-agent-id.raw rfc86.0.txt
+
+draft-morgan-pam-current.txt: padout draft-morgan-pam.raw
+ ./padout < $(srcdir)/draft-morgan-pam.raw > draft-morgan-pam-current.txt
+
+AM_YFLAGS = -d
+
+BUILT_SOURCES = parse_y.h
+
+noinst_PROGRAMS = padout
+
+padout_SOURCES = parse_l.l parse_y.y
+
+padout_LDADD = @LEXLIB@
+
+doc_DATA = draft-morgan-pam-current.txt rfc86.0.txt
diff --git a/Linux-PAM/doc/specs/Makefile.in b/Linux-PAM/doc/specs/Makefile.in
new file mode 100644
index 00000000..7e6617a5
--- /dev/null
+++ b/Linux-PAM/doc/specs/Makefile.in
@@ -0,0 +1,560 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+noinst_PROGRAMS = padout$(EXEEXT)
+subdir = doc/specs
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in parse_l.c \
+ parse_y.c parse_y.h
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+PROGRAMS = $(noinst_PROGRAMS)
+am_padout_OBJECTS = parse_l.$(OBJEXT) parse_y.$(OBJEXT)
+padout_OBJECTS = $(am_padout_OBJECTS)
+padout_DEPENDENCIES =
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+LEXCOMPILE = $(LEX) $(LFLAGS) $(AM_LFLAGS)
+LTLEXCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(LEX) $(LFLAGS) $(AM_LFLAGS)
+YLWRAP = $(top_srcdir)/ylwrap
+YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS)
+LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS)
+SOURCES = $(padout_SOURCES)
+DIST_SOURCES = $(padout_SOURCES)
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(docdir)"
+docDATA_INSTALL = $(INSTALL_DATA)
+DATA = $(doc_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = draft-morgan-pam-current.txt *~
+EXTRA_DIST = draft-morgan-pam.raw std-agent-id.raw rfc86.0.txt
+AM_YFLAGS = -d
+BUILT_SOURCES = parse_y.h
+padout_SOURCES = parse_l.l parse_y.y
+padout_LDADD = @LEXLIB@
+doc_DATA = draft-morgan-pam-current.txt rfc86.0.txt
+all: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .l .lo .o .obj .y
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/specs/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu doc/specs/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+clean-noinstPROGRAMS:
+ @list='$(noinst_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+parse_y.h: parse_y.c
+ @if test ! -f $@; then \
+ rm -f parse_y.c; \
+ $(MAKE) $(AM_MAKEFLAGS) parse_y.c; \
+ else :; fi
+padout$(EXEEXT): $(padout_OBJECTS) $(padout_DEPENDENCIES)
+ @rm -f padout$(EXEEXT)
+ $(LINK) $(padout_OBJECTS) $(padout_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse_l.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse_y.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+.l.c:
+ $(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE)
+
+.y.c:
+ $(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h $*.h y.output $*.output -- $(YACCCOMPILE)
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-docDATA: $(doc_DATA)
+ @$(NORMAL_INSTALL)
+ test -z "$(docdir)" || $(MKDIR_P) "$(DESTDIR)$(docdir)"
+ @list='$(doc_DATA)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(docDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(docdir)/$$f'"; \
+ $(docDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(docdir)/$$f"; \
+ done
+
+uninstall-docDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(doc_DATA)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(docdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(docdir)/$$f"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) check-am
+all-am: Makefile $(PROGRAMS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(docdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+ -rm -f parse_l.c
+ -rm -f parse_y.c
+ -rm -f parse_y.h
+ -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-docDATA
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-docDATA
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libtool clean-noinstPROGRAMS ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am \
+ install-docDATA install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-ps install-ps-am install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-docDATA
+
+
+draft-morgan-pam-current.txt: padout draft-morgan-pam.raw
+ ./padout < $(srcdir)/draft-morgan-pam.raw > draft-morgan-pam-current.txt
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/doc/specs/formatter/Makefile b/Linux-PAM/doc/specs/formatter/Makefile
deleted file mode 100644
index d73258d7..00000000
--- a/Linux-PAM/doc/specs/formatter/Makefile
+++ /dev/null
@@ -1,16 +0,0 @@
-LIBS=-lfl
-
-padout: parse.tab.o
- $(CC) -o padout parse.tab.o $(LIBS)
-
-parse.tab.o: parse.tab.c lex.yy.c
- $(CC) -c parse.tab.c
-
-parse.tab.c: parse.y
- bison parse.y
-
-lex.yy.c: parse.lex
- flex parse.lex
-
-clean:
- rm -f parse.tab.o parse.tab.c lex.yy.c padout *~ core
diff --git a/Linux-PAM/doc/specs/parse_l.c b/Linux-PAM/doc/specs/parse_l.c
new file mode 100644
index 00000000..6cf1e56e
--- /dev/null
+++ b/Linux-PAM/doc/specs/parse_l.c
@@ -0,0 +1,1675 @@
+
+#line 3 "parse_l.c"
+
+#define YY_INT_ALIGNED short int
+
+/* A lexical scanner generated by flex */
+
+#define FLEX_SCANNER
+#define YY_FLEX_MAJOR_VERSION 2
+#define YY_FLEX_MINOR_VERSION 5
+#define YY_FLEX_SUBMINOR_VERSION 31
+#if YY_FLEX_SUBMINOR_VERSION > 0
+#define FLEX_BETA
+#endif
+
+/* First, we deal with platform-specific or compiler-specific issues. */
+
+/* begin standard C headers. */
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <stdlib.h>
+
+/* end standard C headers. */
+
+/* flex integer type definitions */
+
+#ifndef FLEXINT_H
+#define FLEXINT_H
+
+/* C99 systems have <inttypes.h>. Non-C99 systems may or may not. */
+
+#if defined __STDC_VERSION__ && __STDC_VERSION__ >= 199901L
+#include <inttypes.h>
+typedef int8_t flex_int8_t;
+typedef uint8_t flex_uint8_t;
+typedef int16_t flex_int16_t;
+typedef uint16_t flex_uint16_t;
+typedef int32_t flex_int32_t;
+typedef uint32_t flex_uint32_t;
+#else
+typedef signed char flex_int8_t;
+typedef short int flex_int16_t;
+typedef int flex_int32_t;
+typedef unsigned char flex_uint8_t;
+typedef unsigned short int flex_uint16_t;
+typedef unsigned int flex_uint32_t;
+#endif /* ! C99 */
+
+/* Limits of integral types. */
+#ifndef INT8_MIN
+#define INT8_MIN (-128)
+#endif
+#ifndef INT16_MIN
+#define INT16_MIN (-32767-1)
+#endif
+#ifndef INT32_MIN
+#define INT32_MIN (-2147483647-1)
+#endif
+#ifndef INT8_MAX
+#define INT8_MAX (127)
+#endif
+#ifndef INT16_MAX
+#define INT16_MAX (32767)
+#endif
+#ifndef INT32_MAX
+#define INT32_MAX (2147483647)
+#endif
+#ifndef UINT8_MAX
+#define UINT8_MAX (255U)
+#endif
+#ifndef UINT16_MAX
+#define UINT16_MAX (65535U)
+#endif
+#ifndef UINT32_MAX
+#define UINT32_MAX (4294967295U)
+#endif
+
+#endif /* ! FLEXINT_H */
+
+#ifdef __cplusplus
+
+/* The "const" storage-class-modifier is valid. */
+#define YY_USE_CONST
+
+#else /* ! __cplusplus */
+
+#if __STDC__
+
+#define YY_USE_CONST
+
+#endif /* __STDC__ */
+#endif /* ! __cplusplus */
+
+#ifdef YY_USE_CONST
+#define yyconst const
+#else
+#define yyconst
+#endif
+
+/* Returned upon end-of-file. */
+#define YY_NULL 0
+
+/* Promotes a possibly negative, possibly signed char to an unsigned
+ * integer for use as an array index. If the signed char is negative,
+ * we want to instead treat it as an 8-bit unsigned char, hence the
+ * double cast.
+ */
+#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
+
+/* Enter a start condition. This macro really ought to take a parameter,
+ * but we do it the disgusting crufty way forced on us by the ()-less
+ * definition of BEGIN.
+ */
+#define BEGIN (yy_start) = 1 + 2 *
+
+/* Translate the current start state into a value that can be later handed
+ * to BEGIN to return to the state. The YYSTATE alias is for lex
+ * compatibility.
+ */
+#define YY_START (((yy_start) - 1) / 2)
+#define YYSTATE YY_START
+
+/* Action number for EOF rule of a given start state. */
+#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
+
+/* Special action meaning "start processing a new file". */
+#define YY_NEW_FILE yyrestart(yyin )
+
+#define YY_END_OF_BUFFER_CHAR 0
+
+/* Size of default input buffer. */
+#ifndef YY_BUF_SIZE
+#define YY_BUF_SIZE 16384
+#endif
+
+/* The state buf must be large enough to hold one state per character in the main buffer.
+ */
+#define YY_STATE_BUF_SIZE ((YY_BUF_SIZE + 2) * sizeof(yy_state_type))
+
+#ifndef YY_TYPEDEF_YY_BUFFER_STATE
+#define YY_TYPEDEF_YY_BUFFER_STATE
+typedef struct yy_buffer_state *YY_BUFFER_STATE;
+#endif
+
+extern int yyleng;
+
+extern FILE *yyin, *yyout;
+
+#define EOB_ACT_CONTINUE_SCAN 0
+#define EOB_ACT_END_OF_FILE 1
+#define EOB_ACT_LAST_MATCH 2
+
+ #define YY_LESS_LINENO(n)
+
+/* Return all but the first "n" matched characters back to the input stream. */
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ int yyless_macro_arg = (n); \
+ YY_LESS_LINENO(yyless_macro_arg);\
+ *yy_cp = (yy_hold_char); \
+ YY_RESTORE_YY_MORE_OFFSET \
+ (yy_c_buf_p) = yy_cp = yy_bp + yyless_macro_arg - YY_MORE_ADJ; \
+ YY_DO_BEFORE_ACTION; /* set up yytext again */ \
+ } \
+ while ( 0 )
+
+#define unput(c) yyunput( c, (yytext_ptr) )
+
+/* The following is because we cannot portably get our hands on size_t
+ * (without autoconf's help, which isn't available because we want
+ * flex-generated scanners to compile on their own).
+ */
+
+#ifndef YY_TYPEDEF_YY_SIZE_T
+#define YY_TYPEDEF_YY_SIZE_T
+typedef unsigned int yy_size_t;
+#endif
+
+#ifndef YY_STRUCT_YY_BUFFER_STATE
+#define YY_STRUCT_YY_BUFFER_STATE
+struct yy_buffer_state
+ {
+ FILE *yy_input_file;
+
+ char *yy_ch_buf; /* input buffer */
+ char *yy_buf_pos; /* current position in input buffer */
+
+ /* Size of input buffer in bytes, not including room for EOB
+ * characters.
+ */
+ yy_size_t yy_buf_size;
+
+ /* Number of characters read into yy_ch_buf, not including EOB
+ * characters.
+ */
+ int yy_n_chars;
+
+ /* Whether we "own" the buffer - i.e., we know we created it,
+ * and can realloc() it to grow it, and should free() it to
+ * delete it.
+ */
+ int yy_is_our_buffer;
+
+ /* Whether this is an "interactive" input source; if so, and
+ * if we're using stdio for input, then we want to use getc()
+ * instead of fread(), to make sure we stop fetching input after
+ * each newline.
+ */
+ int yy_is_interactive;
+
+ /* Whether we're considered to be at the beginning of a line.
+ * If so, '^' rules will be active on the next match, otherwise
+ * not.
+ */
+ int yy_at_bol;
+
+ int yy_bs_lineno; /**< The line count. */
+ int yy_bs_column; /**< The column count. */
+
+ /* Whether to try to fill the input buffer when we reach the
+ * end of it.
+ */
+ int yy_fill_buffer;
+
+ int yy_buffer_status;
+
+#define YY_BUFFER_NEW 0
+#define YY_BUFFER_NORMAL 1
+ /* When an EOF's been seen but there's still some text to process
+ * then we mark the buffer as YY_EOF_PENDING, to indicate that we
+ * shouldn't try reading from the input source any more. We might
+ * still have a bunch of tokens to match, though, because of
+ * possible backing-up.
+ *
+ * When we actually see the EOF, we change the status to "new"
+ * (via yyrestart()), so that the user can continue scanning by
+ * just pointing yyin at a new input file.
+ */
+#define YY_BUFFER_EOF_PENDING 2
+
+ };
+#endif /* !YY_STRUCT_YY_BUFFER_STATE */
+
+/* Stack of input buffers. */
+static size_t yy_buffer_stack_top = 0; /**< index of top of stack. */
+static size_t yy_buffer_stack_max = 0; /**< capacity of stack. */
+static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */
+
+/* We provide macros for accessing buffer states in case in the
+ * future we want to put the buffer states in a more general
+ * "scanner state".
+ *
+ * Returns the top of the stack, or NULL.
+ */
+#define YY_CURRENT_BUFFER ( (yy_buffer_stack) \
+ ? (yy_buffer_stack)[(yy_buffer_stack_top)] \
+ : NULL)
+
+/* Same as previous macro, but useful when we know that the buffer stack is not
+ * NULL or when we need an lvalue. For internal use only.
+ */
+#define YY_CURRENT_BUFFER_LVALUE (yy_buffer_stack)[(yy_buffer_stack_top)]
+
+/* yy_hold_char holds the character lost when yytext is formed. */
+static char yy_hold_char;
+static int yy_n_chars; /* number of characters read into yy_ch_buf */
+int yyleng;
+
+/* Points to current character in buffer. */
+static char *yy_c_buf_p = (char *) 0;
+static int yy_init = 1; /* whether we need to initialize */
+static int yy_start = 0; /* start state number */
+
+/* Flag which is used to allow yywrap()'s to do buffer switches
+ * instead of setting up a fresh yyin. A bit of a hack ...
+ */
+static int yy_did_buffer_switch_on_eof;
+
+void yyrestart (FILE *input_file );
+void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer );
+YY_BUFFER_STATE yy_create_buffer (FILE *file,int size );
+void yy_delete_buffer (YY_BUFFER_STATE b );
+void yy_flush_buffer (YY_BUFFER_STATE b );
+void yypush_buffer_state (YY_BUFFER_STATE new_buffer );
+void yypop_buffer_state (void );
+
+static void yyensure_buffer_stack (void );
+static void yy_load_buffer_state (void );
+static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file );
+
+#define YY_FLUSH_BUFFER yy_flush_buffer(YY_CURRENT_BUFFER )
+
+YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size );
+YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str );
+YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len );
+
+void *yyalloc (yy_size_t );
+void *yyrealloc (void *,yy_size_t );
+void yyfree (void * );
+
+#define yy_new_buffer yy_create_buffer
+
+#define yy_set_interactive(is_interactive) \
+ { \
+ if ( ! YY_CURRENT_BUFFER ){ \
+ yyensure_buffer_stack (); \
+ YY_CURRENT_BUFFER_LVALUE = \
+ yy_create_buffer(yyin,YY_BUF_SIZE ); \
+ } \
+ YY_CURRENT_BUFFER_LVALUE->yy_is_interactive = is_interactive; \
+ }
+
+#define yy_set_bol(at_bol) \
+ { \
+ if ( ! YY_CURRENT_BUFFER ){\
+ yyensure_buffer_stack (); \
+ YY_CURRENT_BUFFER_LVALUE = \
+ yy_create_buffer(yyin,YY_BUF_SIZE ); \
+ } \
+ YY_CURRENT_BUFFER_LVALUE->yy_at_bol = at_bol; \
+ }
+
+#define YY_AT_BOL() (YY_CURRENT_BUFFER_LVALUE->yy_at_bol)
+
+/* Begin user sect3 */
+
+typedef unsigned char YY_CHAR;
+
+FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0;
+
+typedef int yy_state_type;
+
+extern int yylineno;
+extern char *yytext;
+#define yytext_ptr yytext
+
+static yy_state_type yy_get_previous_state (void );
+static yy_state_type yy_try_NUL_trans (yy_state_type current_state );
+static int yy_get_next_buffer (void );
+static void yy_fatal_error (yyconst char msg[] );
+
+/* Done after the current pattern has been matched and before the
+ * corresponding action - sets up yytext.
+ */
+#define YY_DO_BEFORE_ACTION \
+ (yytext_ptr) = yy_bp; \
+ yyleng = (size_t) (yy_cp - yy_bp); \
+ (yy_hold_char) = *yy_cp; \
+ *yy_cp = '\0'; \
+ (yy_c_buf_p) = yy_cp;
+
+#define YY_NUM_RULES 8
+#define YY_END_OF_BUFFER 9
+/* This struct is not used in this scanner,
+ but its presence is necessary. */
+struct yy_trans_info
+ {
+ flex_int32_t yy_verify;
+ flex_int32_t yy_nxt;
+ };
+static yyconst flex_int16_t yy_accept[19] =
+ { 0,
+ 0, 0, 9, 6, 7, 3, 6, 4, 1, 0,
+ 5, 0, 1, 0, 1, 0, 2, 0
+ } ;
+
+static yyconst flex_int32_t yy_ec[256] =
+ { 0,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 2,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 3, 4, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 5, 5, 5,
+ 5, 5, 5, 5, 5, 5, 5, 1, 1, 1,
+ 6, 1, 1, 1, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+ 1, 8, 1, 1, 9, 1, 7, 7, 7, 7,
+
+ 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 10, 1, 11, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1
+ } ;
+
+static yyconst flex_int32_t yy_meta[12] =
+ { 0,
+ 1, 1, 1, 1, 2, 1, 2, 1, 2, 1,
+ 2
+ } ;
+
+static yyconst flex_int16_t yy_base[21] =
+ { 0,
+ 0, 7, 21, 30, 30, 13, 17, 30, 20, 12,
+ 30, 13, 10, 2, 7, 0, 30, 30, 27, 2
+ } ;
+
+static yyconst flex_int16_t yy_def[21] =
+ { 0,
+ 19, 19, 18, 18, 18, 18, 18, 18, 18, 18,
+ 18, 18, 9, 20, 18, 20, 18, 0, 18, 18
+ } ;
+
+static yyconst flex_int16_t yy_nxt[42] =
+ { 0,
+ 18, 5, 6, 16, 18, 18, 18, 7, 5, 6,
+ 17, 15, 17, 18, 7, 8, 9, 15, 14, 11,
+ 18, 18, 10, 9, 18, 12, 13, 4, 4, 3,
+ 18, 18, 18, 18, 18, 18, 18, 18, 18, 18,
+ 18
+ } ;
+
+static yyconst flex_int16_t yy_chk[42] =
+ { 0,
+ 0, 1, 1, 20, 0, 0, 0, 1, 2, 2,
+ 16, 15, 14, 13, 2, 6, 6, 12, 10, 7,
+ 3, 0, 6, 9, 0, 9, 9, 19, 19, 18,
+ 18, 18, 18, 18, 18, 18, 18, 18, 18, 18,
+ 18
+ } ;
+
+static yy_state_type yy_last_accepting_state;
+static char *yy_last_accepting_cpos;
+
+extern int yy_flex_debug;
+int yy_flex_debug = 0;
+
+/* The intent behind this definition is that it'll catch
+ * any uses of REJECT which flex missed.
+ */
+#define REJECT reject_used_but_not_detected
+#define yymore() yymore_used_but_not_detected
+#define YY_MORE_ADJ 0
+#define YY_RESTORE_YY_MORE_OFFSET
+char *yytext;
+#line 1 "parse_l.l"
+#line 2 "parse_l.l"
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <stdio.h>
+
+#include "parse_y.h"
+#line 462 "parse_l.c"
+
+#define INITIAL 0
+
+/* Special case for "unistd.h", since it is non-ANSI. We include it way
+ * down here because we want the user's section 1 to have been scanned first.
+ * The user has a chance to override it with an option.
+ */
+#include <unistd.h>
+
+#ifndef YY_EXTRA_TYPE
+#define YY_EXTRA_TYPE void *
+#endif
+
+/* Macros after this point can all be overridden by user definitions in
+ * section 1.
+ */
+
+#ifndef YY_SKIP_YYWRAP
+#ifdef __cplusplus
+extern "C" int yywrap (void );
+#else
+extern int yywrap (void );
+#endif
+#endif
+
+ static void yyunput (int c,char *buf_ptr );
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy (char *,yyconst char *,int );
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen (yyconst char * );
+#endif
+
+#ifndef YY_NO_INPUT
+
+#ifdef __cplusplus
+static int yyinput (void );
+#else
+static int input (void );
+#endif
+
+#endif
+
+/* Amount of stuff to slurp up with each read. */
+#ifndef YY_READ_BUF_SIZE
+#define YY_READ_BUF_SIZE 8192
+#endif
+
+/* Copy whatever the last rule matched to the standard output. */
+#ifndef ECHO
+/* This used to be an fputs(), but since the string might contain NUL's,
+ * we now use fwrite().
+ */
+#define ECHO (void) fwrite( yytext, yyleng, 1, yyout )
+#endif
+
+/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL,
+ * is returned in "result".
+ */
+#ifndef YY_INPUT
+#define YY_INPUT(buf,result,max_size) \
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \
+ { \
+ int c = '*'; \
+ size_t n; \
+ for ( n = 0; n < max_size && \
+ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
+ buf[n] = (char) c; \
+ if ( c == '\n' ) \
+ buf[n++] = (char) c; \
+ if ( c == EOF && ferror( yyin ) ) \
+ YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ result = n; \
+ } \
+ else \
+ { \
+ errno=0; \
+ while ( (result = fread(buf, 1, max_size, yyin))==0 && ferror(yyin)) \
+ { \
+ if( errno != EINTR) \
+ { \
+ YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ break; \
+ } \
+ errno=0; \
+ clearerr(yyin); \
+ } \
+ }\
+\
+
+#endif
+
+/* No semi-colon after return; correct usage is to write "yyterminate();" -
+ * we don't want an extra ';' after the "return" because that will cause
+ * some compilers to complain about unreachable statements.
+ */
+#ifndef yyterminate
+#define yyterminate() return YY_NULL
+#endif
+
+/* Number of entries by which start-condition stack grows. */
+#ifndef YY_START_STACK_INCR
+#define YY_START_STACK_INCR 25
+#endif
+
+/* Report a fatal error. */
+#ifndef YY_FATAL_ERROR
+#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
+#endif
+
+/* end tables serialization structures and prototypes */
+
+/* Default declaration of generated scanner - a define so the user can
+ * easily add parameters.
+ */
+#ifndef YY_DECL
+#define YY_DECL_IS_OURS 1
+
+extern int yylex (void);
+
+#define YY_DECL int yylex (void)
+#endif /* !YY_DECL */
+
+/* Code executed at the beginning of each rule, after yytext and yyleng
+ * have been set up.
+ */
+#ifndef YY_USER_ACTION
+#define YY_USER_ACTION
+#endif
+
+/* Code executed at the end of each rule. */
+#ifndef YY_BREAK
+#define YY_BREAK break;
+#endif
+
+#define YY_RULE_SETUP \
+ YY_USER_ACTION
+
+/** The main scanner function which does all the work.
+ */
+YY_DECL
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp, *yy_bp;
+ register int yy_act;
+
+#line 11 "parse_l.l"
+
+
+#line 614 "parse_l.c"
+
+ if ( (yy_init) )
+ {
+ (yy_init) = 0;
+
+#ifdef YY_USER_INIT
+ YY_USER_INIT;
+#endif
+
+ if ( ! (yy_start) )
+ (yy_start) = 1; /* first start state */
+
+ if ( ! yyin )
+ yyin = stdin;
+
+ if ( ! yyout )
+ yyout = stdout;
+
+ if ( ! YY_CURRENT_BUFFER ) {
+ yyensure_buffer_stack ();
+ YY_CURRENT_BUFFER_LVALUE =
+ yy_create_buffer(yyin,YY_BUF_SIZE );
+ }
+
+ yy_load_buffer_state( );
+ }
+
+ while ( 1 ) /* loops until end-of-file is reached */
+ {
+ yy_cp = (yy_c_buf_p);
+
+ /* Support of yytext. */
+ *yy_cp = (yy_hold_char);
+
+ /* yy_bp points to the position in yy_ch_buf of the start of
+ * the current run.
+ */
+ yy_bp = yy_cp;
+
+ yy_current_state = (yy_start);
+yy_match:
+ do
+ {
+ register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
+ if ( yy_accept[yy_current_state] )
+ {
+ (yy_last_accepting_state) = yy_current_state;
+ (yy_last_accepting_cpos) = yy_cp;
+ }
+ while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if ( yy_current_state >= 19 )
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ ++yy_cp;
+ }
+ while ( yy_base[yy_current_state] != 30 );
+
+yy_find_action:
+ yy_act = yy_accept[yy_current_state];
+ if ( yy_act == 0 )
+ { /* have to back up */
+ yy_cp = (yy_last_accepting_cpos);
+ yy_current_state = (yy_last_accepting_state);
+ yy_act = yy_accept[yy_current_state];
+ }
+
+ YY_DO_BEFORE_ACTION;
+
+do_action: /* This label is used only to access EOF actions. */
+
+ switch ( yy_act )
+ { /* beginning of action switch */
+ case 0: /* must back up */
+ /* undo the effects of YY_DO_BEFORE_ACTION */
+ *yy_cp = (yy_hold_char);
+ yy_cp = (yy_last_accepting_cpos);
+ yy_current_state = (yy_last_accepting_state);
+ goto yy_find_action;
+
+case 1:
+YY_RULE_SETUP
+#line 13 "parse_l.l"
+return NEW_COUNTER;
+ YY_BREAK
+case 2:
+YY_RULE_SETUP
+#line 14 "parse_l.l"
+return LABEL;
+ YY_BREAK
+case 3:
+YY_RULE_SETUP
+#line 15 "parse_l.l"
+return NO_INDENT;
+ YY_BREAK
+case 4:
+YY_RULE_SETUP
+#line 16 "parse_l.l"
+return RIGHT;
+ YY_BREAK
+case 5:
+YY_RULE_SETUP
+#line 17 "parse_l.l"
+return HASH;
+ YY_BREAK
+case 6:
+YY_RULE_SETUP
+#line 18 "parse_l.l"
+return CHAR;
+ YY_BREAK
+case 7:
+/* rule 7 can match eol */
+YY_RULE_SETUP
+#line 19 "parse_l.l"
+return NEWLINE;
+ YY_BREAK
+case 8:
+YY_RULE_SETUP
+#line 21 "parse_l.l"
+ECHO;
+ YY_BREAK
+#line 738 "parse_l.c"
+case YY_STATE_EOF(INITIAL):
+ yyterminate();
+
+ case YY_END_OF_BUFFER:
+ {
+ /* Amount of text matched not including the EOB char. */
+ int yy_amount_of_matched_text = (int) (yy_cp - (yytext_ptr)) - 1;
+
+ /* Undo the effects of YY_DO_BEFORE_ACTION. */
+ *yy_cp = (yy_hold_char);
+ YY_RESTORE_YY_MORE_OFFSET
+
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_NEW )
+ {
+ /* We're scanning a new file or input source. It's
+ * possible that this happened because the user
+ * just pointed yyin at a new source and called
+ * yylex(). If so, then we have to assure
+ * consistency between YY_CURRENT_BUFFER and our
+ * globals. Here is the right place to do so, because
+ * this is the first action (other than possibly a
+ * back-up) that will match for the new input source.
+ */
+ (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
+ YY_CURRENT_BUFFER_LVALUE->yy_input_file = yyin;
+ YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL;
+ }
+
+ /* Note that here we test for yy_c_buf_p "<=" to the position
+ * of the first EOB in the buffer, since yy_c_buf_p will
+ * already have been incremented past the NUL character
+ * (since all states make transitions on EOB to the
+ * end-of-buffer state). Contrast this with the test
+ * in input().
+ */
+ if ( (yy_c_buf_p) <= &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] )
+ { /* This was really a NUL. */
+ yy_state_type yy_next_state;
+
+ (yy_c_buf_p) = (yytext_ptr) + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state( );
+
+ /* Okay, we're now positioned to make the NUL
+ * transition. We couldn't have
+ * yy_get_previous_state() go ahead and do it
+ * for us because it doesn't know how to deal
+ * with the possibility of jamming (and we don't
+ * want to build jamming into it because then it
+ * will run more slowly).
+ */
+
+ yy_next_state = yy_try_NUL_trans( yy_current_state );
+
+ yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+
+ if ( yy_next_state )
+ {
+ /* Consume the NUL. */
+ yy_cp = ++(yy_c_buf_p);
+ yy_current_state = yy_next_state;
+ goto yy_match;
+ }
+
+ else
+ {
+ yy_cp = (yy_c_buf_p);
+ goto yy_find_action;
+ }
+ }
+
+ else switch ( yy_get_next_buffer( ) )
+ {
+ case EOB_ACT_END_OF_FILE:
+ {
+ (yy_did_buffer_switch_on_eof) = 0;
+
+ if ( yywrap( ) )
+ {
+ /* Note: because we've taken care in
+ * yy_get_next_buffer() to have set up
+ * yytext, we can now set up
+ * yy_c_buf_p so that if some total
+ * hoser (like flex itself) wants to
+ * call the scanner after we return the
+ * YY_NULL, it'll still work - another
+ * YY_NULL will get returned.
+ */
+ (yy_c_buf_p) = (yytext_ptr) + YY_MORE_ADJ;
+
+ yy_act = YY_STATE_EOF(YY_START);
+ goto do_action;
+ }
+
+ else
+ {
+ if ( ! (yy_did_buffer_switch_on_eof) )
+ YY_NEW_FILE;
+ }
+ break;
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ (yy_c_buf_p) =
+ (yytext_ptr) + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state( );
+
+ yy_cp = (yy_c_buf_p);
+ yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+ goto yy_match;
+
+ case EOB_ACT_LAST_MATCH:
+ (yy_c_buf_p) =
+ &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)];
+
+ yy_current_state = yy_get_previous_state( );
+
+ yy_cp = (yy_c_buf_p);
+ yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+ goto yy_find_action;
+ }
+ break;
+ }
+
+ default:
+ YY_FATAL_ERROR(
+ "fatal flex scanner internal error--no action found" );
+ } /* end of action switch */
+ } /* end of scanning one token */
+} /* end of yylex */
+
+/* yy_get_next_buffer - try to read in a new buffer
+ *
+ * Returns a code representing an action:
+ * EOB_ACT_LAST_MATCH -
+ * EOB_ACT_CONTINUE_SCAN - continue scanning from current position
+ * EOB_ACT_END_OF_FILE - end of file
+ */
+static int yy_get_next_buffer (void)
+{
+ register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
+ register char *source = (yytext_ptr);
+ register int number_to_move, i;
+ int ret_val;
+
+ if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] )
+ YY_FATAL_ERROR(
+ "fatal flex scanner internal error--end of buffer missed" );
+
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_fill_buffer == 0 )
+ { /* Don't try to fill the buffer, so this is an EOF. */
+ if ( (yy_c_buf_p) - (yytext_ptr) - YY_MORE_ADJ == 1 )
+ {
+ /* We matched a single character, the EOB, so
+ * treat this as a final EOF.
+ */
+ return EOB_ACT_END_OF_FILE;
+ }
+
+ else
+ {
+ /* We matched some text prior to the EOB, first
+ * process it.
+ */
+ return EOB_ACT_LAST_MATCH;
+ }
+ }
+
+ /* Try to read more data. */
+
+ /* First move last chars to start of buffer. */
+ number_to_move = (int) ((yy_c_buf_p) - (yytext_ptr)) - 1;
+
+ for ( i = 0; i < number_to_move; ++i )
+ *(dest++) = *(source++);
+
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING )
+ /* don't do the read, it's not guaranteed to return an EOF,
+ * just force an EOF
+ */
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars) = 0;
+
+ else
+ {
+ size_t num_to_read =
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1;
+
+ while ( num_to_read <= 0 )
+ { /* Not enough room in the buffer - grow it. */
+
+ /* just a shorter name for the current buffer */
+ YY_BUFFER_STATE b = YY_CURRENT_BUFFER;
+
+ int yy_c_buf_p_offset =
+ (int) ((yy_c_buf_p) - b->yy_ch_buf);
+
+ if ( b->yy_is_our_buffer )
+ {
+ int new_size = b->yy_buf_size * 2;
+
+ if ( new_size <= 0 )
+ b->yy_buf_size += b->yy_buf_size / 8;
+ else
+ b->yy_buf_size *= 2;
+
+ b->yy_ch_buf = (char *)
+ /* Include room in for 2 EOB chars. */
+ yyrealloc((void *) b->yy_ch_buf,b->yy_buf_size + 2 );
+ }
+ else
+ /* Can't grow it, we don't own it. */
+ b->yy_ch_buf = 0;
+
+ if ( ! b->yy_ch_buf )
+ YY_FATAL_ERROR(
+ "fatal error - scanner input buffer overflow" );
+
+ (yy_c_buf_p) = &b->yy_ch_buf[yy_c_buf_p_offset];
+
+ num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size -
+ number_to_move - 1;
+
+ }
+
+ if ( num_to_read > YY_READ_BUF_SIZE )
+ num_to_read = YY_READ_BUF_SIZE;
+
+ /* Read in more data. */
+ YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]),
+ (yy_n_chars), num_to_read );
+
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+ }
+
+ if ( (yy_n_chars) == 0 )
+ {
+ if ( number_to_move == YY_MORE_ADJ )
+ {
+ ret_val = EOB_ACT_END_OF_FILE;
+ yyrestart(yyin );
+ }
+
+ else
+ {
+ ret_val = EOB_ACT_LAST_MATCH;
+ YY_CURRENT_BUFFER_LVALUE->yy_buffer_status =
+ YY_BUFFER_EOF_PENDING;
+ }
+ }
+
+ else
+ ret_val = EOB_ACT_CONTINUE_SCAN;
+
+ (yy_n_chars) += number_to_move;
+ YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR;
+ YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR;
+
+ (yytext_ptr) = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[0];
+
+ return ret_val;
+}
+
+/* yy_get_previous_state - get the state just before the EOB char was reached */
+
+ static yy_state_type yy_get_previous_state (void)
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp;
+
+ yy_current_state = (yy_start);
+
+ for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp )
+ {
+ register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
+ if ( yy_accept[yy_current_state] )
+ {
+ (yy_last_accepting_state) = yy_current_state;
+ (yy_last_accepting_cpos) = yy_cp;
+ }
+ while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if ( yy_current_state >= 19 )
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ }
+
+ return yy_current_state;
+}
+
+/* yy_try_NUL_trans - try to make a transition on the NUL character
+ *
+ * synopsis
+ * next_state = yy_try_NUL_trans( current_state );
+ */
+ static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state )
+{
+ register int yy_is_jam;
+ register char *yy_cp = (yy_c_buf_p);
+
+ register YY_CHAR yy_c = 1;
+ if ( yy_accept[yy_current_state] )
+ {
+ (yy_last_accepting_state) = yy_current_state;
+ (yy_last_accepting_cpos) = yy_cp;
+ }
+ while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if ( yy_current_state >= 19 )
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ yy_is_jam = (yy_current_state == 18);
+
+ return yy_is_jam ? 0 : yy_current_state;
+}
+
+ static void yyunput (int c, register char * yy_bp )
+{
+ register char *yy_cp;
+
+ yy_cp = (yy_c_buf_p);
+
+ /* undo effects of setting up yytext */
+ *yy_cp = (yy_hold_char);
+
+ if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 )
+ { /* need to shift things up to make room */
+ /* +2 for EOB chars. */
+ register int number_to_move = (yy_n_chars) + 2;
+ register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2];
+ register char *source =
+ &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move];
+
+ while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf )
+ *--dest = *--source;
+
+ yy_cp += (int) (dest - source);
+ yy_bp += (int) (dest - source);
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars =
+ (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_buf_size;
+
+ if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 )
+ YY_FATAL_ERROR( "flex scanner push-back overflow" );
+ }
+
+ *--yy_cp = (char) c;
+
+ (yytext_ptr) = yy_bp;
+ (yy_hold_char) = *yy_cp;
+ (yy_c_buf_p) = yy_cp;
+}
+
+#ifndef YY_NO_INPUT
+#ifdef __cplusplus
+ static int yyinput (void)
+#else
+ static int input (void)
+#endif
+
+{
+ int c;
+
+ *(yy_c_buf_p) = (yy_hold_char);
+
+ if ( *(yy_c_buf_p) == YY_END_OF_BUFFER_CHAR )
+ {
+ /* yy_c_buf_p now points to the character we want to return.
+ * If this occurs *before* the EOB characters, then it's a
+ * valid NUL; if not, then we've hit the end of the buffer.
+ */
+ if ( (yy_c_buf_p) < &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] )
+ /* This was really a NUL. */
+ *(yy_c_buf_p) = '\0';
+
+ else
+ { /* need more input */
+ int offset = (yy_c_buf_p) - (yytext_ptr);
+ ++(yy_c_buf_p);
+
+ switch ( yy_get_next_buffer( ) )
+ {
+ case EOB_ACT_LAST_MATCH:
+ /* This happens because yy_g_n_b()
+ * sees that we've accumulated a
+ * token and flags that we need to
+ * try matching the token before
+ * proceeding. But for input(),
+ * there's no matching to consider.
+ * So convert the EOB_ACT_LAST_MATCH
+ * to EOB_ACT_END_OF_FILE.
+ */
+
+ /* Reset buffer status. */
+ yyrestart(yyin );
+
+ /*FALLTHROUGH*/
+
+ case EOB_ACT_END_OF_FILE:
+ {
+ if ( yywrap( ) )
+ return EOF;
+
+ if ( ! (yy_did_buffer_switch_on_eof) )
+ YY_NEW_FILE;
+#ifdef __cplusplus
+ return yyinput();
+#else
+ return input();
+#endif
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ (yy_c_buf_p) = (yytext_ptr) + offset;
+ break;
+ }
+ }
+ }
+
+ c = *(unsigned char *) (yy_c_buf_p); /* cast for 8-bit char's */
+ *(yy_c_buf_p) = '\0'; /* preserve yytext */
+ (yy_hold_char) = *++(yy_c_buf_p);
+
+ return c;
+}
+#endif /* ifndef YY_NO_INPUT */
+
+/** Immediately switch to a different input stream.
+ * @param input_file A readable stream.
+ *
+ * @note This function does not reset the start condition to @c INITIAL .
+ */
+ void yyrestart (FILE * input_file )
+{
+
+ if ( ! YY_CURRENT_BUFFER ){
+ yyensure_buffer_stack ();
+ YY_CURRENT_BUFFER_LVALUE =
+ yy_create_buffer(yyin,YY_BUF_SIZE );
+ }
+
+ yy_init_buffer(YY_CURRENT_BUFFER,input_file );
+ yy_load_buffer_state( );
+}
+
+/** Switch to a different input buffer.
+ * @param new_buffer The new input buffer.
+ *
+ */
+ void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer )
+{
+
+ /* TODO. We should be able to replace this entire function body
+ * with
+ * yypop_buffer_state();
+ * yypush_buffer_state(new_buffer);
+ */
+ yyensure_buffer_stack ();
+ if ( YY_CURRENT_BUFFER == new_buffer )
+ return;
+
+ if ( YY_CURRENT_BUFFER )
+ {
+ /* Flush out information for old buffer. */
+ *(yy_c_buf_p) = (yy_hold_char);
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p);
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+ }
+
+ YY_CURRENT_BUFFER_LVALUE = new_buffer;
+ yy_load_buffer_state( );
+
+ /* We don't actually know whether we did this switch during
+ * EOF (yywrap()) processing, but the only time this flag
+ * is looked at is after yywrap() is called, so it's safe
+ * to go ahead and always set it.
+ */
+ (yy_did_buffer_switch_on_eof) = 1;
+}
+
+static void yy_load_buffer_state (void)
+{
+ (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
+ (yytext_ptr) = (yy_c_buf_p) = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos;
+ yyin = YY_CURRENT_BUFFER_LVALUE->yy_input_file;
+ (yy_hold_char) = *(yy_c_buf_p);
+}
+
+/** Allocate and initialize an input buffer state.
+ * @param file A readable stream.
+ * @param size The character buffer size in bytes. When in doubt, use @c YY_BUF_SIZE.
+ *
+ * @return the allocated buffer state.
+ */
+ YY_BUFFER_STATE yy_create_buffer (FILE * file, int size )
+{
+ YY_BUFFER_STATE b;
+
+ b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) );
+ if ( ! b )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
+
+ b->yy_buf_size = size;
+
+ /* yy_ch_buf has to be 2 characters longer than the size given because
+ * we need to put in 2 end-of-buffer characters.
+ */
+ b->yy_ch_buf = (char *) yyalloc(b->yy_buf_size + 2 );
+ if ( ! b->yy_ch_buf )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
+
+ b->yy_is_our_buffer = 1;
+
+ yy_init_buffer(b,file );
+
+ return b;
+}
+
+/** Destroy the buffer.
+ * @param b a buffer created with yy_create_buffer()
+ *
+ */
+ void yy_delete_buffer (YY_BUFFER_STATE b )
+{
+
+ if ( ! b )
+ return;
+
+ if ( b == YY_CURRENT_BUFFER ) /* Not sure if we should pop here. */
+ YY_CURRENT_BUFFER_LVALUE = (YY_BUFFER_STATE) 0;
+
+ if ( b->yy_is_our_buffer )
+ yyfree((void *) b->yy_ch_buf );
+
+ yyfree((void *) b );
+}
+
+#ifndef __cplusplus
+extern int isatty (int );
+#endif /* __cplusplus */
+
+/* Initializes or reinitializes a buffer.
+ * This function is sometimes called more than once on the same buffer,
+ * such as during a yyrestart() or at EOF.
+ */
+ static void yy_init_buffer (YY_BUFFER_STATE b, FILE * file )
+
+{
+ int oerrno = errno;
+
+ yy_flush_buffer(b );
+
+ b->yy_input_file = file;
+ b->yy_fill_buffer = 1;
+
+ /* If b is the current buffer, then yy_init_buffer was _probably_
+ * called from yyrestart() or through yy_get_next_buffer.
+ * In that case, we don't want to reset the lineno or column.
+ */
+ if (b != YY_CURRENT_BUFFER){
+ b->yy_bs_lineno = 1;
+ b->yy_bs_column = 0;
+ }
+
+ b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0;
+
+ errno = oerrno;
+}
+
+/** Discard all buffered characters. On the next scan, YY_INPUT will be called.
+ * @param b the buffer state to be flushed, usually @c YY_CURRENT_BUFFER.
+ *
+ */
+ void yy_flush_buffer (YY_BUFFER_STATE b )
+{
+ if ( ! b )
+ return;
+
+ b->yy_n_chars = 0;
+
+ /* We always need two end-of-buffer characters. The first causes
+ * a transition to the end-of-buffer state. The second causes
+ * a jam in that state.
+ */
+ b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
+ b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
+
+ b->yy_buf_pos = &b->yy_ch_buf[0];
+
+ b->yy_at_bol = 1;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ if ( b == YY_CURRENT_BUFFER )
+ yy_load_buffer_state( );
+}
+
+/** Pushes the new state onto the stack. The new state becomes
+ * the current state. This function will allocate the stack
+ * if necessary.
+ * @param new_buffer The new state.
+ *
+ */
+void yypush_buffer_state (YY_BUFFER_STATE new_buffer )
+{
+ if (new_buffer == NULL)
+ return;
+
+ yyensure_buffer_stack();
+
+ /* This block is copied from yy_switch_to_buffer. */
+ if ( YY_CURRENT_BUFFER )
+ {
+ /* Flush out information for old buffer. */
+ *(yy_c_buf_p) = (yy_hold_char);
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p);
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+ }
+
+ /* Only push if top exists. Otherwise, replace top. */
+ if (YY_CURRENT_BUFFER)
+ (yy_buffer_stack_top)++;
+ YY_CURRENT_BUFFER_LVALUE = new_buffer;
+
+ /* copied from yy_switch_to_buffer. */
+ yy_load_buffer_state( );
+ (yy_did_buffer_switch_on_eof) = 1;
+}
+
+/** Removes and deletes the top of the stack, if present.
+ * The next element becomes the new top.
+ *
+ */
+void yypop_buffer_state (void)
+{
+ if (!YY_CURRENT_BUFFER)
+ return;
+
+ yy_delete_buffer(YY_CURRENT_BUFFER );
+ YY_CURRENT_BUFFER_LVALUE = NULL;
+ if ((yy_buffer_stack_top) > 0)
+ --(yy_buffer_stack_top);
+
+ if (YY_CURRENT_BUFFER) {
+ yy_load_buffer_state( );
+ (yy_did_buffer_switch_on_eof) = 1;
+ }
+}
+
+/* Allocates the stack if it does not exist.
+ * Guarantees space for at least one push.
+ */
+static void yyensure_buffer_stack (void)
+{
+ int num_to_alloc;
+
+ if (!(yy_buffer_stack)) {
+
+ /* First allocation is just for 2 elements, since we don't know if this
+ * scanner will even need a stack. We use 2 instead of 1 to avoid an
+ * immediate realloc on the next call.
+ */
+ num_to_alloc = 1;
+ (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc
+ (num_to_alloc * sizeof(struct yy_buffer_state*)
+ );
+
+ memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*));
+
+ (yy_buffer_stack_max) = num_to_alloc;
+ (yy_buffer_stack_top) = 0;
+ return;
+ }
+
+ if ((yy_buffer_stack_top) >= ((yy_buffer_stack_max)) - 1){
+
+ /* Increase the buffer to prepare for a possible push. */
+ int grow_size = 8 /* arbitrary grow size */;
+
+ num_to_alloc = (yy_buffer_stack_max) + grow_size;
+ (yy_buffer_stack) = (struct yy_buffer_state**)yyrealloc
+ ((yy_buffer_stack),
+ num_to_alloc * sizeof(struct yy_buffer_state*)
+ );
+
+ /* zero only the new slots.*/
+ memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*));
+ (yy_buffer_stack_max) = num_to_alloc;
+ }
+}
+
+/** Setup the input buffer state to scan directly from a user-specified character buffer.
+ * @param base the character buffer
+ * @param size the size in bytes of the character buffer
+ *
+ * @return the newly allocated buffer state object.
+ */
+YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size )
+{
+ YY_BUFFER_STATE b;
+
+ if ( size < 2 ||
+ base[size-2] != YY_END_OF_BUFFER_CHAR ||
+ base[size-1] != YY_END_OF_BUFFER_CHAR )
+ /* They forgot to leave room for the EOB's. */
+ return 0;
+
+ b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) );
+ if ( ! b )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" );
+
+ b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */
+ b->yy_buf_pos = b->yy_ch_buf = base;
+ b->yy_is_our_buffer = 0;
+ b->yy_input_file = 0;
+ b->yy_n_chars = b->yy_buf_size;
+ b->yy_is_interactive = 0;
+ b->yy_at_bol = 1;
+ b->yy_fill_buffer = 0;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ yy_switch_to_buffer(b );
+
+ return b;
+}
+
+/** Setup the input buffer state to scan a string. The next call to yylex() will
+ * scan from a @e copy of @a str.
+ * @param str a NUL-terminated string to scan
+ *
+ * @return the newly allocated buffer state object.
+ * @note If you want to scan bytes that may contain NUL values, then use
+ * yy_scan_bytes() instead.
+ */
+YY_BUFFER_STATE yy_scan_string (yyconst char * str )
+{
+
+ return yy_scan_bytes(str,strlen(str) );
+}
+
+/** Setup the input buffer state to scan the given bytes. The next call to yylex() will
+ * scan from a @e copy of @a bytes.
+ * @param bytes the byte buffer to scan
+ * @param len the number of bytes in the buffer pointed to by @a bytes.
+ *
+ * @return the newly allocated buffer state object.
+ */
+YY_BUFFER_STATE yy_scan_bytes (yyconst char * bytes, int len )
+{
+ YY_BUFFER_STATE b;
+ char *buf;
+ yy_size_t n;
+ int i;
+
+ /* Get memory for full buffer, including space for trailing EOB's. */
+ n = len + 2;
+ buf = (char *) yyalloc(n );
+ if ( ! buf )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" );
+
+ for ( i = 0; i < len; ++i )
+ buf[i] = bytes[i];
+
+ buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR;
+
+ b = yy_scan_buffer(buf,n );
+ if ( ! b )
+ YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" );
+
+ /* It's okay to grow etc. this buffer, and we should throw it
+ * away when we're done.
+ */
+ b->yy_is_our_buffer = 1;
+
+ return b;
+}
+
+#ifndef YY_EXIT_FAILURE
+#define YY_EXIT_FAILURE 2
+#endif
+
+static void yy_fatal_error (yyconst char* msg )
+{
+ (void) fprintf( stderr, "%s\n", msg );
+ exit( YY_EXIT_FAILURE );
+}
+
+/* Redefine yyless() so it works in section 3 code. */
+
+#undef yyless
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ int yyless_macro_arg = (n); \
+ YY_LESS_LINENO(yyless_macro_arg);\
+ yytext[yyleng] = (yy_hold_char); \
+ (yy_c_buf_p) = yytext + yyless_macro_arg; \
+ (yy_hold_char) = *(yy_c_buf_p); \
+ *(yy_c_buf_p) = '\0'; \
+ yyleng = yyless_macro_arg; \
+ } \
+ while ( 0 )
+
+/* Accessor methods (get/set functions) to struct members. */
+
+/** Get the input stream.
+ *
+ */
+FILE *yyget_in (void)
+{
+ return yyin;
+}
+
+/** Get the output stream.
+ *
+ */
+FILE *yyget_out (void)
+{
+ return yyout;
+}
+
+/** Get the length of the current token.
+ *
+ */
+int yyget_leng (void)
+{
+ return yyleng;
+}
+
+/** Get the current token.
+ *
+ */
+
+char *yyget_text (void)
+{
+ return yytext;
+}
+
+/** Set the input stream. This does not discard the current
+ * input buffer.
+ * @param in_str A readable stream.
+ *
+ * @see yy_switch_to_buffer
+ */
+void yyset_in (FILE * in_str )
+{
+ yyin = in_str ;
+}
+
+void yyset_out (FILE * out_str )
+{
+ yyout = out_str ;
+}
+
+int yyget_debug (void)
+{
+ return yy_flex_debug;
+}
+
+void yyset_debug (int bdebug )
+{
+ yy_flex_debug = bdebug ;
+}
+
+/* yylex_destroy is for both reentrant and non-reentrant scanners. */
+int yylex_destroy (void)
+{
+
+ /* Pop the buffer stack, destroying each element. */
+ while(YY_CURRENT_BUFFER){
+ yy_delete_buffer(YY_CURRENT_BUFFER );
+ YY_CURRENT_BUFFER_LVALUE = NULL;
+ yypop_buffer_state();
+ }
+
+ /* Destroy the stack itself. */
+ yyfree((yy_buffer_stack) );
+ (yy_buffer_stack) = NULL;
+
+ return 0;
+}
+
+/*
+ * Internal utility routines.
+ */
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy (char* s1, yyconst char * s2, int n )
+{
+ register int i;
+ for ( i = 0; i < n; ++i )
+ s1[i] = s2[i];
+}
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen (yyconst char * s )
+{
+ register int n;
+ for ( n = 0; s[n]; ++n )
+ ;
+
+ return n;
+}
+#endif
+
+void *yyalloc (yy_size_t size )
+{
+ return (void *) malloc( size );
+}
+
+void *yyrealloc (void * ptr, yy_size_t size )
+{
+ /* The cast to (char *) in the following accommodates both
+ * implementations that use char* generic pointers, and those
+ * that use void* generic pointers. It works with the latter
+ * because both ANSI C and C++ allow castless assignment from
+ * any pointer type to void*, and deal with argument conversions
+ * as though doing an assignment.
+ */
+ return (void *) realloc( (char *) ptr, size );
+}
+
+void yyfree (void * ptr )
+{
+ free( (char *) ptr ); /* see yyrealloc() for (char *) cast */
+}
+
+#define YYTABLES_NAME "yytables"
+
+#line 21 "parse_l.l"
+
+
+
diff --git a/Linux-PAM/doc/specs/formatter/parse.lex b/Linux-PAM/doc/specs/parse_l.l
index 1d5c898e..7cab424c 100644
--- a/Linux-PAM/doc/specs/formatter/parse.lex
+++ b/Linux-PAM/doc/specs/parse_l.l
@@ -1,3 +1,13 @@
+%{
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <stdio.h>
+
+#include "parse_y.h"
+%}
+
%%
\#[\$]+[a-zA-Z]*(\=[0-9]+)? return NEW_COUNTER;
diff --git a/Linux-PAM/doc/specs/parse_y.c b/Linux-PAM/doc/specs/parse_y.c
new file mode 100644
index 00000000..f62d41c9
--- /dev/null
+++ b/Linux-PAM/doc/specs/parse_y.c
@@ -0,0 +1,1706 @@
+/* A Bison parser, made by GNU Bison 2.1. */
+
+/* Skeleton parser for Yacc-like parsing with Bison,
+ Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA. */
+
+/* As a special exception, when this file is copied by Bison into a
+ Bison output file, you may use that output file without restriction.
+ This special exception was added by the Free Software Foundation
+ in version 1.24 of Bison. */
+
+/* Written by Richard Stallman by simplifying the original so called
+ ``semantic'' parser. */
+
+/* All symbols defined below should begin with yy or YY, to avoid
+ infringing on user name space. This should be done even for local
+ variables, as they might otherwise be expanded by user macros.
+ There are some unavoidable exceptions within include files to
+ define necessary library symbols; they are noted "INFRINGES ON
+ USER NAME SPACE" below. */
+
+/* Identify Bison output. */
+#define YYBISON 1
+
+/* Bison version. */
+#define YYBISON_VERSION "2.1"
+
+/* Skeleton name. */
+#define YYSKELETON_NAME "yacc.c"
+
+/* Pure parsers. */
+#define YYPURE 0
+
+/* Using locations. */
+#define YYLSP_NEEDED 0
+
+
+
+/* Tokens. */
+#ifndef YYTOKENTYPE
+# define YYTOKENTYPE
+ /* Put the tokens into the symbol table, so that GDB and other debuggers
+ know about them. */
+ enum yytokentype {
+ NEW_COUNTER = 258,
+ LABEL = 259,
+ HASH = 260,
+ CHAR = 261,
+ NEWLINE = 262,
+ NO_INDENT = 263,
+ RIGHT = 264
+ };
+#endif
+/* Tokens. */
+#define NEW_COUNTER 258
+#define LABEL 259
+#define HASH 260
+#define CHAR 261
+#define NEWLINE 262
+#define NO_INDENT 263
+#define RIGHT 264
+
+
+
+
+/* Copy the first part of user declarations. */
+#line 2 "parse_y.y"
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define MAXLINE 1000
+#define INDENT_STRING " "
+#define PAPER_WIDTH 74
+
+ int indent=0;
+ int line=1;
+ char *last_label=NULL;
+
+ extern int yylex(void);
+ extern char *yytext;
+ extern void yyerror(const char *x);
+ extern char *get_label(const char *label);
+ extern void set_label(const char *label, const char *target);
+ char *new_counter(const char *key);
+
+
+/* Enabling traces. */
+#ifndef YYDEBUG
+# define YYDEBUG 0
+#endif
+
+/* Enabling verbose error messages. */
+#ifdef YYERROR_VERBOSE
+# undef YYERROR_VERBOSE
+# define YYERROR_VERBOSE 1
+#else
+# define YYERROR_VERBOSE 0
+#endif
+
+/* Enabling the token table. */
+#ifndef YYTOKEN_TABLE
+# define YYTOKEN_TABLE 0
+#endif
+
+#if ! defined (YYSTYPE) && ! defined (YYSTYPE_IS_DECLARED)
+#line 27 "parse_y.y"
+typedef union YYSTYPE {
+ int def;
+ char *string;
+} YYSTYPE;
+/* Line 196 of yacc.c. */
+#line 133 "parse_y.c"
+# define yystype YYSTYPE /* obsolescent; will be withdrawn */
+# define YYSTYPE_IS_DECLARED 1
+# define YYSTYPE_IS_TRIVIAL 1
+#endif
+
+
+
+/* Copy the second part of user declarations. */
+
+
+/* Line 219 of yacc.c. */
+#line 145 "parse_y.c"
+
+#if ! defined (YYSIZE_T) && defined (__SIZE_TYPE__)
+# define YYSIZE_T __SIZE_TYPE__
+#endif
+#if ! defined (YYSIZE_T) && defined (size_t)
+# define YYSIZE_T size_t
+#endif
+#if ! defined (YYSIZE_T) && (defined (__STDC__) || defined (__cplusplus))
+# include <stddef.h> /* INFRINGES ON USER NAME SPACE */
+# define YYSIZE_T size_t
+#endif
+#if ! defined (YYSIZE_T)
+# define YYSIZE_T unsigned int
+#endif
+
+#ifndef YY_
+# if YYENABLE_NLS
+# if ENABLE_NLS
+# include <libintl.h> /* INFRINGES ON USER NAME SPACE */
+# define YY_(msgid) dgettext ("bison-runtime", msgid)
+# endif
+# endif
+# ifndef YY_
+# define YY_(msgid) msgid
+# endif
+#endif
+
+#if ! defined (yyoverflow) || YYERROR_VERBOSE
+
+/* The parser invokes alloca or malloc; define the necessary symbols. */
+
+# ifdef YYSTACK_USE_ALLOCA
+# if YYSTACK_USE_ALLOCA
+# ifdef __GNUC__
+# define YYSTACK_ALLOC __builtin_alloca
+# else
+# define YYSTACK_ALLOC alloca
+# if defined (__STDC__) || defined (__cplusplus)
+# include <stdlib.h> /* INFRINGES ON USER NAME SPACE */
+# define YYINCLUDED_STDLIB_H
+# endif
+# endif
+# endif
+# endif
+
+# ifdef YYSTACK_ALLOC
+ /* Pacify GCC's `empty if-body' warning. */
+# define YYSTACK_FREE(Ptr) do { /* empty */; } while (0)
+# ifndef YYSTACK_ALLOC_MAXIMUM
+ /* The OS might guarantee only one guard page at the bottom of the stack,
+ and a page size can be as small as 4096 bytes. So we cannot safely
+ invoke alloca (N) if N exceeds 4096. Use a slightly smaller number
+ to allow for a few compiler-allocated temporary stack slots. */
+# define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2005 */
+# endif
+# else
+# define YYSTACK_ALLOC YYMALLOC
+# define YYSTACK_FREE YYFREE
+# ifndef YYSTACK_ALLOC_MAXIMUM
+# define YYSTACK_ALLOC_MAXIMUM ((YYSIZE_T) -1)
+# endif
+# ifdef __cplusplus
+extern "C" {
+# endif
+# ifndef YYMALLOC
+# define YYMALLOC malloc
+# if (! defined (malloc) && ! defined (YYINCLUDED_STDLIB_H) \
+ && (defined (__STDC__) || defined (__cplusplus)))
+void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */
+# endif
+# endif
+# ifndef YYFREE
+# define YYFREE free
+# if (! defined (free) && ! defined (YYINCLUDED_STDLIB_H) \
+ && (defined (__STDC__) || defined (__cplusplus)))
+void free (void *); /* INFRINGES ON USER NAME SPACE */
+# endif
+# endif
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif /* ! defined (yyoverflow) || YYERROR_VERBOSE */
+
+
+#if (! defined (yyoverflow) \
+ && (! defined (__cplusplus) \
+ || (defined (YYSTYPE_IS_TRIVIAL) && YYSTYPE_IS_TRIVIAL)))
+
+/* A type that is properly aligned for any stack member. */
+union yyalloc
+{
+ short int yyss;
+ YYSTYPE yyvs;
+ };
+
+/* The size of the maximum gap between one aligned stack and the next. */
+# define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1)
+
+/* The size of an array large to enough to hold all stacks, each with
+ N elements. */
+# define YYSTACK_BYTES(N) \
+ ((N) * (sizeof (short int) + sizeof (YYSTYPE)) \
+ + YYSTACK_GAP_MAXIMUM)
+
+/* Copy COUNT objects from FROM to TO. The source and destination do
+ not overlap. */
+# ifndef YYCOPY
+# if defined (__GNUC__) && 1 < __GNUC__
+# define YYCOPY(To, From, Count) \
+ __builtin_memcpy (To, From, (Count) * sizeof (*(From)))
+# else
+# define YYCOPY(To, From, Count) \
+ do \
+ { \
+ YYSIZE_T yyi; \
+ for (yyi = 0; yyi < (Count); yyi++) \
+ (To)[yyi] = (From)[yyi]; \
+ } \
+ while (0)
+# endif
+# endif
+
+/* Relocate STACK from its old location to the new one. The
+ local variables YYSIZE and YYSTACKSIZE give the old and new number of
+ elements in the stack, and YYPTR gives the new location of the
+ stack. Advance YYPTR to a properly aligned location for the next
+ stack. */
+# define YYSTACK_RELOCATE(Stack) \
+ do \
+ { \
+ YYSIZE_T yynewbytes; \
+ YYCOPY (&yyptr->Stack, Stack, yysize); \
+ Stack = &yyptr->Stack; \
+ yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \
+ yyptr += yynewbytes / sizeof (*yyptr); \
+ } \
+ while (0)
+
+#endif
+
+#if defined (__STDC__) || defined (__cplusplus)
+ typedef signed char yysigned_char;
+#else
+ typedef short int yysigned_char;
+#endif
+
+/* YYFINAL -- State number of the termination state. */
+#define YYFINAL 2
+/* YYLAST -- Last index in YYTABLE. */
+#define YYLAST 27
+
+/* YYNTOKENS -- Number of terminals. */
+#define YYNTOKENS 10
+/* YYNNTS -- Number of nonterminals. */
+#define YYNNTS 4
+/* YYNRULES -- Number of rules. */
+#define YYNRULES 15
+/* YYNRULES -- Number of states. */
+#define YYNSTATES 19
+
+/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */
+#define YYUNDEFTOK 2
+#define YYMAXUTOK 264
+
+#define YYTRANSLATE(YYX) \
+ ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK)
+
+/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */
+static const unsigned char yytranslate[] =
+{
+ 0, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 1, 2, 3, 4,
+ 5, 6, 7, 8, 9
+};
+
+#if YYDEBUG
+/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in
+ YYRHS. */
+static const unsigned char yyprhs[] =
+{
+ 0, 0, 3, 4, 7, 11, 17, 25, 33, 34,
+ 37, 39, 42, 44, 46, 48
+};
+
+/* YYRHS -- A `-1'-separated list of the rules' RHS. */
+static const yysigned_char yyrhs[] =
+{
+ 11, 0, -1, -1, 11, 7, -1, 11, 12, 7,
+ -1, 11, 12, 9, 12, 7, -1, 11, 12, 9,
+ 12, 9, 12, 7, -1, 11, 12, 9, 12, 9,
+ 12, 7, -1, -1, 12, 13, -1, 6, -1, 13,
+ 6, -1, 8, -1, 5, -1, 4, -1, 3, -1
+};
+
+/* YYRLINE[YYN] -- source line where rule number YYN was defined. */
+static const unsigned char yyrline[] =
+{
+ 0, 39, 39, 40, 44, 53, 72, 99, 128, 131,
+ 139, 142, 147, 151, 154, 160
+};
+#endif
+
+#if YYDEBUG || YYERROR_VERBOSE || YYTOKEN_TABLE
+/* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM.
+ First, the terminals, then, starting at YYNTOKENS, nonterminals. */
+static const char *const yytname[] =
+{
+ "$end", "error", "$undefined", "NEW_COUNTER", "LABEL", "HASH", "CHAR",
+ "NEWLINE", "NO_INDENT", "RIGHT", "$accept", "doc", "stuff", "text", 0
+};
+#endif
+
+# ifdef YYPRINT
+/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to
+ token YYLEX-NUM. */
+static const unsigned short int yytoknum[] =
+{
+ 0, 256, 257, 258, 259, 260, 261, 262, 263, 264
+};
+# endif
+
+/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */
+static const unsigned char yyr1[] =
+{
+ 0, 10, 11, 11, 11, 11, 11, 11, 12, 12,
+ 13, 13, 13, 13, 13, 13
+};
+
+/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */
+static const unsigned char yyr2[] =
+{
+ 0, 2, 0, 2, 3, 5, 7, 7, 0, 2,
+ 1, 2, 1, 1, 1, 1
+};
+
+/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state
+ STATE-NUM when YYTABLE doesn't specify something else to do. Zero
+ means the default is an error. */
+static const unsigned char yydefact[] =
+{
+ 2, 8, 1, 3, 0, 15, 14, 13, 10, 4,
+ 12, 8, 9, 0, 11, 5, 8, 0, 6
+};
+
+/* YYDEFGOTO[NTERM-NUM]. */
+static const yysigned_char yydefgoto[] =
+{
+ -1, 1, 4, 12
+};
+
+/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing
+ STATE-NUM. */
+#define YYPACT_NINF -3
+static const yysigned_char yypact[] =
+{
+ -3, 0, -3, -3, 5, -3, -3, -3, -3, -3,
+ -3, -3, 17, 12, -3, -3, -3, -2, -3
+};
+
+/* YYPGOTO[NTERM-NUM]. */
+static const yysigned_char yypgoto[] =
+{
+ -3, -3, 11, -3
+};
+
+/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If
+ positive, shift that token. If negative, reduce the rule which
+ number is the opposite. If zero, do what YYDEFACT says.
+ If YYTABLE_NINF, syntax error. */
+#define YYTABLE_NINF -1
+static const unsigned char yytable[] =
+{
+ 2, 5, 6, 7, 8, 18, 10, 3, 5, 6,
+ 7, 8, 9, 10, 11, 5, 6, 7, 8, 15,
+ 10, 16, 13, 14, 0, 0, 0, 17
+};
+
+static const yysigned_char yycheck[] =
+{
+ 0, 3, 4, 5, 6, 7, 8, 7, 3, 4,
+ 5, 6, 7, 8, 9, 3, 4, 5, 6, 7,
+ 8, 9, 11, 6, -1, -1, -1, 16
+};
+
+/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing
+ symbol of state STATE-NUM. */
+static const unsigned char yystos[] =
+{
+ 0, 11, 0, 7, 12, 3, 4, 5, 6, 7,
+ 8, 9, 13, 12, 6, 7, 9, 12, 7
+};
+
+#define yyerrok (yyerrstatus = 0)
+#define yyclearin (yychar = YYEMPTY)
+#define YYEMPTY (-2)
+#define YYEOF 0
+
+#define YYACCEPT goto yyacceptlab
+#define YYABORT goto yyabortlab
+#define YYERROR goto yyerrorlab
+
+
+/* Like YYERROR except do call yyerror. This remains here temporarily
+ to ease the transition to the new meaning of YYERROR, for GCC.
+ Once GCC version 2 has supplanted version 1, this can go. */
+
+#define YYFAIL goto yyerrlab
+
+#define YYRECOVERING() (!!yyerrstatus)
+
+#define YYBACKUP(Token, Value) \
+do \
+ if (yychar == YYEMPTY && yylen == 1) \
+ { \
+ yychar = (Token); \
+ yylval = (Value); \
+ yytoken = YYTRANSLATE (yychar); \
+ YYPOPSTACK; \
+ goto yybackup; \
+ } \
+ else \
+ { \
+ yyerror (YY_("syntax error: cannot back up")); \
+ YYERROR; \
+ } \
+while (0)
+
+
+#define YYTERROR 1
+#define YYERRCODE 256
+
+
+/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N].
+ If N is 0, then set CURRENT to the empty location which ends
+ the previous symbol: RHS[0] (always defined). */
+
+#define YYRHSLOC(Rhs, K) ((Rhs)[K])
+#ifndef YYLLOC_DEFAULT
+# define YYLLOC_DEFAULT(Current, Rhs, N) \
+ do \
+ if (N) \
+ { \
+ (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \
+ (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \
+ (Current).last_line = YYRHSLOC (Rhs, N).last_line; \
+ (Current).last_column = YYRHSLOC (Rhs, N).last_column; \
+ } \
+ else \
+ { \
+ (Current).first_line = (Current).last_line = \
+ YYRHSLOC (Rhs, 0).last_line; \
+ (Current).first_column = (Current).last_column = \
+ YYRHSLOC (Rhs, 0).last_column; \
+ } \
+ while (0)
+#endif
+
+
+/* YY_LOCATION_PRINT -- Print the location on the stream.
+ This macro was not mandated originally: define only if we know
+ we won't break user code: when these are the locations we know. */
+
+#ifndef YY_LOCATION_PRINT
+# if YYLTYPE_IS_TRIVIAL
+# define YY_LOCATION_PRINT(File, Loc) \
+ fprintf (File, "%d.%d-%d.%d", \
+ (Loc).first_line, (Loc).first_column, \
+ (Loc).last_line, (Loc).last_column)
+# else
+# define YY_LOCATION_PRINT(File, Loc) ((void) 0)
+# endif
+#endif
+
+
+/* YYLEX -- calling `yylex' with the right arguments. */
+
+#ifdef YYLEX_PARAM
+# define YYLEX yylex (YYLEX_PARAM)
+#else
+# define YYLEX yylex ()
+#endif
+
+/* Enable debugging if requested. */
+#if YYDEBUG
+
+# ifndef YYFPRINTF
+# include <stdio.h> /* INFRINGES ON USER NAME SPACE */
+# define YYFPRINTF fprintf
+# endif
+
+# define YYDPRINTF(Args) \
+do { \
+ if (yydebug) \
+ YYFPRINTF Args; \
+} while (0)
+
+# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \
+do { \
+ if (yydebug) \
+ { \
+ YYFPRINTF (stderr, "%s ", Title); \
+ yysymprint (stderr, \
+ Type, Value); \
+ YYFPRINTF (stderr, "\n"); \
+ } \
+} while (0)
+
+/*------------------------------------------------------------------.
+| yy_stack_print -- Print the state stack from its BOTTOM up to its |
+| TOP (included). |
+`------------------------------------------------------------------*/
+
+#if defined (__STDC__) || defined (__cplusplus)
+static void
+yy_stack_print (short int *bottom, short int *top)
+#else
+static void
+yy_stack_print (bottom, top)
+ short int *bottom;
+ short int *top;
+#endif
+{
+ YYFPRINTF (stderr, "Stack now");
+ for (/* Nothing. */; bottom <= top; ++bottom)
+ YYFPRINTF (stderr, " %d", *bottom);
+ YYFPRINTF (stderr, "\n");
+}
+
+# define YY_STACK_PRINT(Bottom, Top) \
+do { \
+ if (yydebug) \
+ yy_stack_print ((Bottom), (Top)); \
+} while (0)
+
+
+/*------------------------------------------------.
+| Report that the YYRULE is going to be reduced. |
+`------------------------------------------------*/
+
+#if defined (__STDC__) || defined (__cplusplus)
+static void
+yy_reduce_print (int yyrule)
+#else
+static void
+yy_reduce_print (yyrule)
+ int yyrule;
+#endif
+{
+ int yyi;
+ unsigned long int yylno = yyrline[yyrule];
+ YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu), ",
+ yyrule - 1, yylno);
+ /* Print the symbols being reduced, and their result. */
+ for (yyi = yyprhs[yyrule]; 0 <= yyrhs[yyi]; yyi++)
+ YYFPRINTF (stderr, "%s ", yytname[yyrhs[yyi]]);
+ YYFPRINTF (stderr, "-> %s\n", yytname[yyr1[yyrule]]);
+}
+
+# define YY_REDUCE_PRINT(Rule) \
+do { \
+ if (yydebug) \
+ yy_reduce_print (Rule); \
+} while (0)
+
+/* Nonzero means print parse trace. It is left uninitialized so that
+ multiple parsers can coexist. */
+int yydebug;
+#else /* !YYDEBUG */
+# define YYDPRINTF(Args)
+# define YY_SYMBOL_PRINT(Title, Type, Value, Location)
+# define YY_STACK_PRINT(Bottom, Top)
+# define YY_REDUCE_PRINT(Rule)
+#endif /* !YYDEBUG */
+
+
+/* YYINITDEPTH -- initial size of the parser's stacks. */
+#ifndef YYINITDEPTH
+# define YYINITDEPTH 200
+#endif
+
+/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only
+ if the built-in stack extension method is used).
+
+ Do not make this value too large; the results are undefined if
+ YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH)
+ evaluated with infinite-precision integer arithmetic. */
+
+#ifndef YYMAXDEPTH
+# define YYMAXDEPTH 10000
+#endif
+
+
+
+#if YYERROR_VERBOSE
+
+# ifndef yystrlen
+# if defined (__GLIBC__) && defined (_STRING_H)
+# define yystrlen strlen
+# else
+/* Return the length of YYSTR. */
+static YYSIZE_T
+# if defined (__STDC__) || defined (__cplusplus)
+yystrlen (const char *yystr)
+# else
+yystrlen (yystr)
+ const char *yystr;
+# endif
+{
+ const char *yys = yystr;
+
+ while (*yys++ != '\0')
+ continue;
+
+ return yys - yystr - 1;
+}
+# endif
+# endif
+
+# ifndef yystpcpy
+# if defined (__GLIBC__) && defined (_STRING_H) && defined (_GNU_SOURCE)
+# define yystpcpy stpcpy
+# else
+/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in
+ YYDEST. */
+static char *
+# if defined (__STDC__) || defined (__cplusplus)
+yystpcpy (char *yydest, const char *yysrc)
+# else
+yystpcpy (yydest, yysrc)
+ char *yydest;
+ const char *yysrc;
+# endif
+{
+ char *yyd = yydest;
+ const char *yys = yysrc;
+
+ while ((*yyd++ = *yys++) != '\0')
+ continue;
+
+ return yyd - 1;
+}
+# endif
+# endif
+
+# ifndef yytnamerr
+/* Copy to YYRES the contents of YYSTR after stripping away unnecessary
+ quotes and backslashes, so that it's suitable for yyerror. The
+ heuristic is that double-quoting is unnecessary unless the string
+ contains an apostrophe, a comma, or backslash (other than
+ backslash-backslash). YYSTR is taken from yytname. If YYRES is
+ null, do not copy; instead, return the length of what the result
+ would have been. */
+static YYSIZE_T
+yytnamerr (char *yyres, const char *yystr)
+{
+ if (*yystr == '"')
+ {
+ size_t yyn = 0;
+ char const *yyp = yystr;
+
+ for (;;)
+ switch (*++yyp)
+ {
+ case '\'':
+ case ',':
+ goto do_not_strip_quotes;
+
+ case '\\':
+ if (*++yyp != '\\')
+ goto do_not_strip_quotes;
+ /* Fall through. */
+ default:
+ if (yyres)
+ yyres[yyn] = *yyp;
+ yyn++;
+ break;
+
+ case '"':
+ if (yyres)
+ yyres[yyn] = '\0';
+ return yyn;
+ }
+ do_not_strip_quotes: ;
+ }
+
+ if (! yyres)
+ return yystrlen (yystr);
+
+ return yystpcpy (yyres, yystr) - yyres;
+}
+# endif
+
+#endif /* YYERROR_VERBOSE */
+
+
+
+#if YYDEBUG
+/*--------------------------------.
+| Print this symbol on YYOUTPUT. |
+`--------------------------------*/
+
+#if defined (__STDC__) || defined (__cplusplus)
+static void
+yysymprint (FILE *yyoutput, int yytype, YYSTYPE *yyvaluep)
+#else
+static void
+yysymprint (yyoutput, yytype, yyvaluep)
+ FILE *yyoutput;
+ int yytype;
+ YYSTYPE *yyvaluep;
+#endif
+{
+ /* Pacify ``unused variable'' warnings. */
+ (void) yyvaluep;
+
+ if (yytype < YYNTOKENS)
+ YYFPRINTF (yyoutput, "token %s (", yytname[yytype]);
+ else
+ YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]);
+
+
+# ifdef YYPRINT
+ if (yytype < YYNTOKENS)
+ YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep);
+# endif
+ switch (yytype)
+ {
+ default:
+ break;
+ }
+ YYFPRINTF (yyoutput, ")");
+}
+
+#endif /* ! YYDEBUG */
+/*-----------------------------------------------.
+| Release the memory associated to this symbol. |
+`-----------------------------------------------*/
+
+#if defined (__STDC__) || defined (__cplusplus)
+static void
+yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep)
+#else
+static void
+yydestruct (yymsg, yytype, yyvaluep)
+ const char *yymsg;
+ int yytype;
+ YYSTYPE *yyvaluep;
+#endif
+{
+ /* Pacify ``unused variable'' warnings. */
+ (void) yyvaluep;
+
+ if (!yymsg)
+ yymsg = "Deleting";
+ YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp);
+
+ switch (yytype)
+ {
+
+ default:
+ break;
+ }
+}
+
+
+/* Prevent warnings from -Wmissing-prototypes. */
+
+#ifdef YYPARSE_PARAM
+# if defined (__STDC__) || defined (__cplusplus)
+int yyparse (void *YYPARSE_PARAM);
+# else
+int yyparse ();
+# endif
+#else /* ! YYPARSE_PARAM */
+#if defined (__STDC__) || defined (__cplusplus)
+int yyparse (void);
+#else
+int yyparse ();
+#endif
+#endif /* ! YYPARSE_PARAM */
+
+
+
+/* The look-ahead symbol. */
+int yychar;
+
+/* The semantic value of the look-ahead symbol. */
+YYSTYPE yylval;
+
+/* Number of syntax errors so far. */
+int yynerrs;
+
+
+
+/*----------.
+| yyparse. |
+`----------*/
+
+#ifdef YYPARSE_PARAM
+# if defined (__STDC__) || defined (__cplusplus)
+int yyparse (void *YYPARSE_PARAM)
+# else
+int yyparse (YYPARSE_PARAM)
+ void *YYPARSE_PARAM;
+# endif
+#else /* ! YYPARSE_PARAM */
+#if defined (__STDC__) || defined (__cplusplus)
+int
+yyparse (void)
+#else
+int
+yyparse ()
+ ;
+#endif
+#endif
+{
+
+ int yystate;
+ int yyn;
+ int yyresult;
+ /* Number of tokens to shift before error messages enabled. */
+ int yyerrstatus;
+ /* Look-ahead token as an internal (translated) token number. */
+ int yytoken = 0;
+
+ /* Three stacks and their tools:
+ `yyss': related to states,
+ `yyvs': related to semantic values,
+ `yyls': related to locations.
+
+ Refer to the stacks thru separate pointers, to allow yyoverflow
+ to reallocate them elsewhere. */
+
+ /* The state stack. */
+ short int yyssa[YYINITDEPTH];
+ short int *yyss = yyssa;
+ short int *yyssp;
+
+ /* The semantic value stack. */
+ YYSTYPE yyvsa[YYINITDEPTH];
+ YYSTYPE *yyvs = yyvsa;
+ YYSTYPE *yyvsp;
+
+
+
+#define YYPOPSTACK (yyvsp--, yyssp--)
+
+ YYSIZE_T yystacksize = YYINITDEPTH;
+
+ /* The variables used to return semantic value and location from the
+ action routines. */
+ YYSTYPE yyval;
+
+
+ /* When reducing, the number of symbols on the RHS of the reduced
+ rule. */
+ int yylen;
+
+ YYDPRINTF ((stderr, "Starting parse\n"));
+
+ yystate = 0;
+ yyerrstatus = 0;
+ yynerrs = 0;
+ yychar = YYEMPTY; /* Cause a token to be read. */
+
+ /* Initialize stack pointers.
+ Waste one element of value and location stack
+ so that they stay on the same level as the state stack.
+ The wasted elements are never initialized. */
+
+ yyssp = yyss;
+ yyvsp = yyvs;
+
+ goto yysetstate;
+
+/*------------------------------------------------------------.
+| yynewstate -- Push a new state, which is found in yystate. |
+`------------------------------------------------------------*/
+ yynewstate:
+ /* In all cases, when you get here, the value and location stacks
+ have just been pushed. so pushing a state here evens the stacks.
+ */
+ yyssp++;
+
+ yysetstate:
+ *yyssp = yystate;
+
+ if (yyss + yystacksize - 1 <= yyssp)
+ {
+ /* Get the current used size of the three stacks, in elements. */
+ YYSIZE_T yysize = yyssp - yyss + 1;
+
+#ifdef yyoverflow
+ {
+ /* Give user a chance to reallocate the stack. Use copies of
+ these so that the &'s don't force the real ones into
+ memory. */
+ YYSTYPE *yyvs1 = yyvs;
+ short int *yyss1 = yyss;
+
+
+ /* Each stack pointer address is followed by the size of the
+ data in use in that stack, in bytes. This used to be a
+ conditional around just the two extra args, but that might
+ be undefined if yyoverflow is a macro. */
+ yyoverflow (YY_("memory exhausted"),
+ &yyss1, yysize * sizeof (*yyssp),
+ &yyvs1, yysize * sizeof (*yyvsp),
+
+ &yystacksize);
+
+ yyss = yyss1;
+ yyvs = yyvs1;
+ }
+#else /* no yyoverflow */
+# ifndef YYSTACK_RELOCATE
+ goto yyexhaustedlab;
+# else
+ /* Extend the stack our own way. */
+ if (YYMAXDEPTH <= yystacksize)
+ goto yyexhaustedlab;
+ yystacksize *= 2;
+ if (YYMAXDEPTH < yystacksize)
+ yystacksize = YYMAXDEPTH;
+
+ {
+ short int *yyss1 = yyss;
+ union yyalloc *yyptr =
+ (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize));
+ if (! yyptr)
+ goto yyexhaustedlab;
+ YYSTACK_RELOCATE (yyss);
+ YYSTACK_RELOCATE (yyvs);
+
+# undef YYSTACK_RELOCATE
+ if (yyss1 != yyssa)
+ YYSTACK_FREE (yyss1);
+ }
+# endif
+#endif /* no yyoverflow */
+
+ yyssp = yyss + yysize - 1;
+ yyvsp = yyvs + yysize - 1;
+
+
+ YYDPRINTF ((stderr, "Stack size increased to %lu\n",
+ (unsigned long int) yystacksize));
+
+ if (yyss + yystacksize - 1 <= yyssp)
+ YYABORT;
+ }
+
+ YYDPRINTF ((stderr, "Entering state %d\n", yystate));
+
+ goto yybackup;
+
+/*-----------.
+| yybackup. |
+`-----------*/
+yybackup:
+
+/* Do appropriate processing given the current state. */
+/* Read a look-ahead token if we need one and don't already have one. */
+/* yyresume: */
+
+ /* First try to decide what to do without reference to look-ahead token. */
+
+ yyn = yypact[yystate];
+ if (yyn == YYPACT_NINF)
+ goto yydefault;
+
+ /* Not known => get a look-ahead token if don't already have one. */
+
+ /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */
+ if (yychar == YYEMPTY)
+ {
+ YYDPRINTF ((stderr, "Reading a token: "));
+ yychar = YYLEX;
+ }
+
+ if (yychar <= YYEOF)
+ {
+ yychar = yytoken = YYEOF;
+ YYDPRINTF ((stderr, "Now at end of input.\n"));
+ }
+ else
+ {
+ yytoken = YYTRANSLATE (yychar);
+ YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc);
+ }
+
+ /* If the proper action on seeing token YYTOKEN is to reduce or to
+ detect an error, take that action. */
+ yyn += yytoken;
+ if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken)
+ goto yydefault;
+ yyn = yytable[yyn];
+ if (yyn <= 0)
+ {
+ if (yyn == 0 || yyn == YYTABLE_NINF)
+ goto yyerrlab;
+ yyn = -yyn;
+ goto yyreduce;
+ }
+
+ if (yyn == YYFINAL)
+ YYACCEPT;
+
+ /* Shift the look-ahead token. */
+ YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc);
+
+ /* Discard the token being shifted unless it is eof. */
+ if (yychar != YYEOF)
+ yychar = YYEMPTY;
+
+ *++yyvsp = yylval;
+
+
+ /* Count tokens shifted since error; after three, turn off error
+ status. */
+ if (yyerrstatus)
+ yyerrstatus--;
+
+ yystate = yyn;
+ goto yynewstate;
+
+
+/*-----------------------------------------------------------.
+| yydefault -- do the default action for the current state. |
+`-----------------------------------------------------------*/
+yydefault:
+ yyn = yydefact[yystate];
+ if (yyn == 0)
+ goto yyerrlab;
+ goto yyreduce;
+
+
+/*-----------------------------.
+| yyreduce -- Do a reduction. |
+`-----------------------------*/
+yyreduce:
+ /* yyn is the number of a rule to reduce with. */
+ yylen = yyr2[yyn];
+
+ /* If YYLEN is nonzero, implement the default value of the action:
+ `$$ = $1'.
+
+ Otherwise, the following line sets YYVAL to garbage.
+ This behavior is undocumented and Bison
+ users should not rely upon it. Assigning to YYVAL
+ unconditionally makes the parser a bit smaller, and it avoids a
+ GCC warning that YYVAL may be used uninitialized. */
+ yyval = yyvsp[1-yylen];
+
+
+ YY_REDUCE_PRINT (yyn);
+ switch (yyn)
+ {
+ case 3:
+#line 40 "parse_y.y"
+ {
+ printf("\n");
+ ++line;
+}
+ break;
+
+ case 4:
+#line 44 "parse_y.y"
+ {
+ if (strlen((yyvsp[-1].string)) > (PAPER_WIDTH-(indent ? strlen(INDENT_STRING):0))) {
+ yyerror("line too long");
+ }
+ printf("%s%s\n", indent ? INDENT_STRING:"", (yyvsp[-1].string));
+ free((yyvsp[-1].string));
+ indent = 1;
+ ++line;
+}
+ break;
+
+ case 5:
+#line 53 "parse_y.y"
+ {
+ char fixed[PAPER_WIDTH+1];
+ int len;
+
+ len = PAPER_WIDTH-(strlen((yyvsp[-3].string))+strlen((yyvsp[-1].string)));
+
+ if (len >= 0) {
+ memset(fixed, ' ', len);
+ fixed[len] = '\0';
+ } else {
+ yyerror("line too wide");
+ fixed[0] = '\0';
+ }
+ printf("%s%s%s\n", (yyvsp[-3].string), fixed, (yyvsp[-1].string));
+ free((yyvsp[-3].string));
+ free((yyvsp[-1].string));
+ indent = 1;
+ ++line;
+}
+ break;
+
+ case 6:
+#line 72 "parse_y.y"
+ {
+ char fixed[PAPER_WIDTH+1];
+ int len, l;
+
+ len = PAPER_WIDTH-(strlen((yyvsp[-5].string))+strlen((yyvsp[-3].string)));
+
+ if (len < 0) {
+ len = 0;
+ yyerror("line too wide");
+ }
+
+ l = len/2;
+ memset(fixed, ' ', l);
+ fixed[l] = '\0';
+ printf("%s%s%s", (yyvsp[-5].string), fixed, (yyvsp[-3].string));
+ free((yyvsp[-5].string));
+ free((yyvsp[-3].string));
+
+ l = (len+1)/2;
+ memset(fixed, ' ', l);
+ fixed[l] = '\0';
+ printf("%s%s\n", fixed, (yyvsp[-1].string));
+ free((yyvsp[-1].string));
+
+ indent = 1;
+ ++line;
+}
+ break;
+
+ case 7:
+#line 99 "parse_y.y"
+ {
+ char fixed[PAPER_WIDTH+1];
+ int len, l;
+
+ len = PAPER_WIDTH-(strlen((yyvsp[-5].string))+strlen((yyvsp[-3].string)));
+
+ if (len < 0) {
+ len = 0;
+ yyerror("line too wide");
+ }
+
+ l = len/2;
+ memset(fixed, ' ', l);
+ fixed[l] = '\0';
+ printf("%s%s%s", (yyvsp[-5].string), fixed, (yyvsp[-3].string));
+ free((yyvsp[-5].string));
+ free((yyvsp[-3].string));
+
+ l = (len+1)/2;
+ memset(fixed, ' ', l);
+ fixed[l] = '\0';
+ printf("%s%s\n", fixed, (yyvsp[-1].string));
+ free((yyvsp[-1].string));
+
+ indent = 1;
+ ++line;
+}
+ break;
+
+ case 8:
+#line 128 "parse_y.y"
+ {
+ (yyval.string) = strdup("");
+}
+ break;
+
+ case 9:
+#line 131 "parse_y.y"
+ {
+ (yyval.string) = malloc(strlen((yyvsp[-1].string))+strlen((yyvsp[0].string))+1);
+ sprintf((yyval.string),"%s%s", (yyvsp[-1].string), (yyvsp[0].string));
+ free((yyvsp[-1].string));
+ free((yyvsp[0].string));
+}
+ break;
+
+ case 10:
+#line 139 "parse_y.y"
+ {
+ (yyval.string) = strdup(yytext);
+}
+ break;
+
+ case 11:
+#line 142 "parse_y.y"
+ {
+ (yyval.string) = malloc(strlen((yyvsp[-1].string))+2);
+ sprintf((yyval.string),"%s%s", (yyvsp[-1].string), yytext);
+ free((yyvsp[-1].string));
+}
+ break;
+
+ case 12:
+#line 147 "parse_y.y"
+ {
+ (yyval.string) = strdup("");
+ indent = 0;
+}
+ break;
+
+ case 13:
+#line 151 "parse_y.y"
+ {
+ (yyval.string) = strdup("#");
+}
+ break;
+
+ case 14:
+#line 154 "parse_y.y"
+ {
+ if (((yyval.string) = get_label(yytext)) == NULL) {
+ set_label(yytext, last_label);
+ (yyval.string) = strdup("");
+ }
+}
+ break;
+
+ case 15:
+#line 160 "parse_y.y"
+ {
+ (yyval.string) = new_counter(yytext);
+}
+ break;
+
+
+ default: break;
+ }
+
+/* Line 1126 of yacc.c. */
+#line 1305 "parse_y.c"
+
+ yyvsp -= yylen;
+ yyssp -= yylen;
+
+
+ YY_STACK_PRINT (yyss, yyssp);
+
+ *++yyvsp = yyval;
+
+
+ /* Now `shift' the result of the reduction. Determine what state
+ that goes to, based on the state we popped back to and the rule
+ number reduced by. */
+
+ yyn = yyr1[yyn];
+
+ yystate = yypgoto[yyn - YYNTOKENS] + *yyssp;
+ if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp)
+ yystate = yytable[yystate];
+ else
+ yystate = yydefgoto[yyn - YYNTOKENS];
+
+ goto yynewstate;
+
+
+/*------------------------------------.
+| yyerrlab -- here on detecting error |
+`------------------------------------*/
+yyerrlab:
+ /* If not already recovering from an error, report this error. */
+ if (!yyerrstatus)
+ {
+ ++yynerrs;
+#if YYERROR_VERBOSE
+ yyn = yypact[yystate];
+
+ if (YYPACT_NINF < yyn && yyn < YYLAST)
+ {
+ int yytype = YYTRANSLATE (yychar);
+ YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]);
+ YYSIZE_T yysize = yysize0;
+ YYSIZE_T yysize1;
+ int yysize_overflow = 0;
+ char *yymsg = 0;
+# define YYERROR_VERBOSE_ARGS_MAXIMUM 5
+ char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
+ int yyx;
+
+#if 0
+ /* This is so xgettext sees the translatable formats that are
+ constructed on the fly. */
+ YY_("syntax error, unexpected %s");
+ YY_("syntax error, unexpected %s, expecting %s");
+ YY_("syntax error, unexpected %s, expecting %s or %s");
+ YY_("syntax error, unexpected %s, expecting %s or %s or %s");
+ YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s");
+#endif
+ char *yyfmt;
+ char const *yyf;
+ static char const yyunexpected[] = "syntax error, unexpected %s";
+ static char const yyexpecting[] = ", expecting %s";
+ static char const yyor[] = " or %s";
+ char yyformat[sizeof yyunexpected
+ + sizeof yyexpecting - 1
+ + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2)
+ * (sizeof yyor - 1))];
+ char const *yyprefix = yyexpecting;
+
+ /* Start YYX at -YYN if negative to avoid negative indexes in
+ YYCHECK. */
+ int yyxbegin = yyn < 0 ? -yyn : 0;
+
+ /* Stay within bounds of both yycheck and yytname. */
+ int yychecklim = YYLAST - yyn;
+ int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS;
+ int yycount = 1;
+
+ yyarg[0] = yytname[yytype];
+ yyfmt = yystpcpy (yyformat, yyunexpected);
+
+ for (yyx = yyxbegin; yyx < yyxend; ++yyx)
+ if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR)
+ {
+ if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM)
+ {
+ yycount = 1;
+ yysize = yysize0;
+ yyformat[sizeof yyunexpected - 1] = '\0';
+ break;
+ }
+ yyarg[yycount++] = yytname[yyx];
+ yysize1 = yysize + yytnamerr (0, yytname[yyx]);
+ yysize_overflow |= yysize1 < yysize;
+ yysize = yysize1;
+ yyfmt = yystpcpy (yyfmt, yyprefix);
+ yyprefix = yyor;
+ }
+
+ yyf = YY_(yyformat);
+ yysize1 = yysize + yystrlen (yyf);
+ yysize_overflow |= yysize1 < yysize;
+ yysize = yysize1;
+
+ if (!yysize_overflow && yysize <= YYSTACK_ALLOC_MAXIMUM)
+ yymsg = (char *) YYSTACK_ALLOC (yysize);
+ if (yymsg)
+ {
+ /* Avoid sprintf, as that infringes on the user's name space.
+ Don't have undefined behavior even if the translation
+ produced a string with the wrong number of "%s"s. */
+ char *yyp = yymsg;
+ int yyi = 0;
+ while ((*yyp = *yyf))
+ {
+ if (*yyp == '%' && yyf[1] == 's' && yyi < yycount)
+ {
+ yyp += yytnamerr (yyp, yyarg[yyi++]);
+ yyf += 2;
+ }
+ else
+ {
+ yyp++;
+ yyf++;
+ }
+ }
+ yyerror (yymsg);
+ YYSTACK_FREE (yymsg);
+ }
+ else
+ {
+ yyerror (YY_("syntax error"));
+ goto yyexhaustedlab;
+ }
+ }
+ else
+#endif /* YYERROR_VERBOSE */
+ yyerror (YY_("syntax error"));
+ }
+
+
+
+ if (yyerrstatus == 3)
+ {
+ /* If just tried and failed to reuse look-ahead token after an
+ error, discard it. */
+
+ if (yychar <= YYEOF)
+ {
+ /* Return failure if at end of input. */
+ if (yychar == YYEOF)
+ YYABORT;
+ }
+ else
+ {
+ yydestruct ("Error: discarding", yytoken, &yylval);
+ yychar = YYEMPTY;
+ }
+ }
+
+ /* Else will try to reuse look-ahead token after shifting the error
+ token. */
+ goto yyerrlab1;
+
+
+/*---------------------------------------------------.
+| yyerrorlab -- error raised explicitly by YYERROR. |
+`---------------------------------------------------*/
+yyerrorlab:
+
+ /* Pacify compilers like GCC when the user code never invokes
+ YYERROR and the label yyerrorlab therefore never appears in user
+ code. */
+ if (0)
+ goto yyerrorlab;
+
+yyvsp -= yylen;
+ yyssp -= yylen;
+ yystate = *yyssp;
+ goto yyerrlab1;
+
+
+/*-------------------------------------------------------------.
+| yyerrlab1 -- common code for both syntax error and YYERROR. |
+`-------------------------------------------------------------*/
+yyerrlab1:
+ yyerrstatus = 3; /* Each real token shifted decrements this. */
+
+ for (;;)
+ {
+ yyn = yypact[yystate];
+ if (yyn != YYPACT_NINF)
+ {
+ yyn += YYTERROR;
+ if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR)
+ {
+ yyn = yytable[yyn];
+ if (0 < yyn)
+ break;
+ }
+ }
+
+ /* Pop the current state because it cannot handle the error token. */
+ if (yyssp == yyss)
+ YYABORT;
+
+
+ yydestruct ("Error: popping", yystos[yystate], yyvsp);
+ YYPOPSTACK;
+ yystate = *yyssp;
+ YY_STACK_PRINT (yyss, yyssp);
+ }
+
+ if (yyn == YYFINAL)
+ YYACCEPT;
+
+ *++yyvsp = yylval;
+
+
+ /* Shift the error token. */
+ YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp);
+
+ yystate = yyn;
+ goto yynewstate;
+
+
+/*-------------------------------------.
+| yyacceptlab -- YYACCEPT comes here. |
+`-------------------------------------*/
+yyacceptlab:
+ yyresult = 0;
+ goto yyreturn;
+
+/*-----------------------------------.
+| yyabortlab -- YYABORT comes here. |
+`-----------------------------------*/
+yyabortlab:
+ yyresult = 1;
+ goto yyreturn;
+
+#ifndef yyoverflow
+/*-------------------------------------------------.
+| yyexhaustedlab -- memory exhaustion comes here. |
+`-------------------------------------------------*/
+yyexhaustedlab:
+ yyerror (YY_("memory exhausted"));
+ yyresult = 2;
+ /* Fall through. */
+#endif
+
+yyreturn:
+ if (yychar != YYEOF && yychar != YYEMPTY)
+ yydestruct ("Cleanup: discarding lookahead",
+ yytoken, &yylval);
+ while (yyssp != yyss)
+ {
+ yydestruct ("Cleanup: popping",
+ yystos[*yyssp], yyvsp);
+ YYPOPSTACK;
+ }
+#ifndef yyoverflow
+ if (yyss != yyssa)
+ YYSTACK_FREE (yyss);
+#endif
+ return yyresult;
+}
+
+
+#line 165 "parse_y.y"
+
+
+typedef struct node_s {
+ struct node_s *left, *right;
+ const char *key;
+ char *value;
+} *node_t;
+
+node_t label_root = NULL;
+node_t counter_root = NULL;
+
+static const char *find_key(node_t root, const char *key)
+{
+ while (root) {
+ int cmp = strcmp(key, root->key);
+
+ if (cmp > 0) {
+ root = root->right;
+ } else if (cmp) {
+ root = root->left;
+ } else {
+ return root->value;
+ }
+ }
+ return NULL;
+}
+
+static node_t set_key(node_t root, const char *key, const char *value)
+{
+ if (root) {
+ int cmp = strcmp(key, root->key);
+ if (cmp > 0) {
+ root->right = set_key(root->right, key, value);
+ } else if (cmp) {
+ root->left = set_key(root->left, key, value);
+ } else {
+ free(root->value);
+ root->value = strdup(value);
+ }
+ } else {
+ root = malloc(sizeof(struct node_s));
+ root->right = root->left = NULL;
+ root->key = strdup(key);
+ root->value = strdup(value);
+ }
+ return root;
+}
+
+void yyerror(const char *x)
+{
+ fprintf(stderr, "line %d: %s\n", line, x);
+}
+
+char *get_label(const char *label)
+{
+ const char *found = find_key(label_root, label);
+
+ if (found) {
+ return strdup(found);
+ }
+ return NULL;
+}
+
+void set_label(const char *label, const char *target)
+{
+ if (target == NULL) {
+ yyerror("no hanging value for label");
+ target = "<??>";
+ }
+ label_root = set_key(label_root, label, target);
+}
+
+char *new_counter(const char *key)
+{
+ int i=0, j, ndollars = 0;
+ const char *old;
+ char *new;
+
+ if (key[i++] != '#') {
+ yyerror("bad index");
+ return strdup("<???>");
+ }
+
+ while (key[i] == '$') {
+ ++ndollars;
+ ++i;
+ }
+
+ key += i;
+ old = find_key(counter_root, key);
+ new = malloc(20*ndollars);
+
+ if (old) {
+ for (j=0; ndollars > 1 && old[j]; ) {
+ if (old[j++] == '.' && --ndollars <= 0) {
+ break;
+ }
+ }
+ if (j) {
+ strncpy(new, old, j);
+ }
+ if (old[j]) {
+ i = atoi(old+j);
+ } else {
+ new[j++] = '.';
+ i = 0;
+ }
+ } else {
+ j=0;
+ while (--ndollars > 0) {
+ new[j++] = '0';
+ new[j++] = '.';
+ }
+ i = 0;
+ }
+ new[j] = '\0';
+ sprintf(new+j, "%d", ++i);
+
+ counter_root = set_key(counter_root, key, new);
+
+ if (last_label) {
+ free(last_label);
+ }
+ last_label = strdup(new);
+
+ return new;
+}
+
+int
+main(void)
+{
+ return yyparse();
+}
+
diff --git a/Linux-PAM/doc/specs/parse_y.h b/Linux-PAM/doc/specs/parse_y.h
new file mode 100644
index 00000000..e96d7c76
--- /dev/null
+++ b/Linux-PAM/doc/specs/parse_y.h
@@ -0,0 +1,69 @@
+/* A Bison parser, made by GNU Bison 2.1. */
+
+/* Skeleton parser for Yacc-like parsing with Bison,
+ Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA. */
+
+/* As a special exception, when this file is copied by Bison into a
+ Bison output file, you may use that output file without restriction.
+ This special exception was added by the Free Software Foundation
+ in version 1.24 of Bison. */
+
+/* Tokens. */
+#ifndef YYTOKENTYPE
+# define YYTOKENTYPE
+ /* Put the tokens into the symbol table, so that GDB and other debuggers
+ know about them. */
+ enum yytokentype {
+ NEW_COUNTER = 258,
+ LABEL = 259,
+ HASH = 260,
+ CHAR = 261,
+ NEWLINE = 262,
+ NO_INDENT = 263,
+ RIGHT = 264
+ };
+#endif
+/* Tokens. */
+#define NEW_COUNTER 258
+#define LABEL 259
+#define HASH 260
+#define CHAR 261
+#define NEWLINE 262
+#define NO_INDENT 263
+#define RIGHT 264
+
+
+
+
+#if ! defined (YYSTYPE) && ! defined (YYSTYPE_IS_DECLARED)
+#line 27 "parse_y.y"
+typedef union YYSTYPE {
+ int def;
+ char *string;
+} YYSTYPE;
+/* Line 1447 of yacc.c. */
+#line 61 "parse_y.h"
+# define yystype YYSTYPE /* obsolescent; will be withdrawn */
+# define YYSTYPE_IS_DECLARED 1
+# define YYSTYPE_IS_TRIVIAL 1
+#endif
+
+extern YYSTYPE yylval;
+
+
+
diff --git a/Linux-PAM/doc/specs/formatter/parse.y b/Linux-PAM/doc/specs/parse_y.y
index 6da47d17..9ea51654 100644
--- a/Linux-PAM/doc/specs/formatter/parse.y
+++ b/Linux-PAM/doc/specs/parse_y.y
@@ -1,5 +1,9 @@
%{
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -12,13 +16,12 @@
int line=1;
char *last_label=NULL;
+ extern int yylex(void);
+ extern char *yytext;
extern void yyerror(const char *x);
extern char *get_label(const char *label);
extern void set_label(const char *label, const char *target);
char *new_counter(const char *key);
-
-#include "lex.yy.c"
-
%}
%union {
@@ -170,7 +173,7 @@ typedef struct node_s {
node_t label_root = NULL;
node_t counter_root = NULL;
-const char *find_key(node_t root, const char *key)
+static const char *find_key(node_t root, const char *key)
{
while (root) {
int cmp = strcmp(key, root->key);
@@ -186,7 +189,7 @@ const char *find_key(node_t root, const char *key)
return NULL;
}
-node_t set_key(node_t root, const char *key, const char *value)
+static node_t set_key(node_t root, const char *key, const char *value)
{
if (root) {
int cmp = strcmp(key, root->key);
@@ -287,7 +290,8 @@ char *new_counter(const char *key)
return new;
}
-main()
+int
+main(void)
{
- yyparse();
+ return yyparse();
}
diff --git a/Linux-PAM/doc/txts/README b/Linux-PAM/doc/txts/README
deleted file mode 100644
index f63820cf..00000000
--- a/Linux-PAM/doc/txts/README
+++ /dev/null
@@ -1,3 +0,0 @@
-$Id: README,v 1.1.1.1 2000/06/20 22:11:12 agmorgan Exp $
-
-This is a directory for text versions of the pam documentation
diff --git a/Linux-PAM/dynamic/Makefile b/Linux-PAM/dynamic/Makefile
deleted file mode 100644
index e1e4f89e..00000000
--- a/Linux-PAM/dynamic/Makefile
+++ /dev/null
@@ -1,70 +0,0 @@
-#
-# $Id: Makefile,v 1.1 2001/12/09 22:51:12 agmorgan Exp $
-#
-#
-
-include ../Make.Rules
-
-ifeq ($(WITH_LIBDEBUG),yes)
- LIBNAME=pamd
-else
- LIBNAME=pam
-endif
-VERSION=.$(MAJOR_REL)
-MODIFICATION=.$(MINOR_REL)
-
-# ---------------------------------------------
-
-dummy: ../Make.Rules all
-
-# ---------------------------------------------
-
-# dynamic library names
-
-PAMSHOBJ = pam.so
-PAMSHOBJMAJ = $(PAMSHOBJ)$(VERSION)
-
-DLIBOBJECTS = pam.o
-
-# ---------------------------------------------
-## rules
-
-all: dirs $(PAMSHOBJ) ../Make.Rules
-
-dirs:
-ifeq ($(DYNAMIC_LIBPAM),yes)
- $(MKDIR) dynamic
-endif
-ifeq ($(STATIC_LIBPAM),yes)
- $(MKDIR) static
-endif
-
-dynamic/%.o : %.c
- $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-static/%.o : %.c
- $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-$(PAMSHOBJ): $(DLIBOBJECTS)
-ifeq ($(USESONAME),yes)
- $(LD_L) $(SOSWITCH) $(PAMSHOBJMAJ) -o $@ $+ $(LINKLIBS)
-else
- $(LD_L) -o $@ $(DLIBOBJECTS) $(LINKLIBS)
-endif
-
-install: all
- $(MKDIR) $(FAKEROOT)$(libdir)
-ifeq ($(DYNAMIC_LIBPAM),yes)
- $(INSTALL) -m $(SHLIBMODE) $(PAMSHOBJ) $(FAKEROOT)$(libdir)/$(PAMSHOBJ)
- $(LDCONFIG)
-endif
-
-remove:
- rm -f $(FAKEROOT)$(libdir)/$(LIBPAM)
- $(LDCONFIG)
-
-clean:
- rm -f a.out core *~ static/*.o dynamic/*.o
- rm -f *.a *.o *.so ./include/security/*~
- if [ -d dynamic ]; then rmdir dynamic ; fi
- if [ -d static ]; then rmdir static ; fi
diff --git a/Linux-PAM/dynamic/pam.c b/Linux-PAM/dynamic/pam.c
deleted file mode 100644
index e0a51c32..00000000
--- a/Linux-PAM/dynamic/pam.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/*
- * $Id: pam.c,v 1.1 2001/12/09 22:51:12 agmorgan Exp $
- *
- * If you want to dynamically load libpam using dlopen() or something,
- * then dlopen( ' this shared object ' ); It takes care of exporting
- * the right symbols to any modules loaded by libpam.
- */
-
-#include <stdio.h>
-#include <dlfcn.h>
-#include <security/pam_appl.h>
-#include <security/_pam_macros.h>
-
-#ifndef LIBPAMPATH
-#define LIBPAMPATH "/lib/libpam.so"
-#endif
-
-static void *libpam_h = NULL;
-
-#define CONFIRM_PAM_FUNCTION(x, y, z, err) \
- do { \
- union { const void *tpointer; y (*fn) z ; } fptr; \
- fptr.tpointer = dlsym(libpam_h, #x); real_##x = fptr.fn; \
- if (real_##x == NULL) { \
- D(("unable to resolve '" #x "': %s", dlerror())); \
- return err; \
- } \
- } while (0)
-
-
-extern void _init(void);
-
-void _init()
-{
- if (libpam_h == NULL) {
- libpam_h = dlopen(LIBPAMPATH, RTLD_GLOBAL|RTLD_NOW);
- }
-}
-
-extern void _fini(void);
-
-void _fini()
-{
- if (libpam_h != NULL) {
- dlclose(libpam_h);
- }
-}
-
-int pam_start(const char *service_name, const char *user,
- const struct pam_conv *pam_conversation,
- pam_handle_t **pamh)
-{
- static int (*real_pam_start)(const char *, const char *,
- const struct pam_conv *,
- pam_handle_t **);
- CONFIRM_PAM_FUNCTION(pam_start, int, (const char *, const char *,
- const struct pam_conv *,
- pam_handle_t **), PAM_ABORT);
- return real_pam_start(service_name, user, pam_conversation, pamh);
-}
-
-int pam_end(pam_handle_t *pamh, int pam_status)
-{
- static int (*real_pam_end)(pam_handle_t *, int);
- CONFIRM_PAM_FUNCTION(pam_end, int, (pam_handle_t *, int), PAM_ABORT);
- return real_pam_end(pamh, pam_status);
-}
-
-int pam_set_item(pam_handle_t *pamh, int item_type, const void *item)
-{
- static int (*real_pam_set_item)(pam_handle_t *, int, const void *);
- CONFIRM_PAM_FUNCTION(pam_set_item, int,
- (pam_handle_t *, int, const void *), PAM_ABORT);
- return real_pam_set_item(pamh, item_type, item);
-}
-
-int pam_get_item(const pam_handle_t *pamh, int item_type, const void **item)
-{
- static int (*real_pam_get_item)(const pam_handle_t *, int, const void **);
- CONFIRM_PAM_FUNCTION(pam_get_item, int,
- (const pam_handle_t *, int, const void **),
- PAM_ABORT);
- return real_pam_get_item(pamh, item_type, item);
-}
-
-int pam_fail_delay(pam_handle_t *pamh, unsigned int musec_delay)
-{
- static int (*real_pam_fail_delay)(pam_handle_t *, unsigned int);
- CONFIRM_PAM_FUNCTION(pam_fail_delay, int, (pam_handle_t *, unsigned int),
- PAM_ABORT);
- return real_pam_fail_delay(pamh, musec_delay);
-}
-
-typedef const char * const_char_pointer;
-
-const_char_pointer pam_strerror(pam_handle_t *pamh, int errnum)
-{
- static const_char_pointer (*real_pam_strerror)(pam_handle_t *, int);
- CONFIRM_PAM_FUNCTION(pam_strerror, const_char_pointer,
- (pam_handle_t *, int), NULL);
- return real_pam_strerror(pamh, errnum);
-}
-
-int pam_putenv(pam_handle_t *pamh, const char *name_value)
-{
- static int (*real_pam_putenv)(pam_handle_t *, const char *);
- CONFIRM_PAM_FUNCTION(pam_putenv, int, (pam_handle_t *, const char *),
- PAM_ABORT);
- return real_pam_putenv(pamh, name_value);
-}
-
-const_char_pointer pam_getenv(pam_handle_t *pamh, const char *name)
-{
- static const_char_pointer (*real_pam_getenv)(pam_handle_t *, const char *);
- CONFIRM_PAM_FUNCTION(pam_getenv, const_char_pointer,
- (pam_handle_t *, const char *), NULL);
- return real_pam_getenv(pamh, name);
-}
-
-typedef char ** char_ppointer;
-char_ppointer pam_getenvlist(pam_handle_t *pamh)
-{
- static char_ppointer (*real_pam_getenvlist)(pam_handle_t *);
- CONFIRM_PAM_FUNCTION(pam_getenvlist, char_ppointer, (pam_handle_t *),
- NULL);
- return real_pam_getenvlist(pamh);
-}
-
-/* Authentication management */
-
-int pam_authenticate(pam_handle_t *pamh, int flags)
-{
- static int (*real_pam_authenticate)(pam_handle_t *, int);
- CONFIRM_PAM_FUNCTION(pam_authenticate, int, (pam_handle_t *, int),
- PAM_ABORT);
- return real_pam_authenticate(pamh, flags);
-}
-
-int pam_setcred(pam_handle_t *pamh, int flags)
-{
- static int (*real_pam_setcred)(pam_handle_t *, int);
- CONFIRM_PAM_FUNCTION(pam_setcred, int, (pam_handle_t *, int), PAM_ABORT);
- return real_pam_setcred(pamh, flags);
-}
-
-/* Account Management API's */
-
-int pam_acct_mgmt(pam_handle_t *pamh, int flags)
-{
- static int (*real_pam_acct_mgmt)(pam_handle_t *, int);
- CONFIRM_PAM_FUNCTION(pam_acct_mgmt, int, (pam_handle_t *, int), PAM_ABORT);
- return real_pam_acct_mgmt(pamh, flags);
-}
-
-/* Session Management API's */
-
-int pam_open_session(pam_handle_t *pamh, int flags)
-{
- static int (*real_pam_open_session)(pam_handle_t *, int);
- CONFIRM_PAM_FUNCTION(pam_open_session, int, (pam_handle_t *, int),
- PAM_ABORT);
- return real_pam_open_session(pamh, flags);
-}
-
-int pam_close_session(pam_handle_t *pamh, int flags)
-{
- static int (*real_pam_close_session)(pam_handle_t *, int);
- CONFIRM_PAM_FUNCTION(pam_close_session, int, (pam_handle_t *, int),
- PAM_ABORT);
- return real_pam_close_session(pamh, flags);
-}
-
-/* Password Management API's */
-
-int pam_chauthtok(pam_handle_t *pamh, int flags)
-{
- static int (*real_pam_chauthtok)(pam_handle_t *, int);
- CONFIRM_PAM_FUNCTION(pam_chauthtok, int, (pam_handle_t *, int), PAM_ABORT);
- return real_pam_chauthtok(pamh, flags);
-}
diff --git a/Linux-PAM/dynamic/test.c b/Linux-PAM/dynamic/test.c
deleted file mode 100644
index 35496fe4..00000000
--- a/Linux-PAM/dynamic/test.c
+++ /dev/null
@@ -1,27 +0,0 @@
-#include <stdio.h>
-#include <dlfcn.h>
-#include <unistd.h>
-
-#include <security/pam_appl.h>
-#include <security/pam_misc.h>
-
-int main(int argc, char **argv)
-{
- void *handle;
-
- handle = dlopen("./pam.so", RTLD_NOW);
- if (handle == NULL) {
- fprintf(stderr, "failed to load pam.so: %s\n", dlerror());
- exit(1);
- }
-
- /* handle->XXX points to each of the PAM functions */
-
-
- if (dlclose(handle)) {
- fprintf(stderr, "failed to unload pam.so: %s\n", dlerror());
- exit(1);
- }
-
- exit(0);
-}
diff --git a/Linux-PAM/examples/Makefile b/Linux-PAM/examples/Makefile
deleted file mode 100644
index 3ffea528..00000000
--- a/Linux-PAM/examples/Makefile
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# $Id: Makefile,v 1.6 2002/06/27 04:04:54 agmorgan Exp $
-#
-
-include ../Make.Rules
-
-PROGS = blank xsh check_user
-SRCS = blank.c xsh.c check_user.c
-PROGSUID =
-
-ifeq ($(WITH_LIBDEBUG),yes)
- LIBSUFFIX=d
-else
- LIBSUFFIX=
-endif
-
-CFLAGS += -I$(absolute_srcdir)/libpam_misc/include
-
-LOADLIBES = -L$(absolute_objdir)/libpam -L$(absolute_objdir)/libpamc \
- -L$(absolute_objdir)/libpam_misc -lpam -lpam_misc
-
-ifeq ($(STATIC_LIBPAM),yes)
- ifneq ($(DYNAMIC),)
- CFLAGS += $(CC_STATIC)
- LOADLIBES += $(LIBDL)
- endif
-endif
-
-all: $(PROGS)
-
-check_user: check_user.o
- $(CC) $(CFLAGS) -o $@ $< $(LOADLIBES)
-
-blank: blank.o
- $(CC) $(CFLAGS) -o $@ $< $(LOADLIBES)
-
-xsh: xsh.o
- $(CC) $(CFLAGS) -o $@ $< $(LOADLIBES)
-
-clean:
- rm -f *.a *.so *.o *~ $(PROGS) $(PROGSUID)
- rm -f *.a *.out *.o *.so
-
-# note, the programs are test programs, they should not be
-# installed on your system!
-
-install: all
- if [ -n "$(PROGS)" ]; then cp $(PROGS) ../bin ; fi
- if [ -n "$(PROGSUID)" ]; then \
- $(INSTALL) -m 4555 $(PROGSUID) ../bin ; fi
-
-remove:
- cd ../bin ; rm -f $(PROGS) $(PROGSUID)
- for x in $(PROGS) $(PROGSUID) ; do rm -f ../bin/$$x ; done
diff --git a/Linux-PAM/examples/Makefile.am b/Linux-PAM/examples/Makefile.am
new file mode 100644
index 00000000..f8b9f006
--- /dev/null
+++ b/Linux-PAM/examples/Makefile.am
@@ -0,0 +1,14 @@
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -I$(top_srcdir)/libpam_misc/include
+AM_LDFLAGS = -L$(top_builddir)/libpam -lpam \
+ -L$(top_builddir)/libpam_misc -lpam_misc
+
+noinst_PROGRAMS = xsh vpass blank check_user
diff --git a/Linux-PAM/examples/Makefile.in b/Linux-PAM/examples/Makefile.in
new file mode 100644
index 00000000..cc3c3f9f
--- /dev/null
+++ b/Linux-PAM/examples/Makefile.in
@@ -0,0 +1,522 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+noinst_PROGRAMS = xsh$(EXEEXT) vpass$(EXEEXT) blank$(EXEEXT) \
+ check_user$(EXEEXT)
+subdir = examples
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+PROGRAMS = $(noinst_PROGRAMS)
+blank_SOURCES = blank.c
+blank_OBJECTS = blank.$(OBJEXT)
+blank_LDADD = $(LDADD)
+check_user_SOURCES = check_user.c
+check_user_OBJECTS = check_user.$(OBJEXT)
+check_user_LDADD = $(LDADD)
+vpass_SOURCES = vpass.c
+vpass_OBJECTS = vpass.$(OBJEXT)
+vpass_LDADD = $(LDADD)
+xsh_SOURCES = xsh.c
+xsh_OBJECTS = xsh.$(OBJEXT)
+xsh_LDADD = $(LDADD)
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = blank.c check_user.c vpass.c xsh.c
+DIST_SOURCES = blank.c check_user.c vpass.c xsh.c
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -I$(top_srcdir)/libpam_misc/include
+
+AM_LDFLAGS = -L$(top_builddir)/libpam -lpam \
+ -L$(top_builddir)/libpam_misc -lpam_misc
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu examples/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu examples/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+clean-noinstPROGRAMS:
+ @list='$(noinst_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+blank$(EXEEXT): $(blank_OBJECTS) $(blank_DEPENDENCIES)
+ @rm -f blank$(EXEEXT)
+ $(LINK) $(blank_OBJECTS) $(blank_LDADD) $(LIBS)
+check_user$(EXEEXT): $(check_user_OBJECTS) $(check_user_DEPENDENCIES)
+ @rm -f check_user$(EXEEXT)
+ $(LINK) $(check_user_OBJECTS) $(check_user_LDADD) $(LIBS)
+vpass$(EXEEXT): $(vpass_OBJECTS) $(vpass_DEPENDENCIES)
+ @rm -f vpass$(EXEEXT)
+ $(LINK) $(vpass_OBJECTS) $(vpass_LDADD) $(LIBS)
+xsh$(EXEEXT): $(xsh_OBJECTS) $(xsh_DEPENDENCIES)
+ @rm -f xsh$(EXEEXT)
+ $(LINK) $(xsh_OBJECTS) $(xsh_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blank.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_user.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vpass.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xsh.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(PROGRAMS)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libtool clean-noinstPROGRAMS ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/examples/README b/Linux-PAM/examples/README
new file mode 100644
index 00000000..f4ae9511
--- /dev/null
+++ b/Linux-PAM/examples/README
@@ -0,0 +1,13 @@
+
+(now we are getting networked apps, be careful to try and test on a
+securely isolated system!)
+
+These programs grant no privileges, but they give an idea of how well
+the modules are working.
+
+blank is new as of Linux-PAM-0.21. If you are writing/modifying an
+application it might be a place to start...
+
+xsh is new as of Linux-PAM-0.31, it is identical to blank, but invokes
+/bin/sh if the user is authenticated.
+
diff --git a/Linux-PAM/examples/vpass.c b/Linux-PAM/examples/vpass.c
index 9a07ee38..a54ec061 100644
--- a/Linux-PAM/examples/vpass.c
+++ b/Linux-PAM/examples/vpass.c
@@ -1,3 +1,6 @@
+
+#include "config.h"
+
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
@@ -5,8 +8,9 @@
#include <sys/types.h>
#include <security/pam_appl.h>
-static int test_conv(int num_msg, const struct pam_message **msgm,
- struct pam_response **response, void *appdata_ptr)
+static int
+test_conv (int num_msg UNUSED, const struct pam_message **msgm UNUSED,
+ struct pam_response **response UNUSED, void *appdata_ptr UNUSED)
{
return 0;
}
@@ -29,7 +33,7 @@ int main(void)
if (pw) {
user = pw->pw_name;
} else {
- fprintf(stderr, "Invalid userid: %d\n", uid);
+ fprintf(stderr, "Invalid userid: %lu\n", (unsigned long) uid);
exit(1);
}
diff --git a/Linux-PAM/examples/wrap_xsh.sh b/Linux-PAM/examples/wrap_xsh.sh
deleted file mode 100755
index af01697e..00000000
--- a/Linux-PAM/examples/wrap_xsh.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-export LD_PRELOAD=../libpam/libpam.so:../libpam_misc/libpam_misc.so
-ldd ./xsh
-./xsh "$@"
-
diff --git a/Linux-PAM/examples/xsh.c b/Linux-PAM/examples/xsh.c
index 3f5246f5..ef4dca0c 100644
--- a/Linux-PAM/examples/xsh.c
+++ b/Linux-PAM/examples/xsh.c
@@ -1,11 +1,7 @@
-/*
- * $Id: xsh.c,v 1.7 2004/09/24 09:18:21 kukuk Exp $
- */
-
/* Andrew Morgan (morgan@kernel.org) -- an example application
* that invokes a shell, based on blank.c */
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
@@ -39,7 +35,7 @@ static struct pam_conv conv = {
int main(int argc, char **argv)
{
pam_handle_t *pamh=NULL;
- const char *username=NULL;
+ const void *username=NULL;
const char *service="xsh";
int retcode;
@@ -137,13 +133,13 @@ int main(int argc, char **argv)
break;
}
- pam_get_item(pamh, PAM_USER, (const void **) &username);
+ pam_get_item(pamh, PAM_USER, &username);
fprintf(stderr,
"The user [%s] has been authenticated and `logged in'\n",
- username);
+ (const char *)username);
/* this is always a really bad thing for security! */
- system("/bin/sh");
+ retcode = system("/bin/sh");
/* close a session for the user --- `0' could be PAM_SILENT
* it is possible that this pam_close_call is in another program..
@@ -173,5 +169,5 @@ int main(int argc, char **argv)
pamh = NULL;
bail_out(pamh,1,retcode,"pam_end");
- exit(0);
+ return (0);
}
diff --git a/Linux-PAM/install-sh b/Linux-PAM/install-sh
index b777f124..1a835340 100755
--- a/Linux-PAM/install-sh
+++ b/Linux-PAM/install-sh
@@ -1,7 +1,7 @@
#!/bin/sh
# install - install a program, script, or datafile
-scriptversion=2004-07-05.00
+scriptversion=2005-02-02.21
# This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the
@@ -109,7 +109,7 @@ while test -n "$1"; do
shift
continue;;
- --help) echo "$usage"; exit 0;;
+ --help) echo "$usage"; exit $?;;
-m) chmodcmd="$chmodprog $2"
shift
@@ -134,7 +134,7 @@ while test -n "$1"; do
shift
continue;;
- --version) echo "$0 $scriptversion"; exit 0;;
+ --version) echo "$0 $scriptversion"; exit $?;;
*) # When -d is used, all remaining arguments are directories to create.
# When -t is used, the destination is already specified.
@@ -213,7 +213,7 @@ do
fi
# This sed command emulates the dirname command.
- dstdir=`echo "$dst" | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
+ dstdir=`echo "$dst" | sed -e 's,/*$,,;s,[^/]*$,,;s,/*$,,;s,^$,.,'`
# Make sure that the destination directory exists.
@@ -226,7 +226,8 @@ do
oIFS=$IFS
# Some sh's can't handle IFS=/ for some reason.
IFS='%'
- set - `echo "$dstdir" | sed -e 's@/@%@g' -e 's@^%@/@'`
+ set x `echo "$dstdir" | sed -e 's@/@%@g' -e 's@^%@/@'`
+ shift
IFS=$oIFS
pathcomp=
@@ -260,7 +261,7 @@ do
rmtmp=$dstdir/_rm.$$_
# Trap to clean up those temp files at exit.
- trap 'status=$?; rm -f "$dsttmp" "$rmtmp" && exit $status' 0
+ trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
trap '(exit $?); exit' 1 2 13 15
# Copy the file name to the temp name.
@@ -295,7 +296,7 @@ do
|| $doit $mvcmd -f "$dstdir/$dstfile" "$rmtmp" 2>/dev/null \
|| {
echo "$0: cannot unlink or rename $dstdir/$dstfile" >&2
- (exit 1); exit
+ (exit 1); exit 1
}
else
:
@@ -306,12 +307,12 @@ do
$doit $mvcmd "$dsttmp" "$dstdir/$dstfile"
}
}
- fi || { (exit 1); exit; }
+ fi || { (exit 1); exit 1; }
done
# The final little trick to "correctly" pass the exit status to the exit trap.
{
- (exit 0); exit
+ (exit 0); exit 0
}
# Local variables:
diff --git a/Linux-PAM/libpam/Makefile b/Linux-PAM/libpam/Makefile
deleted file mode 100644
index 94d92de6..00000000
--- a/Linux-PAM/libpam/Makefile
+++ /dev/null
@@ -1,170 +0,0 @@
-#
-# $Id: Makefile,v 1.12 2005/03/29 20:41:20 toady Exp $
-#
-#
-
-include ../Make.Rules
-
-# need to tell libpam about the default directory for PAMs
-MOREFLAGS=-D"DEFAULT_MODULE_PATH=\"$(SECUREDIR)/\""
-
-ifeq ($(WITH_LIBDEBUG),yes)
- LIBNAME=libpamd
- CFLAGS += -D"DEBUG"
- CFLAGS += -g
-else
- LIBNAME=libpam
-endif
-ifeq ($(WITH_PRELUDE),yes)
- CFLAGS += -DPRELUDE -DLIBPRELUDE_CONFIG_PREFIX=\"`libprelude-config --prefix`\"
- LINKLIBS += -lprelude
-endif
-VERSION=.$(MAJOR_REL)
-MODIFICATION=.$(MINOR_REL)
-
-# ---------------------------------------------
-
-dummy: ../Make.Rules all
-
-# ---------------------------------------------
-
-CFLAGS += $(DYNAMIC) $(STATIC) $(MOREFLAGS) \
- -DLIBPAM_VERSION_MAJOR=$(MAJOR_REL) \
- -DLIBPAM_VERSION_MINOR=$(MINOR_REL) \
- -DLIBPAM_VERSION_STRING=\"$(MAJOR_REL).$(MINOR_REL)\"
-
-# dynamic library names
-
-LIBPAM = $(LIBNAME).$(DYNTYPE)
-LIBPAMNAME = $(LIBPAM)$(VERSION)
-LIBPAMFULL = $(LIBPAMNAME)$(MODIFICATION)
-
-# static library name
-
-LIBPAMSTATIC = $(LIBNAME).a
-
-ifdef STATIC
-# @echo Did you mean to set STATIC\?
-MODULES = $(shell cat ../modules/_static_module_objects)
-STATICOBJ = pam_static.o
-else
-MODULES =
-endif
-
-ifeq ($(WITH_MEMORY_DEBUG),yes)
-EXTRAS += pam_malloc.o
-endif
-
-LIBOBJECTS = pam_item.o pam_strerror.o pam_end.o pam_start.o pam_data.o \
- pam_delay.o pam_dispatch.o pam_handlers.o pam_misc.o \
- pam_account.o pam_auth.o pam_prelude.o pam_session.o pam_password.o \
- pam_env.o pam_log.o $(EXTRAS)
-
-ifeq ($(DYNAMIC_LIBPAM),yes)
-# libpam.so needs -ldl, too.
-DLIBOBJECTS = $(addprefix dynamic/,$(LIBOBJECTS) $(STATICOBJ))
-ifeq ($(STATICOBJ),yes)
-dynamic/pam_static.o: pam_static.c ../modules/_static_module_objects
- $(CC) $(CFLAGS) -c pam_static.c -o $@
-endif
-endif
-
-ifeq ($(STATIC_LIBPAM),yes)
-SLIBOBJECTS = $(addprefix static/,$(LIBOBJECTS) $(STATICOBJ))
-ifdef STATICOBJ
-static/pam_static.o: pam_static.c ../modules/_static_module_objects
- $(CC) $(CFLAGS) -c pam_static.c -o $@
-endif
-endif
-
-# ---------------------------------------------
-## rules
-
-all: dirs $(LIBPAM) $(LIBPAMSTATIC) ../Make.Rules
-
-dirs:
-ifeq ($(DYNAMIC_LIBPAM),yes)
- $(MKDIR) dynamic
-endif
-ifeq ($(STATIC_LIBPAM),yes)
- $(MKDIR) static
-endif
-
-dynamic/%.o : %.c
- $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-static/%.o : %.c
- $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-bootstrap-libpam: bootdir $(LIBPAM)
-bootdir:
- test -d dynamic || mkdir dynamic
-
-$(LIBPAM): $(DLIBOBJECTS)
-ifeq ($(DYNAMIC_LIBPAM),yes)
- ifeq ($(USESONAME),yes)
- $(LD_L) $(SOSWITCH)$(LIBPAMNAME) -o $@ $(DLIBOBJECTS) \
- $(MODULES) $(LINKLIBS)
- else
- $(LD_L) -o $@ $(DLIBOBJECTS) $(MODULES) $(LINKLIBS)
- endif
- ifeq ($(NEEDSONAME),yes)
- rm -f $(LIBPAMFULL)
- ln -sf $(LIBPAM) $(LIBPAMFULL)
- rm -f $(LIBPAMNAME)
- ln -sf $(LIBPAM) $(LIBPAMNAME)
- endif
-endif
-
-$(LIBPAMSTATIC): $(SLIBOBJECTS)
-ifeq ($(STATIC_LIBPAM),yes)
- $(AR) cru $@ $(SLIBOBJECTS) $(MODULES)
-ifdef RANLIB
- $(RANLIB) $@
-endif
-endif
-
-install: all
- $(MKDIR) $(FAKEROOT)$(INCLUDED) $(FAKEROOT)$(libdir)
- $(INSTALL) -m 644 include/security/pam_appl.h $(FAKEROOT)$(INCLUDED)
- $(INSTALL) -m 644 include/security/pam_modules.h $(FAKEROOT)$(INCLUDED)
- $(INSTALL) -m 644 include/security/_pam_macros.h $(FAKEROOT)$(INCLUDED)
- $(INSTALL) -m 644 include/security/_pam_types.h $(FAKEROOT)$(INCLUDED)
- $(INSTALL) -m 644 include/security/_pam_compat.h $(FAKEROOT)$(INCLUDED)
-ifdef MEMORY_DEBUG
- $(INSTALL) -m 644 include/security/pam_malloc.h $(FAKEROOT)$(INCLUDED)
-endif
-ifeq ($(DYNAMIC_LIBPAM),yes)
- $(INSTALL) -m $(SHLIBMODE) $(LIBPAM) $(FAKEROOT)$(libdir)/$(LIBPAMFULL)
-ifndef FAKEROOT
- $(LDCONFIG)
-else
- $(LDCONFIG) -n $(FAKEROOT)$(libdir)
-endif
- ifneq ($(DYNTYPE),"sl")
- ( cd $(FAKEROOT)$(libdir) ; rm -f $(LIBPAM) ; \
- ln -sf $(LIBPAMNAME) $(LIBPAM) )
- endif
-endif
-ifeq ($(STATIC_LIBPAM),yes)
- $(INSTALL) -m 644 $(LIBPAMSTATIC) $(FAKEROOT)$(libdir)
-endif
-
-remove:
- rm -f $(FAKEROOT)$(INCLUDED)/_pam_types.h
- rm -f $(FAKEROOT)$(INCLUDED)/_pam_macros.h
- rm -f $(FAKEROOT)$(INCLUDED)/pam_appl.h
- rm -f $(FAKEROOT)$(INCLUDED)/pam_modules.h
- rm -f $(FAKEROOT)$(INCLUDED)/pam_malloc.h
- rm -f $(FAKEROOT)$(libdir)/$(LIBPAM).*
- rm -f $(FAKEROOT)$(libdir)/$(LIBPAM)
-ifndef FAKEROOT
- $(LDCONFIG)
-endif
- rm -f $(FAKEROOT)$(libdir)/$(LIBPAMSTATIC)
-
-clean:
- rm -f a.out core *~ static/*.o dynamic/*.o
- rm -f *.orig $(LIBPAMNAME) $(LIBPAMFULL)
- rm -f *.a *.o *.so ./include/security/*~
- if [ -d dynamic ]; then rmdir dynamic ; fi
- if [ -d static ]; then rmdir static ; fi
diff --git a/Linux-PAM/libpam/Makefile.am b/Linux-PAM/libpam/Makefile.am
new file mode 100644
index 00000000..e96d6df8
--- /dev/null
+++ b/Linux-PAM/libpam/Makefile.am
@@ -0,0 +1,42 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+AM_CFLAGS = -DDEFAULT_MODULE_PATH=\"$(SECUREDIR)/\" -DLIBPAM_COMPILE \
+ -I$(srcdir)/include $(LIBPRELUDE_CFLAGS) -DPAM_VERSION=\"$(VERSION)\"
+if HAVE_LIBSELINUX
+ AM_CFLAGS += -D"WITH_SELINUX"
+endif
+
+CLEANFILES = *~
+
+EXTRA_DIST = libpam.map
+
+include_HEADERS = include/security/_pam_compat.h \
+ include/security/_pam_macros.h include/security/_pam_types.h \
+ include/security/pam_appl.h include/security/pam_modules.h \
+ include/security/pam_ext.h include/security/pam_modutil.h
+
+noinst_HEADERS = pam_prelude.h pam_private.h pam_tokens.h \
+ pam_modutil_private.h pam_static_modules.h
+
+libpam_la_LDFLAGS = -no-undefined -version-info 81:6:81 \
+ @LIBAUDIT@ $(LIBPRELUDE_LIBS) @LIBDL@
+if STATIC_MODULES
+ libpam_la_LDFLAGS += `ls ../modules/pam_*/*.lo` \
+ @LIBDB@ @LIBCRYPT@ @LIBNSL@ @LIBCRACK@ -lutil
+endif
+if HAVE_VERSIONING
+ libpam_la_LDFLAGS += -Wl,--version-script=$(srcdir)/libpam.map
+endif
+
+lib_LTLIBRARIES = libpam.la
+
+libpam_la_SOURCES = pam_account.c pam_auth.c pam_data.c pam_delay.c \
+ pam_dispatch.c pam_end.c pam_env.c pam_handlers.c pam_item.c \
+ pam_misc.c pam_password.c pam_prelude.c \
+ pam_session.c pam_start.c pam_static.c pam_strerror.c \
+ pam_vprompt.c pam_syslog.c pam_dynamic.c pam_audit.c \
+ pam_modutil_cleanup.c pam_modutil_getpwnam.c pam_modutil_ioloop.c \
+ pam_modutil_getgrgid.c pam_modutil_getpwuid.c pam_modutil_getgrnam.c \
+ pam_modutil_getspnam.c pam_modutil_getlogin.c pam_modutil_ingroup.c
diff --git a/Linux-PAM/libpam/Makefile.in b/Linux-PAM/libpam/Makefile.in
new file mode 100644
index 00000000..3220693b
--- /dev/null
+++ b/Linux-PAM/libpam/Makefile.in
@@ -0,0 +1,614 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_LIBSELINUX_TRUE@am__append_1 = -D"WITH_SELINUX"
+@STATIC_MODULES_TRUE@am__append_2 = `ls ../modules/pam_*/*.lo` \
+@STATIC_MODULES_TRUE@ @LIBDB@ @LIBCRYPT@ @LIBNSL@ @LIBCRACK@ -lutil
+
+@HAVE_VERSIONING_TRUE@am__append_3 = -Wl,--version-script=$(srcdir)/libpam.map
+subdir = libpam
+DIST_COMMON = $(include_HEADERS) $(noinst_HEADERS) \
+ $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"
+libLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(lib_LTLIBRARIES)
+libpam_la_LIBADD =
+am_libpam_la_OBJECTS = pam_account.lo pam_auth.lo pam_data.lo \
+ pam_delay.lo pam_dispatch.lo pam_end.lo pam_env.lo \
+ pam_handlers.lo pam_item.lo pam_misc.lo pam_password.lo \
+ pam_prelude.lo pam_session.lo pam_start.lo pam_static.lo \
+ pam_strerror.lo pam_vprompt.lo pam_syslog.lo pam_dynamic.lo \
+ pam_audit.lo pam_modutil_cleanup.lo pam_modutil_getpwnam.lo \
+ pam_modutil_ioloop.lo pam_modutil_getgrgid.lo \
+ pam_modutil_getpwuid.lo pam_modutil_getgrnam.lo \
+ pam_modutil_getspnam.lo pam_modutil_getlogin.lo \
+ pam_modutil_ingroup.lo
+libpam_la_OBJECTS = $(am_libpam_la_OBJECTS)
+libpam_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(libpam_la_LDFLAGS) $(LDFLAGS) -o $@
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = $(libpam_la_SOURCES)
+DIST_SOURCES = $(libpam_la_SOURCES)
+includeHEADERS_INSTALL = $(INSTALL_HEADER)
+HEADERS = $(include_HEADERS) $(noinst_HEADERS)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+AM_CFLAGS = -DDEFAULT_MODULE_PATH=\"$(SECUREDIR)/\" -DLIBPAM_COMPILE \
+ -I$(srcdir)/include $(LIBPRELUDE_CFLAGS) \
+ -DPAM_VERSION=\"$(VERSION)\" $(am__append_1)
+CLEANFILES = *~
+EXTRA_DIST = libpam.map
+include_HEADERS = include/security/_pam_compat.h \
+ include/security/_pam_macros.h include/security/_pam_types.h \
+ include/security/pam_appl.h include/security/pam_modules.h \
+ include/security/pam_ext.h include/security/pam_modutil.h
+
+noinst_HEADERS = pam_prelude.h pam_private.h pam_tokens.h \
+ pam_modutil_private.h pam_static_modules.h
+
+libpam_la_LDFLAGS = -no-undefined -version-info 81:6:81 @LIBAUDIT@ \
+ $(LIBPRELUDE_LIBS) @LIBDL@ $(am__append_2) $(am__append_3)
+lib_LTLIBRARIES = libpam.la
+libpam_la_SOURCES = pam_account.c pam_auth.c pam_data.c pam_delay.c \
+ pam_dispatch.c pam_end.c pam_env.c pam_handlers.c pam_item.c \
+ pam_misc.c pam_password.c pam_prelude.c \
+ pam_session.c pam_start.c pam_static.c pam_strerror.c \
+ pam_vprompt.c pam_syslog.c pam_dynamic.c pam_audit.c \
+ pam_modutil_cleanup.c pam_modutil_getpwnam.c pam_modutil_ioloop.c \
+ pam_modutil_getgrgid.c pam_modutil_getpwuid.c pam_modutil_getgrnam.c \
+ pam_modutil_getspnam.c pam_modutil_getlogin.c pam_modutil_ingroup.c
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu libpam/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu libpam/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+libpam.la: $(libpam_la_OBJECTS) $(libpam_la_DEPENDENCIES)
+ $(libpam_la_LINK) -rpath $(libdir) $(libpam_la_OBJECTS) $(libpam_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_account.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_audit.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_auth.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_data.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_delay.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_dispatch.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_dynamic.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_end.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_env.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_handlers.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_item.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_misc.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_modutil_cleanup.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_modutil_getgrgid.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_modutil_getgrnam.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_modutil_getlogin.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_modutil_getpwnam.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_modutil_getpwuid.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_modutil_getspnam.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_modutil_ingroup.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_modutil_ioloop.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_password.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_prelude.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_session.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_start.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_static.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_strerror.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_syslog.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_vprompt.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-includeHEADERS: $(include_HEADERS)
+ @$(NORMAL_INSTALL)
+ test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)"
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \
+ $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \
+ done
+
+uninstall-includeHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \
+ rm -f "$(DESTDIR)$(includedir)/$$f"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-includeHEADERS
+
+install-dvi: install-dvi-am
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libLTLIBRARIES clean-libtool ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-includeHEADERS install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-includeHEADERS \
+ uninstall-libLTLIBRARIES
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/libpam/include/security/_pam_compat.h b/Linux-PAM/libpam/include/security/_pam_compat.h
index 33520a6c..a5f58e42 100644
--- a/Linux-PAM/libpam/include/security/_pam_compat.h
+++ b/Linux-PAM/libpam/include/security/_pam_compat.h
@@ -2,8 +2,6 @@
#define _PAM_COMPAT_H
/*
- * $Id: _pam_compat.h,v 1.1.1.1 2000/06/20 22:11:21 agmorgan Exp $
- *
* This file was contributed by Derrick J Brashear <shadow@dementia.org>
* slight modification by Brad M. Garcia <bgarcia@fore.com>
*
@@ -15,108 +13,114 @@
/* Solaris uses different constants. We redefine to those here */
#if defined(solaris) || (defined(__SVR4) && defined(sun))
-#ifndef _SECURITY__PAM_TYPES_H
-
# ifdef _SECURITY_PAM_MODULES_H
/* flags for pam_chauthtok() */
# undef PAM_PRELIM_CHECK
-# define PAM_PRELIM_CHECK 0x1
+# define PAM_PRELIM_CHECK 0x1
# undef PAM_UPDATE_AUTHTOK
-# define PAM_UPDATE_AUTHTOK 0x2
+# define PAM_UPDATE_AUTHTOK 0x2
# endif /* _SECURITY_PAM_MODULES_H */
-#else /* _SECURITY__PAM_TYPES_H */
+# ifdef _SECURITY__PAM_TYPES_H
/* generic for pam_* functions */
# undef PAM_SILENT
-# define PAM_SILENT 0x80000000
+# define PAM_SILENT 0x80000000
+
+# undef PAM_CHANGE_EXPIRED_AUTHTOK
+# define PAM_CHANGE_EXPIRED_AUTHTOK 0x4
/* flags for pam_setcred() */
# undef PAM_ESTABLISH_CRED
-# define PAM_ESTABLISH_CRED 0x1
+# define PAM_ESTABLISH_CRED 0x1
# undef PAM_DELETE_CRED
-# define PAM_DELETE_CRED 0x2
+# define PAM_DELETE_CRED 0x2
# undef PAM_REINITIALIZE_CRED
-# define PAM_REINITIALIZE_CRED 0x4
+# define PAM_REINITIALIZE_CRED 0x4
# undef PAM_REFRESH_CRED
-# define PAM_REFRESH_CRED 0x8
+# define PAM_REFRESH_CRED 0x8
/* another binary incompatibility comes from the return codes! */
# undef PAM_CONV_ERR
-# define PAM_CONV_ERR 6
+# define PAM_CONV_ERR 6
# undef PAM_PERM_DENIED
-# define PAM_PERM_DENIED 7
+# define PAM_PERM_DENIED 7
# undef PAM_MAXTRIES
-# define PAM_MAXTRIES 8
+# define PAM_MAXTRIES 8
# undef PAM_AUTH_ERR
-# define PAM_AUTH_ERR 9
+# define PAM_AUTH_ERR 9
# undef PAM_NEW_AUTHTOK_REQD
-# define PAM_NEW_AUTHTOK_REQD 10
+# define PAM_NEW_AUTHTOK_REQD 10
# undef PAM_CRED_INSUFFICIENT
-# define PAM_CRED_INSUFFICIENT 11
+# define PAM_CRED_INSUFFICIENT 11
# undef PAM_AUTHINFO_UNAVAIL
-# define PAM_AUTHINFO_UNAVAIL 12
+# define PAM_AUTHINFO_UNAVAIL 12
# undef PAM_USER_UNKNOWN
-# define PAM_USER_UNKNOWN 13
+# define PAM_USER_UNKNOWN 13
# undef PAM_CRED_UNAVAIL
-# define PAM_CRED_UNAVAIL 14
+# define PAM_CRED_UNAVAIL 14
# undef PAM_CRED_EXPIRED
-# define PAM_CRED_EXPIRED 15
+# define PAM_CRED_EXPIRED 15
# undef PAM_CRED_ERR
-# define PAM_CRED_ERR 16
+# define PAM_CRED_ERR 16
# undef PAM_ACCT_EXPIRED
-# define PAM_ACCT_EXPIRED 17
+# define PAM_ACCT_EXPIRED 17
# undef PAM_AUTHTOK_EXPIRED
-# define PAM_AUTHTOK_EXPIRED 18
+# define PAM_AUTHTOK_EXPIRED 18
# undef PAM_SESSION_ERR
-# define PAM_SESSION_ERR 19
+# define PAM_SESSION_ERR 19
# undef PAM_AUTHTOK_ERR
-# define PAM_AUTHTOK_ERR 20
+# define PAM_AUTHTOK_ERR 20
# undef PAM_AUTHTOK_RECOVERY_ERR
-# define PAM_AUTHTOK_RECOVERY_ERR 21
+# define PAM_AUTHTOK_RECOVERY_ERR 21
# undef PAM_AUTHTOK_LOCK_BUSY
-# define PAM_AUTHTOK_LOCK_BUSY 22
+# define PAM_AUTHTOK_LOCK_BUSY 22
# undef PAM_AUTHTOK_DISABLE_AGING
-# define PAM_AUTHTOK_DISABLE_AGING 23
+# define PAM_AUTHTOK_DISABLE_AGING 23
# undef PAM_NO_MODULE_DATA
-# define PAM_NO_MODULE_DATA 24
+# define PAM_NO_MODULE_DATA 24
# undef PAM_IGNORE
-# define PAM_IGNORE 25
+# define PAM_IGNORE 25
# undef PAM_ABORT
-# define PAM_ABORT 26
+# define PAM_ABORT 26
# undef PAM_TRY_AGAIN
-# define PAM_TRY_AGAIN 27
+# define PAM_TRY_AGAIN 27
#endif /* _SECURITY__PAM_TYPES_H */
+#else
+
+/* For compatibility with old Linux-PAM implementations. */
+#define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR
+
#endif /* defined(solaris) || (defined(__SVR4) && defined(sun)) */
#endif /* _PAM_COMPAT_H */
diff --git a/Linux-PAM/libpam/include/security/_pam_macros.h b/Linux-PAM/libpam/include/security/_pam_macros.h
index 2827fabf..f7da10a7 100644
--- a/Linux-PAM/libpam/include/security/_pam_macros.h
+++ b/Linux-PAM/libpam/include/security/_pam_macros.h
@@ -9,8 +9,8 @@
/* a 'safe' version of strdup */
-#include <string.h>
#include <stdlib.h>
+#include <string.h>
#define x_strdup(s) ( (s) ? strdup(s):NULL )
@@ -73,11 +73,11 @@ do { \
* You have been warned :-) - CG
*
* to get automated debugging to the log file, it must be created manually.
- * _PAM_LOGFILE must exist, mode 666
+ * _PAM_LOGFILE must exist and be writable to the programs you debug.
*/
#ifndef _PAM_LOGFILE
-#define _PAM_LOGFILE "/tmp/pam-debug.log"
+#define _PAM_LOGFILE "/var/run/pam-debug.log"
#endif
static void _pam_output_debug_info(const char *file, const char *fn
diff --git a/Linux-PAM/libpam/include/security/_pam_types.h b/Linux-PAM/libpam/include/security/_pam_types.h
index b4413ee3..45bae97b 100644
--- a/Linux-PAM/libpam/include/security/_pam_types.h
+++ b/Linux-PAM/libpam/include/security/_pam_types.h
@@ -1,30 +1,15 @@
/*
* <security/_pam_types.h>
*
- * $Id: _pam_types.h,v 1.6 2005/03/16 00:06:01 toady Exp $
- *
* This file defines all of the types common to the Linux-PAM library
* applications and modules.
*
* Note, the copyright+license information is at end of file.
- *
- * Created: 1996/3/5 by AGM
*/
#ifndef _SECURITY__PAM_TYPES_H
#define _SECURITY__PAM_TYPES_H
-#ifndef __LIBPAM_VERSION
-# define __LIBPAM_VERSION __libpam_version
-#endif
-extern unsigned int __libpam_version;
-
-/*
- * include local definition for POSIX - NULL
- */
-
-#include <locale.h>
-
/* This is a blind structure; users aren't allowed to see inside a
* pam_handle_t, so we don't define struct pam_handle here. This is
* defined in a file private to the PAM library. (i.e., it's private
@@ -32,6 +17,13 @@ extern unsigned int __libpam_version;
typedef struct pam_handle pam_handle_t;
+/* ---------------- The Linux-PAM Version defines ----------------- */
+
+/* Major and minor version number of the Linux-PAM package. Use
+ these macros to test for features in specific releases. */
+#define __LINUX_PAM__ 1
+#define __LINUX_PAM_MINOR__ 0
+
/* ----------------- The Linux-PAM return values ------------------ */
#define PAM_SUCCESS 0 /* Successful function return */
@@ -71,8 +63,8 @@ typedef struct pam_handle pam_handle_t;
#define PAM_NO_MODULE_DATA 18 /* No module specific data is present */
#define PAM_CONV_ERR 19 /* Conversation error */
#define PAM_AUTHTOK_ERR 20 /* Authentication token manipulation error */
-#define PAM_AUTHTOK_RECOVER_ERR 21 /* Authentication information */
- /* cannot be recovered */
+#define PAM_AUTHTOK_RECOVERY_ERR 21 /* Authentication information */
+ /* cannot be recovered */
#define PAM_AUTHTOK_LOCK_BUSY 22 /* Authentication token lock busy */
#define PAM_AUTHTOK_DISABLE_AGING 23 /* Authentication token aging disabled */
#define PAM_TRY_AGAIN 24 /* Preliminary check by password service */
@@ -133,31 +125,62 @@ typedef struct pam_handle pam_handle_t;
/* ------------------ The Linux-PAM item types ------------------- */
-/* these defines are used by pam_set_item() and pam_get_item() */
+/* These defines are used by pam_set_item() and pam_get_item().
+ Please check the spec which are allowed for use by applications
+ and which are only allowed for use by modules. */
#define PAM_SERVICE 1 /* The service name */
#define PAM_USER 2 /* The user name */
#define PAM_TTY 3 /* The tty name */
#define PAM_RHOST 4 /* The remote host name */
#define PAM_CONV 5 /* The pam_conv structure */
-
-/* missing entries found in <security/pam_modules.h> for modules only! */
-
+#define PAM_AUTHTOK 6 /* The authentication token (password) */
+#define PAM_OLDAUTHTOK 7 /* The old authentication token */
#define PAM_RUSER 8 /* The remote user name */
#define PAM_USER_PROMPT 9 /* the prompt for getting a username */
#define PAM_FAIL_DELAY 10 /* app supplied function to override failure
delays */
+/* -------------- Special defines used by Linux-PAM -------------- */
+
+#if defined(__GNUC__) && defined(__GNUC_MINOR__)
+# define PAM_GNUC_PREREQ(maj, min) \
+ ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min))
+#else
+# define PAM_GNUC_PREREQ(maj, min) 0
+#endif
+
+#if PAM_GNUC_PREREQ(2,5)
+# define PAM_FORMAT(params) __attribute__((__format__ params))
+#else
+# define PAM_FORMAT(params)
+#endif
+
+#if PAM_GNUC_PREREQ(3,3) && !defined(LIBPAM_COMPILE)
+# define PAM_NONNULL(params) __attribute__((__nonnull__ params))
+#else
+# define PAM_NONNULL(params)
+#endif
+
/* ---------- Common Linux-PAM application/module PI ----------- */
-extern int pam_set_item(pam_handle_t *pamh, int item_type, const void *item);
-extern int pam_get_item(const pam_handle_t *pamh, int item_type,
- const void **item);
-extern const char *pam_strerror(pam_handle_t *pamh, int errnum);
+extern int PAM_NONNULL((1))
+pam_set_item(pam_handle_t *pamh, int item_type, const void *item);
+
+extern int PAM_NONNULL((1))
+pam_get_item(const pam_handle_t *pamh, int item_type, const void **item);
+
+extern const char *
+pam_strerror(pam_handle_t *pamh, int errnum);
+
+extern int PAM_NONNULL((1,2))
+pam_putenv(pam_handle_t *pamh, const char *name_value);
+
+extern const char * PAM_NONNULL((1,2))
+pam_getenv(pam_handle_t *pamh, const char *name);
-extern int pam_putenv(pam_handle_t *pamh, const char *name_value);
-extern const char *pam_getenv(pam_handle_t *pamh, const char *name);
-extern char **pam_getenvlist(pam_handle_t *pamh);
+extern char ** PAM_NONNULL((1))
+pam_getenvlist(pam_handle_t *pamh);
/* ---------- Common Linux-PAM application/module PI ----------- */
@@ -189,22 +212,6 @@ extern char **pam_getenvlist(pam_handle_t *pamh);
#define HAVE_PAM_FAIL_DELAY
extern int pam_fail_delay(pam_handle_t *pamh, unsigned int musec_delay);
-#include <syslog.h>
-#ifndef LOG_AUTHPRIV
-# ifdef LOG_PRIV
-# define LOG_AUTHPRIV LOG_PRIV
-# endif /* LOG_PRIV */
-#endif /* !LOG_AUTHPRIV */
-
-#ifdef MEMORY_DEBUG
-/*
- * this defines some macros that keep track of what memory has been
- * allocated and indicates leakage etc... It should not be included in
- * production application/modules.
- */
-#include <security/pam_malloc.h>
-#endif
-
/* ------------ The Linux-PAM conversation structures ------------ */
/* Message styles */
@@ -272,18 +279,6 @@ struct pam_conv {
void *appdata_ptr;
};
-#ifndef LINUX_PAM
-/*
- * the following few lines represent a hack. They are there to make
- * the Linux-PAM headers more compatible with the Sun ones, which have a
- * less strictly separated notion of module specific and application
- * specific definitions.
- */
-#include <security/pam_appl.h>
-#include <security/pam_modules.h>
-#endif
-
-
/* ... adapted from the pam_appl.h file created by Theodore Ts'o and
*
* Copyright Theodore Ts'o, 1996. All rights reserved.
@@ -301,13 +296,13 @@ struct pam_conv {
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
@@ -321,4 +316,3 @@ struct pam_conv {
* OF THE POSSIBILITY OF SUCH DAMAGE. */
#endif /* _SECURITY__PAM_TYPES_H */
-
diff --git a/Linux-PAM/libpam/include/security/pam_appl.h b/Linux-PAM/libpam/include/security/pam_appl.h
index 69ee544d..d4172c69 100644
--- a/Linux-PAM/libpam/include/security/pam_appl.h
+++ b/Linux-PAM/libpam/include/security/pam_appl.h
@@ -1,16 +1,11 @@
/*
* <security/pam_appl.h>
- *
+ *
* This header file collects definitions for the PAM API --- that is,
* public interface between the PAM library and an application program
* that wishes to use it.
*
* Note, the copyright information is at end of file.
- *
- * Created: 15-Jan-96 by TYT
- * Last modified: 1996/3/5 by AGM
- *
- * $Id: pam_appl.h,v 1.3 2000/11/19 23:54:02 agmorgan Exp $
*/
#ifndef _SECURITY_PAM_APPL_H
@@ -19,41 +14,53 @@
#ifdef __cplusplus
extern "C" {
#endif
-
+
#include <security/_pam_types.h> /* Linux-PAM common defined types */
/* -------------- The Linux-PAM Framework layer API ------------- */
-extern int pam_start(const char *service_name, const char *user,
- const struct pam_conv *pam_conversation,
- pam_handle_t **pamh);
-extern int pam_end(pam_handle_t *pamh, int pam_status);
+extern int PAM_NONNULL((1,3,4))
+pam_start(const char *service_name, const char *user,
+ const struct pam_conv *pam_conversation,
+ pam_handle_t **pamh);
+
+extern int PAM_NONNULL((1))
+pam_end(pam_handle_t *pamh, int pam_status);
/* Authentication API's */
-extern int pam_authenticate(pam_handle_t *pamh, int flags);
-extern int pam_setcred(pam_handle_t *pamh, int flags);
+extern int PAM_NONNULL((1))
+pam_authenticate(pam_handle_t *pamh, int flags);
+
+extern int PAM_NONNULL((1))
+pam_setcred(pam_handle_t *pamh, int flags);
/* Account Management API's */
-extern int pam_acct_mgmt(pam_handle_t *pamh, int flags);
+extern int PAM_NONNULL((1))
+pam_acct_mgmt(pam_handle_t *pamh, int flags);
/* Session Management API's */
-extern int pam_open_session(pam_handle_t *pamh, int flags);
-extern int pam_close_session(pam_handle_t *pamh, int flags);
+extern int PAM_NONNULL((1))
+pam_open_session(pam_handle_t *pamh, int flags);
+
+extern int PAM_NONNULL((1))
+pam_close_session(pam_handle_t *pamh, int flags);
/* Password Management API's */
-extern int pam_chauthtok(pam_handle_t *pamh, int flags);
+extern int PAM_NONNULL((1))
+pam_chauthtok(pam_handle_t *pamh, int flags);
-#ifdef __cplusplus
-}
-#endif
/* take care of any compatibility issues */
#include <security/_pam_compat.h>
+#ifdef __cplusplus
+}
+#endif
+
/*
* Copyright Theodore Ts'o, 1996. All rights reserved.
*
@@ -69,13 +76,13 @@ extern int pam_chauthtok(pam_handle_t *pamh, int flags);
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
diff --git a/Linux-PAM/libpam/include/security/pam_ext.h b/Linux-PAM/libpam/include/security/pam_ext.h
new file mode 100644
index 00000000..111dd633
--- /dev/null
+++ b/Linux-PAM/libpam/include/security/pam_ext.h
@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2005, 2006 Thorsten Kukuk.
+ *
+ * <security/pam_ext.h>
+ *
+ * This header file collects definitions for the extended PAM API.
+ * This is a public interface of the PAM library for PAM modules,
+ * which makes the life of PAM developers easier, but are not documented
+ * in any standard and are not portable between different PAM
+ * implementations.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _SECURITY__PAM_EXT_H_
+#define _SECURITY__PAM_EXT_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <security/_pam_types.h>
+#include <stdarg.h>
+
+extern void PAM_FORMAT((printf, 3, 0)) PAM_NONNULL((3))
+pam_vsyslog (const pam_handle_t *pamh, int priority,
+ const char *fmt, va_list args);
+
+extern void PAM_FORMAT((printf, 3, 4)) PAM_NONNULL((3))
+pam_syslog (const pam_handle_t *pamh, int priority, const char *fmt, ...);
+
+extern int PAM_FORMAT((printf, 4, 0)) PAM_NONNULL((1,4))
+pam_vprompt (pam_handle_t *pamh, int style, char **response,
+ const char *fmt, va_list args);
+
+extern int PAM_FORMAT((printf, 4, 5)) PAM_NONNULL((1,4))
+pam_prompt (pam_handle_t *pamh, int style, char **response,
+ const char *fmt, ...);
+
+#define pam_error(pamh, fmt...) \
+ pam_prompt(pamh, PAM_ERROR_MSG, NULL, fmt)
+#define pam_verror(pamh, fmt, args) \
+ pam_vprompt(pamh, PAM_ERROR_MSG, NULL, fmt, args)
+
+#define pam_info(pamh, fmt...) pam_prompt(pamh, PAM_TEXT_INFO, NULL, fmt)
+#define pam_vinfo(pamh, fmt, args) pam_vprompt(pamh, PAM_TEXT_INFO, NULL, fmt, args)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/Linux-PAM/libpam/include/security/pam_malloc.h b/Linux-PAM/libpam/include/security/pam_malloc.h
deleted file mode 100644
index bbf31338..00000000
--- a/Linux-PAM/libpam/include/security/pam_malloc.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * $Id: pam_malloc.h,v 1.3 2001/11/26 03:04:47 agmorgan Exp $
- */
-
-/*
- * This file (via the use of macros) defines a wrapper for the malloc
- * family of calls. It logs where the memory was requested and also
- * where it was free()'d and keeps a list of currently requested memory.
- *
- * It is hoped that it will provide some help in locating memory leaks.
- */
-
-#ifndef PAM_MALLOC_H
-#define PAM_MALLOC_H
-
-/* these are the macro definitions for the stdlib.h memory functions */
-
-#define malloc(s) pam_malloc(s,__FILE__,__FUNCTION__,__LINE__)
-#define calloc(n,s) pam_calloc(n,s,__FILE__,__FUNCTION__,__LINE__)
-#define free(x) pam_free(x,__FILE__,__FUNCTION__,__LINE__)
-/* #define memalign(a,s) pam_memalign(a,s,__FILE__,__FUNCTION__,__LINE__) */
-#define realloc(x,s) pam_realloc(x,s,__FILE__,__FUNCTION__,__LINE__)
-/* #define valloc(s) pam_valloc(s,__FILE__,__FUNCTION__,__LINE__) */
-/* #define alloca(s) pam_alloca(s,__FILE__,__FUNCTION__,__LINE__) */
-#define exit(i) pam_exit(i,__FILE__,__FUNCTION__,__LINE__)
-#define strdup(s) pam_strdup(s,__FILE__,__FUNCTION__,__LINE__)
-
-/* these are the prototypes for the wrapper functions */
-
-#include <sys/types.h>
-
-extern void *pam_malloc(size_t s,const char *,const char *, int);
-extern void *pam_calloc(size_t n,size_t s,const char *,const char *, int);
-extern void pam_free(void *x,const char *,const char *, int);
-extern void *pam_memalign(size_t a,size_t s
- ,const char *,const char *, int);
-extern void *pam_realloc(void *x,size_t s,const char *,const char *, int);
-extern void *pam_valloc(size_t s,const char *,const char *, int);
-extern void *pam_alloca(size_t s,const char *,const char *, int);
-extern void pam_exit(int i,const char *,const char *, int);
-extern char *pam_strdup(const char *,const char *,const char *, int);
-
-/* these are the flags used to turn on and off diagnostics */
-
-#define PAM_MALLOC_LEAKED 01
-#define PAM_MALLOC_REQUEST 02
-#define PAM_MALLOC_FREE 04
-#define PAM_MALLOC_EXCH (PAM_MALLOC_FREED|PAM_MALLOC_EXCH)
-#define PAM_MALLOC_RESIZE 010
-#define PAM_MALLOC_FAIL 020
-#define PAM_MALLOC_NULL 040
-#define PAM_MALLOC_VERIFY 0100
-#define PAM_MALLOC_FUNC 0200
-#define PAM_MALLOC_PAUSE 0400
-#define PAM_MALLOC_STOP 01000
-
-#define PAM_MALLOC_ALL 0777
-
-#define PAM_MALLOC_DEFAULT \
- (PAM_MALLOC_LEAKED|PAM_MALLOC_PAUSE|PAM_MALLOC_FAIL)
-
-#include <stdio.h>
-
-extern FILE *pam_malloc_outfile; /* defaults to stdout */
-
-/* how much output do you want? */
-
-extern int pam_malloc_flags;
-extern int pam_malloc_delay_length; /* how long to pause on errors */
-
-#endif /* PAM_MALLOC_H */
diff --git a/Linux-PAM/libpam/include/security/pam_modules.h b/Linux-PAM/libpam/include/security/pam_modules.h
index 1f20993f..5c516c4e 100644
--- a/Linux-PAM/libpam/include/security/pam_modules.h
+++ b/Linux-PAM/libpam/include/security/pam_modules.h
@@ -1,32 +1,34 @@
/*
* <security/pam_modules.h>
- *
- * $Id: pam_modules.h,v 1.3 2001/02/05 06:50:41 agmorgan Exp $
*
+ * This header file collects definitions for the PAM API --- that is,
+ * public interface between the PAM library and PAM modules.
+ *
+ * Note, the copyright information is at end of file.
*/
#ifndef _SECURITY_PAM_MODULES_H
#define _SECURITY_PAM_MODULES_H
-#include <security/_pam_types.h> /* Linux-PAM common defined types */
-
-/* these defines are used by pam_set_item() and pam_get_item() and are
- * in addition to those found in <security/_pam_types.h> */
+#ifdef __cplusplus
+extern "C" {
+#endif
-#define PAM_AUTHTOK 6 /* The authentication token (password) */
-#define PAM_OLDAUTHTOK 7 /* The old authentication token */
+#include <security/_pam_types.h> /* Linux-PAM common defined types */
/* -------------- The Linux-PAM Module PI ------------- */
-extern int pam_set_data(pam_handle_t *pamh, const char *module_data_name,
- void *data,
- void (*cleanup)(pam_handle_t *pamh, void *data,
- int error_status));
-extern int pam_get_data(const pam_handle_t *pamh,
- const char *module_data_name, const void **data);
+extern int PAM_NONNULL((1,2))
+pam_set_data(pam_handle_t *pamh, const char *module_data_name, void *data,
+ void (*cleanup)(pam_handle_t *pamh, void *data,
+ int error_status));
+
+extern int PAM_NONNULL((1,2,3))
+pam_get_data(const pam_handle_t *pamh, const char *module_data_name,
+ const void **data);
-extern int pam_get_user(pam_handle_t *pamh, const char **user
- , const char *prompt);
+extern int PAM_NONNULL((1,2))
+pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt);
#ifdef PAM_STATIC
@@ -56,7 +58,7 @@ struct pam_module {
#define PAM_EXTERN extern
#endif /* PAM_STATIC */
-
+
/* Lots of files include pam_modules.h that don't need these
* declared. However, when they are declared static, they
* need to be defined later. So we have to protect C files
@@ -127,9 +129,14 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
#define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */
+
/* take care of any compatibility issues */
#include <security/_pam_compat.h>
+#ifdef __cplusplus
+}
+#endif
+
/* Copyright (C) Theodore Ts'o, 1996.
* Copyright (C) Andrew Morgan, 1996-8.
* All rights reserved.
@@ -146,13 +153,13 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU General Public License, in which case the provisions of the
* GNU GPL are required INSTEAD OF the above restrictions. (This
* clause is necessary due to a potential bad interaction between the
* GNU GPL and the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
@@ -166,4 +173,3 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
* OF THE POSSIBILITY OF SUCH DAMAGE. */
#endif /* _SECURITY_PAM_MODULES_H */
-
diff --git a/Linux-PAM/libpam/include/security/pam_modutil.h b/Linux-PAM/libpam/include/security/pam_modutil.h
new file mode 100644
index 00000000..efb72436
--- /dev/null
+++ b/Linux-PAM/libpam/include/security/pam_modutil.h
@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 2001-2002 Andrew Morgan <morgan@kernel.org>
+ *
+ * <security/pam_modutil.h>
+ *
+ * This file is a list of handy libc wrappers that attempt to provide some
+ * thread-safe and other convenient functionality to modules in a common form.
+ *
+ * A number of these functions reserve space in a pam_[sg]et_data item.
+ * In all cases, the name of the item is prefixed with "pam_modutil_*".
+ *
+ * On systems that simply can't support thread safe programming, these
+ * functions don't support it either - sorry.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _SECURITY__PAM_MODUTIL_H
+#define _SECURITY__PAM_MODUTIL_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <security/_pam_types.h>
+
+extern struct passwd * PAM_NONNULL((1,2))
+pam_modutil_getpwnam(pam_handle_t *pamh, const char *user);
+
+extern struct passwd * PAM_NONNULL((1))
+pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid);
+
+extern struct group * PAM_NONNULL((1,2))
+pam_modutil_getgrnam(pam_handle_t *pamh, const char *group);
+
+extern struct group * PAM_NONNULL((1))
+pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid);
+
+extern struct spwd * PAM_NONNULL((1,2))
+pam_modutil_getspnam(pam_handle_t *pamh, const char *user);
+
+extern int PAM_NONNULL((1,2,3))
+pam_modutil_user_in_group_nam_nam(pam_handle_t *pamh,
+ const char *user,
+ const char *group);
+
+extern int PAM_NONNULL((1,2))
+pam_modutil_user_in_group_nam_gid(pam_handle_t *pamh,
+ const char *user,
+ gid_t group);
+
+extern int PAM_NONNULL((1,3))
+pam_modutil_user_in_group_uid_nam(pam_handle_t *pamh,
+ uid_t user,
+ const char *group);
+
+extern int PAM_NONNULL((1))
+pam_modutil_user_in_group_uid_gid(pam_handle_t *pamh,
+ uid_t user,
+ gid_t group);
+
+extern const char * PAM_NONNULL((1))
+pam_modutil_getlogin(pam_handle_t *pamh);
+
+extern int
+pam_modutil_read(int fd, char *buffer, int count);
+
+extern int
+pam_modutil_write(int fd, const char *buffer, int count);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _SECURITY__PAM_MODUTIL_H */
diff --git a/Linux-PAM/libpam/libpam.map b/Linux-PAM/libpam/libpam.map
new file mode 100644
index 00000000..1c2c4480
--- /dev/null
+++ b/Linux-PAM/libpam/libpam.map
@@ -0,0 +1,47 @@
+LIBPAM_1.0 {
+ global:
+ pam_acct_mgmt;
+ pam_authenticate;
+ pam_chauthtok;
+ pam_close_session;
+ pam_end;
+ pam_open_session;
+ pam_setcred;
+ pam_start;
+ pam_getenv;
+ pam_putenv;
+ pam_getenvlist;
+ pam_set_item;
+ pam_get_item;
+ pam_strerror;
+ pam_fail_delay;
+ pam_set_data;
+ pam_get_data;
+ pam_get_user;
+
+ local:
+ *;
+};
+LIBPAM_EXTENSION_1.0 {
+ global:
+ pam_prompt;
+ pam_vprompt;
+ pam_syslog;
+ pam_vsyslog;
+};
+
+LIBPAM_MODUTIL_1.0 {
+ global:
+ pam_modutil_getpwnam;
+ pam_modutil_getpwuid;
+ pam_modutil_getgrnam;
+ pam_modutil_getgrgid;
+ pam_modutil_getspnam;
+ pam_modutil_user_in_group_nam_nam;
+ pam_modutil_user_in_group_nam_gid;
+ pam_modutil_user_in_group_uid_nam;
+ pam_modutil_user_in_group_uid_gid;
+ pam_modutil_getlogin;
+ pam_modutil_read;
+ pam_modutil_write;
+};
diff --git a/Linux-PAM/libpam/pam_account.c b/Linux-PAM/libpam/pam_account.c
index 3a4fb1fc..572acc47 100644
--- a/Linux-PAM/libpam/pam_account.c
+++ b/Linux-PAM/libpam/pam_account.c
@@ -19,5 +19,9 @@ int pam_acct_mgmt(pam_handle_t *pamh, int flags)
retval = _pam_dispatch(pamh, flags, PAM_ACCOUNT);
+#ifdef HAVE_LIBAUDIT
+ retval = _pam_auditlog(pamh, PAM_ACCOUNT, retval, flags);
+#endif
+
return retval;
}
diff --git a/Linux-PAM/libpam/pam_audit.c b/Linux-PAM/libpam/pam_audit.c
new file mode 100644
index 00000000..ff1486aa
--- /dev/null
+++ b/Linux-PAM/libpam/pam_audit.c
@@ -0,0 +1,134 @@
+/* pam_audit.c -- Instrumentation code for Linux Auditing System */
+
+/* (C) 2005-2006 Red Hat, Inc. -- Licensing details are in the COPYING
+ file accompanying the Linux-PAM source distribution.
+
+ Authors:
+ Steve Grubb <sgrubb@redhat.com> */
+
+#include "pam_private.h"
+#include <stdio.h>
+#include <syslog.h>
+
+#ifdef HAVE_LIBAUDIT
+#include <libaudit.h>
+#include <pwd.h>
+#include <netdb.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <errno.h>
+
+#define PAMAUDIT_LOGGED 1
+
+static int
+_pam_audit_writelog(pam_handle_t *pamh, int audit_fd, int type,
+ const char *message, int retval)
+{
+ static int old_errno = -1;
+ int rc;
+ char buf[256];
+
+ snprintf(buf, sizeof(buf), "PAM: %s acct=%s ", message,
+ (retval != PAM_USER_UNKNOWN && pamh->user) ? pamh->user : "?");
+
+ rc = audit_log_user_message( audit_fd, type, buf,
+ pamh->rhost, NULL, pamh->tty, retval == PAM_SUCCESS );
+
+ if (rc == -1 && errno != old_errno)
+ {
+ old_errno = errno;
+ pam_syslog(pamh, LOG_CRIT, "audit_log_user_message() failed: %m");
+ }
+
+ pamh->audit_state |= PAMAUDIT_LOGGED;
+ return rc;
+}
+
+int
+_pam_auditlog(pam_handle_t *pamh, int action, int retval, int flags)
+{
+ const char *message;
+ int type;
+ int audit_fd;
+
+ audit_fd = audit_open();
+ if (audit_fd < 0) {
+ /* You get these error codes only when the kernel doesn't have
+ * audit compiled in. */
+ if (errno == EINVAL || errno == EPROTONOSUPPORT ||
+ errno == EAFNOSUPPORT)
+ return retval;
+
+ /* this should only fail in case of extreme resource shortage,
+ * need to prevent login in that case for CAPP compliance.
+ */
+ pam_syslog(pamh, LOG_CRIT, "audit_open() failed: %m");
+ return PAM_SYSTEM_ERR;
+ }
+
+ switch (action) {
+ case PAM_AUTHENTICATE:
+ message = "authentication";
+ type = AUDIT_USER_AUTH;
+ break;
+ case PAM_OPEN_SESSION:
+ message = "session open";
+ type = AUDIT_USER_START;
+ break;
+ case PAM_CLOSE_SESSION:
+ message = "session close";
+ type = AUDIT_USER_END;
+ break;
+ case PAM_ACCOUNT:
+ message = "accounting";
+ type = AUDIT_USER_ACCT;
+ break;
+ case PAM_CHAUTHTOK:
+ message = "chauthtok";
+ type = AUDIT_USER_CHAUTHTOK;
+ break;
+ case PAM_SETCRED:
+ message = "setcred";
+ if (flags & PAM_ESTABLISH_CRED)
+ type = AUDIT_CRED_ACQ;
+ else if ((flags & PAM_REINITIALIZE_CRED) || (flags & PAM_REFRESH_CRED))
+ type = AUDIT_CRED_REFR;
+ else if (flags & PAM_DELETE_CRED)
+ type = AUDIT_CRED_DISP;
+ else
+ type = AUDIT_USER_ERR;
+ break;
+ case _PAM_ACTION_DONE:
+ message = "bad_ident";
+ type = AUDIT_USER_ERR;
+ break;
+ default:
+ message = "UNKNOWN";
+ type = AUDIT_USER_ERR;
+ pam_syslog(pamh, LOG_CRIT, "_pam_auditlog() should never get here");
+ retval = PAM_SYSTEM_ERR;
+ }
+
+ if (_pam_audit_writelog(pamh, audit_fd, type, message, retval) < 0)
+ retval = PAM_SYSTEM_ERR;
+
+ audit_close(audit_fd);
+ return retval;
+}
+
+int
+_pam_audit_end(pam_handle_t *pamh, int status UNUSED)
+{
+ if (! (pamh->audit_state & PAMAUDIT_LOGGED)) {
+ /* PAM library is being shut down without any of the auditted
+ * stacks having been run. Assume that this is sshd faking
+ * things for an unknown user.
+ */
+ _pam_auditlog(pamh, _PAM_ACTION_DONE, PAM_USER_UNKNOWN, 0);
+ }
+
+ return 0;
+}
+
+#endif /* HAVE_LIBAUDIT */
diff --git a/Linux-PAM/libpam/pam_auth.c b/Linux-PAM/libpam/pam_auth.c
index f2743624..5c272cfe 100644
--- a/Linux-PAM/libpam/pam_auth.c
+++ b/Linux-PAM/libpam/pam_auth.c
@@ -1,7 +1,7 @@
/*
* pam_auth.c -- PAM authentication
*
- * $Id: pam_auth.c,v 1.5 2005/03/29 20:41:20 toady Exp $
+ * $Id: pam_auth.c,v 1.7 2006/07/24 15:47:40 kukuk Exp $
*
*/
@@ -45,6 +45,10 @@ int pam_authenticate(pam_handle_t *pamh, int flags)
prelude_send_alert(pamh, retval);
#endif
+#ifdef HAVE_LIBAUDIT
+ retval = _pam_auditlog(pamh, PAM_AUTHENTICATE, retval, flags);
+#endif
+
return retval;
}
@@ -67,6 +71,10 @@ int pam_setcred(pam_handle_t *pamh, int flags)
retval = _pam_dispatch(pamh, flags, PAM_SETCRED);
+#ifdef HAVE_LIBAUDIT
+ retval = _pam_auditlog(pamh, PAM_SETCRED, retval, flags);
+#endif
+
D(("pam_setcred exit"));
return retval;
diff --git a/Linux-PAM/libpam/pam_data.c b/Linux-PAM/libpam/pam_data.c
index 6a90bd51..30570afb 100644
--- a/Linux-PAM/libpam/pam_data.c
+++ b/Linux-PAM/libpam/pam_data.c
@@ -1,9 +1,38 @@
-/* pam_data.c */
-
/*
- * $Id: pam_data.c,v 1.3 2003/07/13 20:01:44 vorlon Exp $
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#include "config.h"
+
#include "pam_private.h"
#include <stdlib.h>
@@ -19,7 +48,7 @@ static struct pam_data *_pam_locate_data(const pam_handle_t *pamh,
IF_NO_PAMH("_pam_locate_data", pamh, NULL);
data = pamh->data;
-
+
while (data) {
if (!strcmp(data->name, name)) {
return data;
@@ -37,7 +66,7 @@ int pam_set_data(
void (*cleanup)(pam_handle_t *pamh, void *data, int error_status))
{
struct pam_data *data_entry;
-
+
D(("called"));
IF_NO_PAMH("pam_set_data", pamh, PAM_SYSTEM_ERR);
@@ -47,6 +76,12 @@ int pam_set_data(
return PAM_SYSTEM_ERR;
}
+ /* module_data_name should not be NULL */
+ if (module_data_name == NULL) {
+ D(("called with NULL as module_data_name"));
+ return PAM_SYSTEM_ERR;
+ }
+
/* first check if there is some data already. If so clean it up */
if ((data_entry = _pam_locate_data(pamh, module_data_name))) {
@@ -58,7 +93,8 @@ int pam_set_data(
char *tname;
if ((tname = _pam_strdup(module_data_name)) == NULL) {
- _pam_system_log(LOG_CRIT, "pam_set_data: no memory for data name");
+ pam_syslog(pamh, LOG_CRIT,
+ "pam_set_data: no memory for data name");
_pam_drop(data_entry);
return PAM_BUF_ERR;
}
@@ -66,7 +102,8 @@ int pam_set_data(
pamh->data = data_entry;
data_entry->name = tname;
} else {
- _pam_system_log(LOG_CRIT, "pam_set_data: cannot allocate data entry");
+ pam_syslog(pamh, LOG_CRIT,
+ "pam_set_data: cannot allocate data entry");
return PAM_BUF_ERR;
}
@@ -92,6 +129,12 @@ int pam_get_data(
return PAM_SYSTEM_ERR;
}
+ /* module_data_name should not be NULL */
+ if (module_data_name == NULL) {
+ D(("called with NULL as module_data_name"));
+ return PAM_SYSTEM_ERR;
+ }
+
data = _pam_locate_data(pamh, module_data_name);
if (data) {
*datap = data->data;
diff --git a/Linux-PAM/libpam/pam_dispatch.c b/Linux-PAM/libpam/pam_dispatch.c
index 4af29f69..ab032d74 100644
--- a/Linux-PAM/libpam/pam_dispatch.c
+++ b/Linux-PAM/libpam/pam_dispatch.c
@@ -1,9 +1,8 @@
/* pam_dispatch.c - handles module function dispatch */
/*
- * Copyright (c) 1998 Andrew G. Morgan <morgan@kernel.org>
+ * Copyright (c) 1998, 2005 Andrew G. Morgan <morgan@kernel.org>
*
- * $Id: pam_dispatch.c,v 1.7 2005/01/07 15:31:26 t8m Exp $
*/
#include "pam_private.h"
@@ -40,11 +39,11 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h,
IF_NO_PAMH("_pam_dispatch_aux", pamh, PAM_SYSTEM_ERR);
if (h == NULL) {
- const char *service=NULL;
+ const void *service=NULL;
- (void) pam_get_item(pamh, PAM_SERVICE, (const void **)&service);
- _pam_system_log(LOG_ERR, "no modules loaded for `%s' service",
- service ? service:"<unknown>" );
+ (void) pam_get_item(pamh, PAM_SERVICE, &service);
+ pam_syslog(pamh, LOG_ERR, "no modules loaded for `%s' service",
+ service ? (const char *)service:"<unknown>" );
service = NULL;
return PAM_MUST_FAIL_CODE;
}
@@ -80,7 +79,9 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h,
retval = PAM_MODULE_UNKNOWN;
} else {
D(("passing control to module..."));
+ pamh->mod_name=h->mod_name;
retval = h->func(pamh, flags, h->argc, h->argv);
+ pamh->mod_name=NULL;
D(("module returned: %s", pam_strerror(pamh, retval)));
if (h->must_fail) {
D(("module poorly listed in PAM config; forcing failure"));
@@ -207,7 +208,11 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h,
#endif /* PAM_FAIL_NOW_ON */
if ( impression != _PAM_NEGATIVE ) {
impression = _PAM_NEGATIVE;
- status = retval;
+ /* Don't return with PAM_IGNORE as status */
+ if ( retval == PAM_IGNORE )
+ status = PAM_MUST_FAIL_CODE;
+ else
+ status = retval;
}
if ( action == _PAM_ACTION_DIE ) {
goto decision_made;
@@ -237,7 +242,7 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h,
}
}
}
-
+
/* this means that we need to skip #action stacked modules */
do {
h = h->next;
@@ -291,7 +296,7 @@ int _pam_dispatch(pam_handle_t *pamh, int flags, int choice)
/* Load all modules, resolve all symbols */
if ((retval = _pam_init_handlers(pamh)) != PAM_SUCCESS) {
- _pam_system_log(LOG_ERR, "unable to dispatch function");
+ pam_syslog(pamh, LOG_ERR, "unable to dispatch function");
return retval;
}
@@ -322,7 +327,7 @@ int _pam_dispatch(pam_handle_t *pamh, int flags, int choice)
}
break;
default:
- _pam_system_log(LOG_ERR, "undefined fn choice; %d", choice);
+ pam_syslog(pamh, LOG_ERR, "undefined fn choice; %d", choice);
return PAM_ABORT;
}
@@ -353,7 +358,7 @@ int _pam_dispatch(pam_handle_t *pamh, int flags, int choice)
/* Did a module return an "incomplete state" last time? */
if (pamh->former.choice != PAM_NOT_STACKED) {
if (pamh->former.choice != choice) {
- _pam_system_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"application failed to re-exec stack [%d:%d]",
pamh->former.choice, choice);
return PAM_ABORT;
@@ -366,6 +371,7 @@ int _pam_dispatch(pam_handle_t *pamh, int flags, int choice)
__PAM_TO_MODULE(pamh);
/* call the list of module functions */
+ pamh->choice = choice;
retval = _pam_dispatch_aux(pamh, flags, h, resumed, use_cached_chain);
resumed = PAM_FALSE;
@@ -381,4 +387,3 @@ int _pam_dispatch(pam_handle_t *pamh, int flags, int choice)
return retval;
}
-
diff --git a/Linux-PAM/libpam/pam_dynamic.c b/Linux-PAM/libpam/pam_dynamic.c
new file mode 100644
index 00000000..5be33c36
--- /dev/null
+++ b/Linux-PAM/libpam/pam_dynamic.c
@@ -0,0 +1,142 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "pam_private.h"
+
+#ifndef PAM_STATIC
+
+#ifdef PAM_SHL
+# include <dl.h>
+#elif defined(PAM_DYLD)
+# include <mach-o/dyld.h>
+#else /* PAM_SHL */
+# include <dlfcn.h>
+#endif /* PAM_SHL */
+
+#ifndef SHLIB_SYM_PREFIX
+#define SHLIB_SYM_PREFIX "_"
+#endif
+
+void *_pam_dlopen(const char *mod_path)
+{
+#ifdef PAM_SHL
+ return shl_load(mod_path, BIND_IMMEDIATE, 0L);
+#elif defined(PAM_DYLD)
+ NSObjectFileImage ofile;
+ void *ret = NULL;
+
+ if (NSCreateObjectFileImageFromFile(mod_path, &ofile) !=
+ NSObjectFileImageSuccess )
+ return NULL;
+
+ ret = NSLinkModule(ofile, mod_path, NSLINKMODULE_OPTION_PRIVATE | NSLINKMODULE_OPTION_BINDNOW);
+ NSDestroyObjectFileImage(ofile);
+
+ return ret;
+#else
+ return dlopen(mod_path, RTLD_NOW);
+#endif
+}
+
+servicefn _pam_dlsym(void *handle, const char *symbol)
+{
+#ifdef PAM_SHL
+ char *_symbol = NULL;
+ servicefn ret;
+
+ if( symbol == NULL )
+ return NULL;
+
+ if( shl_findsym(&handle, symbol, (short) TYPE_PROCEDURE, &ret ){
+ _symbol = malloc( strlen(symbol) + sizeof(SHLIB_SYM_PREFIX) + 1 );
+ if( _symbol == NULL )
+ return NULL;
+ strcpy(_symbol, SHLIB_SYM_PREFIX);
+ strcat(_symbol, symbol);
+ if( shl_findsym(&handle, _symbol,
+ (short) TYPE_PROCEDURE, &ret ){
+ free(_symbol);
+ return NULL;
+ }
+ free(_symbol);
+ }
+
+ return ret;
+
+#elif defined(PAM_DYLD)
+ NSSymbol nsSymbol;
+ char *_symbol;
+
+ if( symbol == NULL )
+ return NULL;
+ _symbol = malloc( strlen(symbol) + 2 );
+ if( _symbol == NULL )
+ return NULL;
+ strcpy(_symbol, SHLIB_SYM_PREFIX);
+ strcat(_symbol, symbol);
+
+ nsSymbol = NSLookupSymbolInModule(handle, _symbol);
+ if( nsSymbol == NULL )
+ return NULL;
+ free(_symbol);
+
+ return (servicefn)NSAddressOfSymbol(nsSymbol);
+#else
+ return (servicefn) dlsym(handle, symbol);
+#endif
+}
+
+void _pam_dlclose(void *handle)
+{
+#ifdef PAM_SHL
+ shl_unload(handle);
+#elif defined(PAM_DYLD)
+ NSUnLinkModule((NSModule)handle, NSUNLINKMODULE_OPTION_NONE);
+#else
+ dlclose(handle);
+#endif
+
+ return;
+}
+
+const char *
+_pam_dlerror (void)
+{
+#if defined(PAM_SHL) || defined(PAM_DYLD)
+ return "unknown";
+#else
+ return dlerror ();
+#endif
+}
+
+#endif
diff --git a/Linux-PAM/libpam/pam_end.c b/Linux-PAM/libpam/pam_end.c
index a0716175..23a9dd5d 100644
--- a/Linux-PAM/libpam/pam_end.c
+++ b/Linux-PAM/libpam/pam_end.c
@@ -1,7 +1,7 @@
/* pam_end.c */
/*
- * $Id: pam_end.c,v 1.3 2003/07/13 20:01:44 vorlon Exp $
+ * $Id: pam_end.c,v 1.4 2006/01/12 10:06:49 t8m Exp $
*/
#include "pam_private.h"
@@ -21,6 +21,10 @@ int pam_end(pam_handle_t *pamh, int pam_status)
return PAM_SYSTEM_ERR;
}
+#ifdef HAVE_LIBAUDIT
+ _pam_audit_end(pamh, pam_status);
+#endif
+
/* first liberate the modules (it is not inconcevible that the
modules may need to use the service_name etc. to clean up) */
diff --git a/Linux-PAM/libpam/pam_env.c b/Linux-PAM/libpam/pam_env.c
index 9027bc79..0f022f9f 100644
--- a/Linux-PAM/libpam/pam_env.c
+++ b/Linux-PAM/libpam/pam_env.c
@@ -7,7 +7,7 @@
* This file was written from a "hint" provided by the people at SUN.
* and the X/Open XSSO draft of March 1997.
*
- * $Id: pam_env.c,v 1.5 2004/09/22 09:37:47 kukuk Exp $
+ * $Id: pam_env.c,v 1.6 2005/09/04 20:32:25 kukuk Exp $
*/
#include "pam_private.h"
@@ -57,7 +57,7 @@ int _pam_make_env(pam_handle_t *pamh)
pamh->env = (struct pam_environ *) malloc(sizeof(struct pam_environ));
if (pamh->env == NULL) {
- _pam_system_log(LOG_CRIT, "_pam_make_env: out of memory");
+ pam_syslog(pamh, LOG_CRIT, "_pam_make_env: out of memory");
return PAM_BUF_ERR;
}
@@ -67,7 +67,7 @@ int _pam_make_env(pam_handle_t *pamh)
pamh->env->list = (char **)calloc( PAM_ENV_CHUNK, sizeof(char *) );
if (pamh->env->list == NULL) {
- _pam_system_log(LOG_CRIT, "_pam_make_env: no memory for list");
+ pam_syslog(pamh, LOG_CRIT, "_pam_make_env: no memory for list");
_pam_drop(pamh->env);
return PAM_BUF_ERR;
}
@@ -157,7 +157,7 @@ int pam_putenv(pam_handle_t *pamh, const char *name_value)
IF_NO_PAMH("pam_putenv", pamh, PAM_ABORT);
if (name_value == NULL) {
- _pam_system_log(LOG_ERR, "pam_putenv: no variable indicated");
+ pam_syslog(pamh, LOG_ERR, "pam_putenv: no variable indicated");
return PAM_PERM_DENIED;
}
@@ -167,7 +167,7 @@ int pam_putenv(pam_handle_t *pamh, const char *name_value)
for (l2eq=0; name_value[l2eq] && name_value[l2eq] != '='; ++l2eq);
if (l2eq <= 0) {
- _pam_system_log(LOG_ERR, "pam_putenv: bad variable");
+ pam_syslog(pamh, LOG_ERR, "pam_putenv: bad variable");
return PAM_BAD_ITEM;
}
@@ -176,7 +176,7 @@ int pam_putenv(pam_handle_t *pamh, const char *name_value)
*/
if (pamh->env == NULL || pamh->env->list == NULL) {
- _pam_system_log(LOG_ERR, "pam_putenv: no env%s found",
+ pam_syslog(pamh, LOG_ERR, "pam_putenv: no env%s found",
pamh->env == NULL ? "":"-list");
return PAM_ABORT;
}
@@ -199,8 +199,8 @@ int pam_putenv(pam_handle_t *pamh, const char *name_value)
, sizeof(char *) );
if (tmp == NULL) {
/* nothing has changed - old env intact */
- _pam_system_log(LOG_CRIT,
- "pam_putenv: cannot grow environment");
+ pam_syslog(pamh, LOG_CRIT,
+ "pam_putenv: cannot grow environment");
return PAM_BUF_ERR;
}
@@ -251,8 +251,8 @@ int pam_putenv(pam_handle_t *pamh, const char *name_value)
/* getting to here implies we are deleting an item */
if (item < 0) {
- _pam_system_log(LOG_ERR, "pam_putenv: delete non-existent entry; %s",
- name_value);
+ pam_syslog(pamh, LOG_ERR,
+ "pam_putenv: delete non-existent entry; %s", name_value);
return PAM_BAD_ITEM;
}
@@ -290,13 +290,13 @@ const char *pam_getenv(pam_handle_t *pamh, const char *name)
IF_NO_PAMH("pam_getenv", pamh, NULL);
if (name == NULL) {
- _pam_system_log(LOG_ERR, "pam_getenv: no variable indicated");
+ pam_syslog(pamh, LOG_ERR, "pam_getenv: no variable indicated");
return NULL;
}
if (pamh->env == NULL || pamh->env->list == NULL) {
- _pam_system_log(LOG_ERR, "pam_getenv: no env%s found",
- pamh->env == NULL ? "":"-list" );
+ pam_syslog(pamh, LOG_ERR, "pam_getenv: no env%s found",
+ pamh->env == NULL ? "":"-list" );
return NULL;
}
@@ -363,22 +363,22 @@ char **pam_getenvlist(pam_handle_t *pamh)
IF_NO_PAMH("pam_getenvlist", pamh, NULL);
if (pamh->env == NULL || pamh->env->list == NULL) {
- _pam_system_log(LOG_ERR, "pam_getenvlist: no env%s found",
- pamh->env == NULL ? "":"-list" );
+ pam_syslog(pamh, LOG_ERR, "pam_getenvlist: no env%s found",
+ pamh->env == NULL ? "":"-list" );
return NULL;
}
/* some quick checks */
if (pamh->env->requested > pamh->env->entries) {
- _pam_system_log(LOG_ERR, "pam_getenvlist: environment corruption");
+ pam_syslog(pamh, LOG_ERR, "pam_getenvlist: environment corruption");
_pam_dump_env(pamh); /* only active when debugging */
return NULL;
}
for (i=pamh->env->requested-1; i-- > 0; ) {
if (pamh->env->list[i] == NULL) {
- _pam_system_log(LOG_ERR, "pam_getenvlist: environment broken");
+ pam_syslog(pamh, LOG_ERR, "pam_getenvlist: environment broken");
_pam_dump_env(pamh); /* only active when debugging */
return NULL; /* somehow we've broken the environment!? */
}
diff --git a/Linux-PAM/libpam/pam_handlers.c b/Linux-PAM/libpam/pam_handlers.c
index ed03eda8..87d781d2 100644
--- a/Linux-PAM/libpam/pam_handlers.c
+++ b/Linux-PAM/libpam/pam_handlers.c
@@ -4,8 +4,6 @@
* created by Marc Ewing.
* Currently maintained by Andrew G. Morgan <morgan@kernel.org>
*
- * $Id: pam_handlers.c,v 1.12 2005/02/07 08:18:53 kukuk Exp $
- *
*/
#include "pam_private.h"
@@ -18,19 +16,6 @@
#include <fcntl.h>
#include <unistd.h>
-#ifdef PAM_DYNAMIC
-# ifdef PAM_SHL
-# include <dl.h>
-# else /* PAM_SHL */
-# include <dlfcn.h>
-# endif /* PAM_SHL */
-#endif /* PAM_DYNAMIC */
-
-/* If not required, define as nothing */
-#ifndef SHLIB_SYM_PREFIX
-# define SHLIB_SYM_PREFIX ""
-#endif
-
#define BUF_SIZE 1024
#define MODULE_CHUNK 4
#define UNKNOWN_MODULE_PATH "<*unknown module path*>"
@@ -102,10 +87,10 @@ static int _pam_parse_conf_file(pam_handle_t *pamh, FILE *f
other = 0;
else
#endif /* PAM_READ_BOTH_CONFS */
- other = !_pam_strCMP(this_service, PAM_DEFAULT_SERVICE);
+ other = !strcasecmp(this_service, PAM_DEFAULT_SERVICE);
/* accept "service name" or PAM_DEFAULT_SERVICE modules */
- if (!_pam_strCMP(this_service, pamh->service_name) || other) {
+ if (!strcasecmp(this_service, pamh->service_name) || other) {
int pam_include = 0;
/* This is a service we are looking for */
@@ -116,23 +101,24 @@ static int _pam_parse_conf_file(pam_handle_t *pamh, FILE *f
if (tok == NULL) {
/* module type does not exist */
D(("_pam_init_handlers: empty module type for %s", this_service));
- _pam_system_log(LOG_ERR, "(%s) empty module type", this_service);
+ pam_syslog(pamh, LOG_ERR,
+ "(%s) empty module type", this_service);
module_type = (requested_module_type != PAM_T_ANY) ?
requested_module_type : PAM_T_AUTH; /* most sensitive */
must_fail = 1; /* install as normal but fail when dispatched */
- } else if (!_pam_strCMP("auth", tok)) {
+ } else if (!strcasecmp("auth", tok)) {
module_type = PAM_T_AUTH;
- } else if (!_pam_strCMP("session", tok)) {
+ } else if (!strcasecmp("session", tok)) {
module_type = PAM_T_SESS;
- } else if (!_pam_strCMP("account", tok)) {
+ } else if (!strcasecmp("account", tok)) {
module_type = PAM_T_ACCT;
- } else if (!_pam_strCMP("password", tok)) {
+ } else if (!strcasecmp("password", tok)) {
module_type = PAM_T_PASS;
} else {
/* Illegal module type */
D(("_pam_init_handlers: bad module type: %s", tok));
- _pam_system_log(LOG_ERR, "(%s) illegal module type: %s",
- this_service, tok);
+ pam_syslog(pamh, LOG_ERR, "(%s) illegal module type: %s",
+ this_service, tok);
module_type = (requested_module_type != PAM_T_ANY) ?
requested_module_type : PAM_T_AUTH; /* most sensitive */
must_fail = 1; /* install as normal but fail when dispatched */
@@ -156,33 +142,33 @@ static int _pam_parse_conf_file(pam_handle_t *pamh, FILE *f
if (tok == NULL) {
/* no module name given */
D(("_pam_init_handlers: no control flag supplied"));
- _pam_system_log(LOG_ERR,
- "(%s) no control flag supplied", this_service);
+ pam_syslog(pamh, LOG_ERR,
+ "(%s) no control flag supplied", this_service);
_pam_set_default_control(actions, _PAM_ACTION_BAD);
must_fail = 1;
- } else if (!_pam_strCMP("required", tok)) {
+ } else if (!strcasecmp("required", tok)) {
D(("*PAM_F_REQUIRED*"));
actions[PAM_SUCCESS] = _PAM_ACTION_OK;
actions[PAM_NEW_AUTHTOK_REQD] = _PAM_ACTION_OK;
actions[PAM_IGNORE] = _PAM_ACTION_IGNORE;
_pam_set_default_control(actions, _PAM_ACTION_BAD);
- } else if (!_pam_strCMP("requisite", tok)) {
+ } else if (!strcasecmp("requisite", tok)) {
D(("*PAM_F_REQUISITE*"));
actions[PAM_SUCCESS] = _PAM_ACTION_OK;
actions[PAM_NEW_AUTHTOK_REQD] = _PAM_ACTION_OK;
actions[PAM_IGNORE] = _PAM_ACTION_IGNORE;
_pam_set_default_control(actions, _PAM_ACTION_DIE);
- } else if (!_pam_strCMP("optional", tok)) {
+ } else if (!strcasecmp("optional", tok)) {
D(("*PAM_F_OPTIONAL*"));
actions[PAM_SUCCESS] = _PAM_ACTION_OK;
actions[PAM_NEW_AUTHTOK_REQD] = _PAM_ACTION_OK;
_pam_set_default_control(actions, _PAM_ACTION_IGNORE);
- } else if (!_pam_strCMP("sufficient", tok)) {
+ } else if (!strcasecmp("sufficient", tok)) {
D(("*PAM_F_SUFFICIENT*"));
actions[PAM_SUCCESS] = _PAM_ACTION_DONE;
actions[PAM_NEW_AUTHTOK_REQD] = _PAM_ACTION_DONE;
_pam_set_default_control(actions, _PAM_ACTION_IGNORE);
- } else if (!_pam_strCMP("include", tok)) {
+ } else if (!strcasecmp("include", tok)) {
D(("*PAM_F_INCLUDE*"));
pam_include = 1;
} else {
@@ -210,8 +196,8 @@ static int _pam_parse_conf_file(pam_handle_t *pamh, FILE *f
} else {
/* no module name given */
D(("_pam_init_handlers: no module name supplied"));
- _pam_system_log(LOG_ERR,
- "(%s) no module name supplied", this_service);
+ pam_syslog(pamh, LOG_ERR,
+ "(%s) no module name supplied", this_service);
mod_path = NULL;
must_fail = 1;
}
@@ -253,7 +239,7 @@ static int _pam_parse_conf_file(pam_handle_t *pamh, FILE *f
, module_type, actions, mod_path
, argc, argv, argvlen);
if (res != PAM_SUCCESS) {
- _pam_system_log(LOG_ERR, "error loading %s", mod_path);
+ pam_syslog(pamh, LOG_ERR, "error loading %s", mod_path);
D(("failed to load module - aborting"));
return PAM_ABORT;
}
@@ -279,13 +265,13 @@ static int _pam_load_conf_file(pam_handle_t *pamh, const char *config_name
if (config_name == NULL) {
D(("no config file supplied"));
- _pam_system_log(LOG_ERR, "(%s) no config file supplied", service);
+ pam_syslog(pamh, LOG_ERR, "(%s) no config file supplied", service);
return PAM_ABORT;
}
if (config_name[0] != '/') {
if (asprintf (&config_path, PAM_CONFIG_DF, config_name) < 0) {
- _pam_system_log(LOG_CRIT, "asprintf failed");
+ pam_syslog(pamh, LOG_CRIT, "asprintf failed");
return PAM_BUF_ERR;
}
config_name = config_path;
@@ -301,14 +287,14 @@ static int _pam_load_conf_file(pam_handle_t *pamh, const char *config_name
);
fclose(f);
if (retval != PAM_SUCCESS)
- _pam_system_log(LOG_ERR,
- "_pam_load_conf_file: error reading %s: %s",
- config_name, pam_strerror(pamh, retval));
+ pam_syslog(pamh, LOG_ERR,
+ "_pam_load_conf_file: error reading %s: %s",
+ config_name, pam_strerror(pamh, retval));
} else {
D(("unable to open %s", config_name));
- _pam_system_log(LOG_ERR,
- "_pam_load_conf_file: unable to open %s",
- config_name);
+ pam_syslog(pamh, LOG_ERR,
+ "_pam_load_conf_file: unable to open %s",
+ config_name);
}
_pam_drop(config_path);
@@ -337,8 +323,8 @@ int _pam_init_handlers(pam_handle_t *pamh)
if (! pamh->handlers.module) {
if ((pamh->handlers.module =
malloc(MODULE_CHUNK * sizeof(struct loaded_module))) == NULL) {
- _pam_system_log(LOG_CRIT,
- "_pam_init_handlers: no memory loading module");
+ pam_syslog(pamh, LOG_CRIT,
+ "_pam_init_handlers: no memory loading module");
return PAM_BUF_ERR;
}
pamh->handlers.modules_allocated = MODULE_CHUNK;
@@ -355,8 +341,9 @@ int _pam_init_handlers(pam_handle_t *pamh)
int fd_tmp;
if ((fd_tmp = open( PAM_LOCK_FILE, O_RDONLY )) != -1) {
- _pam_system_log(LOG_ERR, "_pam_init_handlers: PAM lockfile ("
- PAM_LOCK_FILE ") exists - aborting");
+ pam_syslog(pamh, LOG_ERR,
+ "_pam_init_handlers: PAM lockfile ("
+ PAM_LOCK_FILE ") exists - aborting");
(void) close(fd_tmp);
/*
* to avoid swamping the system with requests
@@ -382,15 +369,12 @@ int _pam_init_handlers(pam_handle_t *pamh)
int read_something=0;
D(("searching " PAM_CONFIG_D " for config files"));
- filename = malloc(sizeof(PAM_CONFIG_DF)
- +strlen(pamh->service_name));
- if (filename == NULL) {
- _pam_system_log(LOG_ERR,
+ if (asprintf(&filename, PAM_CONFIG_DF, pamh->service_name) < 0) {
+ pam_syslog(pamh, LOG_ERR,
"_pam_init_handlers: no memory; service %s",
pamh->service_name);
return PAM_BUF_ERR;
}
- sprintf(filename, PAM_CONFIG_DF, pamh->service_name);
D(("opening %s", filename));
f = fopen(filename, "r");
if (f != NULL) {
@@ -402,10 +386,10 @@ int _pam_init_handlers(pam_handle_t *pamh)
);
fclose(f);
if (retval != PAM_SUCCESS) {
- _pam_system_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"_pam_init_handlers: error reading %s",
filename);
- _pam_system_log(LOG_ERR, "_pam_init_handlers: [%s]",
+ pam_syslog(pamh, LOG_ERR, "_pam_init_handlers: [%s]",
pam_strerror(pamh, retval));
} else {
read_something = 1;
@@ -444,10 +428,10 @@ int _pam_init_handlers(pam_handle_t *pamh)
);
fclose(f);
if (retval != PAM_SUCCESS) {
- _pam_system_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"_pam_init_handlers: error reading %s",
PAM_DEFAULT_SERVICE_FILE);
- _pam_system_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"_pam_init_handlers: [%s]",
pam_strerror(pamh, retval));
} else {
@@ -455,7 +439,7 @@ int _pam_init_handlers(pam_handle_t *pamh)
}
} else {
D(("unable to open %s", PAM_DEFAULT_SERVICE_FILE));
- _pam_system_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"_pam_init_handlers: no default config %s",
PAM_DEFAULT_SERVICE_FILE);
}
@@ -465,7 +449,7 @@ int _pam_init_handlers(pam_handle_t *pamh)
}
} else {
if ((f = fopen(PAM_CONFIG, "r")) == NULL) {
- _pam_system_log(LOG_ERR, "_pam_init_handlers: could not open "
+ pam_syslog(pamh, LOG_ERR, "_pam_init_handlers: could not open "
PAM_CONFIG );
return PAM_ABORT;
}
@@ -483,7 +467,7 @@ int _pam_init_handlers(pam_handle_t *pamh)
if (retval != PAM_SUCCESS) {
/* Read error */
- _pam_system_log(LOG_ERR, "error reading PAM configuration file");
+ pam_syslog(pamh, LOG_ERR, "error reading PAM configuration file");
return PAM_ABORT;
}
@@ -576,7 +560,26 @@ static int _pam_assemble_line(FILE *f, char *buffer, int buf_len)
return used;
}
-typedef int (*servicefn)(pam_handle_t *, int, int, char **);
+static char *
+extract_modulename(const char *mod_path)
+{
+ const char *p = strrchr (mod_path, '/');
+ char *dot, *retval;
+
+ if (p == NULL)
+ p = mod_path;
+ else
+ p++;
+
+ if ((retval = _pam_strdup (p)) == NULL)
+ return NULL;
+
+ dot = strrchr (retval, '.');
+ if (dot)
+ *dot = '\0';
+
+ return retval;
+}
int _pam_add_handler(pam_handle_t *pamh
, int must_fail, int other, int type
@@ -589,10 +592,10 @@ int _pam_add_handler(pam_handle_t *pamh
struct handler **handler_p2;
struct handlers *the_handlers;
const char *sym, *sym2;
-#ifdef PAM_SHL
- const char *_sym, *_sym2;
+ char *mod_full_path=NULL;
+#ifndef PAM_STATIC
+ char *mod_full_isa_path=NULL, *isa=NULL;
#endif
- char *mod_full_path=NULL, *mod_full_isa_path=NULL, *isa=NULL;
servicefn func, func2;
int success;
@@ -605,13 +608,13 @@ int _pam_add_handler(pam_handle_t *pamh
if (mod_path[0] == '/') {
break;
}
- mod_full_path = malloc(sizeof(DEFAULT_MODULE_PATH)+strlen(mod_path));
- if (mod_full_path) {
- sprintf(mod_full_path, DEFAULT_MODULE_PATH "%s", mod_path);
+ if (asprintf(&mod_full_path, "%s%s",
+ DEFAULT_MODULE_PATH, mod_path) >= 0) {
mod_path = mod_full_path;
break;
}
- _pam_system_log(LOG_CRIT, "cannot malloc full mod path");
+ mod_full_path = NULL;
+ pam_syslog(pamh, LOG_CRIT, "cannot malloc full mod path");
case 0:
mod_path = UNKNOWN_MODULE_PATH;
}
@@ -635,7 +638,7 @@ int _pam_add_handler(pam_handle_t *pamh
*sizeof(struct loaded_module));
if (tmp == NULL) {
D(("cannot enlarge module pointer memory"));
- _pam_system_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"realloc returned NULL in _pam_add_handler");
_pam_drop(mod_full_path);
return PAM_ABORT;
@@ -647,21 +650,36 @@ int _pam_add_handler(pam_handle_t *pamh
/* Be pessimistic... */
success = PAM_ABORT;
-#ifdef PAM_DYNAMIC
- D(("_pam_add_handler: dlopen(%s) -> %lx", mod_path, &mod->dl_handle));
- mod->dl_handle =
-# ifdef PAM_SHL
- shl_load(mod_path, BIND_IMMEDIATE, 0L);
-# else /* PAM_SHL */
- dlopen(mod_path, RTLD_NOW);
-# endif /* PAM_SHL */
+#ifdef PAM_STATIC
+ /* Only load static function if function was not found dynamically.
+ * This code should work even if no dynamic loading is available. */
+ if (success != PAM_SUCCESS) {
+ D(("_pam_add_handler: open static handler %s", mod_path));
+ mod->dl_handle = _pam_open_static_handler(pamh, mod_path);
+ if (mod->dl_handle == NULL) {
+ D(("_pam_add_handler: unable to find static handler %s",
+ mod_path));
+ pam_syslog(pamh, LOG_ERR,
+ "unable to open static handler %s", mod_path);
+ /* Didn't find module in dynamic or static..will mark bad */
+ } else {
+ D(("static module added successfully"));
+ success = PAM_SUCCESS;
+ mod->type = PAM_MT_STATIC_MOD;
+ pamh->handlers.modules_used++;
+ }
+ }
+#else
+ D(("_pam_add_handler: _pam_dlopen(%s)", mod_path));
+ mod->dl_handle = _pam_dlopen(mod_path);
+ D(("_pam_add_handler: _pam_dlopen'ed"));
D(("_pam_add_handler: dlopen'ed"));
if (mod->dl_handle == NULL) {
if (strstr(mod_path, "$ISA")) {
mod_full_isa_path = malloc(strlen(mod_path) + strlen(_PAM_ISA) + 1);
if (mod_full_isa_path == NULL) {
D(("_pam_handler: couldn't get memory for mod_path"));
- _pam_system_log(LOG_ERR, "no memory for module path");
+ pam_syslog(pamh, LOG_ERR, "no memory for module path");
success = PAM_ABORT;
} else {
strcpy(mod_full_isa_path, mod_path);
@@ -670,22 +688,15 @@ int _pam_add_handler(pam_handle_t *pamh
memmove(isa + strlen(_PAM_ISA), isa + 4, strlen(isa + 4) + 1);
memmove(isa, _PAM_ISA, strlen(_PAM_ISA));
}
- mod->dl_handle =
-# ifdef PAM_SHL
- shl_load(mod_full_isa_path, BIND_IMMEDIATE, 0L);
-# else /* PAM_SHL */
- dlopen(mod_full_isa_path, RTLD_NOW);
-# endif /* PAM_SHL */
+ mod->dl_handle = _pam_dlopen(mod_full_isa_path);
_pam_drop(mod_full_isa_path);
}
}
}
if (mod->dl_handle == NULL) {
- D(("_pam_add_handler: dlopen(%s) failed", mod_path));
- _pam_system_log(LOG_ERR, "unable to dlopen(%s)", mod_path);
-# ifndef PAM_SHL
- _pam_system_log(LOG_ERR, "[dlerror: %s]", dlerror());
-# endif /* PAM_SHL */
+ D(("_pam_add_handler: _pam_dlopen(%s) failed", mod_path));
+ pam_syslog(pamh, LOG_ERR, "unable to dlopen(%s)", mod_path);
+ pam_syslog(pamh, LOG_ERR, "[error: %s]", _pam_dlerror());
/* Don't abort yet; static code may be able to find function.
* But defaults to abort if nothing found below... */
} else {
@@ -695,39 +706,19 @@ int _pam_add_handler(pam_handle_t *pamh
pamh->handlers.modules_used++;
}
#endif
-#ifdef PAM_STATIC
- /* Only load static function if function was not found dynamically.
- * This code should work even if no dynamic loading is available. */
- if (success != PAM_SUCCESS) {
- D(("_pam_add_handler: open static handler %s", mod_path));
- mod->dl_handle = _pam_open_static_handler(mod_path);
- if (mod->dl_handle == NULL) {
- D(("_pam_add_handler: unable to find static handler %s",
- mod_path));
- _pam_system_log(LOG_ERR,
- "unable to open static handler %s", mod_path);
- /* Didn't find module in dynamic or static..will mark bad */
- } else {
- D(("static module added successfully"));
- success = PAM_SUCCESS;
- mod->type = PAM_MT_STATIC_MOD;
- pamh->handlers.modules_used++;
- }
- }
-#endif
if (success != PAM_SUCCESS) { /* add a malformed module */
mod->dl_handle = NULL;
mod->type = PAM_MT_FAULTY_MOD;
pamh->handlers.modules_used++;
- _pam_system_log(LOG_ERR, "adding faulty module: %s", mod_path);
+ pam_syslog(pamh, LOG_ERR, "adding faulty module: %s", mod_path);
success = PAM_SUCCESS; /* We have successfully added a module */
}
/* indicate its name - later we will search for it by this */
if ((mod->name = _pam_strdup(mod_path)) == NULL) {
D(("_pam_handler: couldn't get memory for mod_path"));
- _pam_system_log(LOG_ERR, "no memory for module path");
+ pam_syslog(pamh, LOG_ERR, "no memory for module path");
success = PAM_ABORT;
}
@@ -756,46 +747,29 @@ int _pam_add_handler(pam_handle_t *pamh
handler_p = handler_p2 = NULL;
func = func2 = NULL;
-#ifdef PAM_SHL
- _sym2 =
-#endif /* PAM_SHL */
sym2 = NULL;
/* point handler_p's at the root addresses of the function stacks */
switch (type) {
case PAM_T_AUTH:
handler_p = &the_handlers->authenticate;
- sym = SHLIB_SYM_PREFIX "pam_sm_authenticate";
+ sym = "pam_sm_authenticate";
handler_p2 = &the_handlers->setcred;
- sym2 = SHLIB_SYM_PREFIX "pam_sm_setcred";
-#ifdef PAM_SHL
- _sym = "_pam_sm_authenticate";
- _sym2 = "_pam_sm_setcred";
-#endif
+ sym2 = "pam_sm_setcred";
break;
case PAM_T_SESS:
handler_p = &the_handlers->open_session;
- sym = SHLIB_SYM_PREFIX "pam_sm_open_session";
+ sym = "pam_sm_open_session";
handler_p2 = &the_handlers->close_session;
- sym2 = SHLIB_SYM_PREFIX "pam_sm_close_session";
-#ifdef PAM_SHL
- _sym = "_pam_sm_open_session";
- _sym2 = "_pam_sm_close_session";
-#endif
+ sym2 = "pam_sm_close_session";
break;
case PAM_T_ACCT:
handler_p = &the_handlers->acct_mgmt;
- sym = SHLIB_SYM_PREFIX "pam_sm_acct_mgmt";
-#ifdef PAM_SHL
- _sym = "_pam_sm_acct_mgmt";
-#endif
+ sym = "pam_sm_acct_mgmt";
break;
case PAM_T_PASS:
handler_p = &the_handlers->chauthtok;
- sym = SHLIB_SYM_PREFIX "pam_sm_chauthtok";
-#ifdef PAM_SHL
- _sym = "_pam_sm_chauthtok";
-#endif
+ sym = "pam_sm_chauthtok";
break;
default:
/* Illegal module type */
@@ -805,18 +779,17 @@ int _pam_add_handler(pam_handle_t *pamh
/* are the modules reliable? */
if (
-#ifdef PAM_DYNAMIC
- mod->type != PAM_MT_DYNAMIC_MOD
- &&
-#endif /* PAM_DYNAMIC */
#ifdef PAM_STATIC
mod->type != PAM_MT_STATIC_MOD
&&
-#endif /* PAM_STATIC */
+#else
+ mod->type != PAM_MT_DYNAMIC_MOD
+ &&
+#endif
mod->type != PAM_MT_FAULTY_MOD
) {
D(("_pam_add_handlers: illegal module library type; %d", mod->type));
- _pam_system_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"internal error: module library type not known: %s;%d",
sym, mod->type);
return PAM_ABORT;
@@ -824,42 +797,28 @@ int _pam_add_handler(pam_handle_t *pamh
/* now identify this module's functions - for non-faulty modules */
-#ifdef PAM_DYNAMIC
- if ((mod->type == PAM_MT_DYNAMIC_MOD) &&
-# ifdef PAM_SHL
- (shl_findsym(&mod->dl_handle, sym, (short) TYPE_PROCEDURE, &func) &&
- shl_findsym(&mod->dl_handle, _sym, (short) TYPE_PROCEDURE, &func))
-# else /* PAM_SHL */
- (func = (servicefn) dlsym(mod->dl_handle, sym)) == NULL
-# endif /* PAM_SHL */
- ) {
- _pam_system_log(LOG_ERR, "unable to resolve symbol: %s", sym);
- }
-#endif
#ifdef PAM_STATIC
if ((mod->type == PAM_MT_STATIC_MOD) &&
(func = (servicefn)_pam_get_static_sym(mod->dl_handle, sym)) == NULL) {
- _pam_system_log(LOG_ERR, "unable to resolve static symbol: %s", sym);
+ pam_syslog(pamh, LOG_ERR, "unable to resolve static symbol: %s", sym);
+ }
+#else
+ if ((mod->type == PAM_MT_DYNAMIC_MOD) &&
+ !(func = _pam_dlsym(mod->dl_handle, sym)) ) {
+ pam_syslog(pamh, LOG_ERR, "unable to resolve symbol: %s", sym);
}
#endif
if (sym2) {
-#ifdef PAM_DYNAMIC
- if ((mod->type == PAM_MT_DYNAMIC_MOD) &&
-# ifdef PAM_SHL
- (shl_findsym(&mod->dl_handle,sym2,(short)TYPE_PROCEDURE, &func2)&&
- shl_findsym(&mod->dl_handle,_sym2,(short)TYPE_PROCEDURE, &func2))
-# else /* PAM_SHL */
- (func2 = (servicefn) dlsym(mod->dl_handle, sym2)) == NULL
-# endif /* PAM_SHL */
- ) {
- _pam_system_log(LOG_ERR, "unable to resolve symbol: %s", sym2);
- }
-#endif
#ifdef PAM_STATIC
if ((mod->type == PAM_MT_STATIC_MOD) &&
(func2 = (servicefn)_pam_get_static_sym(mod->dl_handle, sym2))
== NULL) {
- _pam_system_log(LOG_ERR, "unable to resolve symbol: %s", sym2);
+ pam_syslog(pamh, LOG_ERR, "unable to resolve symbol: %s", sym2);
+ }
+#else
+ if ((mod->type == PAM_MT_DYNAMIC_MOD) &&
+ !(func2 = _pam_dlsym(mod->dl_handle, sym2)) ) {
+ pam_syslog(pamh, LOG_ERR, "unable to resolve symbol: %s", sym2);
}
#endif
}
@@ -872,7 +831,7 @@ int _pam_add_handler(pam_handle_t *pamh
}
if ((*handler_p = malloc(sizeof(struct handler))) == NULL) {
- _pam_system_log(LOG_CRIT, "cannot malloc struct handler #1");
+ pam_syslog(pamh, LOG_CRIT, "cannot malloc struct handler #1");
return (PAM_ABORT);
}
@@ -883,6 +842,7 @@ int _pam_add_handler(pam_handle_t *pamh
(*handler_p)->cached_retval_p = &((*handler_p)->cached_retval);
(*handler_p)->argc = argc;
(*handler_p)->argv = argv; /* not a copy */
+ (*handler_p)->mod_name = extract_modulename(mod->name);
(*handler_p)->next = NULL;
/* some of the modules have a second calling function */
@@ -893,7 +853,7 @@ int _pam_add_handler(pam_handle_t *pamh
}
if ((*handler_p2 = malloc(sizeof(struct handler))) == NULL) {
- _pam_system_log(LOG_CRIT, "cannot malloc struct handler #2");
+ pam_syslog(pamh, LOG_CRIT, "cannot malloc struct handler #2");
return (PAM_ABORT);
}
@@ -906,13 +866,14 @@ int _pam_add_handler(pam_handle_t *pamh
(*handler_p2)->argc = argc;
if (argv) {
if (((*handler_p2)->argv = malloc(argvlen)) == NULL) {
- _pam_system_log(LOG_CRIT, "cannot malloc argv for handler #2");
+ pam_syslog(pamh, LOG_CRIT, "cannot malloc argv for handler #2");
return (PAM_ABORT);
}
memcpy((*handler_p2)->argv, argv, argvlen);
} else {
(*handler_p2)->argv = NULL; /* no arguments */
}
+ (*handler_p2)->mod_name = extract_modulename(mod->name);
(*handler_p2)->next = NULL;
}
@@ -936,13 +897,9 @@ int _pam_free_handlers(pam_handle_t *pamh)
while (pamh->handlers.modules_used) {
D(("_pam_free_handlers: dlclose(%s)", mod->name));
free(mod->name);
-#ifdef PAM_DYNAMIC
+#ifndef PAM_STATIC
if (mod->type == PAM_MT_DYNAMIC_MOD) {
-# ifdef PAM_SHL
- shl_unload(mod->dl_handle);
-# else
- dlclose(mod->dl_handle);
-# endif
+ _pam_dlclose(mod->dl_handle);
}
#endif
mod++;
@@ -1015,6 +972,7 @@ void _pam_free_handlers_aux(struct handler **hp)
while (h) {
last = h;
_pam_drop(h->argv); /* This is all alocated in a single chunk */
+ _pam_drop(h->mod_name);
h = h->next;
memset(last, 0, sizeof(*last));
free(last);
diff --git a/Linux-PAM/libpam/pam_item.c b/Linux-PAM/libpam/pam_item.c
index 1425c600..41d5b816 100644
--- a/Linux-PAM/libpam/pam_item.c
+++ b/Linux-PAM/libpam/pam_item.c
@@ -1,7 +1,7 @@
/* pam_item.c */
/*
- * $Id: pam_item.c,v 1.5 2004/09/22 09:37:47 kukuk Exp $
+ * $Id: pam_item.c,v 1.13 2006/03/12 10:26:30 kukuk Exp $
*/
#include "pam_private.h"
@@ -21,10 +21,6 @@
} \
}
-/* handy version id */
-
-unsigned int __libpam_version = LIBPAM_VERSION;
-
/* functions */
int pam_set_item (pam_handle_t *pamh, int item_type, const void *item)
@@ -34,7 +30,7 @@ int pam_set_item (pam_handle_t *pamh, int item_type, const void *item)
D(("called"));
IF_NO_PAMH("pam_set_item", pamh, PAM_SYSTEM_ERR);
-
+
retval = PAM_SUCCESS;
switch (item_type) {
@@ -54,10 +50,12 @@ int pam_set_item (pam_handle_t *pamh, int item_type, const void *item)
case PAM_USER:
RESET(pamh->user, item);
+ pamh->former.fail_user = PAM_SUCCESS;
break;
case PAM_USER_PROMPT:
RESET(pamh->prompt, item);
+ pamh->former.fail_user = PAM_SUCCESS;
break;
case PAM_TTY:
@@ -115,22 +113,23 @@ int pam_set_item (pam_handle_t *pamh, int item_type, const void *item)
case PAM_CONV: /* want to change the conversation function */
if (item == NULL) {
- _pam_system_log(LOG_ERR,
- "pam_set_item: attempt to set conv() to NULL");
+ pam_syslog(pamh, LOG_ERR,
+ "pam_set_item: attempt to set conv() to NULL");
retval = PAM_PERM_DENIED;
} else {
struct pam_conv *tconv;
-
+
if ((tconv=
(struct pam_conv *) malloc(sizeof(struct pam_conv))
) == NULL) {
- _pam_system_log(LOG_CRIT,
+ pam_syslog(pamh, LOG_CRIT,
"pam_set_item: malloc failed for pam_conv");
retval = PAM_BUF_ERR;
} else {
memcpy(tconv, item, sizeof(struct pam_conv));
_pam_drop(pamh->pam_conversation);
pamh->pam_conversation = tconv;
+ pamh->former.fail_user = PAM_SUCCESS;
}
}
break;
@@ -154,7 +153,7 @@ int pam_get_item (const pam_handle_t *pamh, int item_type, const void **item)
IF_NO_PAMH("pam_get_item", pamh, PAM_SYSTEM_ERR);
if (item == NULL) {
- _pam_system_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"pam_get_item: nowhere to place requested item");
return PAM_PERM_DENIED;
}
@@ -224,7 +223,7 @@ int pam_get_item (const pam_handle_t *pamh, int item_type, const void **item)
default:
retval = PAM_BAD_ITEM;
}
-
+
return retval;
}
@@ -240,16 +239,18 @@ int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt)
struct pam_response *resp;
D(("called."));
- if (user == NULL) { /* ensure that the module has supplied a destination */
- _pam_system_log(LOG_ERR, "pam_get_user: nowhere to record username");
+
+ IF_NO_PAMH("pam_get_user", pamh, PAM_SYSTEM_ERR);
+
+ if (user == NULL) {
+ /* ensure that the module has supplied a destination */
+ pam_syslog(pamh, LOG_ERR, "pam_get_user: nowhere to record username");
return PAM_PERM_DENIED;
} else
*user = NULL;
-
- IF_NO_PAMH("pam_get_user", pamh, PAM_SYSTEM_ERR);
if (pamh->pam_conversation == NULL) {
- _pam_system_log(LOG_ERR, "pam_get_user: no conv element in pamh");
+ pam_syslog(pamh, LOG_ERR, "pam_get_user: no conv element in pamh");
return PAM_SERVICE_ERR;
}
@@ -258,21 +259,23 @@ int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt)
return PAM_SUCCESS;
}
+ if (pamh->former.fail_user != PAM_SUCCESS)
+ return pamh->former.fail_user;
+
/* will need a prompt */
- use_prompt = prompt;
- if (use_prompt == NULL) {
- use_prompt = pamh->prompt;
- if (use_prompt == NULL) {
- use_prompt = PAM_DEFAULT_PROMPT;
- }
- }
+ if (prompt != NULL)
+ use_prompt = prompt;
+ else if (pamh->prompt != NULL)
+ use_prompt = pamh->prompt;
+ else
+ use_prompt = _("login:");
/* If we are resuming an old conversation, we verify that the prompt
is the same. Anything else is an error. */
if (pamh->former.want_user) {
/* must have a prompt to resume with */
if (! pamh->former.prompt) {
- _pam_system_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"pam_get_user: failed to resume with prompt"
);
return PAM_ABORT;
@@ -280,7 +283,7 @@ int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt)
/* must be the same prompt as last time */
if (strcmp(pamh->former.prompt, use_prompt)) {
- _pam_system_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"pam_get_user: resumed with different prompt");
return PAM_ABORT;
}
@@ -312,6 +315,7 @@ int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt)
*/
D(("pam_get_user: no response provided"));
retval = PAM_CONV_ERR;
+ pamh->former.fail_user = retval;
} else if (retval == PAM_SUCCESS) { /* copy the username */
/*
* now we set the PAM_USER item -- this was missing from pre.53
@@ -320,9 +324,13 @@ int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt)
*/
RESET(pamh->user, resp->resp);
*user = pamh->user;
- }
+ } else
+ pamh->former.fail_user = retval;
if (resp) {
+ if (retval != PAM_SUCCESS)
+ pam_syslog(pamh, LOG_WARNING,
+ "unexpected response from failed conversation function");
/*
* note 'resp' is allocated by the application and is
* correctly free()'d here
diff --git a/Linux-PAM/libpam/pam_log.c b/Linux-PAM/libpam/pam_log.c
deleted file mode 100644
index c42fe015..00000000
--- a/Linux-PAM/libpam/pam_log.c
+++ /dev/null
@@ -1,375 +0,0 @@
-/*
- * pam_log.c -- PAM system logging
- *
- * $Id: pam_log.c,v 1.2 2000/11/19 23:54:02 agmorgan Exp $
- *
- */
-
-#include "pam_private.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdarg.h>
-
-#ifdef __hpux
-# include <stdio.h>
-# include <syslog.h>
-# ifdef __STDC__
-# ifndef __P
-# define __P(p) p
-# endif /* __P */
-# include <stdarg.h>
-# define VA_LOCAL_DECL va_list ap;
-# define VA_START(f) va_start(ap, f)
-# define VA_END va_end(ap)
-# else /* __STDC__ */
-# ifndef __P
-# define __P(p) ()
-# endif /* __P */
-# include <varargs.h>
-# define VA_LOCAL_DECL va_list ap;
-# define VA_START(f) va_start(ap)
-# define VA_END va_end(ap)
-# endif /* __STDC__ */
-/**************************************************************
- * Patrick Powell Tue Apr 11 09:48:21 PDT 1995
- * A bombproof version of doprnt (dopr) included.
- * Sigh. This sort of thing is always nasty do deal with. Note that
- * the version here does not include floating point...
- *
- * snprintf() is used instead of sprintf() as it does limit checks
- * for string length. This covers a nasty loophole.
- *
- * The other functions are there to prevent NULL pointers from
- * causing nast effects.
- **************************************************************/
-
-static void dopr();
-static char *end;
-# ifndef _SCO_DS
-/* VARARGS3 */
-int
-# ifdef __STDC__
-snprintf(char *str, size_t count, const char *fmt, ...)
-# else /* __STDC__ */
-snprintf(str, count, fmt, va_alist)
- char *str;
- size_t count;
- const char *fmt;
- va_dcl
-# endif /* __STDC__ */
-{
- int len;
- VA_LOCAL_DECL
-
- VA_START(fmt);
- len = vsnprintf(str, count, fmt, ap);
- VA_END;
- return len;
-}
-# endif /* _SCO_DS */
-
-int
-# ifdef __STDC__
-vsnprintf(char *str, size_t count, const char *fmt, va_list args)
-# else /* __STDC__ */
-vsnprintf(str, count, fmt, args)
- char *str;
- int count;
- char *fmt;
- va_list args;
-# endif /* __STDC__ */
-{
- str[0] = 0;
- end = str + count - 1;
- dopr( str, fmt, args );
- if (count > 0)
- end[0] = 0;
- return strlen(str);
-}
-
-/*
- * dopr(): poor man's version of doprintf
- */
-
-static void fmtstr __P((char *value, int ljust, int len, int zpad,
- int maxwidth));
-static void fmtnum __P((long value, int base, int dosign, int ljust, int len,
- int zpad));
-static void dostr __P(( char * , int ));
-static char *output;
-static void dopr_outch __P(( int c ));
-
-static void
-# ifdef __STDC__
-dopr(char * buffer, const char * format, va_list args )
-# else /* __STDC__ */
-dopr( buffer, format, args )
- char *buffer;
- char *format;
- va_list args;
-# endif /* __STDC__ */
-{
- int ch;
- long value;
- int longflag = 0;
- int pointflag = 0;
- int maxwidth = 0;
- char *strvalue;
- int ljust;
- int len;
- int zpad;
-
- output = buffer;
- while( (ch = *format++) ){
- switch( ch ){
- case '%':
- ljust = len = zpad = maxwidth = 0;
- longflag = pointflag = 0;
- nextch:
- ch = *format++;
- switch( ch ){
- case 0:
- dostr( "**end of format**" , 0);
- return;
- case '-': ljust = 1; goto nextch;
- case '0': /* set zero padding if len not set */
- if(len==0 && !pointflag) zpad = '0';
- case '1': case '2': case '3':
- case '4': case '5': case '6':
- case '7': case '8': case '9':
- if (pointflag)
- maxwidth = maxwidth*10 + ch - '0';
- else
- len = len*10 + ch - '0';
- goto nextch;
- case '*':
- if (pointflag)
- maxwidth = va_arg( args, int );
- else
- len = va_arg( args, int );
- goto nextch;
- case '.': pointflag = 1; goto nextch;
- case 'l': longflag = 1; goto nextch;
- case 'u': case 'U':
- /*fmtnum(value,base,dosign,ljust,len,zpad) */
- if( longflag ){
- value = va_arg( args, long );
- } else {
- value = va_arg( args, int );
- }
- fmtnum( value, 10,0, ljust, len, zpad ); break;
- case 'o': case 'O':
- /*fmtnum(value,base,dosign,ljust,len,zpad) */
- if( longflag ){
- value = va_arg( args, long );
- } else {
- value = va_arg( args, int );
- }
- fmtnum( value, 8,0, ljust, len, zpad ); break;
- case 'd': case 'D':
- if( longflag ){
- value = va_arg( args, long );
- } else {
- value = va_arg( args, int );
- }
- fmtnum( value, 10,1, ljust, len, zpad ); break;
- case 'x':
- if( longflag ){
- value = va_arg( args, long );
- } else {
- value = va_arg( args, int );
- }
- fmtnum( value, 16,0, ljust, len, zpad ); break;
- case 'X':
- if( longflag ){
- value = va_arg( args, long );
- } else {
- value = va_arg( args, int );
- }
- fmtnum( value,-16,0, ljust, len, zpad ); break;
- case 's':
- strvalue = va_arg( args, char *);
- if (maxwidth > 0 || !pointflag) {
- if (pointflag && len > maxwidth)
- len = maxwidth; /* Adjust padding */
- fmtstr( strvalue,ljust,len,zpad, maxwidth);
- }
- break;
- case 'c':
- ch = va_arg( args, int );
- dopr_outch( ch ); break;
- case '%': dopr_outch( ch ); continue;
- default:
- dostr( "???????" , 0);
- }
- break;
- default:
- dopr_outch( ch );
- break;
- }
- }
- *output = 0;
-}
-
-static void
-fmtstr( value, ljust, len, zpad, maxwidth )
- char *value;
- int ljust, len, zpad, maxwidth;
-{
- int padlen, strlen; /* amount to pad */
-
- if( value == 0 ){
- value = "<NULL>";
- }
- for( strlen = 0; value[strlen]; ++ strlen ); /* strlen */
- if (strlen > maxwidth && maxwidth)
- strlen = maxwidth;
- padlen = len - strlen;
- if( padlen < 0 ) padlen = 0;
- if( ljust ) padlen = -padlen;
- while( padlen > 0 ) {
- dopr_outch( ' ' );
- --padlen;
- }
- dostr( value, maxwidth );
- while( padlen < 0 ) {
- dopr_outch( ' ' );
- ++padlen;
- }
-}
-
-static void
-fmtnum( value, base, dosign, ljust, len, zpad )
- long value;
- int base, dosign, ljust, len, zpad;
-{
- int signvalue = 0;
- unsigned long uvalue;
- char convert[20];
- int place = 0;
- int padlen = 0; /* amount to pad */
- int caps = 0;
-
- /* DEBUGP(("value 0x%x, base %d, dosign %d, ljust %d, len %d, zpad %d\n",
- value, base, dosign, ljust, len, zpad )); */
- uvalue = value;
- if( dosign ){
- if( value < 0 ) {
- signvalue = '-';
- uvalue = -value;
- }
- }
- if( base < 0 ){
- caps = 1;
- base = -base;
- }
- do{
- convert[place++] =
- (caps? "0123456789ABCDEF":"0123456789abcdef")
- [uvalue % (unsigned)base ];
- uvalue = (uvalue / (unsigned)base );
- }while(uvalue);
- convert[place] = 0;
- padlen = len - place;
- if( padlen < 0 ) padlen = 0;
- if( ljust ) padlen = -padlen;
- /* DEBUGP(( "str '%s', place %d, sign %c, padlen %d\n",
- convert,place,signvalue,padlen)); */
- if( zpad && padlen > 0 ){
- if( signvalue ){
- dopr_outch( signvalue );
- --padlen;
- signvalue = 0;
- }
- while( padlen > 0 ){
- dopr_outch( zpad );
- --padlen;
- }
- }
- while( padlen > 0 ) {
- dopr_outch( ' ' );
- --padlen;
- }
- if( signvalue ) dopr_outch( signvalue );
- while( place > 0 ) dopr_outch( convert[--place] );
- while( padlen < 0 ){
- dopr_outch( ' ' );
- ++padlen;
- }
-}
-
-static void
-dostr( str , cut)
- char *str;
- int cut;
-{
- if (cut) {
- while(*str && cut-- > 0) dopr_outch(*str++);
- } else {
- while(*str) dopr_outch(*str++);
- }
-}
-
-static void
-dopr_outch( c )
- int c;
-{
- if( end == 0 || output < end )
- *output++ = c;
-}
-
-int
-# ifdef __STDC__
-vsyslog(int priority, const char *fmt, ...)
-# else /* __STDC__ */
-vsyslog(priority, fmt, va_alist)
- int priority;
- const char *fmt;
- va_dcl
-# endif /* __STDC__ */
-{
- VA_LOCAL_DECL
- char logbuf[BUFSIZ];
-
- VA_START(fmt);
-
- vsnprintf(logbuf, BUFSIZ, fmt, ap);
- syslog(priority, "%s", logbuf);
-
- VA_END;
-}
-#endif /* __hpux */
-
-/* internal logging function */
-
-void _pam_system_log(int priority, const char *format, ... )
-{
- va_list args;
- char *eformat;
-
- D(("pam_system_log called"));
-
- if (format == NULL) {
- D(("NULL format to _pam_system_log() call"));
- return;
- }
-
- va_start(args, format);
-
- eformat = malloc(sizeof(_PAM_SYSTEM_LOG_PREFIX)+strlen(format));
- if (eformat != NULL) {
- strcpy(eformat, _PAM_SYSTEM_LOG_PREFIX);
- strcpy(eformat + sizeof(_PAM_SYSTEM_LOG_PREFIX) - 1, format);
- vsyslog(priority, eformat, args);
- _pam_overwrite(eformat);
- _pam_drop(eformat);
- } else {
- vsyslog(priority, format, args);
- }
-
- va_end(args);
-
- D(("done."));
-}
-
diff --git a/Linux-PAM/libpam/pam_malloc.c b/Linux-PAM/libpam/pam_malloc.c
deleted file mode 100644
index 98b35f62..00000000
--- a/Linux-PAM/libpam/pam_malloc.c
+++ /dev/null
@@ -1,418 +0,0 @@
-/*
- * $Id: pam_malloc.c,v 1.5 2001/12/09 21:44:58 agmorgan Exp $
- */
-
-/*
- * This pair of files helps to locate memory leaks. It is a wrapper for
- * the malloc family of calls. (Actutally, it currently only deals
- * with calloc, malloc, realloc, free, strdup and exit)
- *
- * To use these functions the header "pam_malloc.h" must be included
- * in all parts of the code (that use the malloc functions) and this
- * file must be linked with the result. The pam_malloc_flags can be
- * set from another function and determine the level of logging.
- *
- * The output is via the macros defined in _pam_macros.h
- *
- * It is a debugging tool and should be turned off in released code.
- *
- * This suite was written by Andrew Morgan <morgan@kernel.org> for
- * Linux-PAM.
- */
-
-#ifndef DEBUG
-#define DEBUG
-#endif
-#include "pam_private.h"
-
-#include <security/pam_malloc.h>
-#include <security/_pam_macros.h>
-
-/* this must be done to stop infinite recursion! */
-#undef malloc
-#undef calloc
-#undef free
-#undef realloc
-#undef exit
-#undef strdup
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-
-/*
- * default debugging level
- */
-
-int pam_malloc_flags = PAM_MALLOC_ALL;
-int pam_malloc_delay_length = 4;
-
-#define on(x) ((pam_malloc_flags&(x))==(x))
-
-/*
- * the implementation
- */
-
-static const char *last_fn=NULL;
-static const char *last_file=NULL;
-static const char *last_call=NULL;
-static int last_line = 1;
-
-#define err(x) { _pam_output_xdebug_info(); _pam_output_debug x ; }
-
-static void set_last_(const char *x, const char *f
- , const char *fn, const int l)
-{
- last_fn = x ? x : "error-in-pam_malloc..";
- last_file = f ? f : "*bad-file*";
- last_call = fn ? fn: "*bad-fn*";
- last_line = l;
-}
-
-static void _pam_output_xdebug_info(void)
-{
- FILE *logfile;
- int must_close = 1, fd;
-
-#ifdef O_NOFOLLOW
- if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) {
-#else
- if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) {
-#endif
- if (!(logfile = fdopen(fd,"a"))) {
- logfile = stderr;
- must_close = 0;
- close(fd);
- }
- } else {
- logfile = stderr;
- must_close = 0;
- }
- fprintf(logfile, "[%s:%s(%d)->%s()] ",
- last_file, last_call, last_line, last_fn);
- fflush(logfile);
- if (must_close)
- fclose(logfile);
-}
-
-static void hinder(void)
-{
- if (on(PAM_MALLOC_PAUSE)) {
- if (on(0)) err(("pause requested"));
- sleep(pam_malloc_delay_length);
- }
-
- if (on(PAM_MALLOC_STOP)) {
- if (on(0)) err(("stop requested"));
- exit(1);
- }
-}
-
-/*
- * here are the memory pointer registering functions.. these actually
- * use malloc(!) but that's ok! ;^)
- */
-
-struct reference {
- void *ptr; /* pointer */
- int nelements; /* number of elements */
- int size; /* - each of this size */
- char *file; /* where it was requested - filename */
- char *function; /* - function */
- int line; /* - line number */
-/*
- * linking info
- */
- struct reference *next;
-};
-
-static void _dump(const char *say, const struct reference *ref)
-{
- _pam_output_debug(" <%s: %p (#%d of %d) req. by %s(); %s line %d>"
- , say
- , ref->ptr,ref->nelements,ref->size
- , ref->function,ref->file,ref->line);
-}
-
-static struct reference *root=NULL;
-
-static char *_strdup(const char *x)
-{
- char *s;
-
- s = (char *)malloc(strlen(x)+1);
- if (s == NULL) {
- if (on(0)) err(("_strdup failed"));
- exit(1);
- }
-
- strcpy(s,x);
- return s;
-}
-
-static void add_new_ref(void *new, int n, int size)
-{
- struct reference *ref=NULL;
-
- ref = (struct reference *) malloc( sizeof(struct reference) );
- if (new == NULL || ref == NULL) {
- if (on(0)) err(("internal error {add_new_ref}"));
- exit(1);
- }
-
- ref->ptr = new;
- ref->nelements = n;
- ref->size = size;
-
- ref->file = _strdup(last_file);
- ref->function = _strdup(last_call);
- ref->line = last_line;
-
- ref->next = root;
-
- if (on(PAM_MALLOC_REQUEST)) {
- _dump("new_ptr", ref);
- }
-
- root = ref;
-}
-
-static void del_old_ref(void *old)
-{
- struct reference *this,*last;
-
- if (old == NULL) {
- if (on(0)) err(("internal error {del_old_ref}"));
- exit(1);
- }
-
- /* locate old pointer */
-
- last = NULL;
- this = root;
- while (this) {
- if (this->ptr == old)
- break;
- last = this;
- this = this->next;
- }
-
- /* Did we find a reference ? */
-
- if (this) {
- if (on(PAM_MALLOC_FREE)) {
- _dump("free old_ptr", this);
- }
- if (last == NULL) {
- root = this->next;
- } else {
- last->next = this->next;
- }
- free(this->file);
- free(this->function);
- free(this);
- } else {
- if (on(0)) err(("ERROR!: bad memory"));
- hinder();
- }
-}
-
-static void verify_old_ref(void *old)
-{
- struct reference *this;
-
- if (old == NULL) {
- if (on(0)) err(("internal error {verify_old_ref}"));
- exit(1);
- }
-
- /* locate old pointer */
-
- this = root;
- while (this) {
- if (this->ptr == old)
- break;
- this = this->next;
- }
-
- /* Did we find a reference ? */
-
- if (this) {
- if (on(PAM_MALLOC_VERIFY)) {
- _dump("verify_ptr", this);
- }
- } else {
- if (on(0)) err(("ERROR!: bad request"));
- hinder();
- }
-}
-
-static void dump_memory_list(const char *dump)
-{
- struct reference *this;
-
- this = root;
- if (this) {
- if (on(0)) err(("un-free()'d memory"));
- while (this) {
- _dump(dump, this);
- this = this->next;
- }
- } else {
- if (on(0)) err(("no memory allocated"));
- }
-}
-
-/* now for the wrappers */
-
-#define _fn(x) set_last_(x,file,fn,line)
-
-void *pam_malloc(size_t size, const char *file, const char *fn, const int line)
-{
- void *new;
-
- _fn("malloc");
-
- if (on(PAM_MALLOC_FUNC)) err(("request for %d", size));
-
- new = malloc(size);
- if (new == NULL) {
- if (on(PAM_MALLOC_FAIL)) err(("returned NULL"));
- } else {
- if (on(PAM_MALLOC_REQUEST)) err(("request new"));
- add_new_ref(new, 1, size);
- }
-
- return new;
-}
-
-void *pam_calloc(size_t nelm, size_t size
- , const char *file, const char *fn, const int line)
-{
- void *new;
-
- _fn("calloc");
-
- if (on(PAM_MALLOC_FUNC)) err(("request for %d of %d", nelm, size));
-
- new = calloc(nelm,size);
- if (new == NULL) {
- if (on(PAM_MALLOC_FAIL)) err(("returned NULL"));
- } else {
- if (on(PAM_MALLOC_REQUEST)) err(("request new"));
- add_new_ref(new, nelm, size);
- }
-
- return new;
-}
-
-void pam_free(void *ptr
- , const char *file, const char *fn, const int line)
-{
- _fn("free");
-
- if (on(PAM_MALLOC_FUNC))
- err(("request (%s:%s():%d) to free %p", file, fn, line, ptr));
-
- if (ptr == NULL) {
- if (on(PAM_MALLOC_NULL)) err(("passed NULL pointer"));
- } else {
- if (on(PAM_MALLOC_FREE)) err(("deleted old"));
- del_old_ref(ptr);
- free(ptr);
- }
-}
-
-void *pam_memalign(size_t ali, size_t size
- , const char *file, const char *fn, const int line)
-{
- _fn("memalign");
- if (on(0)) err(("not implemented currently (Sorry)"));
- exit(1);
-}
-
-void *pam_realloc(void *ptr, size_t size
- , const char *file, const char *fn, const int line)
-{
- void *new;
-
- _fn("realloc");
-
- if (on(PAM_MALLOC_FUNC)) err(("resize %p to %d", ptr, size));
-
- if (ptr == NULL) {
- if (on(PAM_MALLOC_NULL)) err(("passed NULL pointer"));
- } else {
- verify_old_ref(ptr);
- }
-
- new = realloc(ptr, size);
- if (new == NULL) {
- if (on(PAM_MALLOC_FAIL)) err(("returned NULL"));
- } else {
- if (ptr) {
- if (on(PAM_MALLOC_FREE)) err(("deleted old"));
- del_old_ref(ptr);
- } else {
- if (on(PAM_MALLOC_NULL)) err(("old is NULL"));
- }
- if (on(PAM_MALLOC_REQUEST)) err(("request new"));
- add_new_ref(new, 1, size);
- }
-
- return new;
-}
-
-void *pam_valloc(size_t size
- , const char *file, const char *fn, const int line)
-{
- _fn("valloc");
- if (on(0)) err(("not implemented currently (Sorry)"));
- exit(1);
-}
-
-#include <alloca.h>
-
-void *pam_alloca(size_t size
- , const char *file, const char *fn, const int line)
-{
- _fn("alloca");
- if (on(0)) err(("not implemented currently (Sorry)"));
- exit(1);
-}
-
-void pam_exit(int i
- , const char *file, const char *fn, const int line)
-{
- D(("time to exit"));
-
- _fn("exit");
-
- if (on(0)) err(("passed (%d)", i));
- if (on(PAM_MALLOC_LEAKED)) {
- dump_memory_list("leaked");
- }
- exit(i);
-}
-
-char *pam_strdup(const char *orig,
- const char *file, const char *fn, const int line)
-{
- char *new;
-
- _fn("strdup");
-
- if (on(PAM_MALLOC_FUNC)) err(("request for dup of [%s]", orig));
-
- new = strdup(orig);
- if (new == NULL) {
- if (on(PAM_MALLOC_FAIL)) err(("returned NULL"));
- } else {
- if (on(PAM_MALLOC_REQUEST)) err(("request dup of [%s]", orig));
- add_new_ref(new, 1, strlen(new)+1);
- }
-
- return new;
-}
-
-/* end of file */
diff --git a/Linux-PAM/libpam/pam_map.c b/Linux-PAM/libpam/pam_map.c
deleted file mode 100644
index 86b16577..00000000
--- a/Linux-PAM/libpam/pam_map.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/* pam_map.c - PAM mapping interface
- *
- * $Id: pam_map.c,v 1.2 2000/12/04 19:02:34 baggins Exp $
- *
- * This is based on the X/Open XSSO specification of March 1997.
- * It is not implemented as it is going to change... after 1997/9/25.
- *
- */
-
-#include <stdio.h>
-
-#include "pam_private.h"
-
-/* p 54 */
-
-int pam_get_mapped_authtok(pam_handle_t *pamh,
- const char *target_module_username,
- const char *target_module_type,
- const char *target_authn_domain,
- size_t *target_authtok_len
- unsigned char **target_module_authtok);
-{
- D(("called"));
-
- IF_NO_PAMH("pam_get_mapped_authtok",pamh,PAM_SYSTEM_ERR);
-
- return PAM_SYSTEM_ERROR;
-}
-
-/* p 68 */
-
-int pam_set_mapped_authtok(pam_handle_t *pamh,
- char *target_module_username,
- size_t *target_authtok_len,
- unsigned char *target_module_authtok,
- char *target_module_type,
- char *target_authn_domain)
-{
- D(("called"));
-
- IF_NO_PAMH("pam_set_mapped_authtok",pamh,PAM_SYSTEM_ERR);
-
- return PAM_SYSTEM_ERROR;
-}
-
-/* p 56 */
-
-int pam_get_mapped_username(pam_handle_t *pamh,
- const char *src_username,
- const char *src_module_type,
- const char *src_authn_domain,
- const char *target_module_type,
- const char *target_authn_domain,
- char **target_module_username)
-{
- D(("called"));
-
- IF_NO_PAMH("pam_get_mapped_username",pamh,PAM_SYSTEM_ERR);
-
- return PAM_SYSTEM_ERROR;
-}
-
-/* p 70 */
-
-int pam_set_mapped_username(pam_handle_t *pamh,
- char *src_username,
- char *src_module_type,
- char *src_authn_domain,
- char *target_module_username,
- char *target_module_type,
- char *target_authn_domain)
-{
- D(("called"));
-
- IF_NO_PAMH("pam_set_mapped_username",pamh,PAM_SYSTEM_ERR);
-
- return PAM_SYSTEM_ERROR;
-}
diff --git a/Linux-PAM/libpam/pam_misc.c b/Linux-PAM/libpam/pam_misc.c
index cb0572b1..770c9cce 100644
--- a/Linux-PAM/libpam/pam_misc.c
+++ b/Linux-PAM/libpam/pam_misc.c
@@ -1,7 +1,38 @@
-/* pam_misc.c -- This is random stuff */
-
-/*
- * $Id: pam_misc.c,v 1.4 2003/07/13 20:01:44 vorlon Exp $
+/* pam_misc.c -- This is random stuff
+ *
+ * Copyright (c) Andrew G. Morgan <morgan@kernel.org> 2000-2003
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "pam_private.h"
@@ -13,19 +44,6 @@
#include <syslog.h>
#include <ctype.h>
-/* caseless string comparison: POSIX does not define this.. */
-int _pam_strCMP(const char *s, const char *t)
-{
- int cf;
-
- do {
- cf = tolower(*s) - tolower(*t);
- ++t;
- } while (!cf && *s++);
-
- return cf;
-}
-
char *_pam_StrTok(char *from, const char *format, char **next)
/*
* this function is a variant of the standard strtok, it differs in that
@@ -104,16 +122,14 @@ char *_pam_strdup(const char *x)
register char *new=NULL;
if (x != NULL) {
- register int i;
+ register int len;
- for (i=0; x[i]; ++i); /* length of string */
- if ((new = malloc(++i)) == NULL) {
- i = 0;
- _pam_system_log(LOG_CRIT, "_pam_strdup: failed to get memory");
+ len = strlen (x) + 1; /* length of string including NUL */
+ if ((new = malloc(len)) == NULL) {
+ len = 0;
+ pam_syslog(NULL, LOG_CRIT, "_pam_strdup: failed to get memory");
} else {
- while (i-- > 0) {
- new[i] = x[i];
- }
+ strcpy (new, x);
}
x = NULL;
}
@@ -143,15 +159,15 @@ int _pam_mkargv(char *s, char ***argv, int *argc)
l = strlen(s);
if (l) {
if ((sbuf = sbuf_start = _pam_strdup(s)) == NULL) {
- _pam_system_log(LOG_CRIT,
- "pam_mkargv: null returned by _pam_strdup");
+ pam_syslog(NULL, LOG_CRIT,
+ "pam_mkargv: null returned by _pam_strdup");
D(("arg NULL"));
} else {
/* Overkill on the malloc, but not large */
argvlen = (l + 1) * ((sizeof(char)) + sizeof(char *));
if ((our_argv = argvbuf = malloc(argvlen)) == NULL) {
- _pam_system_log(LOG_CRIT,
- "pam_mkargv: null returned by malloc");
+ pam_syslog(NULL, LOG_CRIT,
+ "pam_mkargv: null returned by malloc");
} else {
char *tmp=NULL;
@@ -170,11 +186,11 @@ int _pam_mkargv(char *s, char ***argv, int *argc)
sbuf = NULL;
D(("loop again?"));
}
- _pam_drop(sbuf_start);
}
+ _pam_drop(sbuf_start);
}
}
-
+
*argv = our_argv;
D(("_pam_mkargv returned"));
@@ -256,7 +272,7 @@ void _pam_parse_control(int *control_array, char *tok)
error = "expecting '='";
goto parse_error;
}
-
+
/* skip leading space */
while (isspace((int)*tok) && *++tok);
if (!*tok) {
@@ -315,7 +331,7 @@ void _pam_parse_control(int *control_array, char *tok)
parse_error:
/* treat everything as bad */
- _pam_system_log(LOG_ERR, "pam_parse: %s; [...%s]", error, tok);
+ pam_syslog(NULL, LOG_ERR, "pam_parse: %s; [...%s]", error, tok);
for (ret=0; ret<_PAM_RETURN_VALUES; control_array[ret++]=_PAM_ACTION_BAD);
}
diff --git a/Linux-PAM/libpam/pam_modutil_cleanup.c b/Linux-PAM/libpam/pam_modutil_cleanup.c
new file mode 100644
index 00000000..017b36cf
--- /dev/null
+++ b/Linux-PAM/libpam/pam_modutil_cleanup.c
@@ -0,0 +1,19 @@
+/*
+ * $Id: pam_modutil_cleanup.c,v 1.1 2005/09/21 10:00:58 t8m Exp $
+ *
+ * This function provides a common pam_set_data() friendly version of free().
+ */
+
+#include "pam_modutil_private.h"
+
+#include <stdlib.h>
+
+void
+pam_modutil_cleanup (pam_handle_t *pamh UNUSED, void *data,
+ int error_status UNUSED)
+{
+ if (data) {
+ /* junk it */
+ (void) free(data);
+ }
+}
diff --git a/Linux-PAM/modules/pammodutil/modutil_getgrgid.c b/Linux-PAM/libpam/pam_modutil_getgrgid.c
index f97a9239..ace5c9a6 100644
--- a/Linux-PAM/modules/pammodutil/modutil_getgrgid.c
+++ b/Linux-PAM/libpam/pam_modutil_getgrgid.c
@@ -1,5 +1,5 @@
/*
- * $Id: modutil_getgrgid.c,v 1.3 2005/03/30 14:59:41 kukuk Exp $
+ * $Id: pam_modutil_getgrgid.c,v 1.1 2005/09/21 10:00:58 t8m Exp $
*
* This function provides a thread safer version of getgrgid() for use
* with PAM modules that care about this sort of thing.
@@ -7,7 +7,7 @@
* XXX - or at least it should provide a thread-safe alternative.
*/
-#include "pammodutil.h"
+#include "pam_modutil_private.h"
#include <errno.h>
#include <limits.h>
@@ -46,7 +46,8 @@ static int longlen(long number)
return len;
}
-struct group *_pammodutil_getgrgid(pam_handle_t *pamh, gid_t gid)
+struct group *
+pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid)
{
#ifdef HAVE_GETGRGID_R
@@ -98,7 +99,7 @@ struct group *_pammodutil_getgrgid(pam_handle_t *pamh, gid_t gid)
status = PAM_NO_MODULE_DATA;
if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) {
status = pam_set_data(pamh, data_name,
- result, _pammodutil_cleanup);
+ result, pam_modutil_cleanup);
}
_pammodutil_unlock();
if (status == PAM_SUCCESS) {
diff --git a/Linux-PAM/modules/pammodutil/modutil_getgrnam.c b/Linux-PAM/libpam/pam_modutil_getgrnam.c
index 0727618c..85103a1c 100644
--- a/Linux-PAM/modules/pammodutil/modutil_getgrnam.c
+++ b/Linux-PAM/libpam/pam_modutil_getgrnam.c
@@ -1,5 +1,5 @@
/*
- * $Id: modutil_getgrnam.c,v 1.3 2005/03/30 14:59:41 kukuk Exp $
+ * $Id: pam_modutil_getgrnam.c,v 1.1 2005/09/21 10:00:58 t8m Exp $
*
* This function provides a thread safer version of getgrnam() for use
* with PAM modules that care about this sort of thing.
@@ -7,7 +7,7 @@
* XXX - or at least it should provide a thread-safe alternative.
*/
-#include "pammodutil.h"
+#include "pam_modutil_private.h"
#include <errno.h>
#include <limits.h>
@@ -36,7 +36,8 @@ static int intlen(int number)
return len;
}
-struct group *_pammodutil_getgrnam(pam_handle_t *pamh, const char *group)
+struct group *
+pam_modutil_getgrnam(pam_handle_t *pamh, const char *group)
{
#ifdef HAVE_GETGRNAM_R
@@ -87,7 +88,7 @@ struct group *_pammodutil_getgrnam(pam_handle_t *pamh, const char *group)
status = PAM_NO_MODULE_DATA;
if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) {
status = pam_set_data(pamh, data_name,
- result, _pammodutil_cleanup);
+ result, pam_modutil_cleanup);
}
_pammodutil_unlock();
if (status == PAM_SUCCESS) {
diff --git a/Linux-PAM/modules/pammodutil/modutil_getlogin.c b/Linux-PAM/libpam/pam_modutil_getlogin.c
index 0e4a48d8..dcd28a13 100644
--- a/Linux-PAM/modules/pammodutil/modutil_getlogin.c
+++ b/Linux-PAM/libpam/pam_modutil_getlogin.c
@@ -1,12 +1,12 @@
/*
- * $Id: modutil_getlogin.c,v 1.4 2004/11/08 10:57:15 t8m Exp $
+ * $Id: pam_modutil_getlogin.c,v 1.2 2005/11/23 16:42:40 kukuk Exp $
*
* A central point for invoking getlogin(). Hopefully, this is a
* little harder to spoof than all the other versions that are out
* there.
*/
-#include "pammodutil.h"
+#include "pam_modutil_private.h"
#include <stdlib.h>
#include <unistd.h>
@@ -14,30 +14,38 @@
#define _PAMMODUTIL_GETLOGIN "_pammodutil_getlogin"
-const char *_pammodutil_getlogin(pam_handle_t *pamh)
+const char *
+pam_modutil_getlogin(pam_handle_t *pamh)
{
int status;
- char *logname;
+ const void *logname;
+ const void *void_curr_tty;
const char *curr_tty;
char *curr_user;
struct utmp *ut, line;
- status = pam_get_data(pamh, _PAMMODUTIL_GETLOGIN,
- (const void **) &logname);
+ status = pam_get_data(pamh, _PAMMODUTIL_GETLOGIN, &logname);
if (status == PAM_SUCCESS) {
return logname;
}
- status = pam_get_item(pamh, PAM_TTY, (const void **) &curr_tty);
- if ((status != PAM_SUCCESS) || (curr_tty == NULL)) {
- curr_tty = ttyname(0);
- }
+ status = pam_get_item(pamh, PAM_TTY, &void_curr_tty);
+ if ((status != PAM_SUCCESS) || (void_curr_tty == NULL))
+ curr_tty = ttyname(0);
+ else
+ curr_tty = (const char*)void_curr_tty;
- if ((curr_tty == NULL) || memcmp(curr_tty, "/dev/", 5)) {
+ if (curr_tty == NULL) {
return NULL;
}
- curr_tty += 5; /* strlen("/dev/") */
+ if (curr_tty[0] == '/') { /* full path */
+ const char *t;
+ curr_tty++;
+ if ((t = strchr(curr_tty, '/')) != NULL) {
+ curr_tty = t + 1;
+ }
+ }
logname = NULL;
setutent();
@@ -52,11 +60,11 @@ const char *_pammodutil_getlogin(pam_handle_t *pamh)
goto clean_up_and_go_home;
}
- strncpy(curr_user, ut->ut_user, sizeof(ut->ut_user));
+ strncpy(curr_user, ut->ut_user, sizeof(ut->ut_user));
/* calloc already zeroed the memory */
status = pam_set_data(pamh, _PAMMODUTIL_GETLOGIN, curr_user,
- _pammodutil_cleanup);
+ pam_modutil_cleanup);
if (status != PAM_SUCCESS) {
free(curr_user);
goto clean_up_and_go_home;
diff --git a/Linux-PAM/modules/pammodutil/modutil_getpwnam.c b/Linux-PAM/libpam/pam_modutil_getpwnam.c
index eb359544..61aafef0 100644
--- a/Linux-PAM/modules/pammodutil/modutil_getpwnam.c
+++ b/Linux-PAM/libpam/pam_modutil_getpwnam.c
@@ -1,5 +1,5 @@
/*
- * $Id: modutil_getpwnam.c,v 1.4 2005/03/30 14:59:41 kukuk Exp $
+ * $Id: pam_modutil_getpwnam.c,v 1.1 2005/09/21 10:00:58 t8m Exp $
*
* This function provides a thread safer version of getpwnam() for use
* with PAM modules that care about this sort of thing.
@@ -7,7 +7,7 @@
* XXX - or at least it should provide a thread-safe alternative.
*/
-#include "pammodutil.h"
+#include "pam_modutil_private.h"
#include <errno.h>
#include <limits.h>
@@ -36,7 +36,8 @@ static int intlen(int number)
return len;
}
-struct passwd *_pammodutil_getpwnam(pam_handle_t *pamh, const char *user)
+struct passwd *
+pam_modutil_getpwnam(pam_handle_t *pamh, const char *user)
{
#ifdef HAVE_GETPWNAM_R
@@ -87,7 +88,7 @@ struct passwd *_pammodutil_getpwnam(pam_handle_t *pamh, const char *user)
status = PAM_NO_MODULE_DATA;
if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) {
status = pam_set_data(pamh, data_name,
- result, _pammodutil_cleanup);
+ result, pam_modutil_cleanup);
}
_pammodutil_unlock();
if (status == PAM_SUCCESS) {
diff --git a/Linux-PAM/modules/pammodutil/modutil_getpwuid.c b/Linux-PAM/libpam/pam_modutil_getpwuid.c
index 8ba20d17..01bca564 100644
--- a/Linux-PAM/modules/pammodutil/modutil_getpwuid.c
+++ b/Linux-PAM/libpam/pam_modutil_getpwuid.c
@@ -1,5 +1,5 @@
/*
- * $Id: modutil_getpwuid.c,v 1.4 2005/03/30 14:59:41 kukuk Exp $
+ * $Id: pam_modutil_getpwuid.c,v 1.1 2005/09/21 10:00:58 t8m Exp $
*
* This function provides a thread safer version of getpwuid() for use
* with PAM modules that care about this sort of thing.
@@ -7,7 +7,7 @@
* XXX - or at least it should provide a thread-safe alternative.
*/
-#include "pammodutil.h"
+#include "pam_modutil_private.h"
#include <errno.h>
#include <limits.h>
@@ -46,7 +46,8 @@ static int longlen(long number)
return len;
}
-struct passwd *_pammodutil_getpwuid(pam_handle_t *pamh, uid_t uid)
+struct passwd *
+pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid)
{
#ifdef HAVE_GETPWUID_R
@@ -98,7 +99,7 @@ struct passwd *_pammodutil_getpwuid(pam_handle_t *pamh, uid_t uid)
status = PAM_NO_MODULE_DATA;
if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) {
status = pam_set_data(pamh, data_name,
- result, _pammodutil_cleanup);
+ result, pam_modutil_cleanup);
}
_pammodutil_unlock();
if (status == PAM_SUCCESS) {
diff --git a/Linux-PAM/modules/pammodutil/modutil_getspnam.c b/Linux-PAM/libpam/pam_modutil_getspnam.c
index e966bb52..2433795e 100644
--- a/Linux-PAM/modules/pammodutil/modutil_getspnam.c
+++ b/Linux-PAM/libpam/pam_modutil_getspnam.c
@@ -1,5 +1,5 @@
/*
- * $Id: modutil_getspnam.c,v 1.3 2005/03/30 14:59:41 kukuk Exp $
+ * $Id: pam_modutil_getspnam.c,v 1.1 2005/09/21 10:00:58 t8m Exp $
*
* This function provides a thread safer version of getspnam() for use
* with PAM modules that care about this sort of thing.
@@ -7,7 +7,7 @@
* XXX - or at least it should provide a thread-safe alternative.
*/
-#include "pammodutil.h"
+#include "pam_modutil_private.h"
#include <errno.h>
#include <limits.h>
@@ -36,7 +36,8 @@ static int intlen(int number)
return len;
}
-struct spwd *_pammodutil_getspnam(pam_handle_t *pamh, const char *user)
+struct spwd *
+pam_modutil_getspnam(pam_handle_t *pamh, const char *user)
{
#ifdef HAVE_GETSPNAM_R
@@ -87,7 +88,7 @@ struct spwd *_pammodutil_getspnam(pam_handle_t *pamh, const char *user)
status = PAM_NO_MODULE_DATA;
if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) {
status = pam_set_data(pamh, data_name,
- result, _pammodutil_cleanup);
+ result, pam_modutil_cleanup);
}
_pammodutil_unlock();
if (status == PAM_SUCCESS) {
diff --git a/Linux-PAM/modules/pammodutil/modutil_ingroup.c b/Linux-PAM/libpam/pam_modutil_ingroup.c
index e1f88b81..adb9dadb 100644
--- a/Linux-PAM/modules/pammodutil/modutil_ingroup.c
+++ b/Linux-PAM/libpam/pam_modutil_ingroup.c
@@ -1,12 +1,13 @@
/*
- * $Id: modutil_ingroup.c,v 1.1 2004/09/24 13:14:14 kukuk Exp $
+ * $Id: pam_modutil_ingroup.c,v 1.1 2005/09/21 10:00:58 t8m Exp $
*
* This function provides common methods for checking if a user is in a
* specified group.
*/
-#include "pammodutil.h"
-#include "include/security/_pam_modutil.h"
+#include "pam_modutil_private.h"
+
+#include <stdlib.h>
#include <pwd.h>
#include <grp.h>
@@ -40,9 +41,10 @@ static int checkgrouplist(const char *user, gid_t primary, gid_t target)
}
#endif
-static int _pammodutil_user_in_group_common(pam_handle_t *pamh,
- struct passwd *pwd,
- struct group *grp)
+static int
+pam_modutil_user_in_group_common(pam_handle_t *pamh UNUSED,
+ struct passwd *pwd,
+ struct group *grp)
{
int i;
@@ -72,50 +74,54 @@ static int _pammodutil_user_in_group_common(pam_handle_t *pamh,
return 0;
}
-int _pammodutil_user_in_group_nam_nam(pam_handle_t *pamh,
- const char *user, const char *group)
+int
+pam_modutil_user_in_group_nam_nam(pam_handle_t *pamh,
+ const char *user, const char *group)
{
struct passwd *pwd;
struct group *grp;
- pwd = _pammodutil_getpwnam(pamh, user);
- grp = _pammodutil_getgrnam(pamh, group);
+ pwd = pam_modutil_getpwnam(pamh, user);
+ grp = pam_modutil_getgrnam(pamh, group);
- return _pammodutil_user_in_group_common(pamh, pwd, grp);
+ return pam_modutil_user_in_group_common(pamh, pwd, grp);
}
-int _pammodutil_user_in_group_nam_gid(pam_handle_t *pamh,
- const char *user, gid_t group)
+int
+pam_modutil_user_in_group_nam_gid(pam_handle_t *pamh,
+ const char *user, gid_t group)
{
struct passwd *pwd;
struct group *grp;
- pwd = _pammodutil_getpwnam(pamh, user);
- grp = _pammodutil_getgrgid(pamh, group);
+ pwd = pam_modutil_getpwnam(pamh, user);
+ grp = pam_modutil_getgrgid(pamh, group);
- return _pammodutil_user_in_group_common(pamh, pwd, grp);
+ return pam_modutil_user_in_group_common(pamh, pwd, grp);
}
-int _pammodutil_user_in_group_uid_nam(pam_handle_t *pamh,
- uid_t user, const char *group)
+int
+pam_modutil_user_in_group_uid_nam(pam_handle_t *pamh,
+ uid_t user, const char *group)
{
struct passwd *pwd;
struct group *grp;
- pwd = _pammodutil_getpwuid(pamh, user);
- grp = _pammodutil_getgrnam(pamh, group);
+ pwd = pam_modutil_getpwuid(pamh, user);
+ grp = pam_modutil_getgrnam(pamh, group);
- return _pammodutil_user_in_group_common(pamh, pwd, grp);
+ return pam_modutil_user_in_group_common(pamh, pwd, grp);
}
-int _pammodutil_user_in_group_uid_gid(pam_handle_t *pamh,
- uid_t user, gid_t group)
+int
+pam_modutil_user_in_group_uid_gid(pam_handle_t *pamh,
+ uid_t user, gid_t group)
{
struct passwd *pwd;
struct group *grp;
- pwd = _pammodutil_getpwuid(pamh, user);
- grp = _pammodutil_getgrgid(pamh, group);
+ pwd = pam_modutil_getpwuid(pamh, user);
+ grp = pam_modutil_getgrgid(pamh, group);
- return _pammodutil_user_in_group_common(pamh, pwd, grp);
+ return pam_modutil_user_in_group_common(pamh, pwd, grp);
}
diff --git a/Linux-PAM/modules/pammodutil/modutil_ioloop.c b/Linux-PAM/libpam/pam_modutil_ioloop.c
index 37ac76fc..d23f007a 100644
--- a/Linux-PAM/modules/pammodutil/modutil_ioloop.c
+++ b/Linux-PAM/libpam/pam_modutil_ioloop.c
@@ -1,17 +1,17 @@
/*
- * $Id: modutil_ioloop.c,v 1.2 2004/09/24 09:18:22 kukuk Exp $
+ * $Id: pam_modutil_ioloop.c,v 1.1 2005/09/21 10:00:58 t8m Exp $
*
* These functions provides common methods for ensure a complete read or
* write occurs. It handles EINTR and partial read/write returns.
*/
+#include "pam_modutil_private.h"
+
#include <unistd.h>
#include <errno.h>
-#include <security/pam_modules.h>
-#include "include/security/_pam_modutil.h"
-
-int _pammodutil_read(int fd, char *buffer, int count)
+int
+pam_modutil_read(int fd, char *buffer, int count)
{
int block, offset = 0;
@@ -31,7 +31,8 @@ int _pammodutil_read(int fd, char *buffer, int count)
return offset;
}
-int _pammodutil_write(int fd, const char *buffer, int count)
+int
+pam_modutil_write(int fd, const char *buffer, int count)
{
int block, offset = 0;
diff --git a/Linux-PAM/libpam/pam_modutil_private.h b/Linux-PAM/libpam/pam_modutil_private.h
new file mode 100644
index 00000000..e118f599
--- /dev/null
+++ b/Linux-PAM/libpam/pam_modutil_private.h
@@ -0,0 +1,23 @@
+#ifndef PAMMODUTIL_PRIVATE_H
+#define PAMMODUTIL_PRIVATE_H
+
+/*
+ * $Id: pam_modutil_private.h,v 1.1 2005/09/21 10:00:58 t8m Exp $
+ *
+ * Copyright (c) 2001 Andrew Morgan <morgan@kernel.org>
+ */
+
+#include "config.h"
+
+#include <security/_pam_macros.h>
+#include <security/pam_modules.h>
+#include <security/pam_modutil.h>
+
+#define PWD_INITIAL_LENGTH 0x100
+#define PWD_ABSURD_PWD_LENGTH 0x8000
+
+extern void
+pam_modutil_cleanup(pam_handle_t *pamh, void *data,
+ int error_status);
+
+#endif /* PAMMODUTIL_PRIVATE_H */
diff --git a/Linux-PAM/libpam/pam_password.c b/Linux-PAM/libpam/pam_password.c
index 50c12adf..cd57f20b 100644
--- a/Linux-PAM/libpam/pam_password.c
+++ b/Linux-PAM/libpam/pam_password.c
@@ -1,7 +1,7 @@
/* pam_password.c - PAM Password Management */
/*
- * $Id: pam_password.c,v 1.3 2003/07/13 20:01:44 vorlon Exp $
+ * $Id: pam_password.c,v 1.5 2006/07/24 15:47:40 kukuk Exp $
*/
/* #define DEBUG */
@@ -52,6 +52,10 @@ int pam_chauthtok(pam_handle_t *pamh, int flags)
D(("will resume when ready", retval));
}
+#ifdef HAVE_LIBAUDIT
+ retval = _pam_auditlog(pamh, PAM_CHAUTHTOK, retval, flags);
+#endif
+
return retval;
}
diff --git a/Linux-PAM/libpam/pam_prelude.c b/Linux-PAM/libpam/pam_prelude.c
index 656376f5..6c73bf5d 100644
--- a/Linux-PAM/libpam/pam_prelude.c
+++ b/Linux-PAM/libpam/pam_prelude.c
@@ -23,220 +23,71 @@
#define ANALYZER_MANUFACTURER "Sebastien Tricaud, http://www.kernel.org/pub/linux/libs/pam/"
#define DEFAULT_ANALYZER_NAME "PAM"
-#define DEFAULT_ANALYZER_CONFIG LIBPRELUDE_CONFIG_PREFIX "/etc/prelude/default/idmef-client.conf"
-
-#define PAM_VERSION LIBPAM_VERSION_STRING
-
-static const char *pam_get_item_service(pam_handle_t *pamh);
-static const char *pam_get_item_user(pam_handle_t *pamh);
-static const char *pam_get_item_user_prompt(pam_handle_t *pamh);
-static const char *pam_get_item_tty(pam_handle_t *pamh);
-static const char *pam_get_item_ruser(pam_handle_t *pamh);
-static const char *pam_get_item_rhost(pam_handle_t *pamh);
-
-static int setup_analyzer(idmef_analyzer_t *analyzer);
-static void pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval);
-static int pam_alert_prelude_init(pam_handle_t *pamh, int authval);
-static int generate_additional_data(idmef_alert_t *alert, const char *meaning, const char *data);
-
-
-/*******************
- * some syslogging *
- *******************/
-static void
-_pam_log(int err, const char *format, ...)
-{
- va_list args;
- va_start(args, format);
-
-#ifdef MAIN
- vfprintf(stderr,format,args);
- fprintf(stderr,"\n");
-#else
- openlog("libpam", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- closelog();
-#endif
- va_end(args);
-}
static const char *
-pam_get_item_service(pam_handle_t *pamh)
+pam_get_item_service(const pam_handle_t *pamh)
{
- const char *service = NULL;
+ const void *service = NULL;
- pam_get_item(pamh, PAM_SERVICE, (const void **)&service);
+ pam_get_item(pamh, PAM_SERVICE, &service);
- return (const char *)service;
+ return service;
}
static const char *
-pam_get_item_user(pam_handle_t *pamh)
+pam_get_item_user(const pam_handle_t *pamh)
{
- const char *user = NULL;
+ const void *user = NULL;
- pam_get_item(pamh, PAM_USER, (const void **)&user);
+ pam_get_item(pamh, PAM_USER, &user);
- return (const char *)user;
+ return user;
}
static const char *
-pam_get_item_user_prompt(pam_handle_t *pamh)
+pam_get_item_user_prompt(const pam_handle_t *pamh)
{
- const char *user_prompt = NULL;
+ const void *user_prompt = NULL;
- pam_get_item(pamh, PAM_USER_PROMPT, (const void **)&user_prompt);
+ pam_get_item(pamh, PAM_USER_PROMPT, &user_prompt);
- return (const char *)user_prompt;
+ return user_prompt;
}
static const char *
-pam_get_item_tty(pam_handle_t *pamh)
+pam_get_item_tty(const pam_handle_t *pamh)
{
- const char *tty = NULL;
+ const void *tty = NULL;
- pam_get_item(pamh, PAM_TTY, (const void **)&tty);
+ pam_get_item(pamh, PAM_TTY, &tty);
- return (const char *)tty;
+ return tty;
}
static const char *
-pam_get_item_ruser(pam_handle_t *pamh)
+pam_get_item_ruser(const pam_handle_t *pamh)
{
- const char *ruser = NULL;
+ const void *ruser = NULL;
- pam_get_item(pamh, PAM_RUSER, (const void **)&ruser);
+ pam_get_item(pamh, PAM_RUSER, &ruser);
- return (const char *)ruser;
+ return ruser;
}
static const char *
-pam_get_item_rhost(pam_handle_t *pamh)
+pam_get_item_rhost(const pam_handle_t *pamh)
{
- const char *rhost = NULL;
-
- pam_get_item(pamh, PAM_RHOST, (const void **)&rhost);
-
- return (const char *)rhost;
-}
-
-/*****************************************************************
- * Returns a string concerning the authentication value provided *
- *****************************************************************/
-static const char *
-pam_get_alert_description(int authval)
-{
- const char *retstring = NULL;
-
- switch(authval) {
- case PAM_SUCCESS:
- retstring = "Authentication success";
- break;
- case PAM_OPEN_ERR:
- retstring = "dlopen() failure when dynamically loading a service module";
- break;
- case PAM_SYMBOL_ERR:
- retstring = "Symbol not found";
- break;
- case PAM_SERVICE_ERR:
- retstring = "Error in service module";
- break;
- case PAM_SYSTEM_ERR:
- retstring = "System error";
- break;
- case PAM_BUF_ERR:
- retstring = "Memory buffer error";
- break;
- case PAM_PERM_DENIED:
- retstring = "Permission denied";
- break;
- case PAM_AUTH_ERR:
- retstring = "Authentication failure";
- break;
- case PAM_CRED_INSUFFICIENT:
- retstring = "Can not access authentication data due to insufficient credentials";
- break;
- case PAM_AUTHINFO_UNAVAIL:
- retstring = "Underlying authentication service can not retrieve authenticaiton information";
- break;
- case PAM_USER_UNKNOWN:
- retstring = "User not known to the underlying authentication module";
- break;
- case PAM_MAXTRIES:
- retstring = "An authentication service has maintained a retry count which has been reached. No further retries should be attempted";
- break;
- case PAM_NEW_AUTHTOK_REQD:
- retstring = "New authentication token required. This is normally returned if the machine security policies require that the password should be changed beccause the password is NULL or it has aged";
- break;
- case PAM_ACCT_EXPIRED:
- retstring = "User account has expired";
- break;
- case PAM_SESSION_ERR:
- retstring = "Can not make/remove an entry for the specified session";
- break;
- case PAM_CRED_UNAVAIL:
- retstring = "Underlying authentication service can not retrieve user credentials unavailable";
- break;
- case PAM_CRED_EXPIRED:
- retstring = "User credentials expired";
- break;
- case PAM_CRED_ERR:
- retstring = "Failure setting user credentials";
- break;
- case PAM_NO_MODULE_DATA:
- retstring = "No module specific data is present";
- break;
- case PAM_CONV_ERR:
- retstring = "Conversation error";
- break;
- case PAM_AUTHTOK_ERR:
- retstring = "Authentication token manipulation error";
- break;
- case PAM_AUTHTOK_RECOVER_ERR:
- retstring = "Authentication information cannot be recovered";
- break;
- case PAM_AUTHTOK_LOCK_BUSY:
- retstring = "Authentication token lock busy";
- break;
- case PAM_AUTHTOK_DISABLE_AGING:
- retstring = "Authentication token aging disabled";
- break;
- case PAM_TRY_AGAIN:
- retstring = "Preliminary check by password service";
- break;
- case PAM_IGNORE:
- retstring = "Ignore underlying account module regardless of whether the control flag is required, optional, or sufficient";
- break;
- case PAM_ABORT:
- retstring = "Critical error (?module fail now request)";
- break;
- case PAM_AUTHTOK_EXPIRED:
- retstring = "User's authentication token has expired";
- break;
- case PAM_MODULE_UNKNOWN:
- retstring = "Module is not known";
- break;
- case PAM_BAD_ITEM:
- retstring = "Bad item passed to pam_*_item()";
- break;
- case PAM_CONV_AGAIN:
- retstring = "Conversation function is event driven and data is not available yet";
- break;
- case PAM_INCOMPLETE:
- retstring = "Please call this function again to complete authentication stack. Before calling again, verify that conversation is completed";
- break;
-
- default:
- retstring = "Authentication Failure!. You should not see this message.";
- }
+ const void *rhost = NULL;
- return retstring;
+ pam_get_item(pamh, PAM_RHOST, &rhost);
+ return rhost;
}
/* Courteously stolen from prelude-lml */
static int
-generate_additional_data(idmef_alert_t *alert, const char *meaning, const char *data)
+generate_additional_data(idmef_alert_t *alert, const char *meaning,
+ const char *data)
{
int ret;
prelude_string_t *str;
@@ -249,7 +100,7 @@ generate_additional_data(idmef_alert_t *alert, const char *meaning, const char *
ret = idmef_additional_data_new_meaning(adata, &str);
if ( ret < 0 )
return ret;
-
+
ret = prelude_string_set_ref(str, meaning);
if ( ret < 0 )
return ret;
@@ -257,29 +108,12 @@ generate_additional_data(idmef_alert_t *alert, const char *meaning, const char *
return idmef_additional_data_set_string_ref(adata, data);
}
-extern void
-prelude_send_alert(pam_handle_t *pamh, int authval)
-{
-
- int ret;
-
- prelude_log_set_flags(PRELUDE_LOG_FLAGS_SYSLOG);
-
- ret = pam_alert_prelude_init(pamh, authval);
- if ( ret < 0 )
- _pam_log(LOG_WARNING,
- "No prelude alert sent");
-
- prelude_deinit();
-
-}
-
-static int
-setup_analyzer(idmef_analyzer_t *analyzer)
+static int
+setup_analyzer(const pam_handle_t *pamh, idmef_analyzer_t *analyzer)
{
int ret;
prelude_string_t *string;
-
+
ret = idmef_analyzer_new_model(analyzer, &string);
if ( ret < 0 )
goto err;
@@ -300,19 +134,20 @@ setup_analyzer(idmef_analyzer_t *analyzer)
goto err;
prelude_string_set_constant(string, PAM_VERSION);
-
+
return 0;
err:
- _pam_log(LOG_WARNING,
- "%s: IDMEF error: %s.\n",
- prelude_strsource(ret), prelude_strerror(ret));
+ pam_syslog(pamh, LOG_WARNING,
+ "%s: IDMEF error: %s.\n",
+ prelude_strsource(ret), prelude_strerror(ret));
return -1;
}
-static void
-pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval)
+static void
+pam_alert_prelude(const char *msg, void *data,
+ pam_handle_t *pamh, int authval)
{
int ret;
idmef_time_t *clienttime;
@@ -331,10 +166,10 @@ pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval)
idmef_assessment_t *assessment;
idmef_node_t *node;
idmef_analyzer_t *analyzer;
-
+
ret = idmef_message_new(&idmef);
- if ( ret < 0 )
+ if ( ret < 0 )
goto err;
ret = idmef_message_new_alert(idmef, &alert);
@@ -360,8 +195,8 @@ pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval)
goto err;
idmef_alert_set_create_time(alert, clienttime);
- idmef_alert_set_analyzer(alert,
- idmef_analyzer_ref(prelude_client_get_analyzer(client)),
+ idmef_alert_set_analyzer(alert,
+ idmef_analyzer_ref(prelude_client_get_analyzer(client)),
0);
/**********
@@ -386,12 +221,12 @@ pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval)
ret = prelude_string_new(&str);
if ( ret < 0 )
goto err;
-
+
ret = prelude_string_set_ref(str, pam_get_item_ruser(pamh));
if ( ret < 0 )
goto err;
- idmef_user_id_set_name(user_id, str);
+ idmef_user_id_set_name(user_id, str);
}
/* END */
/* BEGIN: Adds TTY infos */
@@ -439,7 +274,7 @@ pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval)
ret = prelude_string_set_ref(str, pam_get_item_service(pamh));
if ( ret < 0 )
goto err;
-
+
idmef_process_set_name(process, str);
}
/* END */
@@ -483,7 +318,7 @@ pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval)
if ( ret < 0 )
goto err;
- idmef_user_id_set_name(user_id, str);
+ idmef_user_id_set_name(user_id, str);
}
/* END */
/* BEGIN: Short description of the alert */
@@ -495,8 +330,8 @@ pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval)
if ( ret < 0 )
goto err;
- ret = prelude_string_set_ref(str,
- authval == PAM_SUCCESS ?
+ ret = prelude_string_set_ref(str,
+ authval == PAM_SUCCESS ?
"Authentication Success" : "Authentication Failure");
if ( ret < 0 )
goto err;
@@ -516,8 +351,7 @@ pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval)
if ( ret < 0 )
goto err;
- ret = prelude_string_set_ref(str,
- pam_get_alert_description(authval));
+ ret = prelude_string_set_ref(str, pam_strerror (pamh, authval));
if ( ret < 0 )
goto err;
@@ -525,7 +359,7 @@ pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval)
/* END */
/* BEGIN: Adding additional data */
if ( pam_get_item_user_prompt(pamh) ) {
- ret = generate_additional_data(alert, "Local User Prompt",
+ ret = generate_additional_data(alert, "Local User Prompt",
pam_get_item_user_prompt(pamh));
if ( ret < 0 )
goto err;
@@ -533,16 +367,15 @@ pam_alert_prelude(const char *msg, void *data, pam_handle_t *pamh, int authval)
/* END */
prelude_client_send_idmef(client, idmef);
-
+
if ( idmef )
idmef_message_destroy(idmef);
return;
err:
- _pam_log(LOG_WARNING,
- "%s: IDMEF error: %s.\n",
- prelude_strsource(ret), prelude_strerror(ret));
-
+ pam_syslog(pamh, LOG_WARNING, "%s: IDMEF error: %s.\n",
+ prelude_strsource(ret), prelude_strerror(ret));
+
if ( idmef )
idmef_message_destroy(idmef);
@@ -557,7 +390,7 @@ pam_alert_prelude_init(pam_handle_t *pamh, int authval)
ret = prelude_init(NULL, NULL);
if ( ret < 0 ) {
- _pam_log(LOG_WARNING,
+ pam_syslog(pamh, LOG_WARNING,
"%s: Unable to initialize the Prelude library: %s.\n",
prelude_strsource(ret), prelude_strerror(ret));
return -1;
@@ -565,7 +398,7 @@ pam_alert_prelude_init(pam_handle_t *pamh, int authval)
ret = prelude_client_new(&client, DEFAULT_ANALYZER_NAME);
if ( ! client ) {
- _pam_log(LOG_WARNING,
+ pam_syslog(pamh, LOG_WARNING,
"%s: Unable to create a prelude client object: %s.\n",
prelude_strsource(ret), prelude_strerror(ret));
@@ -573,9 +406,9 @@ pam_alert_prelude_init(pam_handle_t *pamh, int authval)
}
- ret = setup_analyzer(prelude_client_get_analyzer(client));
+ ret = setup_analyzer(pamh, prelude_client_get_analyzer(client));
if ( ret < 0 ) {
- _pam_log(LOG_WARNING,
+ pam_syslog(pamh, LOG_WARNING,
"%s: Unable to setup analyzer: %s\n",
prelude_strsource(ret), prelude_strerror(ret));
@@ -586,10 +419,10 @@ pam_alert_prelude_init(pam_handle_t *pamh, int authval)
ret = prelude_client_start(client);
if ( ret < 0 ) {
- _pam_log(LOG_WARNING,
+ pam_syslog(pamh, LOG_WARNING,
"%s: Unable to initialize prelude client: %s.\n",
prelude_strsource(ret), prelude_strerror(ret));
-
+
prelude_client_destroy(client, PRELUDE_CLIENT_EXIT_STATUS_FAILURE);
return -1;
@@ -602,4 +435,20 @@ pam_alert_prelude_init(pam_handle_t *pamh, int authval)
return 0;
}
-#endif PRELUDE
+void
+prelude_send_alert(pam_handle_t *pamh, int authval)
+{
+
+ int ret;
+
+ prelude_log_set_flags(PRELUDE_LOG_FLAGS_SYSLOG);
+
+ ret = pam_alert_prelude_init(pamh, authval);
+ if ( ret < 0 )
+ pam_syslog(pamh, LOG_WARNING, "No prelude alert sent");
+
+ prelude_deinit();
+
+}
+
+#endif /* PRELUDE */
diff --git a/Linux-PAM/libpam/pam_private.h b/Linux-PAM/libpam/pam_private.h
index 3c8d8538..8b7d9146 100644
--- a/Linux-PAM/libpam/pam_private.h
+++ b/Linux-PAM/libpam/pam_private.h
@@ -1,8 +1,6 @@
/*
* pam_private.h
*
- * $Id: pam_private.h,v 1.6 2004/09/15 12:06:17 kukuk Exp $
- *
* This is the Linux-PAM Library Private Header. It contains things
* internal to the Linux-PAM library. Things not needed by either an
* application or module.
@@ -16,13 +14,13 @@
#ifndef _PAM_PRIVATE_H
#define _PAM_PRIVATE_H
-#include <security/_pam_aconf.h>
+#include "config.h"
-/* this is not used at the moment --- AGM */
-#define LIBPAM_VERSION (LIBPAM_VERSION_MAJOR*0x100 + LIBPAM_VERSION_MINOR)
+#include <syslog.h>
#include <security/pam_appl.h>
#include <security/pam_modules.h>
+#include <security/pam_ext.h>
/* the Linux-PAM configuration file */
@@ -55,6 +53,7 @@ struct handler {
int argc;
char **argv;
struct handler *next;
+ char *mod_name;
};
struct loaded_module {
@@ -122,6 +121,7 @@ struct _pam_former_state {
int status; /* the status before returning incomplete */
/* state info used by pam_get_user() function */
+ int fail_user;
int want_user;
char *prompt; /* saved prompt information */
@@ -146,6 +146,12 @@ struct pam_handle {
struct service handlers;
struct _pam_former_state former; /* library state - support for
event driven applications */
+ const char *mod_name; /* Name of the module currently executed */
+ int choice; /* Which function we call from the module */
+
+#ifdef HAVE_LIBAUDIT
+ int audit_state; /* keep track of reported audit messages */
+#endif
};
/* Values for select arg to _pam_dispatch() */
@@ -211,17 +217,23 @@ void _pam_start_timer(pam_handle_t *pamh);
void _pam_await_timer(pam_handle_t *pamh, int status);
typedef void (*voidfunc(void))(void);
-#ifdef PAM_STATIC
+typedef int (*servicefn)(pam_handle_t *, int, int, char **);
+#ifdef PAM_STATIC
/* The next two in ../modules/_pam_static/pam_static.c */
/* Return pointer to data structure used to define a static module */
-struct pam_module * _pam_open_static_handler(const char *path);
+struct pam_module * _pam_open_static_handler (pam_handle_t *pamh,
+ const char *path);
/* Return pointer to function requested from static module */
voidfunc *_pam_get_static_sym(struct pam_module *mod, const char *symname);
-
+#else
+void *_pam_dlopen (const char *mod_path);
+servicefn _pam_dlsym (void *handle, const char *symbol);
+void _pam_dlclose (void *handle);
+const char *_pam_dlerror (void);
#endif
/* For now we just use a stack and linear search for module data. */
@@ -237,7 +249,6 @@ struct pam_data {
void _pam_free_data(pam_handle_t *pamh, int status);
-int _pam_strCMP(const char *s, const char *t);
char *_pam_StrTok(char *from, const char *format, char **next);
char *_pam_strdup(const char *s);
@@ -250,14 +261,7 @@ void _pam_set_default_control(int *control_array, int default_action);
void _pam_parse_control(int *control_array, char *tok);
-void _pam_system_log(int priority, const char *format, ... )
-#ifdef __GNUC__
- __attribute__ ((format (printf, 2, 3)));
-#else
- ;
-#endif
-
-#define _PAM_SYSTEM_LOG_PREFIX "PAM "
+#define _PAM_SYSTEM_LOG_PREFIX "PAM"
/*
* XXX - Take care with this. It could confuse the logic of a trailing
@@ -266,14 +270,10 @@ void _pam_system_log(int priority, const char *format, ... )
#define IF_NO_PAMH(X,pamh,ERR) \
if ((pamh) == NULL) { \
- _pam_system_log(LOG_ERR, X ": NULL pam handle passed"); \
+ syslog(LOG_ERR, _PAM_SYSTEM_LOG_PREFIX " " X ": NULL pam handle passed"); \
return ERR; \
}
-/* Definition for the default username prompt used by pam_get_user() */
-
-#define PAM_DEFAULT_PROMPT "Please enter username: "
-
/*
* include some helpful macros
*/
@@ -293,6 +293,11 @@ if ((pamh) == NULL) { \
#define __PAM_TO_APP(pamh) \
do { (pamh)->caller_is = _PAM_CALLED_FROM_APP; } while (0)
+#ifdef HAVE_LIBAUDIT
+extern int _pam_auditlog(pam_handle_t *pamh, int action, int retval, int flags);
+extern int _pam_audit_end(pam_handle_t *pamh, int pam_status);
+#endif
+
/*
* Copyright (C) 1995 by Red Hat Software, Marc Ewing
* Copyright (c) 1996-8,2001 by Andrew G. Morgan <morgan@kernel.org>
@@ -311,13 +316,13 @@ if ((pamh) == NULL) { \
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
diff --git a/Linux-PAM/libpam/pam_second.c b/Linux-PAM/libpam/pam_second.c
deleted file mode 100644
index fa3bdf78..00000000
--- a/Linux-PAM/libpam/pam_second.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * pam_second.c -- PAM secondary authentication
- * (based on XSSO draft spec of March 1997)
- *
- * $Id: pam_second.c,v 1.3 2001/09/19 06:18:46 agmorgan Exp $
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "pam_private.h"
-
-/* p 42 */
-
-/* XXX - there are actually no plans to support this function. It does
- not appear to be very well defined */
-
-int pam_authenticate_secondary(pam_handle_t *pamh,
- char *target_username,
- char *target_module_type,
- char *target_authn_domain,
- char *target_supp_data,
- unsigned char *target_module_authtok,
- int flags);
-
-int pam_authenticate_secondary(pam_handle_t *pamh,
- char *target_username,
- char *target_module_type,
- char *target_authn_domain,
- char *target_supp_data,
- unsigned char *target_module_authtok,
- int flags)
-{
- int retval=PAM_SYSTEM_ERR;
-
- D(("called"));
-
- _pam_start_timer(pamh); /* we try to make the time for a failure
- independent of the time it takes to
- fail */
-
- IF_NO_PAMH("pam_authenticate_secondary",pamh,PAM_SYSTEM_ERR);
-
- _pam_await_timer(pamh, retval); /* if unsuccessful then wait now */
-
- D(("pam_authenticate_secondary exit"));
-
- return retval;
-}
diff --git a/Linux-PAM/libpam/pam_session.c b/Linux-PAM/libpam/pam_session.c
index c468cf96..440ca8e6 100644
--- a/Linux-PAM/libpam/pam_session.c
+++ b/Linux-PAM/libpam/pam_session.c
@@ -1,7 +1,7 @@
/* pam_session.c - PAM Session Management */
/*
- * $Id: pam_session.c,v 1.4 2003/07/13 20:01:44 vorlon Exp $
+ * $Id: pam_session.c,v 1.6 2006/07/24 15:47:40 kukuk Exp $
*/
#include "pam_private.h"
@@ -10,6 +10,8 @@
int pam_open_session(pam_handle_t *pamh, int flags)
{
+ int retval;
+
D(("called"));
IF_NO_PAMH("pam_open_session", pamh, PAM_SYSTEM_ERR);
@@ -18,12 +20,18 @@ int pam_open_session(pam_handle_t *pamh, int flags)
D(("called from module!?"));
return PAM_SYSTEM_ERR;
}
+ retval = _pam_dispatch(pamh, flags, PAM_OPEN_SESSION);
- return _pam_dispatch(pamh, flags, PAM_OPEN_SESSION);
+#ifdef HAVE_LIBAUDIT
+ retval = _pam_auditlog(pamh, PAM_OPEN_SESSION, retval, flags);
+#endif
+ return retval;
}
int pam_close_session(pam_handle_t *pamh, int flags)
{
+ int retval;
+
D(("called"));
IF_NO_PAMH("pam_close_session", pamh, PAM_SYSTEM_ERR);
@@ -33,5 +41,12 @@ int pam_close_session(pam_handle_t *pamh, int flags)
return PAM_SYSTEM_ERR;
}
- return _pam_dispatch(pamh, flags, PAM_CLOSE_SESSION);
+ retval = _pam_dispatch(pamh, flags, PAM_CLOSE_SESSION);
+
+#ifdef HAVE_LIBAUDIT
+ retval = _pam_auditlog(pamh, PAM_CLOSE_SESSION, retval, flags);
+#endif
+
+ return retval;
+
}
diff --git a/Linux-PAM/libpam/pam_start.c b/Linux-PAM/libpam/pam_start.c
index 5d6e066a..b2c62e54 100644
--- a/Linux-PAM/libpam/pam_start.c
+++ b/Linux-PAM/libpam/pam_start.c
@@ -3,7 +3,7 @@
/* Creator Marc Ewing
* Maintained by AGM
*
- * $Id: pam_start.c,v 1.5 2004/09/14 13:48:41 kukuk Exp $
+ * $Id: pam_start.c,v 1.9 2006/07/24 15:47:40 kukuk Exp $
*
*/
@@ -25,12 +25,25 @@ int pam_start (
,service_name, user, pam_conversation, pamh));
if (pamh == NULL) {
- _pam_system_log(LOG_CRIT, "pam_start: invalid argument: pamh == NULL");
- return (PAM_BUF_ERR);
+ pam_syslog(NULL, LOG_CRIT,
+ "pam_start: invalid argument: pamh == NULL");
+ return (PAM_SYSTEM_ERR);
+ }
+
+ if (service_name == NULL) {
+ pam_syslog(NULL, LOG_CRIT,
+ "pam_start: invalid argument: service == NULL");
+ return (PAM_SYSTEM_ERR);
+ }
+
+ if (pam_conversation == NULL) {
+ pam_syslog(NULL, LOG_CRIT,
+ "pam_start: invalid argument: conv == NULL");
+ return (PAM_SYSTEM_ERR);
}
if ((*pamh = calloc(1, sizeof(**pamh))) == NULL) {
- _pam_system_log(LOG_CRIT, "pam_start: calloc failed for *pamh");
+ pam_syslog(NULL, LOG_CRIT, "pam_start: calloc failed for *pamh");
return (PAM_BUF_ERR);
}
@@ -44,24 +57,22 @@ int pam_start (
__PAM_TO_APP(*pamh);
- if (service_name) {
+ if (((*pamh)->service_name = _pam_strdup(service_name)) == NULL) {
+ pam_syslog(*pamh, LOG_CRIT,
+ "pam_start: _pam_strdup failed for service name");
+ _pam_drop(*pamh);
+ return (PAM_BUF_ERR);
+ } else {
char *tmp;
- if (((*pamh)->service_name = _pam_strdup(service_name)) == NULL) {
- _pam_system_log(LOG_CRIT,
- "pam_start: _pam_strdup failed for service name");
- _pam_drop(*pamh);
- return (PAM_BUF_ERR);
- }
for (tmp=(*pamh)->service_name; *tmp; ++tmp)
*tmp = tolower(*tmp); /* require lower case */
- } else
- (*pamh)->service_name = NULL;
+ }
if (user) {
if (((*pamh)->user = _pam_strdup(user)) == NULL) {
- _pam_system_log(LOG_CRIT,
- "pam_start: _pam_strdup failed for user");
+ pam_syslog(*pamh, LOG_CRIT,
+ "pam_start: _pam_strdup failed for user");
_pam_drop((*pamh)->service_name);
_pam_drop(*pamh);
return (PAM_BUF_ERR);
@@ -77,11 +88,13 @@ int pam_start (
(*pamh)->oldauthtok = NULL;
(*pamh)->fail_delay.delay_fn_ptr = NULL;
(*pamh)->former.choice = PAM_NOT_STACKED;
+#ifdef HAVE_LIBAUDIT
+ (*pamh)->audit_state = 0;
+#endif
- if (pam_conversation == NULL
- || ((*pamh)->pam_conversation = (struct pam_conv *)
- malloc(sizeof(struct pam_conv))) == NULL) {
- _pam_system_log(LOG_CRIT, "pam_start: malloc failed for pam_conv");
+ if (((*pamh)->pam_conversation = (struct pam_conv *)
+ malloc(sizeof(struct pam_conv))) == NULL) {
+ pam_syslog(*pamh, LOG_CRIT, "pam_start: malloc failed for pam_conv");
_pam_drop((*pamh)->service_name);
_pam_drop((*pamh)->user);
_pam_drop(*pamh);
@@ -93,7 +106,7 @@ int pam_start (
(*pamh)->data = NULL;
if ( _pam_make_env(*pamh) != PAM_SUCCESS ) {
- _pam_system_log(LOG_ERR,"pam_start: failed to initialize environment");
+ pam_syslog(*pamh,LOG_ERR,"pam_start: failed to initialize environment");
_pam_drop((*pamh)->service_name);
_pam_drop((*pamh)->user);
_pam_drop(*pamh);
@@ -108,7 +121,7 @@ int pam_start (
* symbols happens on the first call from the application. */
if ( _pam_init_handlers(*pamh) != PAM_SUCCESS ) {
- _pam_system_log(LOG_ERR, "pam_start: failed to initialize handlers");
+ pam_syslog(*pamh, LOG_ERR, "pam_start: failed to initialize handlers");
_pam_drop_env(*pamh); /* purge the environment */
_pam_drop((*pamh)->service_name);
_pam_drop((*pamh)->user);
diff --git a/Linux-PAM/libpam/pam_static.c b/Linux-PAM/libpam/pam_static.c
index 5a2b5a5d..511026d4 100644
--- a/Linux-PAM/libpam/pam_static.c
+++ b/Linux-PAM/libpam/pam_static.c
@@ -1,8 +1,7 @@
-/* pam_static.c -- static module loading helper functions */
-
-/* created by Michael K. Johnson, johnsonm@redhat.com
+/*
+ * pam_static.c -- static module loading helper functions
*
- * $Id: pam_static.c,v 1.1.1.1 2000/06/20 22:11:21 agmorgan Exp $
+ * created by Michael K. Johnson, johnsonm@redhat.com
*/
/* This whole file is only used for PAM_STATIC */
@@ -15,31 +14,15 @@
#include "pam_private.h"
-/*
- * Need to include pointers to static modules; this was built by each
- * of the modules that register...
- */
-
-#include "../modules/_static_module_list"
-
-/*
- * and here is a structure that connects libpam to the above static
- * modules
- */
-
-static struct pam_module *static_modules[] = {
-
-#include "../modules/_static_module_entry"
-
- NULL
-};
+#include "pam_static_modules.h"
/*
* and now for the functions
*/
/* Return pointer to data structure used to define a static module */
-struct pam_module * _pam_open_static_handler(const char *path)
+struct pam_module *
+_pam_open_static_handler (pam_handle_t *pamh, const char *path)
{
int i;
const char *clpath = path;
@@ -47,7 +30,7 @@ struct pam_module * _pam_open_static_handler(const char *path)
if (strchr(clpath, '/')) {
/* ignore path and leading "/" */
- clpath = strrchr(lpath, '/') + 1;
+ clpath = strrchr(path, '/') + 1;
}
/* create copy to muck with (must free before return) */
lpath = _pam_strdup(clpath);
@@ -68,8 +51,7 @@ struct pam_module * _pam_open_static_handler(const char *path)
}
if (static_modules[i] == NULL) {
- _pam_system_log(NULL, NULL, LOG_ERR, "no static module named %s",
- lpath);
+ pam_syslog (pamh, LOG_ERR, "no static module named %s", lpath);
}
free(lpath);
@@ -102,7 +84,11 @@ voidfunc *_pam_get_static_sym(struct pam_module *mod, const char *symname) {
return ((voidfunc *)NULL);
}
-#endif /* PAM_STATIC */
+#else /* ! PAM_STATIC */
+
+typedef int blarg;
+
+#endif /* ! PAM_STATIC */
/*
* Copyright (C) 1995 by Red Hat Software, Michael K. Johnson
@@ -120,13 +106,13 @@ voidfunc *_pam_get_static_sym(struct pam_module *mod, const char *symname) {
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
diff --git a/Linux-PAM/libpam/pam_static_modules.h b/Linux-PAM/libpam/pam_static_modules.h
new file mode 100644
index 00000000..27b70826
--- /dev/null
+++ b/Linux-PAM/libpam/pam_static_modules.h
@@ -0,0 +1,136 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Pointers to static module data. */
+
+extern struct pam_module _pam_access_modstruct;
+extern struct pam_module _pam_cracklib_modstruct;
+extern struct pam_module _pam_debug_modstruct;
+extern struct pam_module _pam_deny_modstruct;
+extern struct pam_module _pam_echo_modstruct;
+extern struct pam_module _pam_env_modstruct;
+extern struct pam_module _pam_exec_modstruct;
+extern struct pam_module _pam_faildelay_modstruct;
+extern struct pam_module _pam_filter_modstruct;
+extern struct pam_module _pam_ftp_modstruct;
+extern struct pam_module _pam_group_modstruct;
+extern struct pam_module _pam_issue_modstruct;
+extern struct pam_module _pam_keyinit_modstruct;
+extern struct pam_module _pam_lastlog_modstruct;
+extern struct pam_module _pam_limits_modstruct;
+extern struct pam_module _pam_listfile_modstruct;
+extern struct pam_module _pam_localuser_modstruct;
+extern struct pam_module _pam_loginuid_modstruct;
+extern struct pam_module _pam_mail_modstruct;
+extern struct pam_module _pam_mkhomedir_modstruct;
+extern struct pam_module _pam_motd_modstruct;
+#ifdef HAVE_UNSHARE
+extern struct pam_module _pam_namespace;
+#endif
+extern struct pam_module _pam_nologin_modstruct;
+extern struct pam_module _pam_permit_modstruct;
+extern struct pam_module _pam_rhosts_modstruct;
+extern struct pam_module _pam_rhosts_auth_modstruct;
+extern struct pam_module _pam_rootok_modstruct;
+extern struct pam_module _pam_securetty_modstruct;
+#ifdef WITH_SELINUX
+extern struct pam_module _pam_selinux_modstruct;
+#endif
+extern struct pam_module _pam_shells_modstruct;
+extern struct pam_module _pam_stress_modstruct;
+extern struct pam_module _pam_succeed_if_modstruct;
+extern struct pam_module _pam_tally_modstruct;
+extern struct pam_module _pam_time_modstruct;
+extern struct pam_module _pam_umask_modstruct;
+extern struct pam_module _pam_unix_acct_modstruct;
+extern struct pam_module _pam_unix_auth_modstruct;
+extern struct pam_module _pam_unix_passwd_modstruct;
+extern struct pam_module _pam_unix_session_modstruct;
+extern struct pam_module _pam_userdb_modstruct;
+extern struct pam_module _pam_warn_modstruct;
+extern struct pam_module _pam_wheel_modstruct;
+extern struct pam_module _pam_xauth_modstruct;
+
+/* and here is a structure that connects libpam to the above static
+ modules. */
+
+static struct pam_module *static_modules[] = {
+ &_pam_access_modstruct,
+ &_pam_cracklib_modstruct,
+ &_pam_debug_modstruct,
+ &_pam_deny_modstruct,
+ &_pam_echo_modstruct,
+ &_pam_env_modstruct,
+ &_pam_exec_modstruct,
+ &_pam_faildelay,
+ &_pam_filter_modstruct,
+ &_pam_ftp_modstruct,
+ &_pam_group_modstruct,
+ &_pam_issue_modstruct,
+ &_pam_keyinit_modstruct,
+ &_pam_lastlog_modstruct,
+ &_pam_limits_modstruct,
+ &_pam_listfile_modstruct,
+ &_pam_localuser_modstruct,
+ &_pam_loginuid_modstruct,
+ &_pam_mail_modstruct,
+ &_pam_mkhomedir_modstruct,
+ &_pam_motd_modstruct,
+#ifdef HAVE_UNSHARE
+ &_pam_namespace,
+#endif
+ &_pam_nologin_modstruct,
+ &_pam_permit_modstruct,
+ &_pam_rhosts_modstruct,
+ &_pam_rhosts_auth_modstruct,
+ &_pam_rootok_modstruct,
+ &_pam_securetty_modstruct,
+#ifdef WITH_SELINUX
+ &_pam_selinux_modstruct,
+#endif
+ &_pam_shells_modstruct,
+ &_pam_stress_modstruct,
+ &_pam_succeed_if_modstruct,
+ &_pam_tally_modstruct,
+ &_pam_time_modstruct,
+ &_pam_umask_modstruct,
+ &_pam_unix_acct_modstruct,
+ &_pam_unix_auth_modstruct,
+ &_pam_unix_passwd_modstruct,
+ &_pam_unix_session_modstruct,
+ &_pam_userdb_modstruct,
+ &_pam_warn_modstruct,
+ &_pam_wheel_modstruct,
+ &_pam_xauth_modstruct,
+ NULL
+};
diff --git a/Linux-PAM/libpam/pam_strerror.c b/Linux-PAM/libpam/pam_strerror.c
index 788c7a51..17c81945 100644
--- a/Linux-PAM/libpam/pam_strerror.c
+++ b/Linux-PAM/libpam/pam_strerror.c
@@ -1,93 +1,106 @@
-/* pam_strerror.c */
-
/*
- * $Id: pam_strerror.c,v 1.4 2005/01/07 15:31:26 t8m Exp $
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "pam_private.h"
-const char *pam_strerror(pam_handle_t *pamh, int errnum)
+const char *pam_strerror(pam_handle_t *pamh UNUSED, int errnum)
{
-#ifdef UGLY_HACK_FOR_PRIOR_BEHAVIOR_SUPPORT /* will be removed from v 1.0 */
-
- int possible_error;
-
- possible_error = (int) pamh;
- if (!(possible_error >= 0 && possible_error <= PAM_BAD_ITEM)) {
- possible_error = errnum;
- }
-
-/* mask standard behavior to use possible_error variable. */
-#define errnum possible_error
-
-#endif /* UGLY_HACK_FOR_PRIOR_BEHAVIOR_SUPPORT */
-
switch (errnum) {
case PAM_SUCCESS:
- return "Success";
+ return _("Success");
case PAM_ABORT:
- return "Critical error - immediate abort";
+ return _("Critical error - immediate abort");
case PAM_OPEN_ERR:
- return "dlopen() failure";
+ return _("Failed to load module");
case PAM_SYMBOL_ERR:
- return "Symbol not found";
+ return _("Symbol not found");
case PAM_SERVICE_ERR:
- return "Error in service module";
+ return _("Error in service module");
case PAM_SYSTEM_ERR:
- return "System error";
+ return _("System error");
case PAM_BUF_ERR:
- return "Memory buffer error";
+ return _("Memory buffer error");
case PAM_PERM_DENIED:
- return "Permission denied";
+ return _("Permission denied");
case PAM_AUTH_ERR:
- return "Authentication failure";
+ return _("Authentication failure");
case PAM_CRED_INSUFFICIENT:
- return "Insufficient credentials to access authentication data";
+ return _("Insufficient credentials to access authentication data");
case PAM_AUTHINFO_UNAVAIL:
- return "Authentication service cannot retrieve authentication info.";
+ return _("Authentication service cannot retrieve authentication info");
case PAM_USER_UNKNOWN:
- return "User not known to the underlying authentication module";
+ return _("User not known to the underlying authentication module");
case PAM_MAXTRIES:
- return "Have exhausted maximum number of retries for service.";
+ return _("Have exhausted maximum number of retries for service");
case PAM_NEW_AUTHTOK_REQD:
- return "Authentication token is no longer valid; new one required.";
+ return _("Authentication token is no longer valid; new one required");
case PAM_ACCT_EXPIRED:
- return "User account has expired";
+ return _("User account has expired");
case PAM_SESSION_ERR:
- return "Cannot make/remove an entry for the specified session";
+ return _("Cannot make/remove an entry for the specified session");
case PAM_CRED_UNAVAIL:
- return "Authentication service cannot retrieve user credentials";
+ return _("Authentication service cannot retrieve user credentials");
case PAM_CRED_EXPIRED:
- return "User credentials expired";
+ return _("User credentials expired");
case PAM_CRED_ERR:
- return "Failure setting user credentials";
+ return _("Failure setting user credentials");
case PAM_NO_MODULE_DATA:
- return "No module specific data is present";
+ return _("No module specific data is present");
case PAM_BAD_ITEM:
- return "Bad item passed to pam_*_item()";
+ return _("Bad item passed to pam_*_item()");
case PAM_CONV_ERR:
- return "Conversation error";
+ return _("Conversation error");
case PAM_AUTHTOK_ERR:
- return "Authentication token manipulation error";
- case PAM_AUTHTOK_RECOVER_ERR:
- return "Authentication information cannot be recovered";
+ return _("Authentication token manipulation error");
+ case PAM_AUTHTOK_RECOVERY_ERR:
+ return _("Authentication information cannot be recovered");
case PAM_AUTHTOK_LOCK_BUSY:
- return "Authentication token lock busy";
+ return _("Authentication token lock busy");
case PAM_AUTHTOK_DISABLE_AGING:
- return "Authentication token aging disabled";
+ return _("Authentication token aging disabled");
case PAM_TRY_AGAIN:
- return "Failed preliminary check by password service";
+ return _("Failed preliminary check by password service");
case PAM_IGNORE:
- return "The return value should be ignored by PAM dispatch";
+ return _("The return value should be ignored by PAM dispatch");
case PAM_MODULE_UNKNOWN:
- return "Module is unknown";
+ return _("Module is unknown");
case PAM_AUTHTOK_EXPIRED:
- return "Authentication token expired";
+ return _("Authentication token expired");
case PAM_CONV_AGAIN:
- return "Conversation is waiting for event";
+ return _("Conversation is waiting for event");
case PAM_INCOMPLETE:
- return "Application needs to call libpam again";
+ return _("Application needs to call libpam again");
}
- return "Unknown PAM error";
+ return _("Unknown PAM error");
}
diff --git a/Linux-PAM/libpam/pam_syslog.c b/Linux-PAM/libpam/pam_syslog.c
new file mode 100644
index 00000000..c5a6feca
--- /dev/null
+++ b/Linux-PAM/libpam/pam_syslog.c
@@ -0,0 +1,115 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdarg.h>
+#include <errno.h>
+
+#include <security/pam_modules.h>
+#include <security/_pam_macros.h>
+#include <security/pam_ext.h>
+
+#include "pam_private.h"
+
+#ifndef LOG_AUTHPRIV
+#define LOG_AUTHPRIV LOG_AUTH
+#endif
+
+static const char *
+_pam_choice2str (int choice)
+{
+ switch (choice)
+ {
+ case PAM_AUTHENTICATE:
+ return "auth";
+ case PAM_SETCRED:
+ return "setcred";
+ case PAM_ACCOUNT:
+ return "account";
+ case PAM_OPEN_SESSION:
+ case PAM_CLOSE_SESSION:
+ return "session";
+ case PAM_CHAUTHTOK:
+ return "chauthtok";
+ }
+ return "";
+}
+
+void
+pam_vsyslog (const pam_handle_t *pamh, int priority,
+ const char *fmt, va_list args)
+{
+ char *msgbuf1 = NULL, *msgbuf2 = NULL;
+ int save_errno = errno;
+
+ if (pamh && pamh->mod_name)
+ {
+ if (asprintf (&msgbuf1, "%s(%s:%s):", pamh->mod_name,
+ pamh->service_name?pamh->service_name:"<unknown>",
+ _pam_choice2str (pamh->choice)) < 0)
+ {
+ syslog (LOG_AUTHPRIV|LOG_ERR, "asprintf: %m");
+ return;
+ }
+ }
+
+ errno = save_errno;
+ if (vasprintf (&msgbuf2, fmt, args) < 0)
+ {
+ syslog (LOG_AUTHPRIV|LOG_ERR, "vasprintf: %m");
+ _pam_drop (msgbuf1);
+ return;
+ }
+
+ errno = save_errno;
+ syslog (LOG_AUTHPRIV|priority, "%s %s",
+ (msgbuf1 ? msgbuf1 : _PAM_SYSTEM_LOG_PREFIX), msgbuf2);
+
+ _pam_drop (msgbuf1);
+ _pam_drop (msgbuf2);
+}
+
+void
+pam_syslog (const pam_handle_t *pamh, int priority,
+ const char *fmt, ...)
+{
+ va_list args;
+
+ va_start (args, fmt);
+ pam_vsyslog (pamh, priority, fmt, args);
+ va_end (args);
+}
diff --git a/Linux-PAM/libpam/pam_tokens.h b/Linux-PAM/libpam/pam_tokens.h
index 69e79489..35c127dc 100644
--- a/Linux-PAM/libpam/pam_tokens.h
+++ b/Linux-PAM/libpam/pam_tokens.h
@@ -1,7 +1,7 @@
/*
* pam_tokens.h
*
- * $Id: pam_tokens.h,v 1.3 2001/01/22 06:07:29 agmorgan Exp $
+ * $Id: pam_tokens.h,v 1.4 2006/01/24 23:28:32 kukuk Exp $
*
* This is a Linux-PAM Library Private Header file. It contains tokens
* that are used when we parse the configuration file(s).
@@ -17,6 +17,9 @@
/* an array of actions */
+#ifndef LIBPAM_COMPILE
+static
+#endif
const char * const _pam_token_actions[-_PAM_ACTION_UNDEF] = {
"ignore", /* 0 */
"ok", /* -1 */
@@ -28,6 +31,9 @@ const char * const _pam_token_actions[-_PAM_ACTION_UNDEF] = {
/* an array of possible return values */
+#ifndef LIBPAM_COMPILE
+static
+#endif
const char * const _pam_token_returns[_PAM_RETURN_VALUES+1] = {
"success", /* 0 */
"open_err", /* 1 */
@@ -41,7 +47,7 @@ const char * const _pam_token_returns[_PAM_RETURN_VALUES+1] = {
"authinfo_unavail", /* 9 */
"user_unknown", /* 10 */
"maxtries", /* 11 */
- "new_authtok_reqd", /* 12 */
+ "new_authtok_reqd", /* 12 */
"acct_expired", /* 13 */
"session_err", /* 14 */
"cred_unavail", /* 15 */
diff --git a/Linux-PAM/libpam/pam_vprompt.c b/Linux-PAM/libpam/pam_vprompt.c
new file mode 100644
index 00000000..c53079b5
--- /dev/null
+++ b/Linux-PAM/libpam/pam_vprompt.c
@@ -0,0 +1,115 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdarg.h>
+#include <errno.h>
+
+#include <security/pam_modules.h>
+#include <security/_pam_macros.h>
+#include <security/pam_ext.h>
+
+#include "pam_private.h"
+
+int
+pam_vprompt (pam_handle_t *pamh, int style, char **response,
+ const char *fmt, va_list args)
+{
+ struct pam_message msg;
+ struct pam_response *pam_resp = NULL;
+ const struct pam_message *pmsg;
+ const struct pam_conv *conv;
+ const void *convp;
+ char *msgbuf;
+ int retval;
+
+ if (response)
+ *response = NULL;
+
+ retval = pam_get_item (pamh, PAM_CONV, &convp);
+ if (retval != PAM_SUCCESS)
+ return retval;
+ conv = convp;
+ if (conv == NULL || conv->conv == NULL)
+ {
+ pam_syslog (pamh, LOG_ERR, "no conversation function");
+ return PAM_SYSTEM_ERR;
+ }
+
+ if (vasprintf (&msgbuf, fmt, args) < 0)
+ {
+ pam_syslog (pamh, LOG_ERR, "vasprintf: %m");
+ return PAM_BUF_ERR;
+ }
+
+ msg.msg_style = style;
+ msg.msg = msgbuf;
+ pmsg = &msg;
+
+ retval = conv->conv (1, &pmsg, &pam_resp, conv->appdata_ptr);
+ if (retval != PAM_SUCCESS && pam_resp != NULL)
+ pam_syslog(pamh, LOG_WARNING,
+ "unexpected response from failed conversation function");
+ if (response)
+ *response = pam_resp == NULL ? NULL : pam_resp->resp;
+ else if (pam_resp && pam_resp->resp)
+ {
+ _pam_overwrite (pam_resp->resp);
+ _pam_drop (pam_resp->resp);
+ }
+ _pam_overwrite (msgbuf);
+ _pam_drop (pam_resp);
+ free (msgbuf);
+ if (retval != PAM_SUCCESS)
+ pam_syslog (pamh, LOG_ERR, "conversation failed");
+
+ return retval;
+}
+
+int
+pam_prompt (pam_handle_t *pamh, int style, char **response,
+ const char *fmt, ...)
+{
+ va_list args;
+ int retval;
+
+ va_start (args, fmt);
+ retval = pam_vprompt (pamh, style, response, fmt, args);
+ va_end (args);
+
+ return retval;
+}
diff --git a/Linux-PAM/libpam_misc/Makefile b/Linux-PAM/libpam_misc/Makefile
deleted file mode 100644
index 97166668..00000000
--- a/Linux-PAM/libpam_misc/Makefile
+++ /dev/null
@@ -1,120 +0,0 @@
-#
-# $Id: Makefile,v 1.9 2005/03/29 20:41:20 toady Exp $
-#
-
-# lots of debugging information goes to /tmp/pam-debug.log
-#MOREFLAGS += -D"DEBUG"
-
-include ../Make.Rules
-
-ifeq ($(WITH_LIBDEBUG),yes)
- LIBNAME=libpam_miscd
-else
- LIBNAME=libpam_misc
-endif
-ifeq ($(WITH_PRELUDE),yes)
- CFLAGS += -DPRELUDE -DLIBPRELUDE_CONFIG_PREFIX=\"`libprelude-config --prefix`\"
-endif
-VERSION=.$(MAJOR_REL)
-MODIFICATION=.$(MINOR_REL)
-
-CFLAGS += $(MOREFLAGS) $(DYNAMIC) $(STATIC)
-LINKLIBS += -L$(absolute_objdir)/libpam -lpam
-
-# dynamic library names
-
-LIBNAMED = $(LIBNAME).$(DYNTYPE)
-LIBNAMEDNAME = $(LIBNAMED)$(VERSION)
-LIBNAMEDFULL = $(LIBNAMEDNAME)$(MODIFICATION)
-
-# static library name
-
-LIBNAMEDSTATIC = $(LIBNAME).a
-
-LIBOBJECTS = help_env.o misc_conv.o
-
-ifeq ($(DYNAMIC_LIBPAM),yes)
-DLIBOBJECTS = $(addprefix dynamic/,$(LIBOBJECTS))
-endif
-
-ifeq ($(STATIC_LIBPAM),yes)
-SLIBOBJECTS = $(addprefix static/,$(LIBOBJECTS))
-endif
-
-# ---------------------------------------------
-## rules
-
-all: dirs $(LIBNAMED) $(LIBNAMEDSTATIC)
-
-dirs:
-ifeq ($(DYNAMIC_LIBPAM),yes)
- $(MKDIR) dynamic
-endif
-ifeq ($(STATIC_LIBPAM),yes)
- $(MKDIR) static
-endif
-
-dynamic/%.o : %.c
- $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-static/%.o : %.c
- $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-$(LIBNAMED): $(DLIBOBJECTS)
-ifeq ($(DYNAMIC_LIBPAM),yes)
- ifeq ($(USESONAME),yes)
- $(LD_L) $(SOSWITCH)$(LIBNAMEDNAME) -o $@ $(DLIBOBJECTS) $(MODULES) $(LINKLIBS)
- else
- $(LD_L) -o $@ $(DLIBOBJECTS) $(MODULES) $(LINKLIBS)
- endif
- ifeq ($(NEEDSONAME),yes)
- rm -f $(LIBNAMEDFULL)
- ln -s $(LIBNAMED) $(LIBNAMEDFULL)
- rm -f $(LIBNAMEDNAME)
- ln -s $(LIBNAMED) $(LIBNAMEDNAME)
- endif
-endif
-
-$(LIBNAMEDSTATIC): $(SLIBOBJECTS)
-ifeq ($(STATIC_LIBPAM),yes)
- $(AR) rcu $@ $(SLIBOBJECTS) $(MODULES)
-ifdef RANLIB
- $(AR) rc $@ $(SLIBOBJECTS) $(MODULES)
- $(RANLIB) $@
-endif
-endif
-
-install: all
- $(MKDIR) $(FAKEROOT)$(INCLUDED)
- $(INSTALL) -m 644 include/security/pam_misc.h $(FAKEROOT)$(INCLUDED)
-ifeq ($(DYNAMIC_LIBPAM),yes)
- $(MKDIR) $(FAKEROOT)$(libdir)
- $(INSTALL) -m $(SHLIBMODE) $(LIBNAMED) $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL)
-ifndef FAKEROOT
- $(LDCONFIG)
-else
- $(LDCONFIG) -n $(FAKEROOT)$(libdir)
-endif
- ifneq ($(DYNTYPE),"sl")
- ( cd $(FAKEROOT)$(libdir) ; rm -f $(LIBNAMED) ; ln -s $(LIBNAMEDNAME) $(LIBNAMED) )
- endif
-endif
-ifeq ($(STATIC_LIBPAM),yes)
- $(INSTALL) -m 644 $(LIBNAMEDSTATIC) $(FAKEROOT)$(libdir)
-endif
-
-remove:
- rm -f $(FAKEROOT)$(INCLUDED)/pam_misc.h
- rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL)
- rm -f $(FAKEROOT)$(libdir)/$(LIBNAMED)
-ifndef FAKEROOT
- $(LDCONFIG)
-endif
- rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDSTATIC)
-
-clean:
- rm -f a.out core *~ static/*.o dynamic/*.o
- rm -f *.a *.out *.o *.so ./include/security/*~
- rm -f *.orig $(LIBNAMEDNAME) $(LIBNAMEDFULL)
- if [ -d dynamic ]; then rmdir dynamic ; fi
- if [ -d static ]; then rmdir static ; fi
diff --git a/Linux-PAM/libpam_misc/Makefile.am b/Linux-PAM/libpam_misc/Makefile.am
new file mode 100644
index 00000000..787f11bf
--- /dev/null
+++ b/Linux-PAM/libpam_misc/Makefile.am
@@ -0,0 +1,23 @@
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = libpam_misc.map
+
+include_HEADERS = include/security/pam_misc.h
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include \
+ -I$(top_srcdir)/libpamc/include -I$(srcdir)/include
+
+libpam_misc_la_LDFLAGS = -no-undefined -version-info 81:2:81
+if HAVE_VERSIONING
+ libpam_misc_la_LDFLAGS += -Wl,--version-script=$(srcdir)/libpam_misc.map
+endif
+libpam_misc_la_LIBADD = $(top_builddir)/libpam/libpam.la
+
+lib_LTLIBRARIES = libpam_misc.la
+
+libpam_misc_la_SOURCES = help_env.c misc_conv.c
+
diff --git a/Linux-PAM/libpam_misc/Makefile.in b/Linux-PAM/libpam_misc/Makefile.in
new file mode 100644
index 00000000..53abe00f
--- /dev/null
+++ b/Linux-PAM/libpam_misc/Makefile.in
@@ -0,0 +1,560 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/libpam_misc.map
+subdir = libpam_misc
+DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"
+libLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(lib_LTLIBRARIES)
+libpam_misc_la_DEPENDENCIES = $(top_builddir)/libpam/libpam.la
+am_libpam_misc_la_OBJECTS = help_env.lo misc_conv.lo
+libpam_misc_la_OBJECTS = $(am_libpam_misc_la_OBJECTS)
+libpam_misc_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(libpam_misc_la_LDFLAGS) $(LDFLAGS) -o $@
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = $(libpam_misc_la_SOURCES)
+DIST_SOURCES = $(libpam_misc_la_SOURCES)
+includeHEADERS_INSTALL = $(INSTALL_HEADER)
+HEADERS = $(include_HEADERS)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = libpam_misc.map
+include_HEADERS = include/security/pam_misc.h
+AM_CFLAGS = -I$(top_srcdir)/libpam/include \
+ -I$(top_srcdir)/libpamc/include -I$(srcdir)/include
+
+libpam_misc_la_LDFLAGS = -no-undefined -version-info 81:2:81 \
+ $(am__append_1)
+libpam_misc_la_LIBADD = $(top_builddir)/libpam/libpam.la
+lib_LTLIBRARIES = libpam_misc.la
+libpam_misc_la_SOURCES = help_env.c misc_conv.c
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu libpam_misc/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu libpam_misc/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+libpam_misc.la: $(libpam_misc_la_OBJECTS) $(libpam_misc_la_DEPENDENCIES)
+ $(libpam_misc_la_LINK) -rpath $(libdir) $(libpam_misc_la_OBJECTS) $(libpam_misc_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/help_env.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc_conv.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-includeHEADERS: $(include_HEADERS)
+ @$(NORMAL_INSTALL)
+ test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)"
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \
+ $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \
+ done
+
+uninstall-includeHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \
+ rm -f "$(DESTDIR)$(includedir)/$$f"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-includeHEADERS
+
+install-dvi: install-dvi-am
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libLTLIBRARIES clean-libtool ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-includeHEADERS install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-includeHEADERS \
+ uninstall-libLTLIBRARIES
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/libpam_misc/help_env.c b/Linux-PAM/libpam_misc/help_env.c
index e1390984..f57951af 100644
--- a/Linux-PAM/libpam_misc/help_env.c
+++ b/Linux-PAM/libpam_misc/help_env.c
@@ -1,33 +1,18 @@
/*
- * $Id: help_env.c,v 1.2 2000/12/04 19:02:34 baggins Exp $
+ * $Id: help_env.c,v 1.4 2005/09/20 08:31:27 kukuk Exp $
*
* This file was written by Andrew G. Morgan <morgan@parc.power.net>
*
*/
+#include "config.h"
+
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <security/pam_misc.h>
/*
- * This is a useful function for dumping the Linux-PAM environment
- * into some local memory, prior to it all getting lost when pam_end()
- * is called.
- *
- * Initially it was assumed that libpam did not do this part correctly
- * (based on a loose email definition). The X/Open XSSO spec makes it
- * clear that this function is a duplicate of the one already in
- * libpam and therefore unnecessary. IT WILL BE COMPLETELY REMOVED
- * IN libpam_misc 1.0 */
-
-char **pam_misc_copy_env(pam_handle_t *pamh);
-char **pam_misc_copy_env(pam_handle_t *pamh)
-{
- return pam_getenvlist(pamh);
-}
-
-/*
* This function should be used to carefully dispose of the copied
* environment.
*
@@ -89,9 +74,7 @@ int pam_misc_setenv(pam_handle_t *pamh, const char *name
return PAM_PERM_DENIED; /* not allowed to overwrite */
}
}
- tmp = malloc(2+strlen(name)+strlen(value));
- if (tmp != NULL) {
- sprintf(tmp,"%s=%s",name,value);
+ if (asprintf(&tmp, "%s=%s", name, value) >= 0) {
D(("pam_putt()ing: %s", tmp));
retval = pam_putenv(pamh, tmp);
_pam_overwrite(tmp); /* purge */
diff --git a/Linux-PAM/libpam_misc/include/security/pam_misc.h b/Linux-PAM/libpam_misc/include/security/pam_misc.h
index 66c7ab4a..e6382c1c 100644
--- a/Linux-PAM/libpam_misc/include/security/pam_misc.h
+++ b/Linux-PAM/libpam_misc/include/security/pam_misc.h
@@ -1,4 +1,4 @@
-/* $Id: pam_misc.h,v 1.4 2001/05/01 04:27:37 agmorgan Exp $ */
+/* $Id: pam_misc.h,v 1.5 2005/08/16 12:27:40 kukuk Exp $ */
#ifndef __PAMMISC_H
#define __PAMMISC_H
@@ -36,16 +36,6 @@ extern void (*pam_binary_handler_free)(void *appdata, pamc_bp_t *prompt_p);
extern int pam_misc_paste_env(pam_handle_t *pamh
, const char * const * user_env);
-/* char **pam_misc_copy_env(pam_handle_t *pamh);
-
- This is no longer defined as a prototype because the X/Open XSSO
- spec makes it clear that PAM's pam_getenvlist() does exactly
- what this was needed for.
-
- A wrapper is still provided in the pam_misc library - so that
- legacy applications will still work. But _BE_WARNED_ it will
- disappear by the release of libpam 1.0 . */
-
/* delete environment as obtained from (pam_getenvlist) */
extern char **pam_misc_drop_env(char **env);
diff --git a/Linux-PAM/libpam_misc/libpam_misc.map b/Linux-PAM/libpam_misc/libpam_misc.map
new file mode 100644
index 00000000..2f28d5cf
--- /dev/null
+++ b/Linux-PAM/libpam_misc/libpam_misc.map
@@ -0,0 +1,17 @@
+LIBPAM_MISC_1.0 {
+ global:
+ misc_conv;
+ pam_misc_conv_warn_time;
+ pam_misc_conv_die_time;
+ pam_misc_conv_warn_line;
+ pam_misc_conv_die_line;
+ pam_misc_conv_died;
+ pam_binary_handler_fn;
+ pam_binary_handler_free;
+ pam_misc_paste_env;
+ pam_misc_drop_env;
+ pam_misc_setenv;
+
+ local:
+ *;
+};
diff --git a/Linux-PAM/libpam_misc/misc_conv.c b/Linux-PAM/libpam_misc/misc_conv.c
index 1c66f96c..8db24d74 100644
--- a/Linux-PAM/libpam_misc/misc_conv.c
+++ b/Linux-PAM/libpam_misc/misc_conv.c
@@ -1,12 +1,10 @@
/*
- * $Id: misc_conv.c,v 1.6 2004/09/22 12:51:20 kukuk Exp $
- *
* A generic conversation function for text based applications
*
* Written by Andrew Morgan <morgan@linux.kernel.org>
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <signal.h>
#include <stdio.h>
@@ -32,8 +30,8 @@
time_t pam_misc_conv_warn_time = 0; /* time when we warn */
time_t pam_misc_conv_die_time = 0; /* time when we timeout */
-const char *pam_misc_conv_warn_line = "..\a.Time is running out...\n";
-const char *pam_misc_conv_die_line = "..\a.Sorry, your time is up!\n";
+const char *pam_misc_conv_warn_line = N_("...Time is running out...\n");
+const char *pam_misc_conv_die_line = N_("...Sorry, your time is up!\n");
int pam_misc_conv_died=0; /* application can probe this for timeout */
@@ -45,7 +43,7 @@ int pam_misc_conv_died=0; /* application can probe this for timeout */
* being used.
*/
-static void pam_misc_conv_delete_binary(void *appdata,
+static void pam_misc_conv_delete_binary(void *appdata UNUSED,
pamc_bp_t *delete_me)
{
PAM_BP_RENEW(delete_me, 0, 0);
@@ -67,7 +65,7 @@ static void reset_alarm(struct sigaction *o_ptr)
}
/* this is where we intercept the alarm signal */
-static void time_is_up(int ignore)
+static void time_is_up(int ignore UNUSED)
{
expired = 1;
}
@@ -156,9 +154,9 @@ static int read_string(int echo, const char *prompt, char **retstr)
* the conversation without giving PAM a chance to clean up.
*/
- sigemptyset(&nset);
- sigaddset(&nset, SIGINT);
- sigaddset(&nset, SIGTSTP);
+ sigemptyset(&nset);
+ sigaddset(&nset, SIGINT);
+ sigaddset(&nset, SIGTSTP);
(void) sigprocmask(SIG_BLOCK, &nset, &oset);
} else if (!echo) {
@@ -170,17 +168,28 @@ static int read_string(int echo, const char *prompt, char **retstr)
/* reading the line */
while (delay >= 0) {
-
- fprintf(stderr, "%s", prompt);
/* this may, or may not set echo off -- drop pending input */
if (have_term)
(void) tcsetattr(STDIN_FILENO, TCSAFLUSH, &term_tmp);
+ fprintf(stderr, "%s", prompt);
+
if ( delay > 0 && set_alarm(delay, &old_sig) ) {
D(("<failed to set alarm>"));
break;
} else {
- nc = read(STDIN_FILENO, line, INPUTSIZE-1);
+ if (have_term)
+ nc = read(STDIN_FILENO, line, INPUTSIZE-1);
+ else /* we must read one line only */
+ for (nc = 0; nc < INPUTSIZE-1 && (nc?line[nc-1]:0) != '\n';
+ nc++) {
+ int rv;
+ if ((rv=read(STDIN_FILENO, line+nc, 1)) != 1) {
+ if (rv < 0)
+ nc = rv;
+ break;
+ }
+ }
if (have_term) {
(void) tcsetattr(STDIN_FILENO, TCSADRAIN, &term_before);
if (!echo || expired) /* do we need a newline? */
@@ -217,7 +226,7 @@ static int read_string(int echo, const char *prompt, char **retstr)
goto cleanexit; /* return malloc()ed "" */
} else if (nc == -1) {
/* Don't loop forever if read() returns -1. */
- D(("error reading input from the user: %s", strerror(errno)));
+ D(("error reading input from the user: %m"));
if (echo) {
fprintf(stderr, "\n");
}
@@ -331,8 +340,8 @@ int misc_conv(int num_msg, const struct pam_message **msgm,
break;
}
default:
- fprintf(stderr, "erroneous conversation (%d)\n"
- ,msgm[count]->msg_style);
+ fprintf(stderr, _("erroneous conversation (%d)\n"),
+ msgm[count]->msg_style);
goto failed_conversation;
}
@@ -366,14 +375,16 @@ failed_conversation:
free(reply[count].resp);
break;
case PAM_BINARY_PROMPT:
- pam_binary_handler_free(appdata_ptr,
- (pamc_bp_t *) &reply[count].resp);
+ {
+ void *bt_ptr = reply[count].resp;
+ pam_binary_handler_free(appdata_ptr, bt_ptr);
break;
+ }
case PAM_ERROR_MSG:
case PAM_TEXT_INFO:
/* should not actually be able to get here... */
free(reply[count].resp);
- }
+ }
reply[count].resp = NULL;
}
/* forget reply too */
@@ -383,4 +394,3 @@ failed_conversation:
return PAM_CONV_ERR;
}
-
diff --git a/Linux-PAM/libpam_misc/xstrdup.c b/Linux-PAM/libpam_misc/xstrdup.c
deleted file mode 100644
index cce476e8..00000000
--- a/Linux-PAM/libpam_misc/xstrdup.c
+++ /dev/null
@@ -1,31 +0,0 @@
-/* $Id: xstrdup.c,v 1.1.1.1 2000/06/20 22:11:25 agmorgan Exp $ */
-
-#include <malloc.h>
-#include <string.h>
-#include <security/pam_misc.h>
-
-/*
- * Safe duplication of character strings. "Paranoid"; don't leave
- * evidence of old token around for later stack analysis.
- */
-
-char *xstrdup(const char *x)
-{
- register char *new=NULL;
-
- if (x != NULL) {
- register int i;
-
- for (i=0; x[i]; ++i); /* length of string */
- if ((new = malloc(++i)) == NULL) {
- i = 0;
- } else {
- while (i-- > 0) {
- new[i] = x[i];
- }
- }
- x = NULL;
- }
-
- return new; /* return the duplicate or NULL on error */
-}
diff --git a/Linux-PAM/libpamc/Makefile b/Linux-PAM/libpamc/Makefile
deleted file mode 100644
index ee5c2086..00000000
--- a/Linux-PAM/libpamc/Makefile
+++ /dev/null
@@ -1,119 +0,0 @@
-#
-# $Id: Makefile,v 1.8 2005/03/29 20:41:20 toady Exp $
-#
-
-# lots of debugging information goes to /tmp/pam-debug.log
-#MOREFLAGS += -D"DEBUG"
-
-include ../Make.Rules
-
-ifeq ($(DEBUG_REL),yes)
- LIBNAME=libpamcd
-else
- LIBNAME=libpamc
-endif
-ifeq ($(WITH_PRELUDE),yes)
- CFLAGS += -DPRELUDE -DLIBPRELUDE_CONFIG_PREFIX=\"`libprelude-config --prefix`\"
-endif
-VERSION=.$(MAJOR_REL)
-MODIFICATION=.$(MINOR_REL)
-
-CFLAGS += $(MOREFLAGS) $(DYNAMIC) $(STATIC)
-
-# dynamic library names
-
-LIBNAMED = $(LIBNAME).$(DYNTYPE)
-LIBNAMEDNAME = $(LIBNAMED)$(VERSION)
-LIBNAMEDFULL = $(LIBNAMEDNAME)$(MODIFICATION)
-
-# static library name
-
-LIBNAMEDSTATIC = $(LIBNAME).a
-
-LIBOBJECTS = pamc_client.o pamc_converse.o pamc_load.o
-
-ifeq ($(DYNAMIC_LIBPAM),yes)
-DLIBOBJECTS = $(addprefix dynamic/,$(LIBOBJECTS))
-endif
-
-ifeq ($(STATIC_LIBPAM),yes)
-SLIBOBJECTS = $(addprefix static/,$(LIBOBJECTS))
-endif
-
-# ---------------------------------------------
-## rules
-
-all: dirs $(LIBNAMED) $(LIBNAMEDSTATIC)
-
-dirs:
-ifeq ($(DYNAMIC_LIBPAM),yes)
- $(MKDIR) dynamic
-endif
-ifeq ($(STATIC_LIBPAM),yes)
- $(MKDIR) static
-endif
-
-dynamic/%.o : %.c
- $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-static/%.o : %.c
- $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-$(LIBNAMED): $(DLIBOBJECTS)
-ifeq ($(DYNAMIC_LIBPAM),yes)
- ifeq ($(USESONAME),yes)
- $(LD_L) $(SOSWITCH)$(LIBNAMEDNAME) -o $@ $(DLIBOBJECTS) $(MODULES) $(LINKLIBS)
- else
- $(LD_L) -o $@ $(DLIBOBJECTS) $(MODULES)
- endif
- ifeq ($(NEEDSONAME),yes)
- rm -f $(LIBNAMEDFULL)
- ln -s $(LIBNAMED) $(LIBNAMEDFULL)
- rm -f $(LIBNAMEDNAME)
- ln -s $(LIBNAMED) $(LIBNAMEDNAME)
- endif
-endif
-
-$(LIBNAMEDSTATIC): $(SLIBOBJECTS)
-ifeq ($(STATIC_LIBPAM),yes)
- $(AR) rcu $@ $(SLIBOBJECTS) $(MODULES)
-ifdef RANLIB
- $(RANLIB) $@
-endif
-endif
-
-install: all
- $(MKDIR) $(FAKEROOT)$(INCLUDED)
- $(INSTALL) -m 644 include/security/pam_client.h $(FAKEROOT)$(INCLUDED)
-ifeq ($(DYNAMIC_LIBPAM),yes)
- $(MKDIR) $(FAKEROOT)$(libdir)
- $(INSTALL) -m $(SHLIBMODE) $(LIBNAMED) $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL)
-ifndef FAKEROOT
- $(LDCONFIG)
-else
- $(LDCONFIG) -n $(FAKEROOT)$(libdir)
-endif
- ifneq ($(DYNTYPE),"sl")
- ( cd $(FAKEROOT)$(libdir) ; rm -f $(LIBNAMED) ; ln -s $(LIBNAMEDNAME) $(LIBNAMED) )
- endif
-endif
-ifeq ($(STATIC_LIBPAM),yes)
- $(INSTALL) -m 644 $(LIBNAMEDSTATIC) $(FAKEROOT)$(libdir)
-endif
-
-remove:
- rm -f $(FAKEROOT)$(INCLUDED)/pam_client.h
- rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL)
- rm -f $(FAKEROOT)$(libdir)/$(LIBNAMED)
-ifndef FAKEROOT
- $(LDCONFIG)
-endif
- rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDSTATIC)
-
-clean:
- rm -f a.out core *~ static/*.o dynamic/*.o
- rm -f *.a *.out *.o *.so ./include/security/*~
- rm -f *.orig $(LIBNAMEDNAME) $(LIBNAMEDFULL)
- if [ -d dynamic ]; then rmdir dynamic ; fi
- if [ -d static ]; then rmdir static ; fi
-
diff --git a/Linux-PAM/libpamc/Makefile.am b/Linux-PAM/libpamc/Makefile.am
new file mode 100644
index 00000000..b57beb24
--- /dev/null
+++ b/Linux-PAM/libpamc/Makefile.am
@@ -0,0 +1,24 @@
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+SUBDIRS = test
+
+CLEANFILES = *~
+
+EXTRA_DIST = License libpamc.map
+
+include_HEADERS = include/security/pam_client.h
+
+noinst_HEADERS = libpamc.h
+
+AM_CFLAGS=-I$(top_srcdir)/libpam/include -I$(srcdir)/include
+
+libpamc_la_LDFLAGS = -no-undefined -version-info 81:0:81
+if HAVE_VERSIONING
+ libpamc_la_LDFLAGS += -Wl,--version-script=$(srcdir)/libpamc.map
+endif
+
+lib_LTLIBRARIES = libpamc.la
+
+libpamc_la_SOURCES = pamc_client.c pamc_converse.c pamc_load.c
diff --git a/Linux-PAM/libpamc/Makefile.in b/Linux-PAM/libpamc/Makefile.in
new file mode 100644
index 00000000..57c9b408
--- /dev/null
+++ b/Linux-PAM/libpamc/Makefile.in
@@ -0,0 +1,674 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/libpamc.map
+subdir = libpamc
+DIST_COMMON = $(include_HEADERS) $(noinst_HEADERS) \
+ $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"
+libLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(lib_LTLIBRARIES)
+libpamc_la_LIBADD =
+am_libpamc_la_OBJECTS = pamc_client.lo pamc_converse.lo pamc_load.lo
+libpamc_la_OBJECTS = $(am_libpamc_la_OBJECTS)
+libpamc_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(libpamc_la_LDFLAGS) $(LDFLAGS) -o $@
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = $(libpamc_la_SOURCES)
+DIST_SOURCES = $(libpamc_la_SOURCES)
+RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
+ html-recursive info-recursive install-data-recursive \
+ install-dvi-recursive install-exec-recursive \
+ install-html-recursive install-info-recursive \
+ install-pdf-recursive install-ps-recursive install-recursive \
+ installcheck-recursive installdirs-recursive pdf-recursive \
+ ps-recursive uninstall-recursive
+includeHEADERS_INSTALL = $(INSTALL_HEADER)
+HEADERS = $(include_HEADERS) $(noinst_HEADERS)
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+ETAGS = etags
+CTAGS = ctags
+DIST_SUBDIRS = $(SUBDIRS)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+SUBDIRS = test
+CLEANFILES = *~
+EXTRA_DIST = License libpamc.map
+include_HEADERS = include/security/pam_client.h
+noinst_HEADERS = libpamc.h
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(srcdir)/include
+libpamc_la_LDFLAGS = -no-undefined -version-info 81:0:81 \
+ $(am__append_1)
+lib_LTLIBRARIES = libpamc.la
+libpamc_la_SOURCES = pamc_client.c pamc_converse.c pamc_load.c
+all: all-recursive
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu libpamc/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu libpamc/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+libpamc.la: $(libpamc_la_OBJECTS) $(libpamc_la_DEPENDENCIES)
+ $(libpamc_la_LINK) -rpath $(libdir) $(libpamc_la_OBJECTS) $(libpamc_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pamc_client.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pamc_converse.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pamc_load.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-includeHEADERS: $(include_HEADERS)
+ @$(NORMAL_INSTALL)
+ test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)"
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \
+ $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \
+ done
+
+uninstall-includeHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \
+ rm -f "$(DESTDIR)$(includedir)/$$f"; \
+ done
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run `make' without going through this Makefile.
+# To change the values of `make' variables: instead of editing Makefiles,
+# (1) if the variable is set in `config.status', edit `config.status'
+# (which will cause the Makefiles to be regenerated when you run `make');
+# (2) otherwise, pass the desired values on the `make' command line.
+$(RECURSIVE_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+$(RECURSIVE_CLEAN_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ rev=''; for subdir in $$list; do \
+ if test "$$subdir" = "."; then :; else \
+ rev="$$subdir $$rev"; \
+ fi; \
+ done; \
+ rev="$$rev ."; \
+ target=`echo $@ | sed s/-recursive//`; \
+ for subdir in $$rev; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done && test -z "$$fail"
+tags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
+ done
+ctags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+ list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ distdir=`$(am__cd) $(distdir) && pwd`; \
+ top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
+ (cd $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$top_distdir" \
+ distdir="$$distdir/$$subdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-recursive
+all-am: Makefile $(LTLIBRARIES) $(HEADERS)
+installdirs: installdirs-recursive
+installdirs-am:
+ for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+info: info-recursive
+
+info-am:
+
+install-data-am: install-includeHEADERS
+
+install-dvi: install-dvi-recursive
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-recursive
+
+install-info: install-info-recursive
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-ps: install-ps-recursive
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES
+
+.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \
+ install-strip
+
+.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
+ all all-am check check-am clean clean-generic \
+ clean-libLTLIBRARIES clean-libtool ctags ctags-recursive \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am \
+ install-includeHEADERS install-info install-info-am \
+ install-libLTLIBRARIES install-man install-pdf install-pdf-am \
+ install-ps install-ps-am install-strip installcheck \
+ installcheck-am installdirs installdirs-am maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-recursive uninstall uninstall-am \
+ uninstall-includeHEADERS uninstall-libLTLIBRARIES
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/libpamc/include/security/pam_client.h b/Linux-PAM/libpamc/include/security/pam_client.h
index 99530322..3ef0edd1 100644
--- a/Linux-PAM/libpamc/include/security/pam_client.h
+++ b/Linux-PAM/libpamc/include/security/pam_client.h
@@ -1,5 +1,5 @@
/*
- * $Id: pam_client.h,v 1.6 2001/09/19 06:18:46 agmorgan Exp $
+ * $Id: pam_client.h,v 1.7 2005/05/20 14:58:58 kukuk Exp $
*
* Copyright (c) 1999 Andrew G. Morgan <morgan@linux.kernel.org>
*
@@ -16,19 +16,14 @@ extern "C" {
#include <unistd.h>
#include <string.h>
#include <stdio.h>
+#include <sys/types.h>
/* opaque agent handling structure */
typedef struct pamc_handle_s *pamc_handle_t;
/* binary prompt structure pointer */
-#ifndef __u32
-# define __u32 unsigned int
-#endif
-#ifndef __u8
-# define __u8 unsigned char
-#endif
-typedef struct { __u32 length; __u8 control; } *pamc_bp_t;
+typedef struct { u_int32_t length; u_int8_t control; } *pamc_bp_t;
/*
* functions provided by libpamc
@@ -91,10 +86,10 @@ char **pamc_list_agents(pamc_handle_t pch);
# define PAM_BP_FREE free
#endif /* PAM_BP_FREE */
-#define __PAM_BP_WOCTET(x,y) (*((y) + (__u8 *)(x)))
-#define __PAM_BP_ROCTET(x,y) (*((y) + (const __u8 *)(x)))
+#define __PAM_BP_WOCTET(x,y) (*((y) + (u_int8_t *)(x)))
+#define __PAM_BP_ROCTET(x,y) (*((y) + (const u_int8_t *)(x)))
-#define PAM_BP_MIN_SIZE (sizeof(__u32) + sizeof(__u8))
+#define PAM_BP_MIN_SIZE (sizeof(u_int32_t) + sizeof(u_int8_t))
#define PAM_BP_MAX_LENGTH 0x20000 /* an advisory limit */
#define PAM_BP_WCONTROL(x) (__PAM_BP_WOCTET(x,4))
#define PAM_BP_RCONTROL(x) (__PAM_BP_ROCTET(x,4))
@@ -103,8 +98,8 @@ char **pamc_list_agents(pamc_handle_t pch);
(__PAM_BP_ROCTET(x,2)<< 8)+ \
(__PAM_BP_ROCTET(x,3) ))
#define PAM_BP_LENGTH(x) (PAM_BP_SIZE(x) - PAM_BP_MIN_SIZE)
-#define PAM_BP_WDATA(x) (PAM_BP_MIN_SIZE + (__u8 *) (x))
-#define PAM_BP_RDATA(x) (PAM_BP_MIN_SIZE + (const __u8 *) (x))
+#define PAM_BP_WDATA(x) (PAM_BP_MIN_SIZE + (u_int8_t *) (x))
+#define PAM_BP_RDATA(x) (PAM_BP_MIN_SIZE + (const u_int8_t *) (x))
/* Note, this macro always '\0' terminates renewed packets */
@@ -112,13 +107,13 @@ char **pamc_list_agents(pamc_handle_t pch);
do { \
if (old_p) { \
if (*(old_p)) { \
- __u32 __size; \
+ u_int32_t __size; \
__size = PAM_BP_SIZE(*(old_p)); \
memset(*(old_p), 0, __size); \
PAM_BP_FREE(*(old_p)); \
} \
if (cntrl) { \
- __u32 __size; \
+ u_int32_t __size; \
\
__size = PAM_BP_MIN_SIZE + data_length; \
if ((*(old_p) = PAM_BP_CALLOC(1, 1+__size))) { \
@@ -141,7 +136,7 @@ do { \
#define PAM_BP_FILL(prmpt, offset, length, data) \
do { \
size_t bp_length; \
- __u8 *prompt = (__u8 *) (prmpt); \
+ u_int8_t *prompt = (u_int8_t *) (prmpt); \
bp_length = PAM_BP_LENGTH(prompt); \
if (bp_length < ((length)+(offset))) { \
PAM_BP_ASSERT("attempt to write over end of prompt"); \
@@ -152,7 +147,7 @@ do { \
#define PAM_BP_EXTRACT(prmpt, offset, length, data) \
do { \
size_t __bp_length; \
- const __u8 *__prompt = (const __u8 *) (prmpt); \
+ const u_int8_t *__prompt = (const u_int8_t *) (prmpt); \
__bp_length = PAM_BP_LENGTH(__prompt); \
if (((offset) < 0) || (__bp_length < ((length)+(offset))) \
|| ((length) < 0)) { \
diff --git a/Linux-PAM/libpamc/libpamc.map b/Linux-PAM/libpamc/libpamc.map
new file mode 100644
index 00000000..cc61a33b
--- /dev/null
+++ b/Linux-PAM/libpamc/libpamc.map
@@ -0,0 +1,12 @@
+LIBPAMC_1.0 {
+ global:
+ pamc_start;
+ pamc_end;
+ pamc_load;
+ pamc_converse;
+ pamc_disable;
+ pamc_list_agents;
+
+ local:
+ *;
+};
diff --git a/Linux-PAM/libpamc/pamc_converse.c b/Linux-PAM/libpamc/pamc_converse.c
index 131789fb..50f25200 100644
--- a/Linux-PAM/libpamc/pamc_converse.c
+++ b/Linux-PAM/libpamc/pamc_converse.c
@@ -1,5 +1,5 @@
/*
- * $Id: pamc_converse.c,v 1.2 2001/01/20 22:29:47 agmorgan Exp $
+ * $Id: pamc_converse.c,v 1.5 2005/11/24 17:15:31 ldv Exp $
*
* Copyright (c) Andrew G. Morgan <morgan@ftp.kernel.org>
*
@@ -34,8 +34,8 @@ static int __pamc_select_agent(pamc_handle_t pch, char *agent_id)
int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p)
{
- __u32 size, offset=0;
- __u8 control, raw[PAM_BP_MIN_SIZE];
+ u_int32_t size, offset=0;
+ u_int8_t control, raw[PAM_BP_MIN_SIZE];
D(("called"));
@@ -66,11 +66,12 @@ int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p)
D(("*prompt_p is not legal for the client to use"));
goto pamc_unknown_prompt;
}
-
+
/* do we need to select the agent? */
if ((*prompt_p)->control == PAM_BPC_SELECT) {
char *rawh;
- int i, retval;
+ size_t i;
+ int retval;
D(("selecting a specified agent"));
@@ -109,14 +110,14 @@ int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p)
/* pump all of the prompt into the agent */
do {
int rval = write(pch->current->writer,
- offset + (const __u8 *) (*prompt_p),
+ offset + (const u_int8_t *) (*prompt_p),
size - offset);
if (rval == -1) {
switch (errno) {
case EINTR:
break;
default:
- D(("problem writing to agent: %s", strerror(errno)));
+ D(("problem writing to agent: %m"));
goto pamc_unknown_prompt;
}
} else {
@@ -141,7 +142,7 @@ int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p)
case EINTR:
break;
default:
- D(("problem reading from agent: %s", strerror(errno)));
+ D(("problem reading from agent: %m"));
goto pamc_unknown_prompt;
}
} else if (rval) {
@@ -171,7 +172,7 @@ int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p)
value from the previous loop */
while (offset < size) {
- int rval = read(pch->current->reader, offset + (__u8 *) *prompt_p,
+ int rval = read(pch->current->reader, offset + (u_int8_t *) *prompt_p,
size-offset);
if (rval == -1) {
@@ -179,7 +180,7 @@ int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p)
case EINTR:
break;
default:
- D(("problem reading from agent: %s", strerror(errno)));
+ D(("problem reading from agent: %m"));
goto pamc_unknown_prompt;
}
} else if (rval) {
@@ -208,4 +209,3 @@ pamc_unknown_prompt:
PAM_BP_RENEW(prompt_p, PAM_BPC_FAIL, 0);
return PAM_BPC_TRUE;
}
-
diff --git a/Linux-PAM/libpamc/test/Makefile.am b/Linux-PAM/libpamc/test/Makefile.am
new file mode 100644
index 00000000..fc0cac46
--- /dev/null
+++ b/Linux-PAM/libpamc/test/Makefile.am
@@ -0,0 +1,11 @@
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+AUTOMAKE_OPTIONS = 1.6 gnits
+
+CLEANFILES = *~ */*~
+
+EXTRA_DIST = agents/secret@here modules/Makefile modules/pam_secret.c \
+ regress/Makefile regress/run_test.sh regress/test.libpamc.c \
+ regress/test.secret@here
diff --git a/Linux-PAM/libpamc/test/Makefile.in b/Linux-PAM/libpamc/test/Makefile.in
new file mode 100644
index 00000000..000f6d91
--- /dev/null
+++ b/Linux-PAM/libpamc/test/Makefile.in
@@ -0,0 +1,389 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = libpamc/test
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+SOURCES =
+DIST_SOURCES =
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+AUTOMAKE_OPTIONS = 1.6 gnits
+CLEANFILES = *~ */*~
+EXTRA_DIST = agents/secret@here modules/Makefile modules/pam_secret.c \
+ regress/Makefile regress/run_test.sh regress/test.libpamc.c \
+ regress/test.secret@here
+
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnits libpamc/test/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnits libpamc/test/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+tags: TAGS
+TAGS:
+
+ctags: CTAGS
+CTAGS:
+
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am check check-am clean clean-generic clean-libtool \
+ distclean distclean-generic distclean-libtool distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-html install-html-am \
+ install-info install-info-am install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am uninstall uninstall-am
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/ltmain.sh b/Linux-PAM/ltmain.sh
new file mode 100644
index 00000000..06823e05
--- /dev/null
+++ b/Linux-PAM/ltmain.sh
@@ -0,0 +1,6863 @@
+# ltmain.sh - Provide generalized library-building support services.
+# NOTE: Changing this file will not affect anything until you rerun configure.
+#
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005
+# Free Software Foundation, Inc.
+# Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+basename="s,^.*/,,g"
+
+# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh
+# is ksh but when the shell is invoked as "sh" and the current value of
+# the _XPG environment variable is not equal to 1 (one), the special
+# positional parameter $0, within a function call, is the name of the
+# function.
+progpath="$0"
+
+# The name of this program:
+progname=`echo "$progpath" | $SED $basename`
+modename="$progname"
+
+# Global variables:
+EXIT_SUCCESS=0
+EXIT_FAILURE=1
+
+PROGRAM=ltmain.sh
+PACKAGE=libtool
+VERSION=1.5.22
+TIMESTAMP=" (1.1220.2.365 2005/12/18 22:14:06)"
+
+# See if we are running on zsh, and set the options which allow our
+# commands through without removal of \ escapes.
+if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+fi
+
+# Check that we have a working $echo.
+if test "X$1" = X--no-reexec; then
+ # Discard the --no-reexec flag, and continue.
+ shift
+elif test "X$1" = X--fallback-echo; then
+ # Avoid inline document here, it may be left over
+ :
+elif test "X`($echo '\t') 2>/dev/null`" = 'X\t'; then
+ # Yippee, $echo works!
+ :
+else
+ # Restart under the correct shell, and then maybe $echo will work.
+ exec $SHELL "$progpath" --no-reexec ${1+"$@"}
+fi
+
+if test "X$1" = X--fallback-echo; then
+ # used as fallback echo
+ shift
+ cat <<EOF
+$*
+EOF
+ exit $EXIT_SUCCESS
+fi
+
+default_mode=
+help="Try \`$progname --help' for more information."
+magic="%%%MAGIC variable%%%"
+mkdir="mkdir"
+mv="mv -f"
+rm="rm -f"
+
+# Sed substitution that helps us do robust quoting. It backslashifies
+# metacharacters that are still active within double-quoted strings.
+Xsed="${SED}"' -e 1s/^X//'
+sed_quote_subst='s/\([\\`\\"$\\\\]\)/\\\1/g'
+# test EBCDIC or ASCII
+case `echo X|tr X '\101'` in
+ A) # ASCII based system
+ # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr
+ SP2NL='tr \040 \012'
+ NL2SP='tr \015\012 \040\040'
+ ;;
+ *) # EBCDIC based system
+ SP2NL='tr \100 \n'
+ NL2SP='tr \r\n \100\100'
+ ;;
+esac
+
+# NLS nuisances.
+# Only set LANG and LC_ALL to C if already set.
+# These must not be set unconditionally because not all systems understand
+# e.g. LANG=C (notably SCO).
+# We save the old values to restore during execute mode.
+if test "${LC_ALL+set}" = set; then
+ save_LC_ALL="$LC_ALL"; LC_ALL=C; export LC_ALL
+fi
+if test "${LANG+set}" = set; then
+ save_LANG="$LANG"; LANG=C; export LANG
+fi
+
+# Make sure IFS has a sensible default
+lt_nl='
+'
+IFS=" $lt_nl"
+
+if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then
+ $echo "$modename: not configured to build any kind of library" 1>&2
+ $echo "Fatal configuration error. See the $PACKAGE docs for more information." 1>&2
+ exit $EXIT_FAILURE
+fi
+
+# Global variables.
+mode=$default_mode
+nonopt=
+prev=
+prevopt=
+run=
+show="$echo"
+show_help=
+execute_dlfiles=
+duplicate_deps=no
+preserve_args=
+lo2o="s/\\.lo\$/.${objext}/"
+o2lo="s/\\.${objext}\$/.lo/"
+
+#####################################
+# Shell function definitions:
+# This seems to be the best place for them
+
+# func_mktempdir [string]
+# Make a temporary directory that won't clash with other running
+# libtool processes, and avoids race conditions if possible. If
+# given, STRING is the basename for that directory.
+func_mktempdir ()
+{
+ my_template="${TMPDIR-/tmp}/${1-$progname}"
+
+ if test "$run" = ":"; then
+ # Return a directory name, but don't create it in dry-run mode
+ my_tmpdir="${my_template}-$$"
+ else
+
+ # If mktemp works, use that first and foremost
+ my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null`
+
+ if test ! -d "$my_tmpdir"; then
+ # Failing that, at least try and use $RANDOM to avoid a race
+ my_tmpdir="${my_template}-${RANDOM-0}$$"
+
+ save_mktempdir_umask=`umask`
+ umask 0077
+ $mkdir "$my_tmpdir"
+ umask $save_mktempdir_umask
+ fi
+
+ # If we're not in dry-run mode, bomb out on failure
+ test -d "$my_tmpdir" || {
+ $echo "cannot create temporary directory \`$my_tmpdir'" 1>&2
+ exit $EXIT_FAILURE
+ }
+ fi
+
+ $echo "X$my_tmpdir" | $Xsed
+}
+
+
+# func_win32_libid arg
+# return the library type of file 'arg'
+#
+# Need a lot of goo to handle *both* DLLs and import libs
+# Has to be a shell function in order to 'eat' the argument
+# that is supplied when $file_magic_command is called.
+func_win32_libid ()
+{
+ win32_libid_type="unknown"
+ win32_fileres=`file -L $1 2>/dev/null`
+ case $win32_fileres in
+ *ar\ archive\ import\ library*) # definitely import
+ win32_libid_type="x86 archive import"
+ ;;
+ *ar\ archive*) # could be an import, or static
+ if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | \
+ $EGREP -e 'file format pe-i386(.*architecture: i386)?' >/dev/null ; then
+ win32_nmres=`eval $NM -f posix -A $1 | \
+ $SED -n -e '1,100{/ I /{s,.*,import,;p;q;};}'`
+ case $win32_nmres in
+ import*) win32_libid_type="x86 archive import";;
+ *) win32_libid_type="x86 archive static";;
+ esac
+ fi
+ ;;
+ *DLL*)
+ win32_libid_type="x86 DLL"
+ ;;
+ *executable*) # but shell scripts are "executable" too...
+ case $win32_fileres in
+ *MS\ Windows\ PE\ Intel*)
+ win32_libid_type="x86 DLL"
+ ;;
+ esac
+ ;;
+ esac
+ $echo $win32_libid_type
+}
+
+
+# func_infer_tag arg
+# Infer tagged configuration to use if any are available and
+# if one wasn't chosen via the "--tag" command line option.
+# Only attempt this if the compiler in the base compile
+# command doesn't match the default compiler.
+# arg is usually of the form 'gcc ...'
+func_infer_tag ()
+{
+ if test -n "$available_tags" && test -z "$tagname"; then
+ CC_quoted=
+ for arg in $CC; do
+ case $arg in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ arg="\"$arg\""
+ ;;
+ esac
+ CC_quoted="$CC_quoted $arg"
+ done
+ case $@ in
+ # Blanks in the command may have been stripped by the calling shell,
+ # but not from the CC environment variable when configure was run.
+ " $CC "* | "$CC "* | " `$echo $CC` "* | "`$echo $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$echo $CC_quoted` "* | "`$echo $CC_quoted` "*) ;;
+ # Blanks at the start of $base_compile will cause this to fail
+ # if we don't check for them as well.
+ *)
+ for z in $available_tags; do
+ if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then
+ # Evaluate the configuration.
+ eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`"
+ CC_quoted=
+ for arg in $CC; do
+ # Double-quote args containing other shell metacharacters.
+ case $arg in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ arg="\"$arg\""
+ ;;
+ esac
+ CC_quoted="$CC_quoted $arg"
+ done
+ case "$@ " in
+ " $CC "* | "$CC "* | " `$echo $CC` "* | "`$echo $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$echo $CC_quoted` "* | "`$echo $CC_quoted` "*)
+ # The compiler in the base compile command matches
+ # the one in the tagged configuration.
+ # Assume this is the tagged configuration we want.
+ tagname=$z
+ break
+ ;;
+ esac
+ fi
+ done
+ # If $tagname still isn't set, then no tagged configuration
+ # was found and let the user know that the "--tag" command
+ # line option must be used.
+ if test -z "$tagname"; then
+ $echo "$modename: unable to infer tagged configuration"
+ $echo "$modename: specify a tag with \`--tag'" 1>&2
+ exit $EXIT_FAILURE
+# else
+# $echo "$modename: using $tagname tagged configuration"
+ fi
+ ;;
+ esac
+ fi
+}
+
+
+# func_extract_an_archive dir oldlib
+func_extract_an_archive ()
+{
+ f_ex_an_ar_dir="$1"; shift
+ f_ex_an_ar_oldlib="$1"
+
+ $show "(cd $f_ex_an_ar_dir && $AR x $f_ex_an_ar_oldlib)"
+ $run eval "(cd \$f_ex_an_ar_dir && $AR x \$f_ex_an_ar_oldlib)" || exit $?
+ if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then
+ :
+ else
+ $echo "$modename: ERROR: object name conflicts: $f_ex_an_ar_dir/$f_ex_an_ar_oldlib" 1>&2
+ exit $EXIT_FAILURE
+ fi
+}
+
+# func_extract_archives gentop oldlib ...
+func_extract_archives ()
+{
+ my_gentop="$1"; shift
+ my_oldlibs=${1+"$@"}
+ my_oldobjs=""
+ my_xlib=""
+ my_xabs=""
+ my_xdir=""
+ my_status=""
+
+ $show "${rm}r $my_gentop"
+ $run ${rm}r "$my_gentop"
+ $show "$mkdir $my_gentop"
+ $run $mkdir "$my_gentop"
+ my_status=$?
+ if test "$my_status" -ne 0 && test ! -d "$my_gentop"; then
+ exit $my_status
+ fi
+
+ for my_xlib in $my_oldlibs; do
+ # Extract the objects.
+ case $my_xlib in
+ [\\/]* | [A-Za-z]:[\\/]*) my_xabs="$my_xlib" ;;
+ *) my_xabs=`pwd`"/$my_xlib" ;;
+ esac
+ my_xlib=`$echo "X$my_xlib" | $Xsed -e 's%^.*/%%'`
+ my_xdir="$my_gentop/$my_xlib"
+
+ $show "${rm}r $my_xdir"
+ $run ${rm}r "$my_xdir"
+ $show "$mkdir $my_xdir"
+ $run $mkdir "$my_xdir"
+ exit_status=$?
+ if test "$exit_status" -ne 0 && test ! -d "$my_xdir"; then
+ exit $exit_status
+ fi
+ case $host in
+ *-darwin*)
+ $show "Extracting $my_xabs"
+ # Do not bother doing anything if just a dry run
+ if test -z "$run"; then
+ darwin_orig_dir=`pwd`
+ cd $my_xdir || exit $?
+ darwin_archive=$my_xabs
+ darwin_curdir=`pwd`
+ darwin_base_archive=`$echo "X$darwin_archive" | $Xsed -e 's%^.*/%%'`
+ darwin_arches=`lipo -info "$darwin_archive" 2>/dev/null | $EGREP Architectures 2>/dev/null`
+ if test -n "$darwin_arches"; then
+ darwin_arches=`echo "$darwin_arches" | $SED -e 's/.*are://'`
+ darwin_arch=
+ $show "$darwin_base_archive has multiple architectures $darwin_arches"
+ for darwin_arch in $darwin_arches ; do
+ mkdir -p "unfat-$$/${darwin_base_archive}-${darwin_arch}"
+ lipo -thin $darwin_arch -output "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" "${darwin_archive}"
+ cd "unfat-$$/${darwin_base_archive}-${darwin_arch}"
+ func_extract_an_archive "`pwd`" "${darwin_base_archive}"
+ cd "$darwin_curdir"
+ $rm "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}"
+ done # $darwin_arches
+ ## Okay now we have a bunch of thin objects, gotta fatten them up :)
+ darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print| xargs basename | sort -u | $NL2SP`
+ darwin_file=
+ darwin_files=
+ for darwin_file in $darwin_filelist; do
+ darwin_files=`find unfat-$$ -name $darwin_file -print | $NL2SP`
+ lipo -create -output "$darwin_file" $darwin_files
+ done # $darwin_filelist
+ ${rm}r unfat-$$
+ cd "$darwin_orig_dir"
+ else
+ cd "$darwin_orig_dir"
+ func_extract_an_archive "$my_xdir" "$my_xabs"
+ fi # $darwin_arches
+ fi # $run
+ ;;
+ *)
+ func_extract_an_archive "$my_xdir" "$my_xabs"
+ ;;
+ esac
+ my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | $NL2SP`
+ done
+ func_extract_archives_result="$my_oldobjs"
+}
+# End of Shell function definitions
+#####################################
+
+# Darwin sucks
+eval std_shrext=\"$shrext_cmds\"
+
+disable_libs=no
+
+# Parse our command line options once, thoroughly.
+while test "$#" -gt 0
+do
+ arg="$1"
+ shift
+
+ case $arg in
+ -*=*) optarg=`$echo "X$arg" | $Xsed -e 's/[-_a-zA-Z0-9]*=//'` ;;
+ *) optarg= ;;
+ esac
+
+ # If the previous option needs an argument, assign it.
+ if test -n "$prev"; then
+ case $prev in
+ execute_dlfiles)
+ execute_dlfiles="$execute_dlfiles $arg"
+ ;;
+ tag)
+ tagname="$arg"
+ preserve_args="${preserve_args}=$arg"
+
+ # Check whether tagname contains only valid characters
+ case $tagname in
+ *[!-_A-Za-z0-9,/]*)
+ $echo "$progname: invalid tag name: $tagname" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+
+ case $tagname in
+ CC)
+ # Don't test for the "default" C tag, as we know, it's there, but
+ # not specially marked.
+ ;;
+ *)
+ if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "$progpath" > /dev/null; then
+ taglist="$taglist $tagname"
+ # Evaluate the configuration.
+ eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$tagname'$/,/^# ### END LIBTOOL TAG CONFIG: '$tagname'$/p' < $progpath`"
+ else
+ $echo "$progname: ignoring unknown tag $tagname" 1>&2
+ fi
+ ;;
+ esac
+ ;;
+ *)
+ eval "$prev=\$arg"
+ ;;
+ esac
+
+ prev=
+ prevopt=
+ continue
+ fi
+
+ # Have we seen a non-optional argument yet?
+ case $arg in
+ --help)
+ show_help=yes
+ ;;
+
+ --version)
+ $echo "$PROGRAM (GNU $PACKAGE) $VERSION$TIMESTAMP"
+ $echo
+ $echo "Copyright (C) 2005 Free Software Foundation, Inc."
+ $echo "This is free software; see the source for copying conditions. There is NO"
+ $echo "warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+ exit $?
+ ;;
+
+ --config)
+ ${SED} -e '1,/^# ### BEGIN LIBTOOL CONFIG/d' -e '/^# ### END LIBTOOL CONFIG/,$d' $progpath
+ # Now print the configurations for the tags.
+ for tagname in $taglist; do
+ ${SED} -n -e "/^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$/,/^# ### END LIBTOOL TAG CONFIG: $tagname$/p" < "$progpath"
+ done
+ exit $?
+ ;;
+
+ --debug)
+ $echo "$progname: enabling shell trace mode"
+ set -x
+ preserve_args="$preserve_args $arg"
+ ;;
+
+ --dry-run | -n)
+ run=:
+ ;;
+
+ --features)
+ $echo "host: $host"
+ if test "$build_libtool_libs" = yes; then
+ $echo "enable shared libraries"
+ else
+ $echo "disable shared libraries"
+ fi
+ if test "$build_old_libs" = yes; then
+ $echo "enable static libraries"
+ else
+ $echo "disable static libraries"
+ fi
+ exit $?
+ ;;
+
+ --finish) mode="finish" ;;
+
+ --mode) prevopt="--mode" prev=mode ;;
+ --mode=*) mode="$optarg" ;;
+
+ --preserve-dup-deps) duplicate_deps="yes" ;;
+
+ --quiet | --silent)
+ show=:
+ preserve_args="$preserve_args $arg"
+ ;;
+
+ --tag)
+ prevopt="--tag"
+ prev=tag
+ preserve_args="$preserve_args --tag"
+ ;;
+ --tag=*)
+ set tag "$optarg" ${1+"$@"}
+ shift
+ prev=tag
+ preserve_args="$preserve_args --tag"
+ ;;
+
+ -dlopen)
+ prevopt="-dlopen"
+ prev=execute_dlfiles
+ ;;
+
+ -*)
+ $echo "$modename: unrecognized option \`$arg'" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+
+ *)
+ nonopt="$arg"
+ break
+ ;;
+ esac
+done
+
+if test -n "$prevopt"; then
+ $echo "$modename: option \`$prevopt' requires an argument" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+fi
+
+case $disable_libs in
+no)
+ ;;
+shared)
+ build_libtool_libs=no
+ build_old_libs=yes
+ ;;
+static)
+ build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac`
+ ;;
+esac
+
+# If this variable is set in any of the actions, the command in it
+# will be execed at the end. This prevents here-documents from being
+# left over by shells.
+exec_cmd=
+
+if test -z "$show_help"; then
+
+ # Infer the operation mode.
+ if test -z "$mode"; then
+ $echo "*** Warning: inferring the mode of operation is deprecated." 1>&2
+ $echo "*** Future versions of Libtool will require --mode=MODE be specified." 1>&2
+ case $nonopt in
+ *cc | cc* | *++ | gcc* | *-gcc* | g++* | xlc*)
+ mode=link
+ for arg
+ do
+ case $arg in
+ -c)
+ mode=compile
+ break
+ ;;
+ esac
+ done
+ ;;
+ *db | *dbx | *strace | *truss)
+ mode=execute
+ ;;
+ *install*|cp|mv)
+ mode=install
+ ;;
+ *rm)
+ mode=uninstall
+ ;;
+ *)
+ # If we have no mode, but dlfiles were specified, then do execute mode.
+ test -n "$execute_dlfiles" && mode=execute
+
+ # Just use the default operation mode.
+ if test -z "$mode"; then
+ if test -n "$nonopt"; then
+ $echo "$modename: warning: cannot infer operation mode from \`$nonopt'" 1>&2
+ else
+ $echo "$modename: warning: cannot infer operation mode without MODE-ARGS" 1>&2
+ fi
+ fi
+ ;;
+ esac
+ fi
+
+ # Only execute mode is allowed to have -dlopen flags.
+ if test -n "$execute_dlfiles" && test "$mode" != execute; then
+ $echo "$modename: unrecognized option \`-dlopen'" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # Change the help message to a mode-specific one.
+ generic_help="$help"
+ help="Try \`$modename --help --mode=$mode' for more information."
+
+ # These modes are in order of execution frequency so that they run quickly.
+ case $mode in
+ # libtool compile mode
+ compile)
+ modename="$modename: compile"
+ # Get the compilation command and the source file.
+ base_compile=
+ srcfile="$nonopt" # always keep a non-empty value in "srcfile"
+ suppress_opt=yes
+ suppress_output=
+ arg_mode=normal
+ libobj=
+ later=
+
+ for arg
+ do
+ case $arg_mode in
+ arg )
+ # do not "continue". Instead, add this to base_compile
+ lastarg="$arg"
+ arg_mode=normal
+ ;;
+
+ target )
+ libobj="$arg"
+ arg_mode=normal
+ continue
+ ;;
+
+ normal )
+ # Accept any command-line options.
+ case $arg in
+ -o)
+ if test -n "$libobj" ; then
+ $echo "$modename: you cannot specify \`-o' more than once" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ arg_mode=target
+ continue
+ ;;
+
+ -static | -prefer-pic | -prefer-non-pic)
+ later="$later $arg"
+ continue
+ ;;
+
+ -no-suppress)
+ suppress_opt=no
+ continue
+ ;;
+
+ -Xcompiler)
+ arg_mode=arg # the next one goes into the "base_compile" arg list
+ continue # The current "srcfile" will either be retained or
+ ;; # replaced later. I would guess that would be a bug.
+
+ -Wc,*)
+ args=`$echo "X$arg" | $Xsed -e "s/^-Wc,//"`
+ lastarg=
+ save_ifs="$IFS"; IFS=','
+ for arg in $args; do
+ IFS="$save_ifs"
+
+ # Double-quote args containing other shell metacharacters.
+ # Many Bourne shells cannot handle close brackets correctly
+ # in scan sets, so we specify it separately.
+ case $arg in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ arg="\"$arg\""
+ ;;
+ esac
+ lastarg="$lastarg $arg"
+ done
+ IFS="$save_ifs"
+ lastarg=`$echo "X$lastarg" | $Xsed -e "s/^ //"`
+
+ # Add the arguments to base_compile.
+ base_compile="$base_compile $lastarg"
+ continue
+ ;;
+
+ * )
+ # Accept the current argument as the source file.
+ # The previous "srcfile" becomes the current argument.
+ #
+ lastarg="$srcfile"
+ srcfile="$arg"
+ ;;
+ esac # case $arg
+ ;;
+ esac # case $arg_mode
+
+ # Aesthetically quote the previous argument.
+ lastarg=`$echo "X$lastarg" | $Xsed -e "$sed_quote_subst"`
+
+ case $lastarg in
+ # Double-quote args containing other shell metacharacters.
+ # Many Bourne shells cannot handle close brackets correctly
+ # in scan sets, and some SunOS ksh mistreat backslash-escaping
+ # in scan sets (worked around with variable expansion),
+ # and furthermore cannot handle '|' '&' '(' ')' in scan sets
+ # at all, so we specify them separately.
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ lastarg="\"$lastarg\""
+ ;;
+ esac
+
+ base_compile="$base_compile $lastarg"
+ done # for arg
+
+ case $arg_mode in
+ arg)
+ $echo "$modename: you must specify an argument for -Xcompile"
+ exit $EXIT_FAILURE
+ ;;
+ target)
+ $echo "$modename: you must specify a target with \`-o'" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ *)
+ # Get the name of the library object.
+ [ -z "$libobj" ] && libobj=`$echo "X$srcfile" | $Xsed -e 's%^.*/%%'`
+ ;;
+ esac
+
+ # Recognize several different file suffixes.
+ # If the user specifies -o file.o, it is replaced with file.lo
+ xform='[cCFSifmso]'
+ case $libobj in
+ *.ada) xform=ada ;;
+ *.adb) xform=adb ;;
+ *.ads) xform=ads ;;
+ *.asm) xform=asm ;;
+ *.c++) xform=c++ ;;
+ *.cc) xform=cc ;;
+ *.ii) xform=ii ;;
+ *.class) xform=class ;;
+ *.cpp) xform=cpp ;;
+ *.cxx) xform=cxx ;;
+ *.f90) xform=f90 ;;
+ *.for) xform=for ;;
+ *.java) xform=java ;;
+ esac
+
+ libobj=`$echo "X$libobj" | $Xsed -e "s/\.$xform$/.lo/"`
+
+ case $libobj in
+ *.lo) obj=`$echo "X$libobj" | $Xsed -e "$lo2o"` ;;
+ *)
+ $echo "$modename: cannot determine name of library object from \`$libobj'" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+
+ func_infer_tag $base_compile
+
+ for arg in $later; do
+ case $arg in
+ -static)
+ build_old_libs=yes
+ continue
+ ;;
+
+ -prefer-pic)
+ pic_mode=yes
+ continue
+ ;;
+
+ -prefer-non-pic)
+ pic_mode=no
+ continue
+ ;;
+ esac
+ done
+
+ qlibobj=`$echo "X$libobj" | $Xsed -e "$sed_quote_subst"`
+ case $qlibobj in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ qlibobj="\"$qlibobj\"" ;;
+ esac
+ test "X$libobj" != "X$qlibobj" \
+ && $echo "X$libobj" | grep '[]~#^*{};<>?"'"'"' &()|`$[]' \
+ && $echo "$modename: libobj name \`$libobj' may not contain shell special characters."
+ objname=`$echo "X$obj" | $Xsed -e 's%^.*/%%'`
+ xdir=`$echo "X$obj" | $Xsed -e 's%/[^/]*$%%'`
+ if test "X$xdir" = "X$obj"; then
+ xdir=
+ else
+ xdir=$xdir/
+ fi
+ lobj=${xdir}$objdir/$objname
+
+ if test -z "$base_compile"; then
+ $echo "$modename: you must specify a compilation command" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # Delete any leftover library objects.
+ if test "$build_old_libs" = yes; then
+ removelist="$obj $lobj $libobj ${libobj}T"
+ else
+ removelist="$lobj $libobj ${libobj}T"
+ fi
+
+ $run $rm $removelist
+ trap "$run $rm $removelist; exit $EXIT_FAILURE" 1 2 15
+
+ # On Cygwin there's no "real" PIC flag so we must build both object types
+ case $host_os in
+ cygwin* | mingw* | pw32* | os2*)
+ pic_mode=default
+ ;;
+ esac
+ if test "$pic_mode" = no && test "$deplibs_check_method" != pass_all; then
+ # non-PIC code in shared libraries is not supported
+ pic_mode=default
+ fi
+
+ # Calculate the filename of the output object if compiler does
+ # not support -o with -c
+ if test "$compiler_c_o" = no; then
+ output_obj=`$echo "X$srcfile" | $Xsed -e 's%^.*/%%' -e 's%\.[^.]*$%%'`.${objext}
+ lockfile="$output_obj.lock"
+ removelist="$removelist $output_obj $lockfile"
+ trap "$run $rm $removelist; exit $EXIT_FAILURE" 1 2 15
+ else
+ output_obj=
+ need_locks=no
+ lockfile=
+ fi
+
+ # Lock this critical section if it is needed
+ # We use this script file to make the link, it avoids creating a new file
+ if test "$need_locks" = yes; then
+ until $run ln "$progpath" "$lockfile" 2>/dev/null; do
+ $show "Waiting for $lockfile to be removed"
+ sleep 2
+ done
+ elif test "$need_locks" = warn; then
+ if test -f "$lockfile"; then
+ $echo "\
+*** ERROR, $lockfile exists and contains:
+`cat $lockfile 2>/dev/null`
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support \`-c' and \`-o' together. If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+ $run $rm $removelist
+ exit $EXIT_FAILURE
+ fi
+ $echo "$srcfile" > "$lockfile"
+ fi
+
+ if test -n "$fix_srcfile_path"; then
+ eval srcfile=\"$fix_srcfile_path\"
+ fi
+ qsrcfile=`$echo "X$srcfile" | $Xsed -e "$sed_quote_subst"`
+ case $qsrcfile in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ qsrcfile="\"$qsrcfile\"" ;;
+ esac
+
+ $run $rm "$libobj" "${libobj}T"
+
+ # Create a libtool object file (analogous to a ".la" file),
+ # but don't create it if we're doing a dry run.
+ test -z "$run" && cat > ${libobj}T <<EOF
+# $libobj - a libtool object file
+# Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP
+#
+# Please DO NOT delete this file!
+# It is necessary for linking the library.
+
+# Name of the PIC object.
+EOF
+
+ # Only build a PIC object if we are building libtool libraries.
+ if test "$build_libtool_libs" = yes; then
+ # Without this assignment, base_compile gets emptied.
+ fbsd_hideous_sh_bug=$base_compile
+
+ if test "$pic_mode" != no; then
+ command="$base_compile $qsrcfile $pic_flag"
+ else
+ # Don't build PIC code
+ command="$base_compile $qsrcfile"
+ fi
+
+ if test ! -d "${xdir}$objdir"; then
+ $show "$mkdir ${xdir}$objdir"
+ $run $mkdir ${xdir}$objdir
+ exit_status=$?
+ if test "$exit_status" -ne 0 && test ! -d "${xdir}$objdir"; then
+ exit $exit_status
+ fi
+ fi
+
+ if test -z "$output_obj"; then
+ # Place PIC objects in $objdir
+ command="$command -o $lobj"
+ fi
+
+ $run $rm "$lobj" "$output_obj"
+
+ $show "$command"
+ if $run eval "$command"; then :
+ else
+ test -n "$output_obj" && $run $rm $removelist
+ exit $EXIT_FAILURE
+ fi
+
+ if test "$need_locks" = warn &&
+ test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then
+ $echo "\
+*** ERROR, $lockfile contains:
+`cat $lockfile 2>/dev/null`
+
+but it should contain:
+$srcfile
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support \`-c' and \`-o' together. If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+ $run $rm $removelist
+ exit $EXIT_FAILURE
+ fi
+
+ # Just move the object if needed, then go on to compile the next one
+ if test -n "$output_obj" && test "X$output_obj" != "X$lobj"; then
+ $show "$mv $output_obj $lobj"
+ if $run $mv $output_obj $lobj; then :
+ else
+ error=$?
+ $run $rm $removelist
+ exit $error
+ fi
+ fi
+
+ # Append the name of the PIC object to the libtool object file.
+ test -z "$run" && cat >> ${libobj}T <<EOF
+pic_object='$objdir/$objname'
+
+EOF
+
+ # Allow error messages only from the first compilation.
+ if test "$suppress_opt" = yes; then
+ suppress_output=' >/dev/null 2>&1'
+ fi
+ else
+ # No PIC object so indicate it doesn't exist in the libtool
+ # object file.
+ test -z "$run" && cat >> ${libobj}T <<EOF
+pic_object=none
+
+EOF
+ fi
+
+ # Only build a position-dependent object if we build old libraries.
+ if test "$build_old_libs" = yes; then
+ if test "$pic_mode" != yes; then
+ # Don't build PIC code
+ command="$base_compile $qsrcfile"
+ else
+ command="$base_compile $qsrcfile $pic_flag"
+ fi
+ if test "$compiler_c_o" = yes; then
+ command="$command -o $obj"
+ fi
+
+ # Suppress compiler output if we already did a PIC compilation.
+ command="$command$suppress_output"
+ $run $rm "$obj" "$output_obj"
+ $show "$command"
+ if $run eval "$command"; then :
+ else
+ $run $rm $removelist
+ exit $EXIT_FAILURE
+ fi
+
+ if test "$need_locks" = warn &&
+ test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then
+ $echo "\
+*** ERROR, $lockfile contains:
+`cat $lockfile 2>/dev/null`
+
+but it should contain:
+$srcfile
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support \`-c' and \`-o' together. If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+ $run $rm $removelist
+ exit $EXIT_FAILURE
+ fi
+
+ # Just move the object if needed
+ if test -n "$output_obj" && test "X$output_obj" != "X$obj"; then
+ $show "$mv $output_obj $obj"
+ if $run $mv $output_obj $obj; then :
+ else
+ error=$?
+ $run $rm $removelist
+ exit $error
+ fi
+ fi
+
+ # Append the name of the non-PIC object the libtool object file.
+ # Only append if the libtool object file exists.
+ test -z "$run" && cat >> ${libobj}T <<EOF
+# Name of the non-PIC object.
+non_pic_object='$objname'
+
+EOF
+ else
+ # Append the name of the non-PIC object the libtool object file.
+ # Only append if the libtool object file exists.
+ test -z "$run" && cat >> ${libobj}T <<EOF
+# Name of the non-PIC object.
+non_pic_object=none
+
+EOF
+ fi
+
+ $run $mv "${libobj}T" "${libobj}"
+
+ # Unlock the critical section if it was locked
+ if test "$need_locks" != no; then
+ $run $rm "$lockfile"
+ fi
+
+ exit $EXIT_SUCCESS
+ ;;
+
+ # libtool link mode
+ link | relink)
+ modename="$modename: link"
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*)
+ # It is impossible to link a dll without this setting, and
+ # we shouldn't force the makefile maintainer to figure out
+ # which system we are compiling for in order to pass an extra
+ # flag for every libtool invocation.
+ # allow_undefined=no
+
+ # FIXME: Unfortunately, there are problems with the above when trying
+ # to make a dll which has undefined symbols, in which case not
+ # even a static library is built. For now, we need to specify
+ # -no-undefined on the libtool link line when we can be certain
+ # that all symbols are satisfied, otherwise we get a static library.
+ allow_undefined=yes
+ ;;
+ *)
+ allow_undefined=yes
+ ;;
+ esac
+ libtool_args="$nonopt"
+ base_compile="$nonopt $@"
+ compile_command="$nonopt"
+ finalize_command="$nonopt"
+
+ compile_rpath=
+ finalize_rpath=
+ compile_shlibpath=
+ finalize_shlibpath=
+ convenience=
+ old_convenience=
+ deplibs=
+ old_deplibs=
+ compiler_flags=
+ linker_flags=
+ dllsearchpath=
+ lib_search_path=`pwd`
+ inst_prefix_dir=
+
+ avoid_version=no
+ dlfiles=
+ dlprefiles=
+ dlself=no
+ export_dynamic=no
+ export_symbols=
+ export_symbols_regex=
+ generated=
+ libobjs=
+ ltlibs=
+ module=no
+ no_install=no
+ objs=
+ non_pic_objects=
+ notinst_path= # paths that contain not-installed libtool libraries
+ precious_files_regex=
+ prefer_static_libs=no
+ preload=no
+ prev=
+ prevarg=
+ release=
+ rpath=
+ xrpath=
+ perm_rpath=
+ temp_rpath=
+ thread_safe=no
+ vinfo=
+ vinfo_number=no
+
+ func_infer_tag $base_compile
+
+ # We need to know -static, to get the right output filenames.
+ for arg
+ do
+ case $arg in
+ -all-static | -static)
+ if test "X$arg" = "X-all-static"; then
+ if test "$build_libtool_libs" = yes && test -z "$link_static_flag"; then
+ $echo "$modename: warning: complete static linking is impossible in this configuration" 1>&2
+ fi
+ if test -n "$link_static_flag"; then
+ dlopen_self=$dlopen_self_static
+ fi
+ prefer_static_libs=yes
+ else
+ if test -z "$pic_flag" && test -n "$link_static_flag"; then
+ dlopen_self=$dlopen_self_static
+ fi
+ prefer_static_libs=built
+ fi
+ build_libtool_libs=no
+ build_old_libs=yes
+ break
+ ;;
+ esac
+ done
+
+ # See if our shared archives depend on static archives.
+ test -n "$old_archive_from_new_cmds" && build_old_libs=yes
+
+ # Go through the arguments, transforming them on the way.
+ while test "$#" -gt 0; do
+ arg="$1"
+ shift
+ case $arg in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ qarg=\"`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`\" ### testsuite: skip nested quoting test
+ ;;
+ *) qarg=$arg ;;
+ esac
+ libtool_args="$libtool_args $qarg"
+
+ # If the previous option needs an argument, assign it.
+ if test -n "$prev"; then
+ case $prev in
+ output)
+ compile_command="$compile_command @OUTPUT@"
+ finalize_command="$finalize_command @OUTPUT@"
+ ;;
+ esac
+
+ case $prev in
+ dlfiles|dlprefiles)
+ if test "$preload" = no; then
+ # Add the symbol object into the linking commands.
+ compile_command="$compile_command @SYMFILE@"
+ finalize_command="$finalize_command @SYMFILE@"
+ preload=yes
+ fi
+ case $arg in
+ *.la | *.lo) ;; # We handle these cases below.
+ force)
+ if test "$dlself" = no; then
+ dlself=needless
+ export_dynamic=yes
+ fi
+ prev=
+ continue
+ ;;
+ self)
+ if test "$prev" = dlprefiles; then
+ dlself=yes
+ elif test "$prev" = dlfiles && test "$dlopen_self" != yes; then
+ dlself=yes
+ else
+ dlself=needless
+ export_dynamic=yes
+ fi
+ prev=
+ continue
+ ;;
+ *)
+ if test "$prev" = dlfiles; then
+ dlfiles="$dlfiles $arg"
+ else
+ dlprefiles="$dlprefiles $arg"
+ fi
+ prev=
+ continue
+ ;;
+ esac
+ ;;
+ expsyms)
+ export_symbols="$arg"
+ if test ! -f "$arg"; then
+ $echo "$modename: symbol file \`$arg' does not exist"
+ exit $EXIT_FAILURE
+ fi
+ prev=
+ continue
+ ;;
+ expsyms_regex)
+ export_symbols_regex="$arg"
+ prev=
+ continue
+ ;;
+ inst_prefix)
+ inst_prefix_dir="$arg"
+ prev=
+ continue
+ ;;
+ precious_regex)
+ precious_files_regex="$arg"
+ prev=
+ continue
+ ;;
+ release)
+ release="-$arg"
+ prev=
+ continue
+ ;;
+ objectlist)
+ if test -f "$arg"; then
+ save_arg=$arg
+ moreargs=
+ for fil in `cat $save_arg`
+ do
+# moreargs="$moreargs $fil"
+ arg=$fil
+ # A libtool-controlled object.
+
+ # Check to see that this really is a libtool object.
+ if (${SED} -e '2q' $arg | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then
+ pic_object=
+ non_pic_object=
+
+ # Read the .lo file
+ # If there is no directory component, then add one.
+ case $arg in
+ */* | *\\*) . $arg ;;
+ *) . ./$arg ;;
+ esac
+
+ if test -z "$pic_object" || \
+ test -z "$non_pic_object" ||
+ test "$pic_object" = none && \
+ test "$non_pic_object" = none; then
+ $echo "$modename: cannot find name of object for \`$arg'" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # Extract subdirectory from the argument.
+ xdir=`$echo "X$arg" | $Xsed -e 's%/[^/]*$%%'`
+ if test "X$xdir" = "X$arg"; then
+ xdir=
+ else
+ xdir="$xdir/"
+ fi
+
+ if test "$pic_object" != none; then
+ # Prepend the subdirectory the object is found in.
+ pic_object="$xdir$pic_object"
+
+ if test "$prev" = dlfiles; then
+ if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then
+ dlfiles="$dlfiles $pic_object"
+ prev=
+ continue
+ else
+ # If libtool objects are unsupported, then we need to preload.
+ prev=dlprefiles
+ fi
+ fi
+
+ # CHECK ME: I think I busted this. -Ossama
+ if test "$prev" = dlprefiles; then
+ # Preload the old-style object.
+ dlprefiles="$dlprefiles $pic_object"
+ prev=
+ fi
+
+ # A PIC object.
+ libobjs="$libobjs $pic_object"
+ arg="$pic_object"
+ fi
+
+ # Non-PIC object.
+ if test "$non_pic_object" != none; then
+ # Prepend the subdirectory the object is found in.
+ non_pic_object="$xdir$non_pic_object"
+
+ # A standard non-PIC object
+ non_pic_objects="$non_pic_objects $non_pic_object"
+ if test -z "$pic_object" || test "$pic_object" = none ; then
+ arg="$non_pic_object"
+ fi
+ else
+ # If the PIC object exists, use it instead.
+ # $xdir was prepended to $pic_object above.
+ non_pic_object="$pic_object"
+ non_pic_objects="$non_pic_objects $non_pic_object"
+ fi
+ else
+ # Only an error if not doing a dry-run.
+ if test -z "$run"; then
+ $echo "$modename: \`$arg' is not a valid libtool object" 1>&2
+ exit $EXIT_FAILURE
+ else
+ # Dry-run case.
+
+ # Extract subdirectory from the argument.
+ xdir=`$echo "X$arg" | $Xsed -e 's%/[^/]*$%%'`
+ if test "X$xdir" = "X$arg"; then
+ xdir=
+ else
+ xdir="$xdir/"
+ fi
+
+ pic_object=`$echo "X${xdir}${objdir}/${arg}" | $Xsed -e "$lo2o"`
+ non_pic_object=`$echo "X${xdir}${arg}" | $Xsed -e "$lo2o"`
+ libobjs="$libobjs $pic_object"
+ non_pic_objects="$non_pic_objects $non_pic_object"
+ fi
+ fi
+ done
+ else
+ $echo "$modename: link input file \`$save_arg' does not exist"
+ exit $EXIT_FAILURE
+ fi
+ arg=$save_arg
+ prev=
+ continue
+ ;;
+ rpath | xrpath)
+ # We need an absolute path.
+ case $arg in
+ [\\/]* | [A-Za-z]:[\\/]*) ;;
+ *)
+ $echo "$modename: only absolute run-paths are allowed" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+ if test "$prev" = rpath; then
+ case "$rpath " in
+ *" $arg "*) ;;
+ *) rpath="$rpath $arg" ;;
+ esac
+ else
+ case "$xrpath " in
+ *" $arg "*) ;;
+ *) xrpath="$xrpath $arg" ;;
+ esac
+ fi
+ prev=
+ continue
+ ;;
+ xcompiler)
+ compiler_flags="$compiler_flags $qarg"
+ prev=
+ compile_command="$compile_command $qarg"
+ finalize_command="$finalize_command $qarg"
+ continue
+ ;;
+ xlinker)
+ linker_flags="$linker_flags $qarg"
+ compiler_flags="$compiler_flags $wl$qarg"
+ prev=
+ compile_command="$compile_command $wl$qarg"
+ finalize_command="$finalize_command $wl$qarg"
+ continue
+ ;;
+ xcclinker)
+ linker_flags="$linker_flags $qarg"
+ compiler_flags="$compiler_flags $qarg"
+ prev=
+ compile_command="$compile_command $qarg"
+ finalize_command="$finalize_command $qarg"
+ continue
+ ;;
+ shrext)
+ shrext_cmds="$arg"
+ prev=
+ continue
+ ;;
+ darwin_framework|darwin_framework_skip)
+ test "$prev" = "darwin_framework" && compiler_flags="$compiler_flags $arg"
+ compile_command="$compile_command $arg"
+ finalize_command="$finalize_command $arg"
+ prev=
+ continue
+ ;;
+ *)
+ eval "$prev=\"\$arg\""
+ prev=
+ continue
+ ;;
+ esac
+ fi # test -n "$prev"
+
+ prevarg="$arg"
+
+ case $arg in
+ -all-static)
+ if test -n "$link_static_flag"; then
+ compile_command="$compile_command $link_static_flag"
+ finalize_command="$finalize_command $link_static_flag"
+ fi
+ continue
+ ;;
+
+ -allow-undefined)
+ # FIXME: remove this flag sometime in the future.
+ $echo "$modename: \`-allow-undefined' is deprecated because it is the default" 1>&2
+ continue
+ ;;
+
+ -avoid-version)
+ avoid_version=yes
+ continue
+ ;;
+
+ -dlopen)
+ prev=dlfiles
+ continue
+ ;;
+
+ -dlpreopen)
+ prev=dlprefiles
+ continue
+ ;;
+
+ -export-dynamic)
+ export_dynamic=yes
+ continue
+ ;;
+
+ -export-symbols | -export-symbols-regex)
+ if test -n "$export_symbols" || test -n "$export_symbols_regex"; then
+ $echo "$modename: more than one -exported-symbols argument is not allowed"
+ exit $EXIT_FAILURE
+ fi
+ if test "X$arg" = "X-export-symbols"; then
+ prev=expsyms
+ else
+ prev=expsyms_regex
+ fi
+ continue
+ ;;
+
+ -framework|-arch|-isysroot)
+ case " $CC " in
+ *" ${arg} ${1} "* | *" ${arg} ${1} "*)
+ prev=darwin_framework_skip ;;
+ *) compiler_flags="$compiler_flags $arg"
+ prev=darwin_framework ;;
+ esac
+ compile_command="$compile_command $arg"
+ finalize_command="$finalize_command $arg"
+ continue
+ ;;
+
+ -inst-prefix-dir)
+ prev=inst_prefix
+ continue
+ ;;
+
+ # The native IRIX linker understands -LANG:*, -LIST:* and -LNO:*
+ # so, if we see these flags be careful not to treat them like -L
+ -L[A-Z][A-Z]*:*)
+ case $with_gcc/$host in
+ no/*-*-irix* | /*-*-irix*)
+ compile_command="$compile_command $arg"
+ finalize_command="$finalize_command $arg"
+ ;;
+ esac
+ continue
+ ;;
+
+ -L*)
+ dir=`$echo "X$arg" | $Xsed -e 's/^-L//'`
+ # We need an absolute path.
+ case $dir in
+ [\\/]* | [A-Za-z]:[\\/]*) ;;
+ *)
+ absdir=`cd "$dir" && pwd`
+ if test -z "$absdir"; then
+ $echo "$modename: cannot determine absolute directory name of \`$dir'" 1>&2
+ absdir="$dir"
+ notinst_path="$notinst_path $dir"
+ fi
+ dir="$absdir"
+ ;;
+ esac
+ case "$deplibs " in
+ *" -L$dir "*) ;;
+ *)
+ deplibs="$deplibs -L$dir"
+ lib_search_path="$lib_search_path $dir"
+ ;;
+ esac
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*)
+ testbindir=`$echo "X$dir" | $Xsed -e 's*/lib$*/bin*'`
+ case :$dllsearchpath: in
+ *":$dir:"*) ;;
+ *) dllsearchpath="$dllsearchpath:$dir";;
+ esac
+ case :$dllsearchpath: in
+ *":$testbindir:"*) ;;
+ *) dllsearchpath="$dllsearchpath:$testbindir";;
+ esac
+ ;;
+ esac
+ continue
+ ;;
+
+ -l*)
+ if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos*)
+ # These systems don't actually have a C or math library (as such)
+ continue
+ ;;
+ *-*-os2*)
+ # These systems don't actually have a C library (as such)
+ test "X$arg" = "X-lc" && continue
+ ;;
+ *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*)
+ # Do not include libc due to us having libc/libc_r.
+ test "X$arg" = "X-lc" && continue
+ ;;
+ *-*-rhapsody* | *-*-darwin1.[012])
+ # Rhapsody C and math libraries are in the System framework
+ deplibs="$deplibs -framework System"
+ continue
+ ;;
+ *-*-sco3.2v5* | *-*-sco5v6*)
+ # Causes problems with __ctype
+ test "X$arg" = "X-lc" && continue
+ ;;
+ *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*)
+ # Compiler inserts libc in the correct place for threads to work
+ test "X$arg" = "X-lc" && continue
+ ;;
+ esac
+ elif test "X$arg" = "X-lc_r"; then
+ case $host in
+ *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*)
+ # Do not include libc_r directly, use -pthread flag.
+ continue
+ ;;
+ esac
+ fi
+ deplibs="$deplibs $arg"
+ continue
+ ;;
+
+ # Tru64 UNIX uses -model [arg] to determine the layout of C++
+ # classes, name mangling, and exception handling.
+ -model)
+ compile_command="$compile_command $arg"
+ compiler_flags="$compiler_flags $arg"
+ finalize_command="$finalize_command $arg"
+ prev=xcompiler
+ continue
+ ;;
+
+ -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe)
+ compiler_flags="$compiler_flags $arg"
+ compile_command="$compile_command $arg"
+ finalize_command="$finalize_command $arg"
+ continue
+ ;;
+
+ -module)
+ module=yes
+ continue
+ ;;
+
+ # -64, -mips[0-9] enable 64-bit mode on the SGI compiler
+ # -r[0-9][0-9]* specifies the processor on the SGI compiler
+ # -xarch=*, -xtarget=* enable 64-bit mode on the Sun compiler
+ # +DA*, +DD* enable 64-bit mode on the HP compiler
+ # -q* pass through compiler args for the IBM compiler
+ # -m* pass through architecture-specific compiler args for GCC
+ # -m*, -t[45]*, -txscale* pass through architecture-specific
+ # compiler args for GCC
+ # -pg pass through profiling flag for GCC
+ # @file GCC response files
+ -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*|-pg| \
+ -t[45]*|-txscale*|@*)
+
+ # Unknown arguments in both finalize_command and compile_command need
+ # to be aesthetically quoted because they are evaled later.
+ arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`
+ case $arg in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ arg="\"$arg\""
+ ;;
+ esac
+ compile_command="$compile_command $arg"
+ finalize_command="$finalize_command $arg"
+ compiler_flags="$compiler_flags $arg"
+ continue
+ ;;
+
+ -shrext)
+ prev=shrext
+ continue
+ ;;
+
+ -no-fast-install)
+ fast_install=no
+ continue
+ ;;
+
+ -no-install)
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*)
+ # The PATH hackery in wrapper scripts is required on Windows
+ # in order for the loader to find any dlls it needs.
+ $echo "$modename: warning: \`-no-install' is ignored for $host" 1>&2
+ $echo "$modename: warning: assuming \`-no-fast-install' instead" 1>&2
+ fast_install=no
+ ;;
+ *) no_install=yes ;;
+ esac
+ continue
+ ;;
+
+ -no-undefined)
+ allow_undefined=no
+ continue
+ ;;
+
+ -objectlist)
+ prev=objectlist
+ continue
+ ;;
+
+ -o) prev=output ;;
+
+ -precious-files-regex)
+ prev=precious_regex
+ continue
+ ;;
+
+ -release)
+ prev=release
+ continue
+ ;;
+
+ -rpath)
+ prev=rpath
+ continue
+ ;;
+
+ -R)
+ prev=xrpath
+ continue
+ ;;
+
+ -R*)
+ dir=`$echo "X$arg" | $Xsed -e 's/^-R//'`
+ # We need an absolute path.
+ case $dir in
+ [\\/]* | [A-Za-z]:[\\/]*) ;;
+ *)
+ $echo "$modename: only absolute run-paths are allowed" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+ case "$xrpath " in
+ *" $dir "*) ;;
+ *) xrpath="$xrpath $dir" ;;
+ esac
+ continue
+ ;;
+
+ -static)
+ # The effects of -static are defined in a previous loop.
+ # We used to do the same as -all-static on platforms that
+ # didn't have a PIC flag, but the assumption that the effects
+ # would be equivalent was wrong. It would break on at least
+ # Digital Unix and AIX.
+ continue
+ ;;
+
+ -thread-safe)
+ thread_safe=yes
+ continue
+ ;;
+
+ -version-info)
+ prev=vinfo
+ continue
+ ;;
+ -version-number)
+ prev=vinfo
+ vinfo_number=yes
+ continue
+ ;;
+
+ -Wc,*)
+ args=`$echo "X$arg" | $Xsed -e "$sed_quote_subst" -e 's/^-Wc,//'`
+ arg=
+ save_ifs="$IFS"; IFS=','
+ for flag in $args; do
+ IFS="$save_ifs"
+ case $flag in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ flag="\"$flag\""
+ ;;
+ esac
+ arg="$arg $wl$flag"
+ compiler_flags="$compiler_flags $flag"
+ done
+ IFS="$save_ifs"
+ arg=`$echo "X$arg" | $Xsed -e "s/^ //"`
+ ;;
+
+ -Wl,*)
+ args=`$echo "X$arg" | $Xsed -e "$sed_quote_subst" -e 's/^-Wl,//'`
+ arg=
+ save_ifs="$IFS"; IFS=','
+ for flag in $args; do
+ IFS="$save_ifs"
+ case $flag in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ flag="\"$flag\""
+ ;;
+ esac
+ arg="$arg $wl$flag"
+ compiler_flags="$compiler_flags $wl$flag"
+ linker_flags="$linker_flags $flag"
+ done
+ IFS="$save_ifs"
+ arg=`$echo "X$arg" | $Xsed -e "s/^ //"`
+ ;;
+
+ -Xcompiler)
+ prev=xcompiler
+ continue
+ ;;
+
+ -Xlinker)
+ prev=xlinker
+ continue
+ ;;
+
+ -XCClinker)
+ prev=xcclinker
+ continue
+ ;;
+
+ # Some other compiler flag.
+ -* | +*)
+ # Unknown arguments in both finalize_command and compile_command need
+ # to be aesthetically quoted because they are evaled later.
+ arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`
+ case $arg in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ arg="\"$arg\""
+ ;;
+ esac
+ ;;
+
+ *.$objext)
+ # A standard object.
+ objs="$objs $arg"
+ ;;
+
+ *.lo)
+ # A libtool-controlled object.
+
+ # Check to see that this really is a libtool object.
+ if (${SED} -e '2q' $arg | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then
+ pic_object=
+ non_pic_object=
+
+ # Read the .lo file
+ # If there is no directory component, then add one.
+ case $arg in
+ */* | *\\*) . $arg ;;
+ *) . ./$arg ;;
+ esac
+
+ if test -z "$pic_object" || \
+ test -z "$non_pic_object" ||
+ test "$pic_object" = none && \
+ test "$non_pic_object" = none; then
+ $echo "$modename: cannot find name of object for \`$arg'" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # Extract subdirectory from the argument.
+ xdir=`$echo "X$arg" | $Xsed -e 's%/[^/]*$%%'`
+ if test "X$xdir" = "X$arg"; then
+ xdir=
+ else
+ xdir="$xdir/"
+ fi
+
+ if test "$pic_object" != none; then
+ # Prepend the subdirectory the object is found in.
+ pic_object="$xdir$pic_object"
+
+ if test "$prev" = dlfiles; then
+ if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then
+ dlfiles="$dlfiles $pic_object"
+ prev=
+ continue
+ else
+ # If libtool objects are unsupported, then we need to preload.
+ prev=dlprefiles
+ fi
+ fi
+
+ # CHECK ME: I think I busted this. -Ossama
+ if test "$prev" = dlprefiles; then
+ # Preload the old-style object.
+ dlprefiles="$dlprefiles $pic_object"
+ prev=
+ fi
+
+ # A PIC object.
+ libobjs="$libobjs $pic_object"
+ arg="$pic_object"
+ fi
+
+ # Non-PIC object.
+ if test "$non_pic_object" != none; then
+ # Prepend the subdirectory the object is found in.
+ non_pic_object="$xdir$non_pic_object"
+
+ # A standard non-PIC object
+ non_pic_objects="$non_pic_objects $non_pic_object"
+ if test -z "$pic_object" || test "$pic_object" = none ; then
+ arg="$non_pic_object"
+ fi
+ else
+ # If the PIC object exists, use it instead.
+ # $xdir was prepended to $pic_object above.
+ non_pic_object="$pic_object"
+ non_pic_objects="$non_pic_objects $non_pic_object"
+ fi
+ else
+ # Only an error if not doing a dry-run.
+ if test -z "$run"; then
+ $echo "$modename: \`$arg' is not a valid libtool object" 1>&2
+ exit $EXIT_FAILURE
+ else
+ # Dry-run case.
+
+ # Extract subdirectory from the argument.
+ xdir=`$echo "X$arg" | $Xsed -e 's%/[^/]*$%%'`
+ if test "X$xdir" = "X$arg"; then
+ xdir=
+ else
+ xdir="$xdir/"
+ fi
+
+ pic_object=`$echo "X${xdir}${objdir}/${arg}" | $Xsed -e "$lo2o"`
+ non_pic_object=`$echo "X${xdir}${arg}" | $Xsed -e "$lo2o"`
+ libobjs="$libobjs $pic_object"
+ non_pic_objects="$non_pic_objects $non_pic_object"
+ fi
+ fi
+ ;;
+
+ *.$libext)
+ # An archive.
+ deplibs="$deplibs $arg"
+ old_deplibs="$old_deplibs $arg"
+ continue
+ ;;
+
+ *.la)
+ # A libtool-controlled library.
+
+ if test "$prev" = dlfiles; then
+ # This library was specified with -dlopen.
+ dlfiles="$dlfiles $arg"
+ prev=
+ elif test "$prev" = dlprefiles; then
+ # The library was specified with -dlpreopen.
+ dlprefiles="$dlprefiles $arg"
+ prev=
+ else
+ deplibs="$deplibs $arg"
+ fi
+ continue
+ ;;
+
+ # Some other compiler argument.
+ *)
+ # Unknown arguments in both finalize_command and compile_command need
+ # to be aesthetically quoted because they are evaled later.
+ arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`
+ case $arg in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ arg="\"$arg\""
+ ;;
+ esac
+ ;;
+ esac # arg
+
+ # Now actually substitute the argument into the commands.
+ if test -n "$arg"; then
+ compile_command="$compile_command $arg"
+ finalize_command="$finalize_command $arg"
+ fi
+ done # argument parsing loop
+
+ if test -n "$prev"; then
+ $echo "$modename: the \`$prevarg' option requires an argument" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then
+ eval arg=\"$export_dynamic_flag_spec\"
+ compile_command="$compile_command $arg"
+ finalize_command="$finalize_command $arg"
+ fi
+
+ oldlibs=
+ # calculate the name of the file, without its directory
+ outputname=`$echo "X$output" | $Xsed -e 's%^.*/%%'`
+ libobjs_save="$libobjs"
+
+ if test -n "$shlibpath_var"; then
+ # get the directories listed in $shlibpath_var
+ eval shlib_search_path=\`\$echo \"X\${$shlibpath_var}\" \| \$Xsed -e \'s/:/ /g\'\`
+ else
+ shlib_search_path=
+ fi
+ eval sys_lib_search_path=\"$sys_lib_search_path_spec\"
+ eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\"
+
+ output_objdir=`$echo "X$output" | $Xsed -e 's%/[^/]*$%%'`
+ if test "X$output_objdir" = "X$output"; then
+ output_objdir="$objdir"
+ else
+ output_objdir="$output_objdir/$objdir"
+ fi
+ # Create the object directory.
+ if test ! -d "$output_objdir"; then
+ $show "$mkdir $output_objdir"
+ $run $mkdir $output_objdir
+ exit_status=$?
+ if test "$exit_status" -ne 0 && test ! -d "$output_objdir"; then
+ exit $exit_status
+ fi
+ fi
+
+ # Determine the type of output
+ case $output in
+ "")
+ $echo "$modename: you must specify an output file" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ *.$libext) linkmode=oldlib ;;
+ *.lo | *.$objext) linkmode=obj ;;
+ *.la) linkmode=lib ;;
+ *) linkmode=prog ;; # Anything else should be a program.
+ esac
+
+ case $host in
+ *cygwin* | *mingw* | *pw32*)
+ # don't eliminate duplications in $postdeps and $predeps
+ duplicate_compiler_generated_deps=yes
+ ;;
+ *)
+ duplicate_compiler_generated_deps=$duplicate_deps
+ ;;
+ esac
+ specialdeplibs=
+
+ libs=
+ # Find all interdependent deplibs by searching for libraries
+ # that are linked more than once (e.g. -la -lb -la)
+ for deplib in $deplibs; do
+ if test "X$duplicate_deps" = "Xyes" ; then
+ case "$libs " in
+ *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
+ esac
+ fi
+ libs="$libs $deplib"
+ done
+
+ if test "$linkmode" = lib; then
+ libs="$predeps $libs $compiler_lib_search_path $postdeps"
+
+ # Compute libraries that are listed more than once in $predeps
+ # $postdeps and mark them as special (i.e., whose duplicates are
+ # not to be eliminated).
+ pre_post_deps=
+ if test "X$duplicate_compiler_generated_deps" = "Xyes" ; then
+ for pre_post_dep in $predeps $postdeps; do
+ case "$pre_post_deps " in
+ *" $pre_post_dep "*) specialdeplibs="$specialdeplibs $pre_post_deps" ;;
+ esac
+ pre_post_deps="$pre_post_deps $pre_post_dep"
+ done
+ fi
+ pre_post_deps=
+ fi
+
+ deplibs=
+ newdependency_libs=
+ newlib_search_path=
+ need_relink=no # whether we're linking any uninstalled libtool libraries
+ notinst_deplibs= # not-installed libtool libraries
+ case $linkmode in
+ lib)
+ passes="conv link"
+ for file in $dlfiles $dlprefiles; do
+ case $file in
+ *.la) ;;
+ *)
+ $echo "$modename: libraries can \`-dlopen' only libtool libraries: $file" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+ done
+ ;;
+ prog)
+ compile_deplibs=
+ finalize_deplibs=
+ alldeplibs=no
+ newdlfiles=
+ newdlprefiles=
+ passes="conv scan dlopen dlpreopen link"
+ ;;
+ *) passes="conv"
+ ;;
+ esac
+ for pass in $passes; do
+ if test "$linkmode,$pass" = "lib,link" ||
+ test "$linkmode,$pass" = "prog,scan"; then
+ libs="$deplibs"
+ deplibs=
+ fi
+ if test "$linkmode" = prog; then
+ case $pass in
+ dlopen) libs="$dlfiles" ;;
+ dlpreopen) libs="$dlprefiles" ;;
+ link) libs="$deplibs %DEPLIBS% $dependency_libs" ;;
+ esac
+ fi
+ if test "$pass" = dlopen; then
+ # Collect dlpreopened libraries
+ save_deplibs="$deplibs"
+ deplibs=
+ fi
+ for deplib in $libs; do
+ lib=
+ found=no
+ case $deplib in
+ -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe)
+ if test "$linkmode,$pass" = "prog,link"; then
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ else
+ compiler_flags="$compiler_flags $deplib"
+ fi
+ continue
+ ;;
+ -l*)
+ if test "$linkmode" != lib && test "$linkmode" != prog; then
+ $echo "$modename: warning: \`-l' is ignored for archives/objects" 1>&2
+ continue
+ fi
+ name=`$echo "X$deplib" | $Xsed -e 's/^-l//'`
+ for searchdir in $newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path; do
+ for search_ext in .la $std_shrext .so .a; do
+ # Search the libtool library
+ lib="$searchdir/lib${name}${search_ext}"
+ if test -f "$lib"; then
+ if test "$search_ext" = ".la"; then
+ found=yes
+ else
+ found=no
+ fi
+ break 2
+ fi
+ done
+ done
+ if test "$found" != yes; then
+ # deplib doesn't seem to be a libtool library
+ if test "$linkmode,$pass" = "prog,link"; then
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ else
+ deplibs="$deplib $deplibs"
+ test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs"
+ fi
+ continue
+ else # deplib is a libtool library
+ # If $allow_libtool_libs_with_static_runtimes && $deplib is a stdlib,
+ # We need to do some special things here, and not later.
+ if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
+ case " $predeps $postdeps " in
+ *" $deplib "*)
+ if (${SED} -e '2q' $lib |
+ grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then
+ library_names=
+ old_library=
+ case $lib in
+ */* | *\\*) . $lib ;;
+ *) . ./$lib ;;
+ esac
+ for l in $old_library $library_names; do
+ ll="$l"
+ done
+ if test "X$ll" = "X$old_library" ; then # only static version available
+ found=no
+ ladir=`$echo "X$lib" | $Xsed -e 's%/[^/]*$%%'`
+ test "X$ladir" = "X$lib" && ladir="."
+ lib=$ladir/$old_library
+ if test "$linkmode,$pass" = "prog,link"; then
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ else
+ deplibs="$deplib $deplibs"
+ test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs"
+ fi
+ continue
+ fi
+ fi
+ ;;
+ *) ;;
+ esac
+ fi
+ fi
+ ;; # -l
+ -L*)
+ case $linkmode in
+ lib)
+ deplibs="$deplib $deplibs"
+ test "$pass" = conv && continue
+ newdependency_libs="$deplib $newdependency_libs"
+ newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'`
+ ;;
+ prog)
+ if test "$pass" = conv; then
+ deplibs="$deplib $deplibs"
+ continue
+ fi
+ if test "$pass" = scan; then
+ deplibs="$deplib $deplibs"
+ else
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ fi
+ newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'`
+ ;;
+ *)
+ $echo "$modename: warning: \`-L' is ignored for archives/objects" 1>&2
+ ;;
+ esac # linkmode
+ continue
+ ;; # -L
+ -R*)
+ if test "$pass" = link; then
+ dir=`$echo "X$deplib" | $Xsed -e 's/^-R//'`
+ # Make sure the xrpath contains only unique directories.
+ case "$xrpath " in
+ *" $dir "*) ;;
+ *) xrpath="$xrpath $dir" ;;
+ esac
+ fi
+ deplibs="$deplib $deplibs"
+ continue
+ ;;
+ *.la) lib="$deplib" ;;
+ *.$libext)
+ if test "$pass" = conv; then
+ deplibs="$deplib $deplibs"
+ continue
+ fi
+ case $linkmode in
+ lib)
+ valid_a_lib=no
+ case $deplibs_check_method in
+ match_pattern*)
+ set dummy $deplibs_check_method
+ match_pattern_regex=`expr "$deplibs_check_method" : "$2 \(.*\)"`
+ if eval $echo \"$deplib\" 2>/dev/null \
+ | $SED 10q \
+ | $EGREP "$match_pattern_regex" > /dev/null; then
+ valid_a_lib=yes
+ fi
+ ;;
+ pass_all)
+ valid_a_lib=yes
+ ;;
+ esac
+ if test "$valid_a_lib" != yes; then
+ $echo
+ $echo "*** Warning: Trying to link with static lib archive $deplib."
+ $echo "*** I have the capability to make that library automatically link in when"
+ $echo "*** you link to this library. But I can only do this if you have a"
+ $echo "*** shared version of the library, which you do not appear to have"
+ $echo "*** because the file extensions .$libext of this argument makes me believe"
+ $echo "*** that it is just a static archive that I should not used here."
+ else
+ $echo
+ $echo "*** Warning: Linking the shared library $output against the"
+ $echo "*** static library $deplib is not portable!"
+ deplibs="$deplib $deplibs"
+ fi
+ continue
+ ;;
+ prog)
+ if test "$pass" != link; then
+ deplibs="$deplib $deplibs"
+ else
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ fi
+ continue
+ ;;
+ esac # linkmode
+ ;; # *.$libext
+ *.lo | *.$objext)
+ if test "$pass" = conv; then
+ deplibs="$deplib $deplibs"
+ elif test "$linkmode" = prog; then
+ if test "$pass" = dlpreopen || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then
+ # If there is no dlopen support or we're linking statically,
+ # we need to preload.
+ newdlprefiles="$newdlprefiles $deplib"
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ else
+ newdlfiles="$newdlfiles $deplib"
+ fi
+ fi
+ continue
+ ;;
+ %DEPLIBS%)
+ alldeplibs=yes
+ continue
+ ;;
+ esac # case $deplib
+ if test "$found" = yes || test -f "$lib"; then :
+ else
+ $echo "$modename: cannot find the library \`$lib' or unhandled argument \`$deplib'" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # Check to see that this really is a libtool archive.
+ if (${SED} -e '2q' $lib | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then :
+ else
+ $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ ladir=`$echo "X$lib" | $Xsed -e 's%/[^/]*$%%'`
+ test "X$ladir" = "X$lib" && ladir="."
+
+ dlname=
+ dlopen=
+ dlpreopen=
+ libdir=
+ library_names=
+ old_library=
+ # If the library was installed with an old release of libtool,
+ # it will not redefine variables installed, or shouldnotlink
+ installed=yes
+ shouldnotlink=no
+ avoidtemprpath=
+
+
+ # Read the .la file
+ case $lib in
+ */* | *\\*) . $lib ;;
+ *) . ./$lib ;;
+ esac
+
+ if test "$linkmode,$pass" = "lib,link" ||
+ test "$linkmode,$pass" = "prog,scan" ||
+ { test "$linkmode" != prog && test "$linkmode" != lib; }; then
+ test -n "$dlopen" && dlfiles="$dlfiles $dlopen"
+ test -n "$dlpreopen" && dlprefiles="$dlprefiles $dlpreopen"
+ fi
+
+ if test "$pass" = conv; then
+ # Only check for convenience libraries
+ deplibs="$lib $deplibs"
+ if test -z "$libdir"; then
+ if test -z "$old_library"; then
+ $echo "$modename: cannot find name of link library for \`$lib'" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ # It is a libtool convenience library, so add in its objects.
+ convenience="$convenience $ladir/$objdir/$old_library"
+ old_convenience="$old_convenience $ladir/$objdir/$old_library"
+ tmp_libs=
+ for deplib in $dependency_libs; do
+ deplibs="$deplib $deplibs"
+ if test "X$duplicate_deps" = "Xyes" ; then
+ case "$tmp_libs " in
+ *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
+ esac
+ fi
+ tmp_libs="$tmp_libs $deplib"
+ done
+ elif test "$linkmode" != prog && test "$linkmode" != lib; then
+ $echo "$modename: \`$lib' is not a convenience library" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ continue
+ fi # $pass = conv
+
+
+ # Get the name of the library we link against.
+ linklib=
+ for l in $old_library $library_names; do
+ linklib="$l"
+ done
+ if test -z "$linklib"; then
+ $echo "$modename: cannot find name of link library for \`$lib'" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # This library was specified with -dlopen.
+ if test "$pass" = dlopen; then
+ if test -z "$libdir"; then
+ $echo "$modename: cannot -dlopen a convenience library: \`$lib'" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ if test -z "$dlname" ||
+ test "$dlopen_support" != yes ||
+ test "$build_libtool_libs" = no; then
+ # If there is no dlname, no dlopen support or we're linking
+ # statically, we need to preload. We also need to preload any
+ # dependent libraries so libltdl's deplib preloader doesn't
+ # bomb out in the load deplibs phase.
+ dlprefiles="$dlprefiles $lib $dependency_libs"
+ else
+ newdlfiles="$newdlfiles $lib"
+ fi
+ continue
+ fi # $pass = dlopen
+
+ # We need an absolute path.
+ case $ladir in
+ [\\/]* | [A-Za-z]:[\\/]*) abs_ladir="$ladir" ;;
+ *)
+ abs_ladir=`cd "$ladir" && pwd`
+ if test -z "$abs_ladir"; then
+ $echo "$modename: warning: cannot determine absolute directory name of \`$ladir'" 1>&2
+ $echo "$modename: passing it literally to the linker, although it might fail" 1>&2
+ abs_ladir="$ladir"
+ fi
+ ;;
+ esac
+ laname=`$echo "X$lib" | $Xsed -e 's%^.*/%%'`
+
+ # Find the relevant object directory and library name.
+ if test "X$installed" = Xyes; then
+ if test ! -f "$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then
+ $echo "$modename: warning: library \`$lib' was moved." 1>&2
+ dir="$ladir"
+ absdir="$abs_ladir"
+ libdir="$abs_ladir"
+ else
+ dir="$libdir"
+ absdir="$libdir"
+ fi
+ test "X$hardcode_automatic" = Xyes && avoidtemprpath=yes
+ else
+ if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then
+ dir="$ladir"
+ absdir="$abs_ladir"
+ # Remove this search path later
+ notinst_path="$notinst_path $abs_ladir"
+ else
+ dir="$ladir/$objdir"
+ absdir="$abs_ladir/$objdir"
+ # Remove this search path later
+ notinst_path="$notinst_path $abs_ladir"
+ fi
+ fi # $installed = yes
+ name=`$echo "X$laname" | $Xsed -e 's/\.la$//' -e 's/^lib//'`
+
+ # This library was specified with -dlpreopen.
+ if test "$pass" = dlpreopen; then
+ if test -z "$libdir"; then
+ $echo "$modename: cannot -dlpreopen a convenience library: \`$lib'" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ # Prefer using a static library (so that no silly _DYNAMIC symbols
+ # are required to link).
+ if test -n "$old_library"; then
+ newdlprefiles="$newdlprefiles $dir/$old_library"
+ # Otherwise, use the dlname, so that lt_dlopen finds it.
+ elif test -n "$dlname"; then
+ newdlprefiles="$newdlprefiles $dir/$dlname"
+ else
+ newdlprefiles="$newdlprefiles $dir/$linklib"
+ fi
+ fi # $pass = dlpreopen
+
+ if test -z "$libdir"; then
+ # Link the convenience library
+ if test "$linkmode" = lib; then
+ deplibs="$dir/$old_library $deplibs"
+ elif test "$linkmode,$pass" = "prog,link"; then
+ compile_deplibs="$dir/$old_library $compile_deplibs"
+ finalize_deplibs="$dir/$old_library $finalize_deplibs"
+ else
+ deplibs="$lib $deplibs" # used for prog,scan pass
+ fi
+ continue
+ fi
+
+
+ if test "$linkmode" = prog && test "$pass" != link; then
+ newlib_search_path="$newlib_search_path $ladir"
+ deplibs="$lib $deplibs"
+
+ linkalldeplibs=no
+ if test "$link_all_deplibs" != no || test -z "$library_names" ||
+ test "$build_libtool_libs" = no; then
+ linkalldeplibs=yes
+ fi
+
+ tmp_libs=
+ for deplib in $dependency_libs; do
+ case $deplib in
+ -L*) newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'`;; ### testsuite: skip nested quoting test
+ esac
+ # Need to link against all dependency_libs?
+ if test "$linkalldeplibs" = yes; then
+ deplibs="$deplib $deplibs"
+ else
+ # Need to hardcode shared library paths
+ # or/and link against static libraries
+ newdependency_libs="$deplib $newdependency_libs"
+ fi
+ if test "X$duplicate_deps" = "Xyes" ; then
+ case "$tmp_libs " in
+ *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
+ esac
+ fi
+ tmp_libs="$tmp_libs $deplib"
+ done # for deplib
+ continue
+ fi # $linkmode = prog...
+
+ if test "$linkmode,$pass" = "prog,link"; then
+ if test -n "$library_names" &&
+ { test "$prefer_static_libs" = no || test -z "$old_library"; }; then
+ # We need to hardcode the library path
+ if test -n "$shlibpath_var" && test -z "$avoidtemprpath" ; then
+ # Make sure the rpath contains only unique directories.
+ case "$temp_rpath " in
+ *" $dir "*) ;;
+ *" $absdir "*) ;;
+ *) temp_rpath="$temp_rpath $absdir" ;;
+ esac
+ fi
+
+ # Hardcode the library path.
+ # Skip directories that are in the system default run-time
+ # search path.
+ case " $sys_lib_dlsearch_path " in
+ *" $absdir "*) ;;
+ *)
+ case "$compile_rpath " in
+ *" $absdir "*) ;;
+ *) compile_rpath="$compile_rpath $absdir"
+ esac
+ ;;
+ esac
+ case " $sys_lib_dlsearch_path " in
+ *" $libdir "*) ;;
+ *)
+ case "$finalize_rpath " in
+ *" $libdir "*) ;;
+ *) finalize_rpath="$finalize_rpath $libdir"
+ esac
+ ;;
+ esac
+ fi # $linkmode,$pass = prog,link...
+
+ if test "$alldeplibs" = yes &&
+ { test "$deplibs_check_method" = pass_all ||
+ { test "$build_libtool_libs" = yes &&
+ test -n "$library_names"; }; }; then
+ # We only need to search for static libraries
+ continue
+ fi
+ fi
+
+ link_static=no # Whether the deplib will be linked statically
+ use_static_libs=$prefer_static_libs
+ if test "$use_static_libs" = built && test "$installed" = yes ; then
+ use_static_libs=no
+ fi
+ if test -n "$library_names" &&
+ { test "$use_static_libs" = no || test -z "$old_library"; }; then
+ if test "$installed" = no; then
+ notinst_deplibs="$notinst_deplibs $lib"
+ need_relink=yes
+ fi
+ # This is a shared library
+
+ # Warn about portability, can't link against -module's on
+ # some systems (darwin)
+ if test "$shouldnotlink" = yes && test "$pass" = link ; then
+ $echo
+ if test "$linkmode" = prog; then
+ $echo "*** Warning: Linking the executable $output against the loadable module"
+ else
+ $echo "*** Warning: Linking the shared library $output against the loadable module"
+ fi
+ $echo "*** $linklib is not portable!"
+ fi
+ if test "$linkmode" = lib &&
+ test "$hardcode_into_libs" = yes; then
+ # Hardcode the library path.
+ # Skip directories that are in the system default run-time
+ # search path.
+ case " $sys_lib_dlsearch_path " in
+ *" $absdir "*) ;;
+ *)
+ case "$compile_rpath " in
+ *" $absdir "*) ;;
+ *) compile_rpath="$compile_rpath $absdir"
+ esac
+ ;;
+ esac
+ case " $sys_lib_dlsearch_path " in
+ *" $libdir "*) ;;
+ *)
+ case "$finalize_rpath " in
+ *" $libdir "*) ;;
+ *) finalize_rpath="$finalize_rpath $libdir"
+ esac
+ ;;
+ esac
+ fi
+
+ if test -n "$old_archive_from_expsyms_cmds"; then
+ # figure out the soname
+ set dummy $library_names
+ realname="$2"
+ shift; shift
+ libname=`eval \\$echo \"$libname_spec\"`
+ # use dlname if we got it. it's perfectly good, no?
+ if test -n "$dlname"; then
+ soname="$dlname"
+ elif test -n "$soname_spec"; then
+ # bleh windows
+ case $host in
+ *cygwin* | mingw*)
+ major=`expr $current - $age`
+ versuffix="-$major"
+ ;;
+ esac
+ eval soname=\"$soname_spec\"
+ else
+ soname="$realname"
+ fi
+
+ # Make a new name for the extract_expsyms_cmds to use
+ soroot="$soname"
+ soname=`$echo $soroot | ${SED} -e 's/^.*\///'`
+ newlib="libimp-`$echo $soname | ${SED} 's/^lib//;s/\.dll$//'`.a"
+
+ # If the library has no export list, then create one now
+ if test -f "$output_objdir/$soname-def"; then :
+ else
+ $show "extracting exported symbol list from \`$soname'"
+ save_ifs="$IFS"; IFS='~'
+ cmds=$extract_expsyms_cmds
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ $show "$cmd"
+ $run eval "$cmd" || exit $?
+ done
+ IFS="$save_ifs"
+ fi
+
+ # Create $newlib
+ if test -f "$output_objdir/$newlib"; then :; else
+ $show "generating import library for \`$soname'"
+ save_ifs="$IFS"; IFS='~'
+ cmds=$old_archive_from_expsyms_cmds
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ $show "$cmd"
+ $run eval "$cmd" || exit $?
+ done
+ IFS="$save_ifs"
+ fi
+ # make sure the library variables are pointing to the new library
+ dir=$output_objdir
+ linklib=$newlib
+ fi # test -n "$old_archive_from_expsyms_cmds"
+
+ if test "$linkmode" = prog || test "$mode" != relink; then
+ add_shlibpath=
+ add_dir=
+ add=
+ lib_linked=yes
+ case $hardcode_action in
+ immediate | unsupported)
+ if test "$hardcode_direct" = no; then
+ add="$dir/$linklib"
+ case $host in
+ *-*-sco3.2v5.0.[024]*) add_dir="-L$dir" ;;
+ *-*-sysv4*uw2*) add_dir="-L$dir" ;;
+ *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \
+ *-*-unixware7*) add_dir="-L$dir" ;;
+ *-*-darwin* )
+ # if the lib is a module then we can not link against
+ # it, someone is ignoring the new warnings I added
+ if /usr/bin/file -L $add 2> /dev/null |
+ $EGREP ": [^:]* bundle" >/dev/null ; then
+ $echo "** Warning, lib $linklib is a module, not a shared library"
+ if test -z "$old_library" ; then
+ $echo
+ $echo "** And there doesn't seem to be a static archive available"
+ $echo "** The link will probably fail, sorry"
+ else
+ add="$dir/$old_library"
+ fi
+ fi
+ esac
+ elif test "$hardcode_minus_L" = no; then
+ case $host in
+ *-*-sunos*) add_shlibpath="$dir" ;;
+ esac
+ add_dir="-L$dir"
+ add="-l$name"
+ elif test "$hardcode_shlibpath_var" = no; then
+ add_shlibpath="$dir"
+ add="-l$name"
+ else
+ lib_linked=no
+ fi
+ ;;
+ relink)
+ if test "$hardcode_direct" = yes; then
+ add="$dir/$linklib"
+ elif test "$hardcode_minus_L" = yes; then
+ add_dir="-L$dir"
+ # Try looking first in the location we're being installed to.
+ if test -n "$inst_prefix_dir"; then
+ case $libdir in
+ [\\/]*)
+ add_dir="$add_dir -L$inst_prefix_dir$libdir"
+ ;;
+ esac
+ fi
+ add="-l$name"
+ elif test "$hardcode_shlibpath_var" = yes; then
+ add_shlibpath="$dir"
+ add="-l$name"
+ else
+ lib_linked=no
+ fi
+ ;;
+ *) lib_linked=no ;;
+ esac
+
+ if test "$lib_linked" != yes; then
+ $echo "$modename: configuration error: unsupported hardcode properties"
+ exit $EXIT_FAILURE
+ fi
+
+ if test -n "$add_shlibpath"; then
+ case :$compile_shlibpath: in
+ *":$add_shlibpath:"*) ;;
+ *) compile_shlibpath="$compile_shlibpath$add_shlibpath:" ;;
+ esac
+ fi
+ if test "$linkmode" = prog; then
+ test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs"
+ test -n "$add" && compile_deplibs="$add $compile_deplibs"
+ else
+ test -n "$add_dir" && deplibs="$add_dir $deplibs"
+ test -n "$add" && deplibs="$add $deplibs"
+ if test "$hardcode_direct" != yes && \
+ test "$hardcode_minus_L" != yes && \
+ test "$hardcode_shlibpath_var" = yes; then
+ case :$finalize_shlibpath: in
+ *":$libdir:"*) ;;
+ *) finalize_shlibpath="$finalize_shlibpath$libdir:" ;;
+ esac
+ fi
+ fi
+ fi
+
+ if test "$linkmode" = prog || test "$mode" = relink; then
+ add_shlibpath=
+ add_dir=
+ add=
+ # Finalize command for both is simple: just hardcode it.
+ if test "$hardcode_direct" = yes; then
+ add="$libdir/$linklib"
+ elif test "$hardcode_minus_L" = yes; then
+ add_dir="-L$libdir"
+ add="-l$name"
+ elif test "$hardcode_shlibpath_var" = yes; then
+ case :$finalize_shlibpath: in
+ *":$libdir:"*) ;;
+ *) finalize_shlibpath="$finalize_shlibpath$libdir:" ;;
+ esac
+ add="-l$name"
+ elif test "$hardcode_automatic" = yes; then
+ if test -n "$inst_prefix_dir" &&
+ test -f "$inst_prefix_dir$libdir/$linklib" ; then
+ add="$inst_prefix_dir$libdir/$linklib"
+ else
+ add="$libdir/$linklib"
+ fi
+ else
+ # We cannot seem to hardcode it, guess we'll fake it.
+ add_dir="-L$libdir"
+ # Try looking first in the location we're being installed to.
+ if test -n "$inst_prefix_dir"; then
+ case $libdir in
+ [\\/]*)
+ add_dir="$add_dir -L$inst_prefix_dir$libdir"
+ ;;
+ esac
+ fi
+ add="-l$name"
+ fi
+
+ if test "$linkmode" = prog; then
+ test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs"
+ test -n "$add" && finalize_deplibs="$add $finalize_deplibs"
+ else
+ test -n "$add_dir" && deplibs="$add_dir $deplibs"
+ test -n "$add" && deplibs="$add $deplibs"
+ fi
+ fi
+ elif test "$linkmode" = prog; then
+ # Here we assume that one of hardcode_direct or hardcode_minus_L
+ # is not unsupported. This is valid on all known static and
+ # shared platforms.
+ if test "$hardcode_direct" != unsupported; then
+ test -n "$old_library" && linklib="$old_library"
+ compile_deplibs="$dir/$linklib $compile_deplibs"
+ finalize_deplibs="$dir/$linklib $finalize_deplibs"
+ else
+ compile_deplibs="-l$name -L$dir $compile_deplibs"
+ finalize_deplibs="-l$name -L$dir $finalize_deplibs"
+ fi
+ elif test "$build_libtool_libs" = yes; then
+ # Not a shared library
+ if test "$deplibs_check_method" != pass_all; then
+ # We're trying link a shared library against a static one
+ # but the system doesn't support it.
+
+ # Just print a warning and add the library to dependency_libs so
+ # that the program can be linked against the static library.
+ $echo
+ $echo "*** Warning: This system can not link to static lib archive $lib."
+ $echo "*** I have the capability to make that library automatically link in when"
+ $echo "*** you link to this library. But I can only do this if you have a"
+ $echo "*** shared version of the library, which you do not appear to have."
+ if test "$module" = yes; then
+ $echo "*** But as you try to build a module library, libtool will still create "
+ $echo "*** a static module, that should work as long as the dlopening application"
+ $echo "*** is linked with the -dlopen flag to resolve symbols at runtime."
+ if test -z "$global_symbol_pipe"; then
+ $echo
+ $echo "*** However, this would only work if libtool was able to extract symbol"
+ $echo "*** lists from a program, using \`nm' or equivalent, but libtool could"
+ $echo "*** not find such a program. So, this module is probably useless."
+ $echo "*** \`nm' from GNU binutils and a full rebuild may help."
+ fi
+ if test "$build_old_libs" = no; then
+ build_libtool_libs=module
+ build_old_libs=yes
+ else
+ build_libtool_libs=no
+ fi
+ fi
+ else
+ deplibs="$dir/$old_library $deplibs"
+ link_static=yes
+ fi
+ fi # link shared/static library?
+
+ if test "$linkmode" = lib; then
+ if test -n "$dependency_libs" &&
+ { test "$hardcode_into_libs" != yes ||
+ test "$build_old_libs" = yes ||
+ test "$link_static" = yes; }; then
+ # Extract -R from dependency_libs
+ temp_deplibs=
+ for libdir in $dependency_libs; do
+ case $libdir in
+ -R*) temp_xrpath=`$echo "X$libdir" | $Xsed -e 's/^-R//'`
+ case " $xrpath " in
+ *" $temp_xrpath "*) ;;
+ *) xrpath="$xrpath $temp_xrpath";;
+ esac;;
+ *) temp_deplibs="$temp_deplibs $libdir";;
+ esac
+ done
+ dependency_libs="$temp_deplibs"
+ fi
+
+ newlib_search_path="$newlib_search_path $absdir"
+ # Link against this library
+ test "$link_static" = no && newdependency_libs="$abs_ladir/$laname $newdependency_libs"
+ # ... and its dependency_libs
+ tmp_libs=
+ for deplib in $dependency_libs; do
+ newdependency_libs="$deplib $newdependency_libs"
+ if test "X$duplicate_deps" = "Xyes" ; then
+ case "$tmp_libs " in
+ *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
+ esac
+ fi
+ tmp_libs="$tmp_libs $deplib"
+ done
+
+ if test "$link_all_deplibs" != no; then
+ # Add the search paths of all dependency libraries
+ for deplib in $dependency_libs; do
+ case $deplib in
+ -L*) path="$deplib" ;;
+ *.la)
+ dir=`$echo "X$deplib" | $Xsed -e 's%/[^/]*$%%'`
+ test "X$dir" = "X$deplib" && dir="."
+ # We need an absolute path.
+ case $dir in
+ [\\/]* | [A-Za-z]:[\\/]*) absdir="$dir" ;;
+ *)
+ absdir=`cd "$dir" && pwd`
+ if test -z "$absdir"; then
+ $echo "$modename: warning: cannot determine absolute directory name of \`$dir'" 1>&2
+ absdir="$dir"
+ fi
+ ;;
+ esac
+ if grep "^installed=no" $deplib > /dev/null; then
+ path="$absdir/$objdir"
+ else
+ eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib`
+ if test -z "$libdir"; then
+ $echo "$modename: \`$deplib' is not a valid libtool archive" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ if test "$absdir" != "$libdir"; then
+ $echo "$modename: warning: \`$deplib' seems to be moved" 1>&2
+ fi
+ path="$absdir"
+ fi
+ depdepl=
+ case $host in
+ *-*-darwin*)
+ # we do not want to link against static libs,
+ # but need to link against shared
+ eval deplibrary_names=`${SED} -n -e 's/^library_names=\(.*\)$/\1/p' $deplib`
+ if test -n "$deplibrary_names" ; then
+ for tmp in $deplibrary_names ; do
+ depdepl=$tmp
+ done
+ if test -f "$path/$depdepl" ; then
+ depdepl="$path/$depdepl"
+ fi
+ # do not add paths which are already there
+ case " $newlib_search_path " in
+ *" $path "*) ;;
+ *) newlib_search_path="$newlib_search_path $path";;
+ esac
+ fi
+ path=""
+ ;;
+ *)
+ path="-L$path"
+ ;;
+ esac
+ ;;
+ -l*)
+ case $host in
+ *-*-darwin*)
+ # Again, we only want to link against shared libraries
+ eval tmp_libs=`$echo "X$deplib" | $Xsed -e "s,^\-l,,"`
+ for tmp in $newlib_search_path ; do
+ if test -f "$tmp/lib$tmp_libs.dylib" ; then
+ eval depdepl="$tmp/lib$tmp_libs.dylib"
+ break
+ fi
+ done
+ path=""
+ ;;
+ *) continue ;;
+ esac
+ ;;
+ *) continue ;;
+ esac
+ case " $deplibs " in
+ *" $path "*) ;;
+ *) deplibs="$path $deplibs" ;;
+ esac
+ case " $deplibs " in
+ *" $depdepl "*) ;;
+ *) deplibs="$depdepl $deplibs" ;;
+ esac
+ done
+ fi # link_all_deplibs != no
+ fi # linkmode = lib
+ done # for deplib in $libs
+ dependency_libs="$newdependency_libs"
+ if test "$pass" = dlpreopen; then
+ # Link the dlpreopened libraries before other libraries
+ for deplib in $save_deplibs; do
+ deplibs="$deplib $deplibs"
+ done
+ fi
+ if test "$pass" != dlopen; then
+ if test "$pass" != conv; then
+ # Make sure lib_search_path contains only unique directories.
+ lib_search_path=
+ for dir in $newlib_search_path; do
+ case "$lib_search_path " in
+ *" $dir "*) ;;
+ *) lib_search_path="$lib_search_path $dir" ;;
+ esac
+ done
+ newlib_search_path=
+ fi
+
+ if test "$linkmode,$pass" != "prog,link"; then
+ vars="deplibs"
+ else
+ vars="compile_deplibs finalize_deplibs"
+ fi
+ for var in $vars dependency_libs; do
+ # Add libraries to $var in reverse order
+ eval tmp_libs=\"\$$var\"
+ new_libs=
+ for deplib in $tmp_libs; do
+ # FIXME: Pedantically, this is the right thing to do, so
+ # that some nasty dependency loop isn't accidentally
+ # broken:
+ #new_libs="$deplib $new_libs"
+ # Pragmatically, this seems to cause very few problems in
+ # practice:
+ case $deplib in
+ -L*) new_libs="$deplib $new_libs" ;;
+ -R*) ;;
+ *)
+ # And here is the reason: when a library appears more
+ # than once as an explicit dependence of a library, or
+ # is implicitly linked in more than once by the
+ # compiler, it is considered special, and multiple
+ # occurrences thereof are not removed. Compare this
+ # with having the same library being listed as a
+ # dependency of multiple other libraries: in this case,
+ # we know (pedantically, we assume) the library does not
+ # need to be listed more than once, so we keep only the
+ # last copy. This is not always right, but it is rare
+ # enough that we require users that really mean to play
+ # such unportable linking tricks to link the library
+ # using -Wl,-lname, so that libtool does not consider it
+ # for duplicate removal.
+ case " $specialdeplibs " in
+ *" $deplib "*) new_libs="$deplib $new_libs" ;;
+ *)
+ case " $new_libs " in
+ *" $deplib "*) ;;
+ *) new_libs="$deplib $new_libs" ;;
+ esac
+ ;;
+ esac
+ ;;
+ esac
+ done
+ tmp_libs=
+ for deplib in $new_libs; do
+ case $deplib in
+ -L*)
+ case " $tmp_libs " in
+ *" $deplib "*) ;;
+ *) tmp_libs="$tmp_libs $deplib" ;;
+ esac
+ ;;
+ *) tmp_libs="$tmp_libs $deplib" ;;
+ esac
+ done
+ eval $var=\"$tmp_libs\"
+ done # for var
+ fi
+ # Last step: remove runtime libs from dependency_libs
+ # (they stay in deplibs)
+ tmp_libs=
+ for i in $dependency_libs ; do
+ case " $predeps $postdeps $compiler_lib_search_path " in
+ *" $i "*)
+ i=""
+ ;;
+ esac
+ if test -n "$i" ; then
+ tmp_libs="$tmp_libs $i"
+ fi
+ done
+ dependency_libs=$tmp_libs
+ done # for pass
+ if test "$linkmode" = prog; then
+ dlfiles="$newdlfiles"
+ dlprefiles="$newdlprefiles"
+ fi
+
+ case $linkmode in
+ oldlib)
+ if test -n "$deplibs"; then
+ $echo "$modename: warning: \`-l' and \`-L' are ignored for archives" 1>&2
+ fi
+
+ if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
+ $echo "$modename: warning: \`-dlopen' is ignored for archives" 1>&2
+ fi
+
+ if test -n "$rpath"; then
+ $echo "$modename: warning: \`-rpath' is ignored for archives" 1>&2
+ fi
+
+ if test -n "$xrpath"; then
+ $echo "$modename: warning: \`-R' is ignored for archives" 1>&2
+ fi
+
+ if test -n "$vinfo"; then
+ $echo "$modename: warning: \`-version-info/-version-number' is ignored for archives" 1>&2
+ fi
+
+ if test -n "$release"; then
+ $echo "$modename: warning: \`-release' is ignored for archives" 1>&2
+ fi
+
+ if test -n "$export_symbols" || test -n "$export_symbols_regex"; then
+ $echo "$modename: warning: \`-export-symbols' is ignored for archives" 1>&2
+ fi
+
+ # Now set the variables for building old libraries.
+ build_libtool_libs=no
+ oldlibs="$output"
+ objs="$objs$old_deplibs"
+ ;;
+
+ lib)
+ # Make sure we only generate libraries of the form `libNAME.la'.
+ case $outputname in
+ lib*)
+ name=`$echo "X$outputname" | $Xsed -e 's/\.la$//' -e 's/^lib//'`
+ eval shared_ext=\"$shrext_cmds\"
+ eval libname=\"$libname_spec\"
+ ;;
+ *)
+ if test "$module" = no; then
+ $echo "$modename: libtool library \`$output' must begin with \`lib'" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ if test "$need_lib_prefix" != no; then
+ # Add the "lib" prefix for modules if required
+ name=`$echo "X$outputname" | $Xsed -e 's/\.la$//'`
+ eval shared_ext=\"$shrext_cmds\"
+ eval libname=\"$libname_spec\"
+ else
+ libname=`$echo "X$outputname" | $Xsed -e 's/\.la$//'`
+ fi
+ ;;
+ esac
+
+ if test -n "$objs"; then
+ if test "$deplibs_check_method" != pass_all; then
+ $echo "$modename: cannot build libtool library \`$output' from non-libtool objects on this host:$objs" 2>&1
+ exit $EXIT_FAILURE
+ else
+ $echo
+ $echo "*** Warning: Linking the shared library $output against the non-libtool"
+ $echo "*** objects $objs is not portable!"
+ libobjs="$libobjs $objs"
+ fi
+ fi
+
+ if test "$dlself" != no; then
+ $echo "$modename: warning: \`-dlopen self' is ignored for libtool libraries" 1>&2
+ fi
+
+ set dummy $rpath
+ if test "$#" -gt 2; then
+ $echo "$modename: warning: ignoring multiple \`-rpath's for a libtool library" 1>&2
+ fi
+ install_libdir="$2"
+
+ oldlibs=
+ if test -z "$rpath"; then
+ if test "$build_libtool_libs" = yes; then
+ # Building a libtool convenience library.
+ # Some compilers have problems with a `.al' extension so
+ # convenience libraries should have the same extension an
+ # archive normally would.
+ oldlibs="$output_objdir/$libname.$libext $oldlibs"
+ build_libtool_libs=convenience
+ build_old_libs=yes
+ fi
+
+ if test -n "$vinfo"; then
+ $echo "$modename: warning: \`-version-info/-version-number' is ignored for convenience libraries" 1>&2
+ fi
+
+ if test -n "$release"; then
+ $echo "$modename: warning: \`-release' is ignored for convenience libraries" 1>&2
+ fi
+ else
+
+ # Parse the version information argument.
+ save_ifs="$IFS"; IFS=':'
+ set dummy $vinfo 0 0 0
+ IFS="$save_ifs"
+
+ if test -n "$8"; then
+ $echo "$modename: too many parameters to \`-version-info'" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # convert absolute version numbers to libtool ages
+ # this retains compatibility with .la files and attempts
+ # to make the code below a bit more comprehensible
+
+ case $vinfo_number in
+ yes)
+ number_major="$2"
+ number_minor="$3"
+ number_revision="$4"
+ #
+ # There are really only two kinds -- those that
+ # use the current revision as the major version
+ # and those that subtract age and use age as
+ # a minor version. But, then there is irix
+ # which has an extra 1 added just for fun
+ #
+ case $version_type in
+ darwin|linux|osf|windows)
+ current=`expr $number_major + $number_minor`
+ age="$number_minor"
+ revision="$number_revision"
+ ;;
+ freebsd-aout|freebsd-elf|sunos)
+ current="$number_major"
+ revision="$number_minor"
+ age="0"
+ ;;
+ irix|nonstopux)
+ current=`expr $number_major + $number_minor - 1`
+ age="$number_minor"
+ revision="$number_minor"
+ ;;
+ esac
+ ;;
+ no)
+ current="$2"
+ revision="$3"
+ age="$4"
+ ;;
+ esac
+
+ # Check that each of the things are valid numbers.
+ case $current in
+ 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
+ *)
+ $echo "$modename: CURRENT \`$current' must be a nonnegative integer" 1>&2
+ $echo "$modename: \`$vinfo' is not valid version information" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+
+ case $revision in
+ 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
+ *)
+ $echo "$modename: REVISION \`$revision' must be a nonnegative integer" 1>&2
+ $echo "$modename: \`$vinfo' is not valid version information" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+
+ case $age in
+ 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
+ *)
+ $echo "$modename: AGE \`$age' must be a nonnegative integer" 1>&2
+ $echo "$modename: \`$vinfo' is not valid version information" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+
+ if test "$age" -gt "$current"; then
+ $echo "$modename: AGE \`$age' is greater than the current interface number \`$current'" 1>&2
+ $echo "$modename: \`$vinfo' is not valid version information" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # Calculate the version variables.
+ major=
+ versuffix=
+ verstring=
+ case $version_type in
+ none) ;;
+
+ darwin)
+ # Like Linux, but with the current version available in
+ # verstring for coding it into the library header
+ major=.`expr $current - $age`
+ versuffix="$major.$age.$revision"
+ # Darwin ld doesn't like 0 for these options...
+ minor_current=`expr $current + 1`
+ verstring="${wl}-compatibility_version ${wl}$minor_current ${wl}-current_version ${wl}$minor_current.$revision"
+ ;;
+
+ freebsd-aout)
+ major=".$current"
+ versuffix=".$current.$revision";
+ ;;
+
+ freebsd-elf)
+ major=".$current"
+ versuffix=".$current";
+ ;;
+
+ irix | nonstopux)
+ major=`expr $current - $age + 1`
+
+ case $version_type in
+ nonstopux) verstring_prefix=nonstopux ;;
+ *) verstring_prefix=sgi ;;
+ esac
+ verstring="$verstring_prefix$major.$revision"
+
+ # Add in all the interfaces that we are compatible with.
+ loop=$revision
+ while test "$loop" -ne 0; do
+ iface=`expr $revision - $loop`
+ loop=`expr $loop - 1`
+ verstring="$verstring_prefix$major.$iface:$verstring"
+ done
+
+ # Before this point, $major must not contain `.'.
+ major=.$major
+ versuffix="$major.$revision"
+ ;;
+
+ linux)
+ major=.`expr $current - $age`
+ versuffix="$major.$age.$revision"
+ ;;
+
+ osf)
+ major=.`expr $current - $age`
+ versuffix=".$current.$age.$revision"
+ verstring="$current.$age.$revision"
+
+ # Add in all the interfaces that we are compatible with.
+ loop=$age
+ while test "$loop" -ne 0; do
+ iface=`expr $current - $loop`
+ loop=`expr $loop - 1`
+ verstring="$verstring:${iface}.0"
+ done
+
+ # Make executables depend on our current version.
+ verstring="$verstring:${current}.0"
+ ;;
+
+ sunos)
+ major=".$current"
+ versuffix=".$current.$revision"
+ ;;
+
+ windows)
+ # Use '-' rather than '.', since we only want one
+ # extension on DOS 8.3 filesystems.
+ major=`expr $current - $age`
+ versuffix="-$major"
+ ;;
+
+ *)
+ $echo "$modename: unknown library version type \`$version_type'" 1>&2
+ $echo "Fatal configuration error. See the $PACKAGE docs for more information." 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+
+ # Clear the version info if we defaulted, and they specified a release.
+ if test -z "$vinfo" && test -n "$release"; then
+ major=
+ case $version_type in
+ darwin)
+ # we can't check for "0.0" in archive_cmds due to quoting
+ # problems, so we reset it completely
+ verstring=
+ ;;
+ *)
+ verstring="0.0"
+ ;;
+ esac
+ if test "$need_version" = no; then
+ versuffix=
+ else
+ versuffix=".0.0"
+ fi
+ fi
+
+ # Remove version info from name if versioning should be avoided
+ if test "$avoid_version" = yes && test "$need_version" = no; then
+ major=
+ versuffix=
+ verstring=""
+ fi
+
+ # Check to see if the archive will have undefined symbols.
+ if test "$allow_undefined" = yes; then
+ if test "$allow_undefined_flag" = unsupported; then
+ $echo "$modename: warning: undefined symbols not allowed in $host shared libraries" 1>&2
+ build_libtool_libs=no
+ build_old_libs=yes
+ fi
+ else
+ # Don't allow undefined symbols.
+ allow_undefined_flag="$no_undefined_flag"
+ fi
+ fi
+
+ if test "$mode" != relink; then
+ # Remove our outputs, but don't remove object files since they
+ # may have been created when compiling PIC objects.
+ removelist=
+ tempremovelist=`$echo "$output_objdir/*"`
+ for p in $tempremovelist; do
+ case $p in
+ *.$objext)
+ ;;
+ $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/${libname}${release}.*)
+ if test "X$precious_files_regex" != "X"; then
+ if echo $p | $EGREP -e "$precious_files_regex" >/dev/null 2>&1
+ then
+ continue
+ fi
+ fi
+ removelist="$removelist $p"
+ ;;
+ *) ;;
+ esac
+ done
+ if test -n "$removelist"; then
+ $show "${rm}r $removelist"
+ $run ${rm}r $removelist
+ fi
+ fi
+
+ # Now set the variables for building old libraries.
+ if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then
+ oldlibs="$oldlibs $output_objdir/$libname.$libext"
+
+ # Transform .lo files to .o files.
+ oldobjs="$objs "`$echo "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}'$/d' -e "$lo2o" | $NL2SP`
+ fi
+
+ # Eliminate all temporary directories.
+ for path in $notinst_path; do
+ lib_search_path=`$echo "$lib_search_path " | ${SED} -e "s% $path % %g"`
+ deplibs=`$echo "$deplibs " | ${SED} -e "s% -L$path % %g"`
+ dependency_libs=`$echo "$dependency_libs " | ${SED} -e "s% -L$path % %g"`
+ done
+
+ if test -n "$xrpath"; then
+ # If the user specified any rpath flags, then add them.
+ temp_xrpath=
+ for libdir in $xrpath; do
+ temp_xrpath="$temp_xrpath -R$libdir"
+ case "$finalize_rpath " in
+ *" $libdir "*) ;;
+ *) finalize_rpath="$finalize_rpath $libdir" ;;
+ esac
+ done
+ if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then
+ dependency_libs="$temp_xrpath $dependency_libs"
+ fi
+ fi
+
+ # Make sure dlfiles contains only unique files that won't be dlpreopened
+ old_dlfiles="$dlfiles"
+ dlfiles=
+ for lib in $old_dlfiles; do
+ case " $dlprefiles $dlfiles " in
+ *" $lib "*) ;;
+ *) dlfiles="$dlfiles $lib" ;;
+ esac
+ done
+
+ # Make sure dlprefiles contains only unique files
+ old_dlprefiles="$dlprefiles"
+ dlprefiles=
+ for lib in $old_dlprefiles; do
+ case "$dlprefiles " in
+ *" $lib "*) ;;
+ *) dlprefiles="$dlprefiles $lib" ;;
+ esac
+ done
+
+ if test "$build_libtool_libs" = yes; then
+ if test -n "$rpath"; then
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos*)
+ # these systems don't actually have a c library (as such)!
+ ;;
+ *-*-rhapsody* | *-*-darwin1.[012])
+ # Rhapsody C library is in the System framework
+ deplibs="$deplibs -framework System"
+ ;;
+ *-*-netbsd*)
+ # Don't link with libc until the a.out ld.so is fixed.
+ ;;
+ *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*)
+ # Do not include libc due to us having libc/libc_r.
+ ;;
+ *-*-sco3.2v5* | *-*-sco5v6*)
+ # Causes problems with __ctype
+ ;;
+ *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*)
+ # Compiler inserts libc in the correct place for threads to work
+ ;;
+ *)
+ # Add libc to deplibs on all other systems if necessary.
+ if test "$build_libtool_need_lc" = "yes"; then
+ deplibs="$deplibs -lc"
+ fi
+ ;;
+ esac
+ fi
+
+ # Transform deplibs into only deplibs that can be linked in shared.
+ name_save=$name
+ libname_save=$libname
+ release_save=$release
+ versuffix_save=$versuffix
+ major_save=$major
+ # I'm not sure if I'm treating the release correctly. I think
+ # release should show up in the -l (ie -lgmp5) so we don't want to
+ # add it in twice. Is that correct?
+ release=""
+ versuffix=""
+ major=""
+ newdeplibs=
+ droppeddeps=no
+ case $deplibs_check_method in
+ pass_all)
+ # Don't check for shared/static. Everything works.
+ # This might be a little naive. We might want to check
+ # whether the library exists or not. But this is on
+ # osf3 & osf4 and I'm not really sure... Just
+ # implementing what was already the behavior.
+ newdeplibs=$deplibs
+ ;;
+ test_compile)
+ # This code stresses the "libraries are programs" paradigm to its
+ # limits. Maybe even breaks it. We compile a program, linking it
+ # against the deplibs as a proxy for the library. Then we can check
+ # whether they linked in statically or dynamically with ldd.
+ $rm conftest.c
+ cat > conftest.c <<EOF
+ int main() { return 0; }
+EOF
+ $rm conftest
+ $LTCC $LTCFLAGS -o conftest conftest.c $deplibs
+ if test "$?" -eq 0 ; then
+ ldd_output=`ldd conftest`
+ for i in $deplibs; do
+ name=`expr $i : '-l\(.*\)'`
+ # If $name is empty we are operating on a -L argument.
+ if test "$name" != "" && test "$name" -ne "0"; then
+ if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
+ case " $predeps $postdeps " in
+ *" $i "*)
+ newdeplibs="$newdeplibs $i"
+ i=""
+ ;;
+ esac
+ fi
+ if test -n "$i" ; then
+ libname=`eval \\$echo \"$libname_spec\"`
+ deplib_matches=`eval \\$echo \"$library_names_spec\"`
+ set dummy $deplib_matches
+ deplib_match=$2
+ if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then
+ newdeplibs="$newdeplibs $i"
+ else
+ droppeddeps=yes
+ $echo
+ $echo "*** Warning: dynamic linker does not accept needed library $i."
+ $echo "*** I have the capability to make that library automatically link in when"
+ $echo "*** you link to this library. But I can only do this if you have a"
+ $echo "*** shared version of the library, which I believe you do not have"
+ $echo "*** because a test_compile did reveal that the linker did not use it for"
+ $echo "*** its dynamic dependency list that programs get resolved with at runtime."
+ fi
+ fi
+ else
+ newdeplibs="$newdeplibs $i"
+ fi
+ done
+ else
+ # Error occurred in the first compile. Let's try to salvage
+ # the situation: Compile a separate program for each library.
+ for i in $deplibs; do
+ name=`expr $i : '-l\(.*\)'`
+ # If $name is empty we are operating on a -L argument.
+ if test "$name" != "" && test "$name" != "0"; then
+ $rm conftest
+ $LTCC $LTCFLAGS -o conftest conftest.c $i
+ # Did it work?
+ if test "$?" -eq 0 ; then
+ ldd_output=`ldd conftest`
+ if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
+ case " $predeps $postdeps " in
+ *" $i "*)
+ newdeplibs="$newdeplibs $i"
+ i=""
+ ;;
+ esac
+ fi
+ if test -n "$i" ; then
+ libname=`eval \\$echo \"$libname_spec\"`
+ deplib_matches=`eval \\$echo \"$library_names_spec\"`
+ set dummy $deplib_matches
+ deplib_match=$2
+ if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then
+ newdeplibs="$newdeplibs $i"
+ else
+ droppeddeps=yes
+ $echo
+ $echo "*** Warning: dynamic linker does not accept needed library $i."
+ $echo "*** I have the capability to make that library automatically link in when"
+ $echo "*** you link to this library. But I can only do this if you have a"
+ $echo "*** shared version of the library, which you do not appear to have"
+ $echo "*** because a test_compile did reveal that the linker did not use this one"
+ $echo "*** as a dynamic dependency that programs can get resolved with at runtime."
+ fi
+ fi
+ else
+ droppeddeps=yes
+ $echo
+ $echo "*** Warning! Library $i is needed by this library but I was not able to"
+ $echo "*** make it link in! You will probably need to install it or some"
+ $echo "*** library that it depends on before this library will be fully"
+ $echo "*** functional. Installing it before continuing would be even better."
+ fi
+ else
+ newdeplibs="$newdeplibs $i"
+ fi
+ done
+ fi
+ ;;
+ file_magic*)
+ set dummy $deplibs_check_method
+ file_magic_regex=`expr "$deplibs_check_method" : "$2 \(.*\)"`
+ for a_deplib in $deplibs; do
+ name=`expr $a_deplib : '-l\(.*\)'`
+ # If $name is empty we are operating on a -L argument.
+ if test "$name" != "" && test "$name" != "0"; then
+ if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
+ case " $predeps $postdeps " in
+ *" $a_deplib "*)
+ newdeplibs="$newdeplibs $a_deplib"
+ a_deplib=""
+ ;;
+ esac
+ fi
+ if test -n "$a_deplib" ; then
+ libname=`eval \\$echo \"$libname_spec\"`
+ for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do
+ potential_libs=`ls $i/$libname[.-]* 2>/dev/null`
+ for potent_lib in $potential_libs; do
+ # Follow soft links.
+ if ls -lLd "$potent_lib" 2>/dev/null \
+ | grep " -> " >/dev/null; then
+ continue
+ fi
+ # The statement above tries to avoid entering an
+ # endless loop below, in case of cyclic links.
+ # We might still enter an endless loop, since a link
+ # loop can be closed while we follow links,
+ # but so what?
+ potlib="$potent_lib"
+ while test -h "$potlib" 2>/dev/null; do
+ potliblink=`ls -ld $potlib | ${SED} 's/.* -> //'`
+ case $potliblink in
+ [\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";;
+ *) potlib=`$echo "X$potlib" | $Xsed -e 's,[^/]*$,,'`"$potliblink";;
+ esac
+ done
+ if eval $file_magic_cmd \"\$potlib\" 2>/dev/null \
+ | ${SED} 10q \
+ | $EGREP "$file_magic_regex" > /dev/null; then
+ newdeplibs="$newdeplibs $a_deplib"
+ a_deplib=""
+ break 2
+ fi
+ done
+ done
+ fi
+ if test -n "$a_deplib" ; then
+ droppeddeps=yes
+ $echo
+ $echo "*** Warning: linker path does not have real file for library $a_deplib."
+ $echo "*** I have the capability to make that library automatically link in when"
+ $echo "*** you link to this library. But I can only do this if you have a"
+ $echo "*** shared version of the library, which you do not appear to have"
+ $echo "*** because I did check the linker path looking for a file starting"
+ if test -z "$potlib" ; then
+ $echo "*** with $libname but no candidates were found. (...for file magic test)"
+ else
+ $echo "*** with $libname and none of the candidates passed a file format test"
+ $echo "*** using a file magic. Last file checked: $potlib"
+ fi
+ fi
+ else
+ # Add a -L argument.
+ newdeplibs="$newdeplibs $a_deplib"
+ fi
+ done # Gone through all deplibs.
+ ;;
+ match_pattern*)
+ set dummy $deplibs_check_method
+ match_pattern_regex=`expr "$deplibs_check_method" : "$2 \(.*\)"`
+ for a_deplib in $deplibs; do
+ name=`expr $a_deplib : '-l\(.*\)'`
+ # If $name is empty we are operating on a -L argument.
+ if test -n "$name" && test "$name" != "0"; then
+ if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
+ case " $predeps $postdeps " in
+ *" $a_deplib "*)
+ newdeplibs="$newdeplibs $a_deplib"
+ a_deplib=""
+ ;;
+ esac
+ fi
+ if test -n "$a_deplib" ; then
+ libname=`eval \\$echo \"$libname_spec\"`
+ for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do
+ potential_libs=`ls $i/$libname[.-]* 2>/dev/null`
+ for potent_lib in $potential_libs; do
+ potlib="$potent_lib" # see symlink-check above in file_magic test
+ if eval $echo \"$potent_lib\" 2>/dev/null \
+ | ${SED} 10q \
+ | $EGREP "$match_pattern_regex" > /dev/null; then
+ newdeplibs="$newdeplibs $a_deplib"
+ a_deplib=""
+ break 2
+ fi
+ done
+ done
+ fi
+ if test -n "$a_deplib" ; then
+ droppeddeps=yes
+ $echo
+ $echo "*** Warning: linker path does not have real file for library $a_deplib."
+ $echo "*** I have the capability to make that library automatically link in when"
+ $echo "*** you link to this library. But I can only do this if you have a"
+ $echo "*** shared version of the library, which you do not appear to have"
+ $echo "*** because I did check the linker path looking for a file starting"
+ if test -z "$potlib" ; then
+ $echo "*** with $libname but no candidates were found. (...for regex pattern test)"
+ else
+ $echo "*** with $libname and none of the candidates passed a file format test"
+ $echo "*** using a regex pattern. Last file checked: $potlib"
+ fi
+ fi
+ else
+ # Add a -L argument.
+ newdeplibs="$newdeplibs $a_deplib"
+ fi
+ done # Gone through all deplibs.
+ ;;
+ none | unknown | *)
+ newdeplibs=""
+ tmp_deplibs=`$echo "X $deplibs" | $Xsed -e 's/ -lc$//' \
+ -e 's/ -[LR][^ ]*//g'`
+ if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
+ for i in $predeps $postdeps ; do
+ # can't use Xsed below, because $i might contain '/'
+ tmp_deplibs=`$echo "X $tmp_deplibs" | ${SED} -e "1s,^X,," -e "s,$i,,"`
+ done
+ fi
+ if $echo "X $tmp_deplibs" | $Xsed -e 's/[ ]//g' \
+ | grep . >/dev/null; then
+ $echo
+ if test "X$deplibs_check_method" = "Xnone"; then
+ $echo "*** Warning: inter-library dependencies are not supported in this platform."
+ else
+ $echo "*** Warning: inter-library dependencies are not known to be supported."
+ fi
+ $echo "*** All declared inter-library dependencies are being dropped."
+ droppeddeps=yes
+ fi
+ ;;
+ esac
+ versuffix=$versuffix_save
+ major=$major_save
+ release=$release_save
+ libname=$libname_save
+ name=$name_save
+
+ case $host in
+ *-*-rhapsody* | *-*-darwin1.[012])
+ # On Rhapsody replace the C library is the System framework
+ newdeplibs=`$echo "X $newdeplibs" | $Xsed -e 's/ -lc / -framework System /'`
+ ;;
+ esac
+
+ if test "$droppeddeps" = yes; then
+ if test "$module" = yes; then
+ $echo
+ $echo "*** Warning: libtool could not satisfy all declared inter-library"
+ $echo "*** dependencies of module $libname. Therefore, libtool will create"
+ $echo "*** a static module, that should work as long as the dlopening"
+ $echo "*** application is linked with the -dlopen flag."
+ if test -z "$global_symbol_pipe"; then
+ $echo
+ $echo "*** However, this would only work if libtool was able to extract symbol"
+ $echo "*** lists from a program, using \`nm' or equivalent, but libtool could"
+ $echo "*** not find such a program. So, this module is probably useless."
+ $echo "*** \`nm' from GNU binutils and a full rebuild may help."
+ fi
+ if test "$build_old_libs" = no; then
+ oldlibs="$output_objdir/$libname.$libext"
+ build_libtool_libs=module
+ build_old_libs=yes
+ else
+ build_libtool_libs=no
+ fi
+ else
+ $echo "*** The inter-library dependencies that have been dropped here will be"
+ $echo "*** automatically added whenever a program is linked with this library"
+ $echo "*** or is declared to -dlopen it."
+
+ if test "$allow_undefined" = no; then
+ $echo
+ $echo "*** Since this library must not contain undefined symbols,"
+ $echo "*** because either the platform does not support them or"
+ $echo "*** it was explicitly requested with -no-undefined,"
+ $echo "*** libtool will only create a static version of it."
+ if test "$build_old_libs" = no; then
+ oldlibs="$output_objdir/$libname.$libext"
+ build_libtool_libs=module
+ build_old_libs=yes
+ else
+ build_libtool_libs=no
+ fi
+ fi
+ fi
+ fi
+ # Done checking deplibs!
+ deplibs=$newdeplibs
+ fi
+
+
+ # move library search paths that coincide with paths to not yet
+ # installed libraries to the beginning of the library search list
+ new_libs=
+ for path in $notinst_path; do
+ case " $new_libs " in
+ *" -L$path/$objdir "*) ;;
+ *)
+ case " $deplibs " in
+ *" -L$path/$objdir "*)
+ new_libs="$new_libs -L$path/$objdir" ;;
+ esac
+ ;;
+ esac
+ done
+ for deplib in $deplibs; do
+ case $deplib in
+ -L*)
+ case " $new_libs " in
+ *" $deplib "*) ;;
+ *) new_libs="$new_libs $deplib" ;;
+ esac
+ ;;
+ *) new_libs="$new_libs $deplib" ;;
+ esac
+ done
+ deplibs="$new_libs"
+
+
+ # All the library-specific variables (install_libdir is set above).
+ library_names=
+ old_library=
+ dlname=
+
+ # Test again, we may have decided not to build it any more
+ if test "$build_libtool_libs" = yes; then
+ if test "$hardcode_into_libs" = yes; then
+ # Hardcode the library paths
+ hardcode_libdirs=
+ dep_rpath=
+ rpath="$finalize_rpath"
+ test "$mode" != relink && rpath="$compile_rpath$rpath"
+ for libdir in $rpath; do
+ if test -n "$hardcode_libdir_flag_spec"; then
+ if test -n "$hardcode_libdir_separator"; then
+ if test -z "$hardcode_libdirs"; then
+ hardcode_libdirs="$libdir"
+ else
+ # Just accumulate the unique libdirs.
+ case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
+ *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+ ;;
+ *)
+ hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
+ ;;
+ esac
+ fi
+ else
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ dep_rpath="$dep_rpath $flag"
+ fi
+ elif test -n "$runpath_var"; then
+ case "$perm_rpath " in
+ *" $libdir "*) ;;
+ *) perm_rpath="$perm_rpath $libdir" ;;
+ esac
+ fi
+ done
+ # Substitute the hardcoded libdirs into the rpath.
+ if test -n "$hardcode_libdir_separator" &&
+ test -n "$hardcode_libdirs"; then
+ libdir="$hardcode_libdirs"
+ if test -n "$hardcode_libdir_flag_spec_ld"; then
+ eval dep_rpath=\"$hardcode_libdir_flag_spec_ld\"
+ else
+ eval dep_rpath=\"$hardcode_libdir_flag_spec\"
+ fi
+ fi
+ if test -n "$runpath_var" && test -n "$perm_rpath"; then
+ # We should set the runpath_var.
+ rpath=
+ for dir in $perm_rpath; do
+ rpath="$rpath$dir:"
+ done
+ eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var"
+ fi
+ test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs"
+ fi
+
+ shlibpath="$finalize_shlibpath"
+ test "$mode" != relink && shlibpath="$compile_shlibpath$shlibpath"
+ if test -n "$shlibpath"; then
+ eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var"
+ fi
+
+ # Get the real and link names of the library.
+ eval shared_ext=\"$shrext_cmds\"
+ eval library_names=\"$library_names_spec\"
+ set dummy $library_names
+ realname="$2"
+ shift; shift
+
+ if test -n "$soname_spec"; then
+ eval soname=\"$soname_spec\"
+ else
+ soname="$realname"
+ fi
+ if test -z "$dlname"; then
+ dlname=$soname
+ fi
+
+ lib="$output_objdir/$realname"
+ linknames=
+ for link
+ do
+ linknames="$linknames $link"
+ done
+
+ # Use standard objects if they are pic
+ test -z "$pic_flag" && libobjs=`$echo "X$libobjs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+
+ # Prepare the list of exported symbols
+ if test -z "$export_symbols"; then
+ if test "$always_export_symbols" = yes || test -n "$export_symbols_regex"; then
+ $show "generating symbol list for \`$libname.la'"
+ export_symbols="$output_objdir/$libname.exp"
+ $run $rm $export_symbols
+ cmds=$export_symbols_cmds
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ if len=`expr "X$cmd" : ".*"` &&
+ test "$len" -le "$max_cmd_len" || test "$max_cmd_len" -le -1; then
+ $show "$cmd"
+ $run eval "$cmd" || exit $?
+ skipped_export=false
+ else
+ # The command line is too long to execute in one step.
+ $show "using reloadable object file for export list..."
+ skipped_export=:
+ # Break out early, otherwise skipped_export may be
+ # set to false by a later but shorter cmd.
+ break
+ fi
+ done
+ IFS="$save_ifs"
+ if test -n "$export_symbols_regex"; then
+ $show "$EGREP -e \"$export_symbols_regex\" \"$export_symbols\" > \"${export_symbols}T\""
+ $run eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"'
+ $show "$mv \"${export_symbols}T\" \"$export_symbols\""
+ $run eval '$mv "${export_symbols}T" "$export_symbols"'
+ fi
+ fi
+ fi
+
+ if test -n "$export_symbols" && test -n "$include_expsyms"; then
+ $run eval '$echo "X$include_expsyms" | $SP2NL >> "$export_symbols"'
+ fi
+
+ tmp_deplibs=
+ for test_deplib in $deplibs; do
+ case " $convenience " in
+ *" $test_deplib "*) ;;
+ *)
+ tmp_deplibs="$tmp_deplibs $test_deplib"
+ ;;
+ esac
+ done
+ deplibs="$tmp_deplibs"
+
+ if test -n "$convenience"; then
+ if test -n "$whole_archive_flag_spec"; then
+ save_libobjs=$libobjs
+ eval libobjs=\"\$libobjs $whole_archive_flag_spec\"
+ else
+ gentop="$output_objdir/${outputname}x"
+ generated="$generated $gentop"
+
+ func_extract_archives $gentop $convenience
+ libobjs="$libobjs $func_extract_archives_result"
+ fi
+ fi
+
+ if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then
+ eval flag=\"$thread_safe_flag_spec\"
+ linker_flags="$linker_flags $flag"
+ fi
+
+ # Make a backup of the uninstalled library when relinking
+ if test "$mode" = relink; then
+ $run eval '(cd $output_objdir && $rm ${realname}U && $mv $realname ${realname}U)' || exit $?
+ fi
+
+ # Do each of the archive commands.
+ if test "$module" = yes && test -n "$module_cmds" ; then
+ if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then
+ eval test_cmds=\"$module_expsym_cmds\"
+ cmds=$module_expsym_cmds
+ else
+ eval test_cmds=\"$module_cmds\"
+ cmds=$module_cmds
+ fi
+ else
+ if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then
+ eval test_cmds=\"$archive_expsym_cmds\"
+ cmds=$archive_expsym_cmds
+ else
+ eval test_cmds=\"$archive_cmds\"
+ cmds=$archive_cmds
+ fi
+ fi
+
+ if test "X$skipped_export" != "X:" &&
+ len=`expr "X$test_cmds" : ".*" 2>/dev/null` &&
+ test "$len" -le "$max_cmd_len" || test "$max_cmd_len" -le -1; then
+ :
+ else
+ # The command line is too long to link in one step, link piecewise.
+ $echo "creating reloadable object files..."
+
+ # Save the value of $output and $libobjs because we want to
+ # use them later. If we have whole_archive_flag_spec, we
+ # want to use save_libobjs as it was before
+ # whole_archive_flag_spec was expanded, because we can't
+ # assume the linker understands whole_archive_flag_spec.
+ # This may have to be revisited, in case too many
+ # convenience libraries get linked in and end up exceeding
+ # the spec.
+ if test -z "$convenience" || test -z "$whole_archive_flag_spec"; then
+ save_libobjs=$libobjs
+ fi
+ save_output=$output
+ output_la=`$echo "X$output" | $Xsed -e "$basename"`
+
+ # Clear the reloadable object creation command queue and
+ # initialize k to one.
+ test_cmds=
+ concat_cmds=
+ objlist=
+ delfiles=
+ last_robj=
+ k=1
+ output=$output_objdir/$output_la-${k}.$objext
+ # Loop over the list of objects to be linked.
+ for obj in $save_libobjs
+ do
+ eval test_cmds=\"$reload_cmds $objlist $last_robj\"
+ if test "X$objlist" = X ||
+ { len=`expr "X$test_cmds" : ".*" 2>/dev/null` &&
+ test "$len" -le "$max_cmd_len"; }; then
+ objlist="$objlist $obj"
+ else
+ # The command $test_cmds is almost too long, add a
+ # command to the queue.
+ if test "$k" -eq 1 ; then
+ # The first file doesn't have a previous command to add.
+ eval concat_cmds=\"$reload_cmds $objlist $last_robj\"
+ else
+ # All subsequent reloadable object files will link in
+ # the last one created.
+ eval concat_cmds=\"\$concat_cmds~$reload_cmds $objlist $last_robj\"
+ fi
+ last_robj=$output_objdir/$output_la-${k}.$objext
+ k=`expr $k + 1`
+ output=$output_objdir/$output_la-${k}.$objext
+ objlist=$obj
+ len=1
+ fi
+ done
+ # Handle the remaining objects by creating one last
+ # reloadable object file. All subsequent reloadable object
+ # files will link in the last one created.
+ test -z "$concat_cmds" || concat_cmds=$concat_cmds~
+ eval concat_cmds=\"\${concat_cmds}$reload_cmds $objlist $last_robj\"
+
+ if ${skipped_export-false}; then
+ $show "generating symbol list for \`$libname.la'"
+ export_symbols="$output_objdir/$libname.exp"
+ $run $rm $export_symbols
+ libobjs=$output
+ # Append the command to create the export file.
+ eval concat_cmds=\"\$concat_cmds~$export_symbols_cmds\"
+ fi
+
+ # Set up a command to remove the reloadable object files
+ # after they are used.
+ i=0
+ while test "$i" -lt "$k"
+ do
+ i=`expr $i + 1`
+ delfiles="$delfiles $output_objdir/$output_la-${i}.$objext"
+ done
+
+ $echo "creating a temporary reloadable object file: $output"
+
+ # Loop through the commands generated above and execute them.
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $concat_cmds; do
+ IFS="$save_ifs"
+ $show "$cmd"
+ $run eval "$cmd" || exit $?
+ done
+ IFS="$save_ifs"
+
+ libobjs=$output
+ # Restore the value of output.
+ output=$save_output
+
+ if test -n "$convenience" && test -n "$whole_archive_flag_spec"; then
+ eval libobjs=\"\$libobjs $whole_archive_flag_spec\"
+ fi
+ # Expand the library linking commands again to reset the
+ # value of $libobjs for piecewise linking.
+
+ # Do each of the archive commands.
+ if test "$module" = yes && test -n "$module_cmds" ; then
+ if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then
+ cmds=$module_expsym_cmds
+ else
+ cmds=$module_cmds
+ fi
+ else
+ if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then
+ cmds=$archive_expsym_cmds
+ else
+ cmds=$archive_cmds
+ fi
+ fi
+
+ # Append the command to remove the reloadable object files
+ # to the just-reset $cmds.
+ eval cmds=\"\$cmds~\$rm $delfiles\"
+ fi
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ $show "$cmd"
+ $run eval "$cmd" || {
+ lt_exit=$?
+
+ # Restore the uninstalled library and exit
+ if test "$mode" = relink; then
+ $run eval '(cd $output_objdir && $rm ${realname}T && $mv ${realname}U $realname)'
+ fi
+
+ exit $lt_exit
+ }
+ done
+ IFS="$save_ifs"
+
+ # Restore the uninstalled library and exit
+ if test "$mode" = relink; then
+ $run eval '(cd $output_objdir && $rm ${realname}T && $mv $realname ${realname}T && $mv "$realname"U $realname)' || exit $?
+
+ if test -n "$convenience"; then
+ if test -z "$whole_archive_flag_spec"; then
+ $show "${rm}r $gentop"
+ $run ${rm}r "$gentop"
+ fi
+ fi
+
+ exit $EXIT_SUCCESS
+ fi
+
+ # Create links to the real library.
+ for linkname in $linknames; do
+ if test "$realname" != "$linkname"; then
+ $show "(cd $output_objdir && $rm $linkname && $LN_S $realname $linkname)"
+ $run eval '(cd $output_objdir && $rm $linkname && $LN_S $realname $linkname)' || exit $?
+ fi
+ done
+
+ # If -module or -export-dynamic was specified, set the dlname.
+ if test "$module" = yes || test "$export_dynamic" = yes; then
+ # On all known operating systems, these are identical.
+ dlname="$soname"
+ fi
+ fi
+ ;;
+
+ obj)
+ if test -n "$deplibs"; then
+ $echo "$modename: warning: \`-l' and \`-L' are ignored for objects" 1>&2
+ fi
+
+ if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
+ $echo "$modename: warning: \`-dlopen' is ignored for objects" 1>&2
+ fi
+
+ if test -n "$rpath"; then
+ $echo "$modename: warning: \`-rpath' is ignored for objects" 1>&2
+ fi
+
+ if test -n "$xrpath"; then
+ $echo "$modename: warning: \`-R' is ignored for objects" 1>&2
+ fi
+
+ if test -n "$vinfo"; then
+ $echo "$modename: warning: \`-version-info' is ignored for objects" 1>&2
+ fi
+
+ if test -n "$release"; then
+ $echo "$modename: warning: \`-release' is ignored for objects" 1>&2
+ fi
+
+ case $output in
+ *.lo)
+ if test -n "$objs$old_deplibs"; then
+ $echo "$modename: cannot build library object \`$output' from non-libtool objects" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ libobj="$output"
+ obj=`$echo "X$output" | $Xsed -e "$lo2o"`
+ ;;
+ *)
+ libobj=
+ obj="$output"
+ ;;
+ esac
+
+ # Delete the old objects.
+ $run $rm $obj $libobj
+
+ # Objects from convenience libraries. This assumes
+ # single-version convenience libraries. Whenever we create
+ # different ones for PIC/non-PIC, this we'll have to duplicate
+ # the extraction.
+ reload_conv_objs=
+ gentop=
+ # reload_cmds runs $LD directly, so let us get rid of
+ # -Wl from whole_archive_flag_spec
+ wl=
+
+ if test -n "$convenience"; then
+ if test -n "$whole_archive_flag_spec"; then
+ eval reload_conv_objs=\"\$reload_objs $whole_archive_flag_spec\"
+ else
+ gentop="$output_objdir/${obj}x"
+ generated="$generated $gentop"
+
+ func_extract_archives $gentop $convenience
+ reload_conv_objs="$reload_objs $func_extract_archives_result"
+ fi
+ fi
+
+ # Create the old-style object.
+ reload_objs="$objs$old_deplibs "`$echo "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}$'/d' -e '/\.lib$/d' -e "$lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test
+
+ output="$obj"
+ cmds=$reload_cmds
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ $show "$cmd"
+ $run eval "$cmd" || exit $?
+ done
+ IFS="$save_ifs"
+
+ # Exit if we aren't doing a library object file.
+ if test -z "$libobj"; then
+ if test -n "$gentop"; then
+ $show "${rm}r $gentop"
+ $run ${rm}r $gentop
+ fi
+
+ exit $EXIT_SUCCESS
+ fi
+
+ if test "$build_libtool_libs" != yes; then
+ if test -n "$gentop"; then
+ $show "${rm}r $gentop"
+ $run ${rm}r $gentop
+ fi
+
+ # Create an invalid libtool object if no PIC, so that we don't
+ # accidentally link it into a program.
+ # $show "echo timestamp > $libobj"
+ # $run eval "echo timestamp > $libobj" || exit $?
+ exit $EXIT_SUCCESS
+ fi
+
+ if test -n "$pic_flag" || test "$pic_mode" != default; then
+ # Only do commands if we really have different PIC objects.
+ reload_objs="$libobjs $reload_conv_objs"
+ output="$libobj"
+ cmds=$reload_cmds
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ $show "$cmd"
+ $run eval "$cmd" || exit $?
+ done
+ IFS="$save_ifs"
+ fi
+
+ if test -n "$gentop"; then
+ $show "${rm}r $gentop"
+ $run ${rm}r $gentop
+ fi
+
+ exit $EXIT_SUCCESS
+ ;;
+
+ prog)
+ case $host in
+ *cygwin*) output=`$echo $output | ${SED} -e 's,.exe$,,;s,$,.exe,'` ;;
+ esac
+ if test -n "$vinfo"; then
+ $echo "$modename: warning: \`-version-info' is ignored for programs" 1>&2
+ fi
+
+ if test -n "$release"; then
+ $echo "$modename: warning: \`-release' is ignored for programs" 1>&2
+ fi
+
+ if test "$preload" = yes; then
+ if test "$dlopen_support" = unknown && test "$dlopen_self" = unknown &&
+ test "$dlopen_self_static" = unknown; then
+ $echo "$modename: warning: \`AC_LIBTOOL_DLOPEN' not used. Assuming no dlopen support."
+ fi
+ fi
+
+ case $host in
+ *-*-rhapsody* | *-*-darwin1.[012])
+ # On Rhapsody replace the C library is the System framework
+ compile_deplibs=`$echo "X $compile_deplibs" | $Xsed -e 's/ -lc / -framework System /'`
+ finalize_deplibs=`$echo "X $finalize_deplibs" | $Xsed -e 's/ -lc / -framework System /'`
+ ;;
+ esac
+
+ case $host in
+ *darwin*)
+ # Don't allow lazy linking, it breaks C++ global constructors
+ if test "$tagname" = CXX ; then
+ compile_command="$compile_command ${wl}-bind_at_load"
+ finalize_command="$finalize_command ${wl}-bind_at_load"
+ fi
+ ;;
+ esac
+
+
+ # move library search paths that coincide with paths to not yet
+ # installed libraries to the beginning of the library search list
+ new_libs=
+ for path in $notinst_path; do
+ case " $new_libs " in
+ *" -L$path/$objdir "*) ;;
+ *)
+ case " $compile_deplibs " in
+ *" -L$path/$objdir "*)
+ new_libs="$new_libs -L$path/$objdir" ;;
+ esac
+ ;;
+ esac
+ done
+ for deplib in $compile_deplibs; do
+ case $deplib in
+ -L*)
+ case " $new_libs " in
+ *" $deplib "*) ;;
+ *) new_libs="$new_libs $deplib" ;;
+ esac
+ ;;
+ *) new_libs="$new_libs $deplib" ;;
+ esac
+ done
+ compile_deplibs="$new_libs"
+
+
+ compile_command="$compile_command $compile_deplibs"
+ finalize_command="$finalize_command $finalize_deplibs"
+
+ if test -n "$rpath$xrpath"; then
+ # If the user specified any rpath flags, then add them.
+ for libdir in $rpath $xrpath; do
+ # This is the magic to use -rpath.
+ case "$finalize_rpath " in
+ *" $libdir "*) ;;
+ *) finalize_rpath="$finalize_rpath $libdir" ;;
+ esac
+ done
+ fi
+
+ # Now hardcode the library paths
+ rpath=
+ hardcode_libdirs=
+ for libdir in $compile_rpath $finalize_rpath; do
+ if test -n "$hardcode_libdir_flag_spec"; then
+ if test -n "$hardcode_libdir_separator"; then
+ if test -z "$hardcode_libdirs"; then
+ hardcode_libdirs="$libdir"
+ else
+ # Just accumulate the unique libdirs.
+ case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
+ *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+ ;;
+ *)
+ hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
+ ;;
+ esac
+ fi
+ else
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ rpath="$rpath $flag"
+ fi
+ elif test -n "$runpath_var"; then
+ case "$perm_rpath " in
+ *" $libdir "*) ;;
+ *) perm_rpath="$perm_rpath $libdir" ;;
+ esac
+ fi
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*)
+ testbindir=`$echo "X$libdir" | $Xsed -e 's*/lib$*/bin*'`
+ case :$dllsearchpath: in
+ *":$libdir:"*) ;;
+ *) dllsearchpath="$dllsearchpath:$libdir";;
+ esac
+ case :$dllsearchpath: in
+ *":$testbindir:"*) ;;
+ *) dllsearchpath="$dllsearchpath:$testbindir";;
+ esac
+ ;;
+ esac
+ done
+ # Substitute the hardcoded libdirs into the rpath.
+ if test -n "$hardcode_libdir_separator" &&
+ test -n "$hardcode_libdirs"; then
+ libdir="$hardcode_libdirs"
+ eval rpath=\" $hardcode_libdir_flag_spec\"
+ fi
+ compile_rpath="$rpath"
+
+ rpath=
+ hardcode_libdirs=
+ for libdir in $finalize_rpath; do
+ if test -n "$hardcode_libdir_flag_spec"; then
+ if test -n "$hardcode_libdir_separator"; then
+ if test -z "$hardcode_libdirs"; then
+ hardcode_libdirs="$libdir"
+ else
+ # Just accumulate the unique libdirs.
+ case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
+ *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+ ;;
+ *)
+ hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
+ ;;
+ esac
+ fi
+ else
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ rpath="$rpath $flag"
+ fi
+ elif test -n "$runpath_var"; then
+ case "$finalize_perm_rpath " in
+ *" $libdir "*) ;;
+ *) finalize_perm_rpath="$finalize_perm_rpath $libdir" ;;
+ esac
+ fi
+ done
+ # Substitute the hardcoded libdirs into the rpath.
+ if test -n "$hardcode_libdir_separator" &&
+ test -n "$hardcode_libdirs"; then
+ libdir="$hardcode_libdirs"
+ eval rpath=\" $hardcode_libdir_flag_spec\"
+ fi
+ finalize_rpath="$rpath"
+
+ if test -n "$libobjs" && test "$build_old_libs" = yes; then
+ # Transform all the library objects into standard objects.
+ compile_command=`$echo "X$compile_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+ finalize_command=`$echo "X$finalize_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+ fi
+
+ dlsyms=
+ if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
+ if test -n "$NM" && test -n "$global_symbol_pipe"; then
+ dlsyms="${outputname}S.c"
+ else
+ $echo "$modename: not configured to extract global symbols from dlpreopened files" 1>&2
+ fi
+ fi
+
+ if test -n "$dlsyms"; then
+ case $dlsyms in
+ "") ;;
+ *.c)
+ # Discover the nlist of each of the dlfiles.
+ nlist="$output_objdir/${outputname}.nm"
+
+ $show "$rm $nlist ${nlist}S ${nlist}T"
+ $run $rm "$nlist" "${nlist}S" "${nlist}T"
+
+ # Parse the name list into a source file.
+ $show "creating $output_objdir/$dlsyms"
+
+ test -z "$run" && $echo > "$output_objdir/$dlsyms" "\
+/* $dlsyms - symbol resolution table for \`$outputname' dlsym emulation. */
+/* Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP */
+
+#ifdef __cplusplus
+extern \"C\" {
+#endif
+
+/* Prevent the only kind of declaration conflicts we can make. */
+#define lt_preloaded_symbols some_other_symbol
+
+/* External symbol declarations for the compiler. */\
+"
+
+ if test "$dlself" = yes; then
+ $show "generating symbol list for \`$output'"
+
+ test -z "$run" && $echo ': @PROGRAM@ ' > "$nlist"
+
+ # Add our own program objects to the symbol list.
+ progfiles=`$echo "X$objs$old_deplibs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+ for arg in $progfiles; do
+ $show "extracting global C symbols from \`$arg'"
+ $run eval "$NM $arg | $global_symbol_pipe >> '$nlist'"
+ done
+
+ if test -n "$exclude_expsyms"; then
+ $run eval '$EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T'
+ $run eval '$mv "$nlist"T "$nlist"'
+ fi
+
+ if test -n "$export_symbols_regex"; then
+ $run eval '$EGREP -e "$export_symbols_regex" "$nlist" > "$nlist"T'
+ $run eval '$mv "$nlist"T "$nlist"'
+ fi
+
+ # Prepare the list of exported symbols
+ if test -z "$export_symbols"; then
+ export_symbols="$output_objdir/$outputname.exp"
+ $run $rm $export_symbols
+ $run eval "${SED} -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"'
+ case $host in
+ *cygwin* | *mingw* )
+ $run eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
+ $run eval 'cat "$export_symbols" >> "$output_objdir/$outputname.def"'
+ ;;
+ esac
+ else
+ $run eval "${SED} -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"'
+ $run eval 'grep -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T'
+ $run eval 'mv "$nlist"T "$nlist"'
+ case $host in
+ *cygwin* | *mingw* )
+ $run eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
+ $run eval 'cat "$nlist" >> "$output_objdir/$outputname.def"'
+ ;;
+ esac
+ fi
+ fi
+
+ for arg in $dlprefiles; do
+ $show "extracting global C symbols from \`$arg'"
+ name=`$echo "$arg" | ${SED} -e 's%^.*/%%'`
+ $run eval '$echo ": $name " >> "$nlist"'
+ $run eval "$NM $arg | $global_symbol_pipe >> '$nlist'"
+ done
+
+ if test -z "$run"; then
+ # Make sure we have at least an empty file.
+ test -f "$nlist" || : > "$nlist"
+
+ if test -n "$exclude_expsyms"; then
+ $EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T
+ $mv "$nlist"T "$nlist"
+ fi
+
+ # Try sorting and uniquifying the output.
+ if grep -v "^: " < "$nlist" |
+ if sort -k 3 </dev/null >/dev/null 2>&1; then
+ sort -k 3
+ else
+ sort +2
+ fi |
+ uniq > "$nlist"S; then
+ :
+ else
+ grep -v "^: " < "$nlist" > "$nlist"S
+ fi
+
+ if test -f "$nlist"S; then
+ eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$dlsyms"'
+ else
+ $echo '/* NONE */' >> "$output_objdir/$dlsyms"
+ fi
+
+ $echo >> "$output_objdir/$dlsyms" "\
+
+#undef lt_preloaded_symbols
+
+#if defined (__STDC__) && __STDC__
+# define lt_ptr void *
+#else
+# define lt_ptr char *
+# define const
+#endif
+
+/* The mapping between symbol names and symbols. */
+"
+
+ case $host in
+ *cygwin* | *mingw* )
+ $echo >> "$output_objdir/$dlsyms" "\
+/* DATA imports from DLLs on WIN32 can't be const, because
+ runtime relocations are performed -- see ld's documentation
+ on pseudo-relocs */
+struct {
+"
+ ;;
+ * )
+ $echo >> "$output_objdir/$dlsyms" "\
+const struct {
+"
+ ;;
+ esac
+
+
+ $echo >> "$output_objdir/$dlsyms" "\
+ const char *name;
+ lt_ptr address;
+}
+lt_preloaded_symbols[] =
+{\
+"
+
+ eval "$global_symbol_to_c_name_address" < "$nlist" >> "$output_objdir/$dlsyms"
+
+ $echo >> "$output_objdir/$dlsyms" "\
+ {0, (lt_ptr) 0}
+};
+
+/* This works around a problem in FreeBSD linker */
+#ifdef FREEBSD_WORKAROUND
+static const void *lt_preloaded_setup() {
+ return lt_preloaded_symbols;
+}
+#endif
+
+#ifdef __cplusplus
+}
+#endif\
+"
+ fi
+
+ pic_flag_for_symtable=
+ case $host in
+ # compiling the symbol table file with pic_flag works around
+ # a FreeBSD bug that causes programs to crash when -lm is
+ # linked before any other PIC object. But we must not use
+ # pic_flag when linking with -static. The problem exists in
+ # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1.
+ *-*-freebsd2*|*-*-freebsd3.0*|*-*-freebsdelf3.0*)
+ case "$compile_command " in
+ *" -static "*) ;;
+ *) pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND";;
+ esac;;
+ *-*-hpux*)
+ case "$compile_command " in
+ *" -static "*) ;;
+ *) pic_flag_for_symtable=" $pic_flag";;
+ esac
+ esac
+
+ # Now compile the dynamic symbol file.
+ $show "(cd $output_objdir && $LTCC $LTCFLAGS -c$no_builtin_flag$pic_flag_for_symtable \"$dlsyms\")"
+ $run eval '(cd $output_objdir && $LTCC $LTCFLAGS -c$no_builtin_flag$pic_flag_for_symtable "$dlsyms")' || exit $?
+
+ # Clean up the generated files.
+ $show "$rm $output_objdir/$dlsyms $nlist ${nlist}S ${nlist}T"
+ $run $rm "$output_objdir/$dlsyms" "$nlist" "${nlist}S" "${nlist}T"
+
+ # Transform the symbol file into the correct name.
+ case $host in
+ *cygwin* | *mingw* )
+ if test -f "$output_objdir/${outputname}.def" ; then
+ compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%"`
+ finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%"`
+ else
+ compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+ finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+ fi
+ ;;
+ * )
+ compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+ finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+ ;;
+ esac
+ ;;
+ *)
+ $echo "$modename: unknown suffix for \`$dlsyms'" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+ else
+ # We keep going just in case the user didn't refer to
+ # lt_preloaded_symbols. The linker will fail if global_symbol_pipe
+ # really was required.
+
+ # Nullify the symbol file.
+ compile_command=`$echo "X$compile_command" | $Xsed -e "s% @SYMFILE@%%"`
+ finalize_command=`$echo "X$finalize_command" | $Xsed -e "s% @SYMFILE@%%"`
+ fi
+
+ if test "$need_relink" = no || test "$build_libtool_libs" != yes; then
+ # Replace the output file specification.
+ compile_command=`$echo "X$compile_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'`
+ link_command="$compile_command$compile_rpath"
+
+ # We have no uninstalled library dependencies, so finalize right now.
+ $show "$link_command"
+ $run eval "$link_command"
+ exit_status=$?
+
+ # Delete the generated files.
+ if test -n "$dlsyms"; then
+ $show "$rm $output_objdir/${outputname}S.${objext}"
+ $run $rm "$output_objdir/${outputname}S.${objext}"
+ fi
+
+ exit $exit_status
+ fi
+
+ if test -n "$shlibpath_var"; then
+ # We should set the shlibpath_var
+ rpath=
+ for dir in $temp_rpath; do
+ case $dir in
+ [\\/]* | [A-Za-z]:[\\/]*)
+ # Absolute path.
+ rpath="$rpath$dir:"
+ ;;
+ *)
+ # Relative path: add a thisdir entry.
+ rpath="$rpath\$thisdir/$dir:"
+ ;;
+ esac
+ done
+ temp_rpath="$rpath"
+ fi
+
+ if test -n "$compile_shlibpath$finalize_shlibpath"; then
+ compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command"
+ fi
+ if test -n "$finalize_shlibpath"; then
+ finalize_command="$shlibpath_var=\"$finalize_shlibpath\$$shlibpath_var\" $finalize_command"
+ fi
+
+ compile_var=
+ finalize_var=
+ if test -n "$runpath_var"; then
+ if test -n "$perm_rpath"; then
+ # We should set the runpath_var.
+ rpath=
+ for dir in $perm_rpath; do
+ rpath="$rpath$dir:"
+ done
+ compile_var="$runpath_var=\"$rpath\$$runpath_var\" "
+ fi
+ if test -n "$finalize_perm_rpath"; then
+ # We should set the runpath_var.
+ rpath=
+ for dir in $finalize_perm_rpath; do
+ rpath="$rpath$dir:"
+ done
+ finalize_var="$runpath_var=\"$rpath\$$runpath_var\" "
+ fi
+ fi
+
+ if test "$no_install" = yes; then
+ # We don't need to create a wrapper script.
+ link_command="$compile_var$compile_command$compile_rpath"
+ # Replace the output file specification.
+ link_command=`$echo "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'`
+ # Delete the old output file.
+ $run $rm $output
+ # Link the executable and exit
+ $show "$link_command"
+ $run eval "$link_command" || exit $?
+ exit $EXIT_SUCCESS
+ fi
+
+ if test "$hardcode_action" = relink; then
+ # Fast installation is not supported
+ link_command="$compile_var$compile_command$compile_rpath"
+ relink_command="$finalize_var$finalize_command$finalize_rpath"
+
+ $echo "$modename: warning: this platform does not like uninstalled shared libraries" 1>&2
+ $echo "$modename: \`$output' will be relinked during installation" 1>&2
+ else
+ if test "$fast_install" != no; then
+ link_command="$finalize_var$compile_command$finalize_rpath"
+ if test "$fast_install" = yes; then
+ relink_command=`$echo "X$compile_var$compile_command$compile_rpath" | $Xsed -e 's%@OUTPUT@%\$progdir/\$file%g'`
+ else
+ # fast_install is set to needless
+ relink_command=
+ fi
+ else
+ link_command="$compile_var$compile_command$compile_rpath"
+ relink_command="$finalize_var$finalize_command$finalize_rpath"
+ fi
+ fi
+
+ # Replace the output file specification.
+ link_command=`$echo "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'`
+
+ # Delete the old output files.
+ $run $rm $output $output_objdir/$outputname $output_objdir/lt-$outputname
+
+ $show "$link_command"
+ $run eval "$link_command" || exit $?
+
+ # Now create the wrapper script.
+ $show "creating $output"
+
+ # Quote the relink command for shipping.
+ if test -n "$relink_command"; then
+ # Preserve any variables that may affect compiler behavior
+ for var in $variables_saved_for_relink; do
+ if eval test -z \"\${$var+set}\"; then
+ relink_command="{ test -z \"\${$var+set}\" || unset $var || { $var=; export $var; }; }; $relink_command"
+ elif eval var_value=\$$var; test -z "$var_value"; then
+ relink_command="$var=; export $var; $relink_command"
+ else
+ var_value=`$echo "X$var_value" | $Xsed -e "$sed_quote_subst"`
+ relink_command="$var=\"$var_value\"; export $var; $relink_command"
+ fi
+ done
+ relink_command="(cd `pwd`; $relink_command)"
+ relink_command=`$echo "X$relink_command" | $Xsed -e "$sed_quote_subst"`
+ fi
+
+ # Quote $echo for shipping.
+ if test "X$echo" = "X$SHELL $progpath --fallback-echo"; then
+ case $progpath in
+ [\\/]* | [A-Za-z]:[\\/]*) qecho="$SHELL $progpath --fallback-echo";;
+ *) qecho="$SHELL `pwd`/$progpath --fallback-echo";;
+ esac
+ qecho=`$echo "X$qecho" | $Xsed -e "$sed_quote_subst"`
+ else
+ qecho=`$echo "X$echo" | $Xsed -e "$sed_quote_subst"`
+ fi
+
+ # Only actually do things if our run command is non-null.
+ if test -z "$run"; then
+ # win32 will think the script is a binary if it has
+ # a .exe suffix, so we strip it off here.
+ case $output in
+ *.exe) output=`$echo $output|${SED} 's,.exe$,,'` ;;
+ esac
+ # test for cygwin because mv fails w/o .exe extensions
+ case $host in
+ *cygwin*)
+ exeext=.exe
+ outputname=`$echo $outputname|${SED} 's,.exe$,,'` ;;
+ *) exeext= ;;
+ esac
+ case $host in
+ *cygwin* | *mingw* )
+ output_name=`basename $output`
+ output_path=`dirname $output`
+ cwrappersource="$output_path/$objdir/lt-$output_name.c"
+ cwrapper="$output_path/$output_name.exe"
+ $rm $cwrappersource $cwrapper
+ trap "$rm $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15
+
+ cat > $cwrappersource <<EOF
+
+/* $cwrappersource - temporary wrapper executable for $objdir/$outputname
+ Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP
+
+ The $output program cannot be directly executed until all the libtool
+ libraries that it depends on are installed.
+
+ This wrapper executable should never be moved out of the build directory.
+ If it is, it will not operate correctly.
+
+ Currently, it simply execs the wrapper *script* "/bin/sh $output",
+ but could eventually absorb all of the scripts functionality and
+ exec $objdir/$outputname directly.
+*/
+EOF
+ cat >> $cwrappersource<<"EOF"
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <malloc.h>
+#include <stdarg.h>
+#include <assert.h>
+#include <string.h>
+#include <ctype.h>
+#include <sys/stat.h>
+
+#if defined(PATH_MAX)
+# define LT_PATHMAX PATH_MAX
+#elif defined(MAXPATHLEN)
+# define LT_PATHMAX MAXPATHLEN
+#else
+# define LT_PATHMAX 1024
+#endif
+
+#ifndef DIR_SEPARATOR
+# define DIR_SEPARATOR '/'
+# define PATH_SEPARATOR ':'
+#endif
+
+#if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \
+ defined (__OS2__)
+# define HAVE_DOS_BASED_FILE_SYSTEM
+# ifndef DIR_SEPARATOR_2
+# define DIR_SEPARATOR_2 '\\'
+# endif
+# ifndef PATH_SEPARATOR_2
+# define PATH_SEPARATOR_2 ';'
+# endif
+#endif
+
+#ifndef DIR_SEPARATOR_2
+# define IS_DIR_SEPARATOR(ch) ((ch) == DIR_SEPARATOR)
+#else /* DIR_SEPARATOR_2 */
+# define IS_DIR_SEPARATOR(ch) \
+ (((ch) == DIR_SEPARATOR) || ((ch) == DIR_SEPARATOR_2))
+#endif /* DIR_SEPARATOR_2 */
+
+#ifndef PATH_SEPARATOR_2
+# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR)
+#else /* PATH_SEPARATOR_2 */
+# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2)
+#endif /* PATH_SEPARATOR_2 */
+
+#define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type)))
+#define XFREE(stale) do { \
+ if (stale) { free ((void *) stale); stale = 0; } \
+} while (0)
+
+/* -DDEBUG is fairly common in CFLAGS. */
+#undef DEBUG
+#if defined DEBUGWRAPPER
+# define DEBUG(format, ...) fprintf(stderr, format, __VA_ARGS__)
+#else
+# define DEBUG(format, ...)
+#endif
+
+const char *program_name = NULL;
+
+void * xmalloc (size_t num);
+char * xstrdup (const char *string);
+const char * base_name (const char *name);
+char * find_executable(const char *wrapper);
+int check_executable(const char *path);
+char * strendzap(char *str, const char *pat);
+void lt_fatal (const char *message, ...);
+
+int
+main (int argc, char *argv[])
+{
+ char **newargz;
+ int i;
+
+ program_name = (char *) xstrdup (base_name (argv[0]));
+ DEBUG("(main) argv[0] : %s\n",argv[0]);
+ DEBUG("(main) program_name : %s\n",program_name);
+ newargz = XMALLOC(char *, argc+2);
+EOF
+
+ cat >> $cwrappersource <<EOF
+ newargz[0] = (char *) xstrdup("$SHELL");
+EOF
+
+ cat >> $cwrappersource <<"EOF"
+ newargz[1] = find_executable(argv[0]);
+ if (newargz[1] == NULL)
+ lt_fatal("Couldn't find %s", argv[0]);
+ DEBUG("(main) found exe at : %s\n",newargz[1]);
+ /* we know the script has the same name, without the .exe */
+ /* so make sure newargz[1] doesn't end in .exe */
+ strendzap(newargz[1],".exe");
+ for (i = 1; i < argc; i++)
+ newargz[i+1] = xstrdup(argv[i]);
+ newargz[argc+1] = NULL;
+
+ for (i=0; i<argc+1; i++)
+ {
+ DEBUG("(main) newargz[%d] : %s\n",i,newargz[i]);
+ ;
+ }
+
+EOF
+
+ case $host_os in
+ mingw*)
+ cat >> $cwrappersource <<EOF
+ execv("$SHELL",(char const **)newargz);
+EOF
+ ;;
+ *)
+ cat >> $cwrappersource <<EOF
+ execv("$SHELL",newargz);
+EOF
+ ;;
+ esac
+
+ cat >> $cwrappersource <<"EOF"
+ return 127;
+}
+
+void *
+xmalloc (size_t num)
+{
+ void * p = (void *) malloc (num);
+ if (!p)
+ lt_fatal ("Memory exhausted");
+
+ return p;
+}
+
+char *
+xstrdup (const char *string)
+{
+ return string ? strcpy ((char *) xmalloc (strlen (string) + 1), string) : NULL
+;
+}
+
+const char *
+base_name (const char *name)
+{
+ const char *base;
+
+#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
+ /* Skip over the disk name in MSDOS pathnames. */
+ if (isalpha ((unsigned char)name[0]) && name[1] == ':')
+ name += 2;
+#endif
+
+ for (base = name; *name; name++)
+ if (IS_DIR_SEPARATOR (*name))
+ base = name + 1;
+ return base;
+}
+
+int
+check_executable(const char * path)
+{
+ struct stat st;
+
+ DEBUG("(check_executable) : %s\n", path ? (*path ? path : "EMPTY!") : "NULL!");
+ if ((!path) || (!*path))
+ return 0;
+
+ if ((stat (path, &st) >= 0) &&
+ (
+ /* MinGW & native WIN32 do not support S_IXOTH or S_IXGRP */
+#if defined (S_IXOTH)
+ ((st.st_mode & S_IXOTH) == S_IXOTH) ||
+#endif
+#if defined (S_IXGRP)
+ ((st.st_mode & S_IXGRP) == S_IXGRP) ||
+#endif
+ ((st.st_mode & S_IXUSR) == S_IXUSR))
+ )
+ return 1;
+ else
+ return 0;
+}
+
+/* Searches for the full path of the wrapper. Returns
+ newly allocated full path name if found, NULL otherwise */
+char *
+find_executable (const char* wrapper)
+{
+ int has_slash = 0;
+ const char* p;
+ const char* p_next;
+ /* static buffer for getcwd */
+ char tmp[LT_PATHMAX + 1];
+ int tmp_len;
+ char* concat_name;
+
+ DEBUG("(find_executable) : %s\n", wrapper ? (*wrapper ? wrapper : "EMPTY!") : "NULL!");
+
+ if ((wrapper == NULL) || (*wrapper == '\0'))
+ return NULL;
+
+ /* Absolute path? */
+#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
+ if (isalpha ((unsigned char)wrapper[0]) && wrapper[1] == ':')
+ {
+ concat_name = xstrdup (wrapper);
+ if (check_executable(concat_name))
+ return concat_name;
+ XFREE(concat_name);
+ }
+ else
+ {
+#endif
+ if (IS_DIR_SEPARATOR (wrapper[0]))
+ {
+ concat_name = xstrdup (wrapper);
+ if (check_executable(concat_name))
+ return concat_name;
+ XFREE(concat_name);
+ }
+#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
+ }
+#endif
+
+ for (p = wrapper; *p; p++)
+ if (*p == '/')
+ {
+ has_slash = 1;
+ break;
+ }
+ if (!has_slash)
+ {
+ /* no slashes; search PATH */
+ const char* path = getenv ("PATH");
+ if (path != NULL)
+ {
+ for (p = path; *p; p = p_next)
+ {
+ const char* q;
+ size_t p_len;
+ for (q = p; *q; q++)
+ if (IS_PATH_SEPARATOR(*q))
+ break;
+ p_len = q - p;
+ p_next = (*q == '\0' ? q : q + 1);
+ if (p_len == 0)
+ {
+ /* empty path: current directory */
+ if (getcwd (tmp, LT_PATHMAX) == NULL)
+ lt_fatal ("getcwd failed");
+ tmp_len = strlen(tmp);
+ concat_name = XMALLOC(char, tmp_len + 1 + strlen(wrapper) + 1);
+ memcpy (concat_name, tmp, tmp_len);
+ concat_name[tmp_len] = '/';
+ strcpy (concat_name + tmp_len + 1, wrapper);
+ }
+ else
+ {
+ concat_name = XMALLOC(char, p_len + 1 + strlen(wrapper) + 1);
+ memcpy (concat_name, p, p_len);
+ concat_name[p_len] = '/';
+ strcpy (concat_name + p_len + 1, wrapper);
+ }
+ if (check_executable(concat_name))
+ return concat_name;
+ XFREE(concat_name);
+ }
+ }
+ /* not found in PATH; assume curdir */
+ }
+ /* Relative path | not found in path: prepend cwd */
+ if (getcwd (tmp, LT_PATHMAX) == NULL)
+ lt_fatal ("getcwd failed");
+ tmp_len = strlen(tmp);
+ concat_name = XMALLOC(char, tmp_len + 1 + strlen(wrapper) + 1);
+ memcpy (concat_name, tmp, tmp_len);
+ concat_name[tmp_len] = '/';
+ strcpy (concat_name + tmp_len + 1, wrapper);
+
+ if (check_executable(concat_name))
+ return concat_name;
+ XFREE(concat_name);
+ return NULL;
+}
+
+char *
+strendzap(char *str, const char *pat)
+{
+ size_t len, patlen;
+
+ assert(str != NULL);
+ assert(pat != NULL);
+
+ len = strlen(str);
+ patlen = strlen(pat);
+
+ if (patlen <= len)
+ {
+ str += len - patlen;
+ if (strcmp(str, pat) == 0)
+ *str = '\0';
+ }
+ return str;
+}
+
+static void
+lt_error_core (int exit_status, const char * mode,
+ const char * message, va_list ap)
+{
+ fprintf (stderr, "%s: %s: ", program_name, mode);
+ vfprintf (stderr, message, ap);
+ fprintf (stderr, ".\n");
+
+ if (exit_status >= 0)
+ exit (exit_status);
+}
+
+void
+lt_fatal (const char *message, ...)
+{
+ va_list ap;
+ va_start (ap, message);
+ lt_error_core (EXIT_FAILURE, "FATAL", message, ap);
+ va_end (ap);
+}
+EOF
+ # we should really use a build-platform specific compiler
+ # here, but OTOH, the wrappers (shell script and this C one)
+ # are only useful if you want to execute the "real" binary.
+ # Since the "real" binary is built for $host, then this
+ # wrapper might as well be built for $host, too.
+ $run $LTCC $LTCFLAGS -s -o $cwrapper $cwrappersource
+ ;;
+ esac
+ $rm $output
+ trap "$rm $output; exit $EXIT_FAILURE" 1 2 15
+
+ $echo > $output "\
+#! $SHELL
+
+# $output - temporary wrapper script for $objdir/$outputname
+# Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP
+#
+# The $output program cannot be directly executed until all the libtool
+# libraries that it depends on are installed.
+#
+# This wrapper script should never be moved out of the build directory.
+# If it is, it will not operate correctly.
+
+# Sed substitution that helps us do robust quoting. It backslashifies
+# metacharacters that are still active within double-quoted strings.
+Xsed='${SED} -e 1s/^X//'
+sed_quote_subst='$sed_quote_subst'
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+relink_command=\"$relink_command\"
+
+# This environment variable determines our operation mode.
+if test \"\$libtool_install_magic\" = \"$magic\"; then
+ # install mode needs the following variable:
+ notinst_deplibs='$notinst_deplibs'
+else
+ # When we are sourced in execute mode, \$file and \$echo are already set.
+ if test \"\$libtool_execute_magic\" != \"$magic\"; then
+ echo=\"$qecho\"
+ file=\"\$0\"
+ # Make sure echo works.
+ if test \"X\$1\" = X--no-reexec; then
+ # Discard the --no-reexec flag, and continue.
+ shift
+ elif test \"X\`(\$echo '\t') 2>/dev/null\`\" = 'X\t'; then
+ # Yippee, \$echo works!
+ :
+ else
+ # Restart under the correct shell, and then maybe \$echo will work.
+ exec $SHELL \"\$0\" --no-reexec \${1+\"\$@\"}
+ fi
+ fi\
+"
+ $echo >> $output "\
+
+ # Find the directory that this script lives in.
+ thisdir=\`\$echo \"X\$file\" | \$Xsed -e 's%/[^/]*$%%'\`
+ test \"x\$thisdir\" = \"x\$file\" && thisdir=.
+
+ # Follow symbolic links until we get to the real thisdir.
+ file=\`ls -ld \"\$file\" | ${SED} -n 's/.*-> //p'\`
+ while test -n \"\$file\"; do
+ destdir=\`\$echo \"X\$file\" | \$Xsed -e 's%/[^/]*\$%%'\`
+
+ # If there was a directory component, then change thisdir.
+ if test \"x\$destdir\" != \"x\$file\"; then
+ case \"\$destdir\" in
+ [\\\\/]* | [A-Za-z]:[\\\\/]*) thisdir=\"\$destdir\" ;;
+ *) thisdir=\"\$thisdir/\$destdir\" ;;
+ esac
+ fi
+
+ file=\`\$echo \"X\$file\" | \$Xsed -e 's%^.*/%%'\`
+ file=\`ls -ld \"\$thisdir/\$file\" | ${SED} -n 's/.*-> //p'\`
+ done
+
+ # Try to get the absolute directory name.
+ absdir=\`cd \"\$thisdir\" && pwd\`
+ test -n \"\$absdir\" && thisdir=\"\$absdir\"
+"
+
+ if test "$fast_install" = yes; then
+ $echo >> $output "\
+ program=lt-'$outputname'$exeext
+ progdir=\"\$thisdir/$objdir\"
+
+ if test ! -f \"\$progdir/\$program\" || \\
+ { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | ${SED} 1q\`; \\
+ test \"X\$file\" != \"X\$progdir/\$program\"; }; then
+
+ file=\"\$\$-\$program\"
+
+ if test ! -d \"\$progdir\"; then
+ $mkdir \"\$progdir\"
+ else
+ $rm \"\$progdir/\$file\"
+ fi"
+
+ $echo >> $output "\
+
+ # relink executable if necessary
+ if test -n \"\$relink_command\"; then
+ if relink_command_output=\`eval \$relink_command 2>&1\`; then :
+ else
+ $echo \"\$relink_command_output\" >&2
+ $rm \"\$progdir/\$file\"
+ exit $EXIT_FAILURE
+ fi
+ fi
+
+ $mv \"\$progdir/\$file\" \"\$progdir/\$program\" 2>/dev/null ||
+ { $rm \"\$progdir/\$program\";
+ $mv \"\$progdir/\$file\" \"\$progdir/\$program\"; }
+ $rm \"\$progdir/\$file\"
+ fi"
+ else
+ $echo >> $output "\
+ program='$outputname'
+ progdir=\"\$thisdir/$objdir\"
+"
+ fi
+
+ $echo >> $output "\
+
+ if test -f \"\$progdir/\$program\"; then"
+
+ # Export our shlibpath_var if we have one.
+ if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then
+ $echo >> $output "\
+ # Add our own library path to $shlibpath_var
+ $shlibpath_var=\"$temp_rpath\$$shlibpath_var\"
+
+ # Some systems cannot cope with colon-terminated $shlibpath_var
+ # The second colon is a workaround for a bug in BeOS R4 sed
+ $shlibpath_var=\`\$echo \"X\$$shlibpath_var\" | \$Xsed -e 's/::*\$//'\`
+
+ export $shlibpath_var
+"
+ fi
+
+ # fixup the dll searchpath if we need to.
+ if test -n "$dllsearchpath"; then
+ $echo >> $output "\
+ # Add the dll search path components to the executable PATH
+ PATH=$dllsearchpath:\$PATH
+"
+ fi
+
+ $echo >> $output "\
+ if test \"\$libtool_execute_magic\" != \"$magic\"; then
+ # Run the actual program with our arguments.
+"
+ case $host in
+ # Backslashes separate directories on plain windows
+ *-*-mingw | *-*-os2*)
+ $echo >> $output "\
+ exec \"\$progdir\\\\\$program\" \${1+\"\$@\"}
+"
+ ;;
+
+ *)
+ $echo >> $output "\
+ exec \"\$progdir/\$program\" \${1+\"\$@\"}
+"
+ ;;
+ esac
+ $echo >> $output "\
+ \$echo \"\$0: cannot exec \$program \${1+\"\$@\"}\"
+ exit $EXIT_FAILURE
+ fi
+ else
+ # The program doesn't exist.
+ \$echo \"\$0: error: \\\`\$progdir/\$program' does not exist\" 1>&2
+ \$echo \"This script is just a wrapper for \$program.\" 1>&2
+ $echo \"See the $PACKAGE documentation for more information.\" 1>&2
+ exit $EXIT_FAILURE
+ fi
+fi\
+"
+ chmod +x $output
+ fi
+ exit $EXIT_SUCCESS
+ ;;
+ esac
+
+ # See if we need to build an old-fashioned archive.
+ for oldlib in $oldlibs; do
+
+ if test "$build_libtool_libs" = convenience; then
+ oldobjs="$libobjs_save"
+ addlibs="$convenience"
+ build_libtool_libs=no
+ else
+ if test "$build_libtool_libs" = module; then
+ oldobjs="$libobjs_save"
+ build_libtool_libs=no
+ else
+ oldobjs="$old_deplibs $non_pic_objects"
+ fi
+ addlibs="$old_convenience"
+ fi
+
+ if test -n "$addlibs"; then
+ gentop="$output_objdir/${outputname}x"
+ generated="$generated $gentop"
+
+ func_extract_archives $gentop $addlibs
+ oldobjs="$oldobjs $func_extract_archives_result"
+ fi
+
+ # Do each command in the archive commands.
+ if test -n "$old_archive_from_new_cmds" && test "$build_libtool_libs" = yes; then
+ cmds=$old_archive_from_new_cmds
+ else
+ # POSIX demands no paths to be encoded in archives. We have
+ # to avoid creating archives with duplicate basenames if we
+ # might have to extract them afterwards, e.g., when creating a
+ # static archive out of a convenience library, or when linking
+ # the entirety of a libtool archive into another (currently
+ # not supported by libtool).
+ if (for obj in $oldobjs
+ do
+ $echo "X$obj" | $Xsed -e 's%^.*/%%'
+ done | sort | sort -uc >/dev/null 2>&1); then
+ :
+ else
+ $echo "copying selected object files to avoid basename conflicts..."
+
+ if test -z "$gentop"; then
+ gentop="$output_objdir/${outputname}x"
+ generated="$generated $gentop"
+
+ $show "${rm}r $gentop"
+ $run ${rm}r "$gentop"
+ $show "$mkdir $gentop"
+ $run $mkdir "$gentop"
+ exit_status=$?
+ if test "$exit_status" -ne 0 && test ! -d "$gentop"; then
+ exit $exit_status
+ fi
+ fi
+
+ save_oldobjs=$oldobjs
+ oldobjs=
+ counter=1
+ for obj in $save_oldobjs
+ do
+ objbase=`$echo "X$obj" | $Xsed -e 's%^.*/%%'`
+ case " $oldobjs " in
+ " ") oldobjs=$obj ;;
+ *[\ /]"$objbase "*)
+ while :; do
+ # Make sure we don't pick an alternate name that also
+ # overlaps.
+ newobj=lt$counter-$objbase
+ counter=`expr $counter + 1`
+ case " $oldobjs " in
+ *[\ /]"$newobj "*) ;;
+ *) if test ! -f "$gentop/$newobj"; then break; fi ;;
+ esac
+ done
+ $show "ln $obj $gentop/$newobj || cp $obj $gentop/$newobj"
+ $run ln "$obj" "$gentop/$newobj" ||
+ $run cp "$obj" "$gentop/$newobj"
+ oldobjs="$oldobjs $gentop/$newobj"
+ ;;
+ *) oldobjs="$oldobjs $obj" ;;
+ esac
+ done
+ fi
+
+ eval cmds=\"$old_archive_cmds\"
+
+ if len=`expr "X$cmds" : ".*"` &&
+ test "$len" -le "$max_cmd_len" || test "$max_cmd_len" -le -1; then
+ cmds=$old_archive_cmds
+ else
+ # the command line is too long to link in one step, link in parts
+ $echo "using piecewise archive linking..."
+ save_RANLIB=$RANLIB
+ RANLIB=:
+ objlist=
+ concat_cmds=
+ save_oldobjs=$oldobjs
+
+ # Is there a better way of finding the last object in the list?
+ for obj in $save_oldobjs
+ do
+ last_oldobj=$obj
+ done
+ for obj in $save_oldobjs
+ do
+ oldobjs="$objlist $obj"
+ objlist="$objlist $obj"
+ eval test_cmds=\"$old_archive_cmds\"
+ if len=`expr "X$test_cmds" : ".*" 2>/dev/null` &&
+ test "$len" -le "$max_cmd_len"; then
+ :
+ else
+ # the above command should be used before it gets too long
+ oldobjs=$objlist
+ if test "$obj" = "$last_oldobj" ; then
+ RANLIB=$save_RANLIB
+ fi
+ test -z "$concat_cmds" || concat_cmds=$concat_cmds~
+ eval concat_cmds=\"\${concat_cmds}$old_archive_cmds\"
+ objlist=
+ fi
+ done
+ RANLIB=$save_RANLIB
+ oldobjs=$objlist
+ if test "X$oldobjs" = "X" ; then
+ eval cmds=\"\$concat_cmds\"
+ else
+ eval cmds=\"\$concat_cmds~\$old_archive_cmds\"
+ fi
+ fi
+ fi
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $cmds; do
+ eval cmd=\"$cmd\"
+ IFS="$save_ifs"
+ $show "$cmd"
+ $run eval "$cmd" || exit $?
+ done
+ IFS="$save_ifs"
+ done
+
+ if test -n "$generated"; then
+ $show "${rm}r$generated"
+ $run ${rm}r$generated
+ fi
+
+ # Now create the libtool archive.
+ case $output in
+ *.la)
+ old_library=
+ test "$build_old_libs" = yes && old_library="$libname.$libext"
+ $show "creating $output"
+
+ # Preserve any variables that may affect compiler behavior
+ for var in $variables_saved_for_relink; do
+ if eval test -z \"\${$var+set}\"; then
+ relink_command="{ test -z \"\${$var+set}\" || unset $var || { $var=; export $var; }; }; $relink_command"
+ elif eval var_value=\$$var; test -z "$var_value"; then
+ relink_command="$var=; export $var; $relink_command"
+ else
+ var_value=`$echo "X$var_value" | $Xsed -e "$sed_quote_subst"`
+ relink_command="$var=\"$var_value\"; export $var; $relink_command"
+ fi
+ done
+ # Quote the link command for shipping.
+ relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)"
+ relink_command=`$echo "X$relink_command" | $Xsed -e "$sed_quote_subst"`
+ if test "$hardcode_automatic" = yes ; then
+ relink_command=
+ fi
+
+
+ # Only create the output if not a dry run.
+ if test -z "$run"; then
+ for installed in no yes; do
+ if test "$installed" = yes; then
+ if test -z "$install_libdir"; then
+ break
+ fi
+ output="$output_objdir/$outputname"i
+ # Replace all uninstalled libtool libraries with the installed ones
+ newdependency_libs=
+ for deplib in $dependency_libs; do
+ case $deplib in
+ *.la)
+ name=`$echo "X$deplib" | $Xsed -e 's%^.*/%%'`
+ eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib`
+ if test -z "$libdir"; then
+ $echo "$modename: \`$deplib' is not a valid libtool archive" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ newdependency_libs="$newdependency_libs $libdir/$name"
+ ;;
+ *) newdependency_libs="$newdependency_libs $deplib" ;;
+ esac
+ done
+ dependency_libs="$newdependency_libs"
+ newdlfiles=
+ for lib in $dlfiles; do
+ name=`$echo "X$lib" | $Xsed -e 's%^.*/%%'`
+ eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib`
+ if test -z "$libdir"; then
+ $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ newdlfiles="$newdlfiles $libdir/$name"
+ done
+ dlfiles="$newdlfiles"
+ newdlprefiles=
+ for lib in $dlprefiles; do
+ name=`$echo "X$lib" | $Xsed -e 's%^.*/%%'`
+ eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib`
+ if test -z "$libdir"; then
+ $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ newdlprefiles="$newdlprefiles $libdir/$name"
+ done
+ dlprefiles="$newdlprefiles"
+ else
+ newdlfiles=
+ for lib in $dlfiles; do
+ case $lib in
+ [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;;
+ *) abs=`pwd`"/$lib" ;;
+ esac
+ newdlfiles="$newdlfiles $abs"
+ done
+ dlfiles="$newdlfiles"
+ newdlprefiles=
+ for lib in $dlprefiles; do
+ case $lib in
+ [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;;
+ *) abs=`pwd`"/$lib" ;;
+ esac
+ newdlprefiles="$newdlprefiles $abs"
+ done
+ dlprefiles="$newdlprefiles"
+ fi
+ $rm $output
+ # place dlname in correct position for cygwin
+ tdlname=$dlname
+ case $host,$output,$installed,$module,$dlname in
+ *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll) tdlname=../bin/$dlname ;;
+ esac
+ $echo > $output "\
+# $outputname - a libtool library file
+# Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP
+#
+# Please DO NOT delete this file!
+# It is necessary for linking the library.
+
+# The name that we can dlopen(3).
+dlname='$tdlname'
+
+# Names of this library.
+library_names='$library_names'
+
+# The name of the static archive.
+old_library='$old_library'
+
+# Libraries that this one depends upon.
+dependency_libs='$dependency_libs'
+
+# Version information for $libname.
+current=$current
+age=$age
+revision=$revision
+
+# Is this an already installed library?
+installed=$installed
+
+# Should we warn about portability when linking against -modules?
+shouldnotlink=$module
+
+# Files to dlopen/dlpreopen
+dlopen='$dlfiles'
+dlpreopen='$dlprefiles'
+
+# Directory that this library needs to be installed in:
+libdir='$install_libdir'"
+ if test "$installed" = no && test "$need_relink" = yes; then
+ $echo >> $output "\
+relink_command=\"$relink_command\""
+ fi
+ done
+ fi
+
+ # Do a symbolic link so that the libtool archive can be found in
+ # LD_LIBRARY_PATH before the program is installed.
+ $show "(cd $output_objdir && $rm $outputname && $LN_S ../$outputname $outputname)"
+ $run eval '(cd $output_objdir && $rm $outputname && $LN_S ../$outputname $outputname)' || exit $?
+ ;;
+ esac
+ exit $EXIT_SUCCESS
+ ;;
+
+ # libtool install mode
+ install)
+ modename="$modename: install"
+
+ # There may be an optional sh(1) argument at the beginning of
+ # install_prog (especially on Windows NT).
+ if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh ||
+ # Allow the use of GNU shtool's install command.
+ $echo "X$nonopt" | grep shtool > /dev/null; then
+ # Aesthetically quote it.
+ arg=`$echo "X$nonopt" | $Xsed -e "$sed_quote_subst"`
+ case $arg in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ arg="\"$arg\""
+ ;;
+ esac
+ install_prog="$arg "
+ arg="$1"
+ shift
+ else
+ install_prog=
+ arg=$nonopt
+ fi
+
+ # The real first argument should be the name of the installation program.
+ # Aesthetically quote it.
+ arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`
+ case $arg in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ arg="\"$arg\""
+ ;;
+ esac
+ install_prog="$install_prog$arg"
+
+ # We need to accept at least all the BSD install flags.
+ dest=
+ files=
+ opts=
+ prev=
+ install_type=
+ isdir=no
+ stripme=
+ for arg
+ do
+ if test -n "$dest"; then
+ files="$files $dest"
+ dest=$arg
+ continue
+ fi
+
+ case $arg in
+ -d) isdir=yes ;;
+ -f)
+ case " $install_prog " in
+ *[\\\ /]cp\ *) ;;
+ *) prev=$arg ;;
+ esac
+ ;;
+ -g | -m | -o) prev=$arg ;;
+ -s)
+ stripme=" -s"
+ continue
+ ;;
+ -*)
+ ;;
+ *)
+ # If the previous option needed an argument, then skip it.
+ if test -n "$prev"; then
+ prev=
+ else
+ dest=$arg
+ continue
+ fi
+ ;;
+ esac
+
+ # Aesthetically quote the argument.
+ arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`
+ case $arg in
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ arg="\"$arg\""
+ ;;
+ esac
+ install_prog="$install_prog $arg"
+ done
+
+ if test -z "$install_prog"; then
+ $echo "$modename: you must specify an install program" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ if test -n "$prev"; then
+ $echo "$modename: the \`$prev' option requires an argument" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ if test -z "$files"; then
+ if test -z "$dest"; then
+ $echo "$modename: no file or destination specified" 1>&2
+ else
+ $echo "$modename: you must specify a destination" 1>&2
+ fi
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # Strip any trailing slash from the destination.
+ dest=`$echo "X$dest" | $Xsed -e 's%/$%%'`
+
+ # Check to see that the destination is a directory.
+ test -d "$dest" && isdir=yes
+ if test "$isdir" = yes; then
+ destdir="$dest"
+ destname=
+ else
+ destdir=`$echo "X$dest" | $Xsed -e 's%/[^/]*$%%'`
+ test "X$destdir" = "X$dest" && destdir=.
+ destname=`$echo "X$dest" | $Xsed -e 's%^.*/%%'`
+
+ # Not a directory, so check to see that there is only one file specified.
+ set dummy $files
+ if test "$#" -gt 2; then
+ $echo "$modename: \`$dest' is not a directory" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ fi
+ case $destdir in
+ [\\/]* | [A-Za-z]:[\\/]*) ;;
+ *)
+ for file in $files; do
+ case $file in
+ *.lo) ;;
+ *)
+ $echo "$modename: \`$destdir' must be an absolute directory name" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+ done
+ ;;
+ esac
+
+ # This variable tells wrapper scripts just to set variables rather
+ # than running their programs.
+ libtool_install_magic="$magic"
+
+ staticlibs=
+ future_libdirs=
+ current_libdirs=
+ for file in $files; do
+
+ # Do each installation.
+ case $file in
+ *.$libext)
+ # Do the static libraries later.
+ staticlibs="$staticlibs $file"
+ ;;
+
+ *.la)
+ # Check to see that this really is a libtool archive.
+ if (${SED} -e '2q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then :
+ else
+ $echo "$modename: \`$file' is not a valid libtool archive" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ library_names=
+ old_library=
+ relink_command=
+ # If there is no directory component, then add one.
+ case $file in
+ */* | *\\*) . $file ;;
+ *) . ./$file ;;
+ esac
+
+ # Add the libdir to current_libdirs if it is the destination.
+ if test "X$destdir" = "X$libdir"; then
+ case "$current_libdirs " in
+ *" $libdir "*) ;;
+ *) current_libdirs="$current_libdirs $libdir" ;;
+ esac
+ else
+ # Note the libdir as a future libdir.
+ case "$future_libdirs " in
+ *" $libdir "*) ;;
+ *) future_libdirs="$future_libdirs $libdir" ;;
+ esac
+ fi
+
+ dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`/
+ test "X$dir" = "X$file/" && dir=
+ dir="$dir$objdir"
+
+ if test -n "$relink_command"; then
+ # Determine the prefix the user has applied to our future dir.
+ inst_prefix_dir=`$echo "$destdir" | $SED "s%$libdir\$%%"`
+
+ # Don't allow the user to place us outside of our expected
+ # location b/c this prevents finding dependent libraries that
+ # are installed to the same prefix.
+ # At present, this check doesn't affect windows .dll's that
+ # are installed into $libdir/../bin (currently, that works fine)
+ # but it's something to keep an eye on.
+ if test "$inst_prefix_dir" = "$destdir"; then
+ $echo "$modename: error: cannot install \`$file' to a directory not ending in $libdir" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ if test -n "$inst_prefix_dir"; then
+ # Stick the inst_prefix_dir data into the link command.
+ relink_command=`$echo "$relink_command" | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"`
+ else
+ relink_command=`$echo "$relink_command" | $SED "s%@inst_prefix_dir@%%"`
+ fi
+
+ $echo "$modename: warning: relinking \`$file'" 1>&2
+ $show "$relink_command"
+ if $run eval "$relink_command"; then :
+ else
+ $echo "$modename: error: relink \`$file' with the above command before installing it" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ fi
+
+ # See the names of the shared library.
+ set dummy $library_names
+ if test -n "$2"; then
+ realname="$2"
+ shift
+ shift
+
+ srcname="$realname"
+ test -n "$relink_command" && srcname="$realname"T
+
+ # Install the shared library and build the symlinks.
+ $show "$install_prog $dir/$srcname $destdir/$realname"
+ $run eval "$install_prog $dir/$srcname $destdir/$realname" || exit $?
+ if test -n "$stripme" && test -n "$striplib"; then
+ $show "$striplib $destdir/$realname"
+ $run eval "$striplib $destdir/$realname" || exit $?
+ fi
+
+ if test "$#" -gt 0; then
+ # Delete the old symlinks, and create new ones.
+ # Try `ln -sf' first, because the `ln' binary might depend on
+ # the symlink we replace! Solaris /bin/ln does not understand -f,
+ # so we also need to try rm && ln -s.
+ for linkname
+ do
+ if test "$linkname" != "$realname"; then
+ $show "(cd $destdir && { $LN_S -f $realname $linkname || { $rm $linkname && $LN_S $realname $linkname; }; })"
+ $run eval "(cd $destdir && { $LN_S -f $realname $linkname || { $rm $linkname && $LN_S $realname $linkname; }; })"
+ fi
+ done
+ fi
+
+ # Do each command in the postinstall commands.
+ lib="$destdir/$realname"
+ cmds=$postinstall_cmds
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ $show "$cmd"
+ $run eval "$cmd" || {
+ lt_exit=$?
+
+ # Restore the uninstalled library and exit
+ if test "$mode" = relink; then
+ $run eval '(cd $output_objdir && $rm ${realname}T && $mv ${realname}U $realname)'
+ fi
+
+ exit $lt_exit
+ }
+ done
+ IFS="$save_ifs"
+ fi
+
+ # Install the pseudo-library for information purposes.
+ name=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
+ instname="$dir/$name"i
+ $show "$install_prog $instname $destdir/$name"
+ $run eval "$install_prog $instname $destdir/$name" || exit $?
+
+ # Maybe install the static library, too.
+ test -n "$old_library" && staticlibs="$staticlibs $dir/$old_library"
+ ;;
+
+ *.lo)
+ # Install (i.e. copy) a libtool object.
+
+ # Figure out destination file name, if it wasn't already specified.
+ if test -n "$destname"; then
+ destfile="$destdir/$destname"
+ else
+ destfile=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
+ destfile="$destdir/$destfile"
+ fi
+
+ # Deduce the name of the destination old-style object file.
+ case $destfile in
+ *.lo)
+ staticdest=`$echo "X$destfile" | $Xsed -e "$lo2o"`
+ ;;
+ *.$objext)
+ staticdest="$destfile"
+ destfile=
+ ;;
+ *)
+ $echo "$modename: cannot copy a libtool object to \`$destfile'" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+
+ # Install the libtool object if requested.
+ if test -n "$destfile"; then
+ $show "$install_prog $file $destfile"
+ $run eval "$install_prog $file $destfile" || exit $?
+ fi
+
+ # Install the old object if enabled.
+ if test "$build_old_libs" = yes; then
+ # Deduce the name of the old-style object file.
+ staticobj=`$echo "X$file" | $Xsed -e "$lo2o"`
+
+ $show "$install_prog $staticobj $staticdest"
+ $run eval "$install_prog \$staticobj \$staticdest" || exit $?
+ fi
+ exit $EXIT_SUCCESS
+ ;;
+
+ *)
+ # Figure out destination file name, if it wasn't already specified.
+ if test -n "$destname"; then
+ destfile="$destdir/$destname"
+ else
+ destfile=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
+ destfile="$destdir/$destfile"
+ fi
+
+ # If the file is missing, and there is a .exe on the end, strip it
+ # because it is most likely a libtool script we actually want to
+ # install
+ stripped_ext=""
+ case $file in
+ *.exe)
+ if test ! -f "$file"; then
+ file=`$echo $file|${SED} 's,.exe$,,'`
+ stripped_ext=".exe"
+ fi
+ ;;
+ esac
+
+ # Do a test to see if this is really a libtool program.
+ case $host in
+ *cygwin*|*mingw*)
+ wrapper=`$echo $file | ${SED} -e 's,.exe$,,'`
+ ;;
+ *)
+ wrapper=$file
+ ;;
+ esac
+ if (${SED} -e '4q' $wrapper | grep "^# Generated by .*$PACKAGE")>/dev/null 2>&1; then
+ notinst_deplibs=
+ relink_command=
+
+ # Note that it is not necessary on cygwin/mingw to append a dot to
+ # foo even if both foo and FILE.exe exist: automatic-append-.exe
+ # behavior happens only for exec(3), not for open(2)! Also, sourcing
+ # `FILE.' does not work on cygwin managed mounts.
+ #
+ # If there is no directory component, then add one.
+ case $wrapper in
+ */* | *\\*) . ${wrapper} ;;
+ *) . ./${wrapper} ;;
+ esac
+
+ # Check the variables that should have been set.
+ if test -z "$notinst_deplibs"; then
+ $echo "$modename: invalid libtool wrapper script \`$wrapper'" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ finalize=yes
+ for lib in $notinst_deplibs; do
+ # Check to see that each library is installed.
+ libdir=
+ if test -f "$lib"; then
+ # If there is no directory component, then add one.
+ case $lib in
+ */* | *\\*) . $lib ;;
+ *) . ./$lib ;;
+ esac
+ fi
+ libfile="$libdir/"`$echo "X$lib" | $Xsed -e 's%^.*/%%g'` ### testsuite: skip nested quoting test
+ if test -n "$libdir" && test ! -f "$libfile"; then
+ $echo "$modename: warning: \`$lib' has not been installed in \`$libdir'" 1>&2
+ finalize=no
+ fi
+ done
+
+ relink_command=
+ # Note that it is not necessary on cygwin/mingw to append a dot to
+ # foo even if both foo and FILE.exe exist: automatic-append-.exe
+ # behavior happens only for exec(3), not for open(2)! Also, sourcing
+ # `FILE.' does not work on cygwin managed mounts.
+ #
+ # If there is no directory component, then add one.
+ case $wrapper in
+ */* | *\\*) . ${wrapper} ;;
+ *) . ./${wrapper} ;;
+ esac
+
+ outputname=
+ if test "$fast_install" = no && test -n "$relink_command"; then
+ if test "$finalize" = yes && test -z "$run"; then
+ tmpdir=`func_mktempdir`
+ file=`$echo "X$file$stripped_ext" | $Xsed -e 's%^.*/%%'`
+ outputname="$tmpdir/$file"
+ # Replace the output file specification.
+ relink_command=`$echo "X$relink_command" | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g'`
+
+ $show "$relink_command"
+ if $run eval "$relink_command"; then :
+ else
+ $echo "$modename: error: relink \`$file' with the above command before installing it" 1>&2
+ ${rm}r "$tmpdir"
+ continue
+ fi
+ file="$outputname"
+ else
+ $echo "$modename: warning: cannot relink \`$file'" 1>&2
+ fi
+ else
+ # Install the binary that we compiled earlier.
+ file=`$echo "X$file$stripped_ext" | $Xsed -e "s%\([^/]*\)$%$objdir/\1%"`
+ fi
+ fi
+
+ # remove .exe since cygwin /usr/bin/install will append another
+ # one anyway
+ case $install_prog,$host in
+ */usr/bin/install*,*cygwin*)
+ case $file:$destfile in
+ *.exe:*.exe)
+ # this is ok
+ ;;
+ *.exe:*)
+ destfile=$destfile.exe
+ ;;
+ *:*.exe)
+ destfile=`$echo $destfile | ${SED} -e 's,.exe$,,'`
+ ;;
+ esac
+ ;;
+ esac
+ $show "$install_prog$stripme $file $destfile"
+ $run eval "$install_prog\$stripme \$file \$destfile" || exit $?
+ test -n "$outputname" && ${rm}r "$tmpdir"
+ ;;
+ esac
+ done
+
+ for file in $staticlibs; do
+ name=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
+
+ # Set up the ranlib parameters.
+ oldlib="$destdir/$name"
+
+ $show "$install_prog $file $oldlib"
+ $run eval "$install_prog \$file \$oldlib" || exit $?
+
+ if test -n "$stripme" && test -n "$old_striplib"; then
+ $show "$old_striplib $oldlib"
+ $run eval "$old_striplib $oldlib" || exit $?
+ fi
+
+ # Do each command in the postinstall commands.
+ cmds=$old_postinstall_cmds
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ $show "$cmd"
+ $run eval "$cmd" || exit $?
+ done
+ IFS="$save_ifs"
+ done
+
+ if test -n "$future_libdirs"; then
+ $echo "$modename: warning: remember to run \`$progname --finish$future_libdirs'" 1>&2
+ fi
+
+ if test -n "$current_libdirs"; then
+ # Maybe just do a dry run.
+ test -n "$run" && current_libdirs=" -n$current_libdirs"
+ exec_cmd='$SHELL $progpath $preserve_args --finish$current_libdirs'
+ else
+ exit $EXIT_SUCCESS
+ fi
+ ;;
+
+ # libtool finish mode
+ finish)
+ modename="$modename: finish"
+ libdirs="$nonopt"
+ admincmds=
+
+ if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then
+ for dir
+ do
+ libdirs="$libdirs $dir"
+ done
+
+ for libdir in $libdirs; do
+ if test -n "$finish_cmds"; then
+ # Do each command in the finish commands.
+ cmds=$finish_cmds
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ $show "$cmd"
+ $run eval "$cmd" || admincmds="$admincmds
+ $cmd"
+ done
+ IFS="$save_ifs"
+ fi
+ if test -n "$finish_eval"; then
+ # Do the single finish_eval.
+ eval cmds=\"$finish_eval\"
+ $run eval "$cmds" || admincmds="$admincmds
+ $cmds"
+ fi
+ done
+ fi
+
+ # Exit here if they wanted silent mode.
+ test "$show" = : && exit $EXIT_SUCCESS
+
+ $echo "X----------------------------------------------------------------------" | $Xsed
+ $echo "Libraries have been installed in:"
+ for libdir in $libdirs; do
+ $echo " $libdir"
+ done
+ $echo
+ $echo "If you ever happen to want to link against installed libraries"
+ $echo "in a given directory, LIBDIR, you must either use libtool, and"
+ $echo "specify the full pathname of the library, or use the \`-LLIBDIR'"
+ $echo "flag during linking and do at least one of the following:"
+ if test -n "$shlibpath_var"; then
+ $echo " - add LIBDIR to the \`$shlibpath_var' environment variable"
+ $echo " during execution"
+ fi
+ if test -n "$runpath_var"; then
+ $echo " - add LIBDIR to the \`$runpath_var' environment variable"
+ $echo " during linking"
+ fi
+ if test -n "$hardcode_libdir_flag_spec"; then
+ libdir=LIBDIR
+ eval flag=\"$hardcode_libdir_flag_spec\"
+
+ $echo " - use the \`$flag' linker flag"
+ fi
+ if test -n "$admincmds"; then
+ $echo " - have your system administrator run these commands:$admincmds"
+ fi
+ if test -f /etc/ld.so.conf; then
+ $echo " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'"
+ fi
+ $echo
+ $echo "See any operating system documentation about shared libraries for"
+ $echo "more information, such as the ld(1) and ld.so(8) manual pages."
+ $echo "X----------------------------------------------------------------------" | $Xsed
+ exit $EXIT_SUCCESS
+ ;;
+
+ # libtool execute mode
+ execute)
+ modename="$modename: execute"
+
+ # The first argument is the command name.
+ cmd="$nonopt"
+ if test -z "$cmd"; then
+ $echo "$modename: you must specify a COMMAND" 1>&2
+ $echo "$help"
+ exit $EXIT_FAILURE
+ fi
+
+ # Handle -dlopen flags immediately.
+ for file in $execute_dlfiles; do
+ if test ! -f "$file"; then
+ $echo "$modename: \`$file' is not a file" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ dir=
+ case $file in
+ *.la)
+ # Check to see that this really is a libtool archive.
+ if (${SED} -e '2q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then :
+ else
+ $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # Read the libtool library.
+ dlname=
+ library_names=
+
+ # If there is no directory component, then add one.
+ case $file in
+ */* | *\\*) . $file ;;
+ *) . ./$file ;;
+ esac
+
+ # Skip this library if it cannot be dlopened.
+ if test -z "$dlname"; then
+ # Warn if it was a shared library.
+ test -n "$library_names" && $echo "$modename: warning: \`$file' was not linked with \`-export-dynamic'"
+ continue
+ fi
+
+ dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`
+ test "X$dir" = "X$file" && dir=.
+
+ if test -f "$dir/$objdir/$dlname"; then
+ dir="$dir/$objdir"
+ else
+ $echo "$modename: cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'" 1>&2
+ exit $EXIT_FAILURE
+ fi
+ ;;
+
+ *.lo)
+ # Just add the directory containing the .lo file.
+ dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`
+ test "X$dir" = "X$file" && dir=.
+ ;;
+
+ *)
+ $echo "$modename: warning \`-dlopen' is ignored for non-libtool libraries and objects" 1>&2
+ continue
+ ;;
+ esac
+
+ # Get the absolute pathname.
+ absdir=`cd "$dir" && pwd`
+ test -n "$absdir" && dir="$absdir"
+
+ # Now add the directory to shlibpath_var.
+ if eval "test -z \"\$$shlibpath_var\""; then
+ eval "$shlibpath_var=\"\$dir\""
+ else
+ eval "$shlibpath_var=\"\$dir:\$$shlibpath_var\""
+ fi
+ done
+
+ # This variable tells wrapper scripts just to set shlibpath_var
+ # rather than running their programs.
+ libtool_execute_magic="$magic"
+
+ # Check if any of the arguments is a wrapper script.
+ args=
+ for file
+ do
+ case $file in
+ -*) ;;
+ *)
+ # Do a test to see if this is really a libtool program.
+ if (${SED} -e '4q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then
+ # If there is no directory component, then add one.
+ case $file in
+ */* | *\\*) . $file ;;
+ *) . ./$file ;;
+ esac
+
+ # Transform arg to wrapped name.
+ file="$progdir/$program"
+ fi
+ ;;
+ esac
+ # Quote arguments (to preserve shell metacharacters).
+ file=`$echo "X$file" | $Xsed -e "$sed_quote_subst"`
+ args="$args \"$file\""
+ done
+
+ if test -z "$run"; then
+ if test -n "$shlibpath_var"; then
+ # Export the shlibpath_var.
+ eval "export $shlibpath_var"
+ fi
+
+ # Restore saved environment variables
+ if test "${save_LC_ALL+set}" = set; then
+ LC_ALL="$save_LC_ALL"; export LC_ALL
+ fi
+ if test "${save_LANG+set}" = set; then
+ LANG="$save_LANG"; export LANG
+ fi
+
+ # Now prepare to actually exec the command.
+ exec_cmd="\$cmd$args"
+ else
+ # Display what would be done.
+ if test -n "$shlibpath_var"; then
+ eval "\$echo \"\$shlibpath_var=\$$shlibpath_var\""
+ $echo "export $shlibpath_var"
+ fi
+ $echo "$cmd$args"
+ exit $EXIT_SUCCESS
+ fi
+ ;;
+
+ # libtool clean and uninstall mode
+ clean | uninstall)
+ modename="$modename: $mode"
+ rm="$nonopt"
+ files=
+ rmforce=
+ exit_status=0
+
+ # This variable tells wrapper scripts just to set variables rather
+ # than running their programs.
+ libtool_install_magic="$magic"
+
+ for arg
+ do
+ case $arg in
+ -f) rm="$rm $arg"; rmforce=yes ;;
+ -*) rm="$rm $arg" ;;
+ *) files="$files $arg" ;;
+ esac
+ done
+
+ if test -z "$rm"; then
+ $echo "$modename: you must specify an RM program" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ rmdirs=
+
+ origobjdir="$objdir"
+ for file in $files; do
+ dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`
+ if test "X$dir" = "X$file"; then
+ dir=.
+ objdir="$origobjdir"
+ else
+ objdir="$dir/$origobjdir"
+ fi
+ name=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
+ test "$mode" = uninstall && objdir="$dir"
+
+ # Remember objdir for removal later, being careful to avoid duplicates
+ if test "$mode" = clean; then
+ case " $rmdirs " in
+ *" $objdir "*) ;;
+ *) rmdirs="$rmdirs $objdir" ;;
+ esac
+ fi
+
+ # Don't error if the file doesn't exist and rm -f was used.
+ if (test -L "$file") >/dev/null 2>&1 \
+ || (test -h "$file") >/dev/null 2>&1 \
+ || test -f "$file"; then
+ :
+ elif test -d "$file"; then
+ exit_status=1
+ continue
+ elif test "$rmforce" = yes; then
+ continue
+ fi
+
+ rmfiles="$file"
+
+ case $name in
+ *.la)
+ # Possibly a libtool archive, so verify it.
+ if (${SED} -e '2q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then
+ . $dir/$name
+
+ # Delete the libtool libraries and symlinks.
+ for n in $library_names; do
+ rmfiles="$rmfiles $objdir/$n"
+ done
+ test -n "$old_library" && rmfiles="$rmfiles $objdir/$old_library"
+
+ case "$mode" in
+ clean)
+ case " $library_names " in
+ # " " in the beginning catches empty $dlname
+ *" $dlname "*) ;;
+ *) rmfiles="$rmfiles $objdir/$dlname" ;;
+ esac
+ test -n "$libdir" && rmfiles="$rmfiles $objdir/$name $objdir/${name}i"
+ ;;
+ uninstall)
+ if test -n "$library_names"; then
+ # Do each command in the postuninstall commands.
+ cmds=$postuninstall_cmds
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ $show "$cmd"
+ $run eval "$cmd"
+ if test "$?" -ne 0 && test "$rmforce" != yes; then
+ exit_status=1
+ fi
+ done
+ IFS="$save_ifs"
+ fi
+
+ if test -n "$old_library"; then
+ # Do each command in the old_postuninstall commands.
+ cmds=$old_postuninstall_cmds
+ save_ifs="$IFS"; IFS='~'
+ for cmd in $cmds; do
+ IFS="$save_ifs"
+ eval cmd=\"$cmd\"
+ $show "$cmd"
+ $run eval "$cmd"
+ if test "$?" -ne 0 && test "$rmforce" != yes; then
+ exit_status=1
+ fi
+ done
+ IFS="$save_ifs"
+ fi
+ # FIXME: should reinstall the best remaining shared library.
+ ;;
+ esac
+ fi
+ ;;
+
+ *.lo)
+ # Possibly a libtool object, so verify it.
+ if (${SED} -e '2q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then
+
+ # Read the .lo file
+ . $dir/$name
+
+ # Add PIC object to the list of files to remove.
+ if test -n "$pic_object" \
+ && test "$pic_object" != none; then
+ rmfiles="$rmfiles $dir/$pic_object"
+ fi
+
+ # Add non-PIC object to the list of files to remove.
+ if test -n "$non_pic_object" \
+ && test "$non_pic_object" != none; then
+ rmfiles="$rmfiles $dir/$non_pic_object"
+ fi
+ fi
+ ;;
+
+ *)
+ if test "$mode" = clean ; then
+ noexename=$name
+ case $file in
+ *.exe)
+ file=`$echo $file|${SED} 's,.exe$,,'`
+ noexename=`$echo $name|${SED} 's,.exe$,,'`
+ # $file with .exe has already been added to rmfiles,
+ # add $file without .exe
+ rmfiles="$rmfiles $file"
+ ;;
+ esac
+ # Do a test to see if this is a libtool program.
+ if (${SED} -e '4q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then
+ relink_command=
+ . $dir/$noexename
+
+ # note $name still contains .exe if it was in $file originally
+ # as does the version of $file that was added into $rmfiles
+ rmfiles="$rmfiles $objdir/$name $objdir/${name}S.${objext}"
+ if test "$fast_install" = yes && test -n "$relink_command"; then
+ rmfiles="$rmfiles $objdir/lt-$name"
+ fi
+ if test "X$noexename" != "X$name" ; then
+ rmfiles="$rmfiles $objdir/lt-${noexename}.c"
+ fi
+ fi
+ fi
+ ;;
+ esac
+ $show "$rm $rmfiles"
+ $run $rm $rmfiles || exit_status=1
+ done
+ objdir="$origobjdir"
+
+ # Try to remove the ${objdir}s in the directories where we deleted files
+ for dir in $rmdirs; do
+ if test -d "$dir"; then
+ $show "rmdir $dir"
+ $run rmdir $dir >/dev/null 2>&1
+ fi
+ done
+
+ exit $exit_status
+ ;;
+
+ "")
+ $echo "$modename: you must specify a MODE" 1>&2
+ $echo "$generic_help" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+ esac
+
+ if test -z "$exec_cmd"; then
+ $echo "$modename: invalid operation mode \`$mode'" 1>&2
+ $echo "$generic_help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+fi # test -z "$show_help"
+
+if test -n "$exec_cmd"; then
+ eval exec $exec_cmd
+ exit $EXIT_FAILURE
+fi
+
+# We need to display help for each of the modes.
+case $mode in
+"") $echo \
+"Usage: $modename [OPTION]... [MODE-ARG]...
+
+Provide generalized library-building support services.
+
+ --config show all configuration variables
+ --debug enable verbose shell tracing
+-n, --dry-run display commands without modifying any files
+ --features display basic configuration information and exit
+ --finish same as \`--mode=finish'
+ --help display this help message and exit
+ --mode=MODE use operation mode MODE [default=inferred from MODE-ARGS]
+ --quiet same as \`--silent'
+ --silent don't print informational messages
+ --tag=TAG use configuration variables from tag TAG
+ --version print version information
+
+MODE must be one of the following:
+
+ clean remove files from the build directory
+ compile compile a source file into a libtool object
+ execute automatically set library path, then run a program
+ finish complete the installation of libtool libraries
+ install install libraries or executables
+ link create a library or an executable
+ uninstall remove libraries from an installed directory
+
+MODE-ARGS vary depending on the MODE. Try \`$modename --help --mode=MODE' for
+a more detailed description of MODE.
+
+Report bugs to <bug-libtool@gnu.org>."
+ exit $EXIT_SUCCESS
+ ;;
+
+clean)
+ $echo \
+"Usage: $modename [OPTION]... --mode=clean RM [RM-OPTION]... FILE...
+
+Remove files from the build directory.
+
+RM is the name of the program to use to delete files associated with each FILE
+(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed
+to RM.
+
+If FILE is a libtool library, object or program, all the files associated
+with it are deleted. Otherwise, only FILE itself is deleted using RM."
+ ;;
+
+compile)
+ $echo \
+"Usage: $modename [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE
+
+Compile a source file into a libtool library object.
+
+This mode accepts the following additional options:
+
+ -o OUTPUT-FILE set the output file name to OUTPUT-FILE
+ -prefer-pic try to building PIC objects only
+ -prefer-non-pic try to building non-PIC objects only
+ -static always build a \`.o' file suitable for static linking
+
+COMPILE-COMMAND is a command to be used in creating a \`standard' object file
+from the given SOURCEFILE.
+
+The output file name is determined by removing the directory component from
+SOURCEFILE, then substituting the C source code suffix \`.c' with the
+library object suffix, \`.lo'."
+ ;;
+
+execute)
+ $echo \
+"Usage: $modename [OPTION]... --mode=execute COMMAND [ARGS]...
+
+Automatically set library path, then run a program.
+
+This mode accepts the following additional options:
+
+ -dlopen FILE add the directory containing FILE to the library path
+
+This mode sets the library path environment variable according to \`-dlopen'
+flags.
+
+If any of the ARGS are libtool executable wrappers, then they are translated
+into their corresponding uninstalled binary, and any of their required library
+directories are added to the library path.
+
+Then, COMMAND is executed, with ARGS as arguments."
+ ;;
+
+finish)
+ $echo \
+"Usage: $modename [OPTION]... --mode=finish [LIBDIR]...
+
+Complete the installation of libtool libraries.
+
+Each LIBDIR is a directory that contains libtool libraries.
+
+The commands that this mode executes may require superuser privileges. Use
+the \`--dry-run' option if you just want to see what would be executed."
+ ;;
+
+install)
+ $echo \
+"Usage: $modename [OPTION]... --mode=install INSTALL-COMMAND...
+
+Install executables or libraries.
+
+INSTALL-COMMAND is the installation command. The first component should be
+either the \`install' or \`cp' program.
+
+The rest of the components are interpreted as arguments to that command (only
+BSD-compatible install options are recognized)."
+ ;;
+
+link)
+ $echo \
+"Usage: $modename [OPTION]... --mode=link LINK-COMMAND...
+
+Link object files or libraries together to form another library, or to
+create an executable program.
+
+LINK-COMMAND is a command using the C compiler that you would use to create
+a program from several object files.
+
+The following components of LINK-COMMAND are treated specially:
+
+ -all-static do not do any dynamic linking at all
+ -avoid-version do not add a version suffix if possible
+ -dlopen FILE \`-dlpreopen' FILE if it cannot be dlopened at runtime
+ -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols
+ -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3)
+ -export-symbols SYMFILE
+ try to export only the symbols listed in SYMFILE
+ -export-symbols-regex REGEX
+ try to export only the symbols matching REGEX
+ -LLIBDIR search LIBDIR for required installed libraries
+ -lNAME OUTPUT-FILE requires the installed library libNAME
+ -module build a library that can dlopened
+ -no-fast-install disable the fast-install mode
+ -no-install link a not-installable executable
+ -no-undefined declare that a library does not refer to external symbols
+ -o OUTPUT-FILE create OUTPUT-FILE from the specified objects
+ -objectlist FILE Use a list of object files found in FILE to specify objects
+ -precious-files-regex REGEX
+ don't remove output files matching REGEX
+ -release RELEASE specify package release information
+ -rpath LIBDIR the created library will eventually be installed in LIBDIR
+ -R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries
+ -static do not do any dynamic linking of libtool libraries
+ -version-info CURRENT[:REVISION[:AGE]]
+ specify library version info [each variable defaults to 0]
+
+All other options (arguments beginning with \`-') are ignored.
+
+Every other argument is treated as a filename. Files ending in \`.la' are
+treated as uninstalled libtool libraries, other files are standard or library
+object files.
+
+If the OUTPUT-FILE ends in \`.la', then a libtool library is created,
+only library objects (\`.lo' files) may be specified, and \`-rpath' is
+required, except when creating a convenience library.
+
+If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created
+using \`ar' and \`ranlib', or on Windows using \`lib'.
+
+If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file
+is created, otherwise an executable program is created."
+ ;;
+
+uninstall)
+ $echo \
+"Usage: $modename [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE...
+
+Remove libraries from an installation directory.
+
+RM is the name of the program to use to delete files associated with each FILE
+(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed
+to RM.
+
+If FILE is a libtool library, all the files associated with it are deleted.
+Otherwise, only FILE itself is deleted using RM."
+ ;;
+
+*)
+ $echo "$modename: invalid operation mode \`$mode'" 1>&2
+ $echo "$help" 1>&2
+ exit $EXIT_FAILURE
+ ;;
+esac
+
+$echo
+$echo "Try \`$modename --help' for more information about other modes."
+
+exit $?
+
+# The TAGs below are defined such that we never get into a situation
+# in which we disable both kinds of libraries. Given conflicting
+# choices, we go for a static library, that is the most portable,
+# since we can't tell whether shared libraries were disabled because
+# the user asked for that or because the platform doesn't support
+# them. This is particularly important on AIX, because we don't
+# support having both static and shared libraries enabled at the same
+# time on that platform, so we default to a shared-only configuration.
+# If a disable-shared tag is given, we'll fallback to a static-only
+# configuration. But we'll never go from static-only to shared-only.
+
+# ### BEGIN LIBTOOL TAG CONFIG: disable-shared
+disable_libs=shared
+# ### END LIBTOOL TAG CONFIG: disable-shared
+
+# ### BEGIN LIBTOOL TAG CONFIG: disable-static
+disable_libs=static
+# ### END LIBTOOL TAG CONFIG: disable-static
+
+# Local Variables:
+# mode:shell-script
+# sh-indentation:2
+# End:
diff --git a/Linux-PAM/m4/codeset.m4 b/Linux-PAM/m4/codeset.m4
new file mode 100644
index 00000000..a6e67ec4
--- /dev/null
+++ b/Linux-PAM/m4/codeset.m4
@@ -0,0 +1,21 @@
+# codeset.m4 serial AM1 (gettext-0.10.40)
+dnl Copyright (C) 2000-2002 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+AC_DEFUN([AM_LANGINFO_CODESET],
+[
+ AC_CACHE_CHECK([for nl_langinfo and CODESET], am_cv_langinfo_codeset,
+ [AC_TRY_LINK([#include <langinfo.h>],
+ [char* cs = nl_langinfo(CODESET);],
+ am_cv_langinfo_codeset=yes,
+ am_cv_langinfo_codeset=no)
+ ])
+ if test $am_cv_langinfo_codeset = yes; then
+ AC_DEFINE(HAVE_LANGINFO_CODESET, 1,
+ [Define if you have <langinfo.h> and nl_langinfo(CODESET).])
+ fi
+])
diff --git a/Linux-PAM/m4/gettext.m4 b/Linux-PAM/m4/gettext.m4
new file mode 100644
index 00000000..dae3d81e
--- /dev/null
+++ b/Linux-PAM/m4/gettext.m4
@@ -0,0 +1,631 @@
+# gettext.m4 serial 53 (gettext-0.15)
+dnl Copyright (C) 1995-2006 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+dnl
+dnl This file can can be used in projects which are not available under
+dnl the GNU General Public License or the GNU Library General Public
+dnl License but which still want to provide support for the GNU gettext
+dnl functionality.
+dnl Please note that the actual code of the GNU gettext library is covered
+dnl by the GNU Library General Public License, and the rest of the GNU
+dnl gettext package package is covered by the GNU General Public License.
+dnl They are *not* in the public domain.
+
+dnl Authors:
+dnl Ulrich Drepper <drepper@cygnus.com>, 1995-2000.
+dnl Bruno Haible <haible@clisp.cons.org>, 2000-2005.
+
+dnl Macro to add for using GNU gettext.
+
+dnl Usage: AM_GNU_GETTEXT([INTLSYMBOL], [NEEDSYMBOL], [INTLDIR]).
+dnl INTLSYMBOL can be one of 'external', 'no-libtool', 'use-libtool'. The
+dnl default (if it is not specified or empty) is 'no-libtool'.
+dnl INTLSYMBOL should be 'external' for packages with no intl directory,
+dnl and 'no-libtool' or 'use-libtool' for packages with an intl directory.
+dnl If INTLSYMBOL is 'use-libtool', then a libtool library
+dnl $(top_builddir)/intl/libintl.la will be created (shared and/or static,
+dnl depending on --{enable,disable}-{shared,static} and on the presence of
+dnl AM-DISABLE-SHARED). If INTLSYMBOL is 'no-libtool', a static library
+dnl $(top_builddir)/intl/libintl.a will be created.
+dnl If NEEDSYMBOL is specified and is 'need-ngettext', then GNU gettext
+dnl implementations (in libc or libintl) without the ngettext() function
+dnl will be ignored. If NEEDSYMBOL is specified and is
+dnl 'need-formatstring-macros', then GNU gettext implementations that don't
+dnl support the ISO C 99 <inttypes.h> formatstring macros will be ignored.
+dnl INTLDIR is used to find the intl libraries. If empty,
+dnl the value `$(top_builddir)/intl/' is used.
+dnl
+dnl The result of the configuration is one of three cases:
+dnl 1) GNU gettext, as included in the intl subdirectory, will be compiled
+dnl and used.
+dnl Catalog format: GNU --> install in $(datadir)
+dnl Catalog extension: .mo after installation, .gmo in source tree
+dnl 2) GNU gettext has been found in the system's C library.
+dnl Catalog format: GNU --> install in $(datadir)
+dnl Catalog extension: .mo after installation, .gmo in source tree
+dnl 3) No internationalization, always use English msgid.
+dnl Catalog format: none
+dnl Catalog extension: none
+dnl If INTLSYMBOL is 'external', only cases 2 and 3 can occur.
+dnl The use of .gmo is historical (it was needed to avoid overwriting the
+dnl GNU format catalogs when building on a platform with an X/Open gettext),
+dnl but we keep it in order not to force irrelevant filename changes on the
+dnl maintainers.
+dnl
+AC_DEFUN([AM_GNU_GETTEXT],
+[
+ dnl Argument checking.
+ ifelse([$1], [], , [ifelse([$1], [external], , [ifelse([$1], [no-libtool], , [ifelse([$1], [use-libtool], ,
+ [errprint([ERROR: invalid first argument to AM_GNU_GETTEXT
+])])])])])
+ ifelse([$2], [], , [ifelse([$2], [need-ngettext], , [ifelse([$2], [need-formatstring-macros], ,
+ [errprint([ERROR: invalid second argument to AM_GNU_GETTEXT
+])])])])
+ define([gt_included_intl], ifelse([$1], [external], [no], [yes]))
+ define([gt_libtool_suffix_prefix], ifelse([$1], [use-libtool], [l], []))
+
+ AC_REQUIRE([AM_PO_SUBDIRS])dnl
+ ifelse(gt_included_intl, yes, [
+ AC_REQUIRE([AM_INTL_SUBDIR])dnl
+ ])
+
+ dnl Prerequisites of AC_LIB_LINKFLAGS_BODY.
+ AC_REQUIRE([AC_LIB_PREPARE_PREFIX])
+ AC_REQUIRE([AC_LIB_RPATH])
+
+ dnl Sometimes libintl requires libiconv, so first search for libiconv.
+ dnl Ideally we would do this search only after the
+ dnl if test "$USE_NLS" = "yes"; then
+ dnl if test "$gt_cv_func_gnugettext_libc" != "yes"; then
+ dnl tests. But if configure.in invokes AM_ICONV after AM_GNU_GETTEXT
+ dnl the configure script would need to contain the same shell code
+ dnl again, outside any 'if'. There are two solutions:
+ dnl - Invoke AM_ICONV_LINKFLAGS_BODY here, outside any 'if'.
+ dnl - Control the expansions in more detail using AC_PROVIDE_IFELSE.
+ dnl Since AC_PROVIDE_IFELSE is only in autoconf >= 2.52 and not
+ dnl documented, we avoid it.
+ ifelse(gt_included_intl, yes, , [
+ AC_REQUIRE([AM_ICONV_LINKFLAGS_BODY])
+ ])
+
+ dnl Sometimes, on MacOS X, libintl requires linking with CoreFoundation.
+ gt_INTL_MACOSX
+
+ dnl Set USE_NLS.
+ AC_REQUIRE([AM_NLS])
+
+ ifelse(gt_included_intl, yes, [
+ BUILD_INCLUDED_LIBINTL=no
+ USE_INCLUDED_LIBINTL=no
+ ])
+ LIBINTL=
+ LTLIBINTL=
+ POSUB=
+
+ dnl If we use NLS figure out what method
+ if test "$USE_NLS" = "yes"; then
+ gt_use_preinstalled_gnugettext=no
+ ifelse(gt_included_intl, yes, [
+ AC_MSG_CHECKING([whether included gettext is requested])
+ AC_ARG_WITH(included-gettext,
+ [ --with-included-gettext use the GNU gettext library included here],
+ nls_cv_force_use_gnu_gettext=$withval,
+ nls_cv_force_use_gnu_gettext=no)
+ AC_MSG_RESULT($nls_cv_force_use_gnu_gettext)
+
+ nls_cv_use_gnu_gettext="$nls_cv_force_use_gnu_gettext"
+ if test "$nls_cv_force_use_gnu_gettext" != "yes"; then
+ ])
+ dnl User does not insist on using GNU NLS library. Figure out what
+ dnl to use. If GNU gettext is available we use this. Else we have
+ dnl to fall back to GNU NLS library.
+
+ dnl Add a version number to the cache macros.
+ define([gt_api_version], ifelse([$2], [need-formatstring-macros], 3, ifelse([$2], [need-ngettext], 2, 1)))
+ define([gt_cv_func_gnugettext_libc], [gt_cv_func_gnugettext]gt_api_version[_libc])
+ define([gt_cv_func_gnugettext_libintl], [gt_cv_func_gnugettext]gt_api_version[_libintl])
+
+ AC_CACHE_CHECK([for GNU gettext in libc], gt_cv_func_gnugettext_libc,
+ [AC_TRY_LINK([#include <libintl.h>
+]ifelse([$2], [need-formatstring-macros],
+[[#ifndef __GNU_GETTEXT_SUPPORTED_REVISION
+#define __GNU_GETTEXT_SUPPORTED_REVISION(major) ((major) == 0 ? 0 : -1)
+#endif
+typedef int array [2 * (__GNU_GETTEXT_SUPPORTED_REVISION(0) >= 1) - 1];
+]], [])[extern int _nl_msg_cat_cntr;
+extern int *_nl_domain_bindings;],
+ [bindtextdomain ("", "");
+return * gettext ("")]ifelse([$2], [need-ngettext], [ + * ngettext ("", "", 0)], [])[ + _nl_msg_cat_cntr + *_nl_domain_bindings],
+ gt_cv_func_gnugettext_libc=yes,
+ gt_cv_func_gnugettext_libc=no)])
+
+ if test "$gt_cv_func_gnugettext_libc" != "yes"; then
+ dnl Sometimes libintl requires libiconv, so first search for libiconv.
+ ifelse(gt_included_intl, yes, , [
+ AM_ICONV_LINK
+ ])
+ dnl Search for libintl and define LIBINTL, LTLIBINTL and INCINTL
+ dnl accordingly. Don't use AC_LIB_LINKFLAGS_BODY([intl],[iconv])
+ dnl because that would add "-liconv" to LIBINTL and LTLIBINTL
+ dnl even if libiconv doesn't exist.
+ AC_LIB_LINKFLAGS_BODY([intl])
+ AC_CACHE_CHECK([for GNU gettext in libintl],
+ gt_cv_func_gnugettext_libintl,
+ [gt_save_CPPFLAGS="$CPPFLAGS"
+ CPPFLAGS="$CPPFLAGS $INCINTL"
+ gt_save_LIBS="$LIBS"
+ LIBS="$LIBS $LIBINTL"
+ dnl Now see whether libintl exists and does not depend on libiconv.
+ AC_TRY_LINK([#include <libintl.h>
+]ifelse([$2], [need-formatstring-macros],
+[[#ifndef __GNU_GETTEXT_SUPPORTED_REVISION
+#define __GNU_GETTEXT_SUPPORTED_REVISION(major) ((major) == 0 ? 0 : -1)
+#endif
+typedef int array [2 * (__GNU_GETTEXT_SUPPORTED_REVISION(0) >= 1) - 1];
+]], [])[extern int _nl_msg_cat_cntr;
+extern
+#ifdef __cplusplus
+"C"
+#endif
+const char *_nl_expand_alias (const char *);],
+ [bindtextdomain ("", "");
+return * gettext ("")]ifelse([$2], [need-ngettext], [ + * ngettext ("", "", 0)], [])[ + _nl_msg_cat_cntr + *_nl_expand_alias ("")],
+ gt_cv_func_gnugettext_libintl=yes,
+ gt_cv_func_gnugettext_libintl=no)
+ dnl Now see whether libintl exists and depends on libiconv.
+ if test "$gt_cv_func_gnugettext_libintl" != yes && test -n "$LIBICONV"; then
+ LIBS="$LIBS $LIBICONV"
+ AC_TRY_LINK([#include <libintl.h>
+]ifelse([$2], [need-formatstring-macros],
+[[#ifndef __GNU_GETTEXT_SUPPORTED_REVISION
+#define __GNU_GETTEXT_SUPPORTED_REVISION(major) ((major) == 0 ? 0 : -1)
+#endif
+typedef int array [2 * (__GNU_GETTEXT_SUPPORTED_REVISION(0) >= 1) - 1];
+]], [])[extern int _nl_msg_cat_cntr;
+extern
+#ifdef __cplusplus
+"C"
+#endif
+const char *_nl_expand_alias (const char *);],
+ [bindtextdomain ("", "");
+return * gettext ("")]ifelse([$2], [need-ngettext], [ + * ngettext ("", "", 0)], [])[ + _nl_msg_cat_cntr + *_nl_expand_alias ("")],
+ [LIBINTL="$LIBINTL $LIBICONV"
+ LTLIBINTL="$LTLIBINTL $LTLIBICONV"
+ gt_cv_func_gnugettext_libintl=yes
+ ])
+ fi
+ CPPFLAGS="$gt_save_CPPFLAGS"
+ LIBS="$gt_save_LIBS"])
+ fi
+
+ dnl If an already present or preinstalled GNU gettext() is found,
+ dnl use it. But if this macro is used in GNU gettext, and GNU
+ dnl gettext is already preinstalled in libintl, we update this
+ dnl libintl. (Cf. the install rule in intl/Makefile.in.)
+ if test "$gt_cv_func_gnugettext_libc" = "yes" \
+ || { test "$gt_cv_func_gnugettext_libintl" = "yes" \
+ && test "$PACKAGE" != gettext-runtime \
+ && test "$PACKAGE" != gettext-tools; }; then
+ gt_use_preinstalled_gnugettext=yes
+ else
+ dnl Reset the values set by searching for libintl.
+ LIBINTL=
+ LTLIBINTL=
+ INCINTL=
+ fi
+
+ ifelse(gt_included_intl, yes, [
+ if test "$gt_use_preinstalled_gnugettext" != "yes"; then
+ dnl GNU gettext is not found in the C library.
+ dnl Fall back on included GNU gettext library.
+ nls_cv_use_gnu_gettext=yes
+ fi
+ fi
+
+ if test "$nls_cv_use_gnu_gettext" = "yes"; then
+ dnl Mark actions used to generate GNU NLS library.
+ BUILD_INCLUDED_LIBINTL=yes
+ USE_INCLUDED_LIBINTL=yes
+ LIBINTL="ifelse([$3],[],\${top_builddir}/intl,[$3])/libintl.[]gt_libtool_suffix_prefix[]a $LIBICONV $LIBTHREAD"
+ LTLIBINTL="ifelse([$3],[],\${top_builddir}/intl,[$3])/libintl.[]gt_libtool_suffix_prefix[]a $LTLIBICONV $LTLIBTHREAD"
+ LIBS=`echo " $LIBS " | sed -e 's/ -lintl / /' -e 's/^ //' -e 's/ $//'`
+ fi
+
+ CATOBJEXT=
+ if test "$gt_use_preinstalled_gnugettext" = "yes" \
+ || test "$nls_cv_use_gnu_gettext" = "yes"; then
+ dnl Mark actions to use GNU gettext tools.
+ CATOBJEXT=.gmo
+ fi
+ ])
+
+ if test -n "$INTL_MACOSX_LIBS"; then
+ if test "$gt_use_preinstalled_gnugettext" = "yes" \
+ || test "$nls_cv_use_gnu_gettext" = "yes"; then
+ dnl Some extra flags are needed during linking.
+ LIBINTL="$LIBINTL $INTL_MACOSX_LIBS"
+ LTLIBINTL="$LTLIBINTL $INTL_MACOSX_LIBS"
+ fi
+ fi
+
+ if test "$gt_use_preinstalled_gnugettext" = "yes" \
+ || test "$nls_cv_use_gnu_gettext" = "yes"; then
+ AC_DEFINE(ENABLE_NLS, 1,
+ [Define to 1 if translation of program messages to the user's native language
+ is requested.])
+ else
+ USE_NLS=no
+ fi
+ fi
+
+ AC_MSG_CHECKING([whether to use NLS])
+ AC_MSG_RESULT([$USE_NLS])
+ if test "$USE_NLS" = "yes"; then
+ AC_MSG_CHECKING([where the gettext function comes from])
+ if test "$gt_use_preinstalled_gnugettext" = "yes"; then
+ if test "$gt_cv_func_gnugettext_libintl" = "yes"; then
+ gt_source="external libintl"
+ else
+ gt_source="libc"
+ fi
+ else
+ gt_source="included intl directory"
+ fi
+ AC_MSG_RESULT([$gt_source])
+ fi
+
+ if test "$USE_NLS" = "yes"; then
+
+ if test "$gt_use_preinstalled_gnugettext" = "yes"; then
+ if test "$gt_cv_func_gnugettext_libintl" = "yes"; then
+ AC_MSG_CHECKING([how to link with libintl])
+ AC_MSG_RESULT([$LIBINTL])
+ AC_LIB_APPENDTOVAR([CPPFLAGS], [$INCINTL])
+ fi
+
+ dnl For backward compatibility. Some packages may be using this.
+ AC_DEFINE(HAVE_GETTEXT, 1,
+ [Define if the GNU gettext() function is already present or preinstalled.])
+ AC_DEFINE(HAVE_DCGETTEXT, 1,
+ [Define if the GNU dcgettext() function is already present or preinstalled.])
+ fi
+
+ dnl We need to process the po/ directory.
+ POSUB=po
+ fi
+
+ ifelse(gt_included_intl, yes, [
+ dnl If this is used in GNU gettext we have to set BUILD_INCLUDED_LIBINTL
+ dnl to 'yes' because some of the testsuite requires it.
+ if test "$PACKAGE" = gettext-runtime || test "$PACKAGE" = gettext-tools; then
+ BUILD_INCLUDED_LIBINTL=yes
+ fi
+
+ dnl Make all variables we use known to autoconf.
+ AC_SUBST(BUILD_INCLUDED_LIBINTL)
+ AC_SUBST(USE_INCLUDED_LIBINTL)
+ AC_SUBST(CATOBJEXT)
+
+ dnl For backward compatibility. Some configure.ins may be using this.
+ nls_cv_header_intl=
+ nls_cv_header_libgt=
+
+ dnl For backward compatibility. Some Makefiles may be using this.
+ DATADIRNAME=share
+ AC_SUBST(DATADIRNAME)
+
+ dnl For backward compatibility. Some Makefiles may be using this.
+ INSTOBJEXT=.mo
+ AC_SUBST(INSTOBJEXT)
+
+ dnl For backward compatibility. Some Makefiles may be using this.
+ GENCAT=gencat
+ AC_SUBST(GENCAT)
+
+ dnl For backward compatibility. Some Makefiles may be using this.
+ INTLOBJS=
+ if test "$USE_INCLUDED_LIBINTL" = yes; then
+ INTLOBJS="\$(GETTOBJS)"
+ fi
+ AC_SUBST(INTLOBJS)
+
+ dnl Enable libtool support if the surrounding package wishes it.
+ INTL_LIBTOOL_SUFFIX_PREFIX=gt_libtool_suffix_prefix
+ AC_SUBST(INTL_LIBTOOL_SUFFIX_PREFIX)
+ ])
+
+ dnl For backward compatibility. Some Makefiles may be using this.
+ INTLLIBS="$LIBINTL"
+ AC_SUBST(INTLLIBS)
+
+ dnl Make all documented variables known to autoconf.
+ AC_SUBST(LIBINTL)
+ AC_SUBST(LTLIBINTL)
+ AC_SUBST(POSUB)
+])
+
+
+dnl Checks for all prerequisites of the intl subdirectory,
+dnl except for INTL_LIBTOOL_SUFFIX_PREFIX (and possibly LIBTOOL), INTLOBJS,
+dnl USE_INCLUDED_LIBINTL, BUILD_INCLUDED_LIBINTL.
+AC_DEFUN([AM_INTL_SUBDIR],
+[
+ AC_REQUIRE([AC_PROG_INSTALL])dnl
+ AC_REQUIRE([AM_PROG_MKDIR_P])dnl defined by automake
+ AC_REQUIRE([AC_PROG_CC])dnl
+ AC_REQUIRE([AC_CANONICAL_HOST])dnl
+ AC_REQUIRE([gt_GLIBC2])dnl
+ AC_REQUIRE([AC_PROG_RANLIB])dnl
+ AC_REQUIRE([gl_VISIBILITY])dnl
+ AC_REQUIRE([gt_INTL_SUBDIR_CORE])dnl
+ AC_REQUIRE([bh_C_SIGNED])dnl
+ AC_REQUIRE([gl_AC_TYPE_LONG_LONG])dnl
+ AC_REQUIRE([gt_TYPE_LONGDOUBLE])dnl
+ AC_REQUIRE([gt_TYPE_WCHAR_T])dnl
+ AC_REQUIRE([gt_TYPE_WINT_T])dnl
+ AC_REQUIRE([gl_AC_HEADER_INTTYPES_H])
+ AC_REQUIRE([gt_TYPE_INTMAX_T])
+ AC_REQUIRE([gt_PRINTF_POSIX])
+ AC_REQUIRE([gl_GLIBC21])dnl
+ AC_REQUIRE([gl_XSIZE])dnl
+ AC_REQUIRE([gt_INTL_MACOSX])dnl
+
+ AC_CHECK_TYPE([ptrdiff_t], ,
+ [AC_DEFINE([ptrdiff_t], [long],
+ [Define as the type of the result of subtracting two pointers, if the system doesn't define it.])
+ ])
+ AC_CHECK_HEADERS([stddef.h stdlib.h string.h])
+ AC_CHECK_FUNCS([asprintf fwprintf putenv setenv setlocale snprintf wcslen])
+
+ dnl Use the _snprintf function only if it is declared (because on NetBSD it
+ dnl is defined as a weak alias of snprintf; we prefer to use the latter).
+ gt_CHECK_DECL(_snprintf, [#include <stdio.h>])
+ gt_CHECK_DECL(_snwprintf, [#include <stdio.h>])
+
+ dnl Use the *_unlocked functions only if they are declared.
+ dnl (because some of them were defined without being declared in Solaris
+ dnl 2.5.1 but were removed in Solaris 2.6, whereas we want binaries built
+ dnl on Solaris 2.5.1 to run on Solaris 2.6).
+ dnl Don't use AC_CHECK_DECLS because it isn't supported in autoconf-2.13.
+ gt_CHECK_DECL(getc_unlocked, [#include <stdio.h>])
+
+ case $gt_cv_func_printf_posix in
+ *yes) HAVE_POSIX_PRINTF=1 ;;
+ *) HAVE_POSIX_PRINTF=0 ;;
+ esac
+ AC_SUBST([HAVE_POSIX_PRINTF])
+ if test "$ac_cv_func_asprintf" = yes; then
+ HAVE_ASPRINTF=1
+ else
+ HAVE_ASPRINTF=0
+ fi
+ AC_SUBST([HAVE_ASPRINTF])
+ if test "$ac_cv_func_snprintf" = yes; then
+ HAVE_SNPRINTF=1
+ else
+ HAVE_SNPRINTF=0
+ fi
+ AC_SUBST([HAVE_SNPRINTF])
+ if test "$ac_cv_func_wprintf" = yes; then
+ HAVE_WPRINTF=1
+ else
+ HAVE_WPRINTF=0
+ fi
+ AC_SUBST([HAVE_WPRINTF])
+
+ AM_LANGINFO_CODESET
+ gt_LC_MESSAGES
+
+ dnl Compilation on mingw and Cygwin needs special Makefile rules, because
+ dnl 1. when we install a shared library, we must arrange to export
+ dnl auxiliary pointer variables for every exported variable,
+ dnl 2. when we install a shared library and a static library simultaneously,
+ dnl the include file specifies __declspec(dllimport) and therefore we
+ dnl must arrange to define the auxiliary pointer variables for the
+ dnl exported variables _also_ in the static library.
+ if test "$enable_shared" = yes; then
+ case "$host_os" in
+ cygwin*) is_woe32dll=yes ;;
+ *) is_woe32dll=no ;;
+ esac
+ else
+ is_woe32dll=no
+ fi
+ WOE32DLL=$is_woe32dll
+ AC_SUBST([WOE32DLL])
+
+ dnl Rename some macros and functions used for locking.
+ AH_BOTTOM([
+#define __libc_lock_t gl_lock_t
+#define __libc_lock_define gl_lock_define
+#define __libc_lock_define_initialized gl_lock_define_initialized
+#define __libc_lock_init gl_lock_init
+#define __libc_lock_lock gl_lock_lock
+#define __libc_lock_unlock gl_lock_unlock
+#define __libc_lock_recursive_t gl_recursive_lock_t
+#define __libc_lock_define_recursive gl_recursive_lock_define
+#define __libc_lock_define_initialized_recursive gl_recursive_lock_define_initialized
+#define __libc_lock_init_recursive gl_recursive_lock_init
+#define __libc_lock_lock_recursive gl_recursive_lock_lock
+#define __libc_lock_unlock_recursive gl_recursive_lock_unlock
+#define glthread_in_use libintl_thread_in_use
+#define glthread_lock_init libintl_lock_init
+#define glthread_lock_lock libintl_lock_lock
+#define glthread_lock_unlock libintl_lock_unlock
+#define glthread_lock_destroy libintl_lock_destroy
+#define glthread_rwlock_init libintl_rwlock_init
+#define glthread_rwlock_rdlock libintl_rwlock_rdlock
+#define glthread_rwlock_wrlock libintl_rwlock_wrlock
+#define glthread_rwlock_unlock libintl_rwlock_unlock
+#define glthread_rwlock_destroy libintl_rwlock_destroy
+#define glthread_recursive_lock_init libintl_recursive_lock_init
+#define glthread_recursive_lock_lock libintl_recursive_lock_lock
+#define glthread_recursive_lock_unlock libintl_recursive_lock_unlock
+#define glthread_recursive_lock_destroy libintl_recursive_lock_destroy
+#define glthread_once libintl_once
+#define glthread_once_call libintl_once_call
+#define glthread_once_singlethreaded libintl_once_singlethreaded
+])
+])
+
+
+dnl Checks for the core files of the intl subdirectory:
+dnl dcigettext.c
+dnl eval-plural.h
+dnl explodename.c
+dnl finddomain.c
+dnl gettextP.h
+dnl gmo.h
+dnl hash-string.h hash-string.c
+dnl l10nflist.c
+dnl libgnuintl.h.in (except the *printf stuff)
+dnl loadinfo.h
+dnl loadmsgcat.c
+dnl localealias.c
+dnl log.c
+dnl plural-exp.h plural-exp.c
+dnl plural.y
+dnl Used by libglocale.
+AC_DEFUN([gt_INTL_SUBDIR_CORE],
+[
+ AC_REQUIRE([AC_C_INLINE])dnl
+ AC_REQUIRE([AC_TYPE_SIZE_T])dnl
+ AC_REQUIRE([gl_AC_HEADER_STDINT_H])
+ AC_REQUIRE([AC_FUNC_ALLOCA])dnl
+ AC_REQUIRE([AC_FUNC_MMAP])dnl
+ AC_REQUIRE([gt_INTDIV0])dnl
+ AC_REQUIRE([gl_AC_TYPE_UINTMAX_T])dnl
+ AC_REQUIRE([gl_HEADER_INTTYPES_H])dnl
+ AC_REQUIRE([gt_INTTYPES_PRI])dnl
+ AC_REQUIRE([gl_LOCK])dnl
+
+ AC_TRY_LINK(
+ [int foo (int a) { a = __builtin_expect (a, 10); return a == 10 ? 0 : 1; }],
+ [],
+ [AC_DEFINE([HAVE_BUILTIN_EXPECT], 1,
+ [Define to 1 if the compiler understands __builtin_expect.])])
+
+ AC_CHECK_HEADERS([argz.h limits.h unistd.h sys/param.h])
+ AC_CHECK_FUNCS([getcwd getegid geteuid getgid getuid mempcpy munmap \
+ stpcpy strcasecmp strdup strtoul tsearch argz_count argz_stringify \
+ argz_next __fsetlocking])
+
+ dnl Use the *_unlocked functions only if they are declared.
+ dnl (because some of them were defined without being declared in Solaris
+ dnl 2.5.1 but were removed in Solaris 2.6, whereas we want binaries built
+ dnl on Solaris 2.5.1 to run on Solaris 2.6).
+ dnl Don't use AC_CHECK_DECLS because it isn't supported in autoconf-2.13.
+ gt_CHECK_DECL(feof_unlocked, [#include <stdio.h>])
+ gt_CHECK_DECL(fgets_unlocked, [#include <stdio.h>])
+
+ AM_ICONV
+
+ dnl glibc >= 2.4 has a NL_LOCALE_NAME macro when _GNU_SOURCE is defined,
+ dnl and a _NL_LOCALE_NAME macro always.
+ AC_CACHE_CHECK([for NL_LOCALE_NAME macro], gt_cv_nl_locale_name,
+ [AC_TRY_LINK([#include <langinfo.h>
+#include <locale.h>],
+ [char* cs = nl_langinfo(_NL_LOCALE_NAME(LC_MESSAGES));],
+ gt_cv_nl_locale_name=yes,
+ gt_cv_nl_locale_name=no)
+ ])
+ if test $gt_cv_nl_locale_name = yes; then
+ AC_DEFINE(HAVE_NL_LOCALE_NAME, 1,
+ [Define if you have <langinfo.h> and it defines the NL_LOCALE_NAME macro if _GNU_SOURCE is defined.])
+ fi
+
+ dnl intl/plural.c is generated from intl/plural.y. It requires bison,
+ dnl because plural.y uses bison specific features. It requires at least
+ dnl bison-1.26 because earlier versions generate a plural.c that doesn't
+ dnl compile.
+ dnl bison is only needed for the maintainer (who touches plural.y). But in
+ dnl order to avoid separate Makefiles or --enable-maintainer-mode, we put
+ dnl the rule in general Makefile. Now, some people carelessly touch the
+ dnl files or have a broken "make" program, hence the plural.c rule will
+ dnl sometimes fire. To avoid an error, defines BISON to ":" if it is not
+ dnl present or too old.
+ AC_CHECK_PROGS([INTLBISON], [bison])
+ if test -z "$INTLBISON"; then
+ ac_verc_fail=yes
+ else
+ dnl Found it, now check the version.
+ AC_MSG_CHECKING([version of bison])
+changequote(<<,>>)dnl
+ ac_prog_version=`$INTLBISON --version 2>&1 | sed -n 's/^.*GNU Bison.* \([0-9]*\.[0-9.]*\).*$/\1/p'`
+ case $ac_prog_version in
+ '') ac_prog_version="v. ?.??, bad"; ac_verc_fail=yes;;
+ 1.2[6-9]* | 1.[3-9][0-9]* | [2-9].*)
+changequote([,])dnl
+ ac_prog_version="$ac_prog_version, ok"; ac_verc_fail=no;;
+ *) ac_prog_version="$ac_prog_version, bad"; ac_verc_fail=yes;;
+ esac
+ AC_MSG_RESULT([$ac_prog_version])
+ fi
+ if test $ac_verc_fail = yes; then
+ INTLBISON=:
+ fi
+])
+
+
+dnl Checks for special options needed on MacOS X.
+dnl Defines INTL_MACOSX_LIBS.
+AC_DEFUN([gt_INTL_MACOSX],
+[
+ dnl Check for API introduced in MacOS X 10.2.
+ AC_CACHE_CHECK([for CFPreferencesCopyAppValue],
+ gt_cv_func_CFPreferencesCopyAppValue,
+ [gt_save_LIBS="$LIBS"
+ LIBS="$LIBS -Wl,-framework -Wl,CoreFoundation"
+ AC_TRY_LINK([#include <CoreFoundation/CFPreferences.h>],
+ [CFPreferencesCopyAppValue(NULL, NULL)],
+ [gt_cv_func_CFPreferencesCopyAppValue=yes],
+ [gt_cv_func_CFPreferencesCopyAppValue=no])
+ LIBS="$gt_save_LIBS"])
+ if test $gt_cv_func_CFPreferencesCopyAppValue = yes; then
+ AC_DEFINE([HAVE_CFPREFERENCESCOPYAPPVALUE], 1,
+ [Define to 1 if you have the MacOS X function CFPreferencesCopyAppValue in the CoreFoundation framework.])
+ fi
+ dnl Check for API introduced in MacOS X 10.3.
+ AC_CACHE_CHECK([for CFLocaleCopyCurrent], gt_cv_func_CFLocaleCopyCurrent,
+ [gt_save_LIBS="$LIBS"
+ LIBS="$LIBS -Wl,-framework -Wl,CoreFoundation"
+ AC_TRY_LINK([#include <CoreFoundation/CFLocale.h>], [CFLocaleCopyCurrent();],
+ [gt_cv_func_CFLocaleCopyCurrent=yes],
+ [gt_cv_func_CFLocaleCopyCurrent=no])
+ LIBS="$gt_save_LIBS"])
+ if test $gt_cv_func_CFLocaleCopyCurrent = yes; then
+ AC_DEFINE([HAVE_CFLOCALECOPYCURRENT], 1,
+ [Define to 1 if you have the MacOS X function CFLocaleCopyCurrent in the CoreFoundation framework.])
+ fi
+ INTL_MACOSX_LIBS=
+ if test $gt_cv_func_CFPreferencesCopyAppValue = yes || test $gt_cv_func_CFLocaleCopyCurrent = yes; then
+ INTL_MACOSX_LIBS="-Wl,-framework -Wl,CoreFoundation"
+ fi
+ AC_SUBST([INTL_MACOSX_LIBS])
+])
+
+
+dnl gt_CHECK_DECL(FUNC, INCLUDES)
+dnl Check whether a function is declared.
+AC_DEFUN([gt_CHECK_DECL],
+[
+ AC_CACHE_CHECK([whether $1 is declared], ac_cv_have_decl_$1,
+ [AC_TRY_COMPILE([$2], [
+#ifndef $1
+ char *p = (char *) $1;
+#endif
+], ac_cv_have_decl_$1=yes, ac_cv_have_decl_$1=no)])
+ if test $ac_cv_have_decl_$1 = yes; then
+ gt_value=1
+ else
+ gt_value=0
+ fi
+ AC_DEFINE_UNQUOTED([HAVE_DECL_]translit($1, [a-z], [A-Z]), [$gt_value],
+ [Define to 1 if you have the declaration of `$1', and to 0 if you don't.])
+])
+
+
+dnl Usage: AM_GNU_GETTEXT_VERSION([gettext-version])
+AC_DEFUN([AM_GNU_GETTEXT_VERSION], [])
diff --git a/Linux-PAM/m4/glibc2.m4 b/Linux-PAM/m4/glibc2.m4
new file mode 100644
index 00000000..e8f5bfe6
--- /dev/null
+++ b/Linux-PAM/m4/glibc2.m4
@@ -0,0 +1,30 @@
+# glibc2.m4 serial 1
+dnl Copyright (C) 2000-2002, 2004 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+# Test for the GNU C Library, version 2.0 or newer.
+# From Bruno Haible.
+
+AC_DEFUN([gt_GLIBC2],
+ [
+ AC_CACHE_CHECK(whether we are using the GNU C Library 2 or newer,
+ ac_cv_gnu_library_2,
+ [AC_EGREP_CPP([Lucky GNU user],
+ [
+#include <features.h>
+#ifdef __GNU_LIBRARY__
+ #if (__GLIBC__ >= 2)
+ Lucky GNU user
+ #endif
+#endif
+ ],
+ ac_cv_gnu_library_2=yes,
+ ac_cv_gnu_library_2=no)
+ ]
+ )
+ AC_SUBST(GLIBC2)
+ GLIBC2="$ac_cv_gnu_library_2"
+ ]
+)
diff --git a/Linux-PAM/m4/glibc21.m4 b/Linux-PAM/m4/glibc21.m4
new file mode 100644
index 00000000..d95fd986
--- /dev/null
+++ b/Linux-PAM/m4/glibc21.m4
@@ -0,0 +1,30 @@
+# glibc21.m4 serial 3
+dnl Copyright (C) 2000-2002, 2004 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+# Test for the GNU C Library, version 2.1 or newer.
+# From Bruno Haible.
+
+AC_DEFUN([gl_GLIBC21],
+ [
+ AC_CACHE_CHECK(whether we are using the GNU C Library 2.1 or newer,
+ ac_cv_gnu_library_2_1,
+ [AC_EGREP_CPP([Lucky GNU user],
+ [
+#include <features.h>
+#ifdef __GNU_LIBRARY__
+ #if (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 1) || (__GLIBC__ > 2)
+ Lucky GNU user
+ #endif
+#endif
+ ],
+ ac_cv_gnu_library_2_1=yes,
+ ac_cv_gnu_library_2_1=no)
+ ]
+ )
+ AC_SUBST(GLIBC21)
+ GLIBC21="$ac_cv_gnu_library_2_1"
+ ]
+)
diff --git a/Linux-PAM/m4/iconv.m4 b/Linux-PAM/m4/iconv.m4
new file mode 100644
index 00000000..654c4158
--- /dev/null
+++ b/Linux-PAM/m4/iconv.m4
@@ -0,0 +1,101 @@
+# iconv.m4 serial AM4 (gettext-0.11.3)
+dnl Copyright (C) 2000-2002 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+AC_DEFUN([AM_ICONV_LINKFLAGS_BODY],
+[
+ dnl Prerequisites of AC_LIB_LINKFLAGS_BODY.
+ AC_REQUIRE([AC_LIB_PREPARE_PREFIX])
+ AC_REQUIRE([AC_LIB_RPATH])
+
+ dnl Search for libiconv and define LIBICONV, LTLIBICONV and INCICONV
+ dnl accordingly.
+ AC_LIB_LINKFLAGS_BODY([iconv])
+])
+
+AC_DEFUN([AM_ICONV_LINK],
+[
+ dnl Some systems have iconv in libc, some have it in libiconv (OSF/1 and
+ dnl those with the standalone portable GNU libiconv installed).
+
+ dnl Search for libiconv and define LIBICONV, LTLIBICONV and INCICONV
+ dnl accordingly.
+ AC_REQUIRE([AM_ICONV_LINKFLAGS_BODY])
+
+ dnl Add $INCICONV to CPPFLAGS before performing the following checks,
+ dnl because if the user has installed libiconv and not disabled its use
+ dnl via --without-libiconv-prefix, he wants to use it. The first
+ dnl AC_TRY_LINK will then fail, the second AC_TRY_LINK will succeed.
+ am_save_CPPFLAGS="$CPPFLAGS"
+ AC_LIB_APPENDTOVAR([CPPFLAGS], [$INCICONV])
+
+ AC_CACHE_CHECK(for iconv, am_cv_func_iconv, [
+ am_cv_func_iconv="no, consider installing GNU libiconv"
+ am_cv_lib_iconv=no
+ AC_TRY_LINK([#include <stdlib.h>
+#include <iconv.h>],
+ [iconv_t cd = iconv_open("","");
+ iconv(cd,NULL,NULL,NULL,NULL);
+ iconv_close(cd);],
+ am_cv_func_iconv=yes)
+ if test "$am_cv_func_iconv" != yes; then
+ am_save_LIBS="$LIBS"
+ LIBS="$LIBS $LIBICONV"
+ AC_TRY_LINK([#include <stdlib.h>
+#include <iconv.h>],
+ [iconv_t cd = iconv_open("","");
+ iconv(cd,NULL,NULL,NULL,NULL);
+ iconv_close(cd);],
+ am_cv_lib_iconv=yes
+ am_cv_func_iconv=yes)
+ LIBS="$am_save_LIBS"
+ fi
+ ])
+ if test "$am_cv_func_iconv" = yes; then
+ AC_DEFINE(HAVE_ICONV, 1, [Define if you have the iconv() function.])
+ fi
+ if test "$am_cv_lib_iconv" = yes; then
+ AC_MSG_CHECKING([how to link with libiconv])
+ AC_MSG_RESULT([$LIBICONV])
+ else
+ dnl If $LIBICONV didn't lead to a usable library, we don't need $INCICONV
+ dnl either.
+ CPPFLAGS="$am_save_CPPFLAGS"
+ LIBICONV=
+ LTLIBICONV=
+ fi
+ AC_SUBST(LIBICONV)
+ AC_SUBST(LTLIBICONV)
+])
+
+AC_DEFUN([AM_ICONV],
+[
+ AM_ICONV_LINK
+ if test "$am_cv_func_iconv" = yes; then
+ AC_MSG_CHECKING([for iconv declaration])
+ AC_CACHE_VAL(am_cv_proto_iconv, [
+ AC_TRY_COMPILE([
+#include <stdlib.h>
+#include <iconv.h>
+extern
+#ifdef __cplusplus
+"C"
+#endif
+#if defined(__STDC__) || defined(__cplusplus)
+size_t iconv (iconv_t cd, char * *inbuf, size_t *inbytesleft, char * *outbuf, size_t *outbytesleft);
+#else
+size_t iconv();
+#endif
+], [], am_cv_proto_iconv_arg1="", am_cv_proto_iconv_arg1="const")
+ am_cv_proto_iconv="extern size_t iconv (iconv_t cd, $am_cv_proto_iconv_arg1 char * *inbuf, size_t *inbytesleft, char * *outbuf, size_t *outbytesleft);"])
+ am_cv_proto_iconv=`echo "[$]am_cv_proto_iconv" | tr -s ' ' | sed -e 's/( /(/'`
+ AC_MSG_RESULT([$]{ac_t:-
+ }[$]am_cv_proto_iconv)
+ AC_DEFINE_UNQUOTED(ICONV_CONST, $am_cv_proto_iconv_arg1,
+ [Define as const if the declaration of iconv() needs const.])
+ fi
+])
diff --git a/Linux-PAM/m4/intdiv0.m4 b/Linux-PAM/m4/intdiv0.m4
new file mode 100644
index 00000000..b8d78176
--- /dev/null
+++ b/Linux-PAM/m4/intdiv0.m4
@@ -0,0 +1,70 @@
+# intdiv0.m4 serial 1 (gettext-0.11.3)
+dnl Copyright (C) 2002 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+AC_DEFUN([gt_INTDIV0],
+[
+ AC_REQUIRE([AC_PROG_CC])dnl
+ AC_REQUIRE([AC_CANONICAL_HOST])dnl
+
+ AC_CACHE_CHECK([whether integer division by zero raises SIGFPE],
+ gt_cv_int_divbyzero_sigfpe,
+ [
+ AC_TRY_RUN([
+#include <stdlib.h>
+#include <signal.h>
+
+static void
+#ifdef __cplusplus
+sigfpe_handler (int sig)
+#else
+sigfpe_handler (sig) int sig;
+#endif
+{
+ /* Exit with code 0 if SIGFPE, with code 1 if any other signal. */
+ exit (sig != SIGFPE);
+}
+
+int x = 1;
+int y = 0;
+int z;
+int nan;
+
+int main ()
+{
+ signal (SIGFPE, sigfpe_handler);
+/* IRIX and AIX (when "xlc -qcheck" is used) yield signal SIGTRAP. */
+#if (defined (__sgi) || defined (_AIX)) && defined (SIGTRAP)
+ signal (SIGTRAP, sigfpe_handler);
+#endif
+/* Linux/SPARC yields signal SIGILL. */
+#if defined (__sparc__) && defined (__linux__)
+ signal (SIGILL, sigfpe_handler);
+#endif
+
+ z = x / y;
+ nan = y / y;
+ exit (1);
+}
+], gt_cv_int_divbyzero_sigfpe=yes, gt_cv_int_divbyzero_sigfpe=no,
+ [
+ # Guess based on the CPU.
+ case "$host_cpu" in
+ alpha* | i[34567]86 | m68k | s390*)
+ gt_cv_int_divbyzero_sigfpe="guessing yes";;
+ *)
+ gt_cv_int_divbyzero_sigfpe="guessing no";;
+ esac
+ ])
+ ])
+ case "$gt_cv_int_divbyzero_sigfpe" in
+ *yes) value=1;;
+ *) value=0;;
+ esac
+ AC_DEFINE_UNQUOTED(INTDIV0_RAISES_SIGFPE, $value,
+ [Define if integer division by zero raises signal SIGFPE.])
+])
diff --git a/Linux-PAM/m4/intmax.m4 b/Linux-PAM/m4/intmax.m4
new file mode 100644
index 00000000..d99c999f
--- /dev/null
+++ b/Linux-PAM/m4/intmax.m4
@@ -0,0 +1,30 @@
+# intmax.m4 serial 2 (gettext-0.14.2)
+dnl Copyright (C) 2002-2005 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+dnl Test whether the system has the 'intmax_t' type, but don't attempt to
+dnl find a replacement if it is lacking.
+
+AC_DEFUN([gt_TYPE_INTMAX_T],
+[
+ AC_REQUIRE([gl_AC_HEADER_INTTYPES_H])
+ AC_REQUIRE([gl_AC_HEADER_STDINT_H])
+ AC_CACHE_CHECK(for intmax_t, gt_cv_c_intmax_t,
+ [AC_TRY_COMPILE([
+#include <stddef.h>
+#include <stdlib.h>
+#if HAVE_STDINT_H_WITH_UINTMAX
+#include <stdint.h>
+#endif
+#if HAVE_INTTYPES_H_WITH_UINTMAX
+#include <inttypes.h>
+#endif
+], [intmax_t x = -1;], gt_cv_c_intmax_t=yes, gt_cv_c_intmax_t=no)])
+ if test $gt_cv_c_intmax_t = yes; then
+ AC_DEFINE(HAVE_INTMAX_T, 1,
+ [Define if you have the 'intmax_t' type in <stdint.h> or <inttypes.h>.])
+ fi
+])
diff --git a/Linux-PAM/m4/inttypes-h.m4 b/Linux-PAM/m4/inttypes-h.m4
new file mode 100644
index 00000000..d7ec94c5
--- /dev/null
+++ b/Linux-PAM/m4/inttypes-h.m4
@@ -0,0 +1,25 @@
+# inttypes-h.m4 serial 1 (gettext-0.15)
+dnl Copyright (C) 1997-2002, 2006 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Paul Eggert.
+
+# Define HAVE_INTTYPES_H if <inttypes.h> exists and doesn't clash with
+# <sys/types.h>.
+
+AC_DEFUN([gl_HEADER_INTTYPES_H],
+[
+ AC_CACHE_CHECK([for inttypes.h], gl_cv_header_inttypes_h,
+ [
+ AC_TRY_COMPILE(
+ [#include <sys/types.h>
+#include <inttypes.h>],
+ [], gl_cv_header_inttypes_h=yes, gl_cv_header_inttypes_h=no)
+ ])
+ if test $gl_cv_header_inttypes_h = yes; then
+ AC_DEFINE_UNQUOTED(HAVE_INTTYPES_H, 1,
+ [Define if <inttypes.h> exists and doesn't clash with <sys/types.h>.])
+ fi
+])
diff --git a/Linux-PAM/m4/inttypes-pri.m4 b/Linux-PAM/m4/inttypes-pri.m4
new file mode 100644
index 00000000..ef00da74
--- /dev/null
+++ b/Linux-PAM/m4/inttypes-pri.m4
@@ -0,0 +1,30 @@
+# inttypes-pri.m4 serial 2 (gettext-0.15)
+dnl Copyright (C) 1997-2002, 2006 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+# Define PRI_MACROS_BROKEN if <inttypes.h> exists and defines the PRI*
+# macros to non-string values. This is the case on AIX 4.3.3.
+
+AC_DEFUN([gt_INTTYPES_PRI],
+[
+ AC_REQUIRE([gl_HEADER_INTTYPES_H])
+ if test $gl_cv_header_inttypes_h = yes; then
+ AC_CACHE_CHECK([whether the inttypes.h PRIxNN macros are broken],
+ gt_cv_inttypes_pri_broken,
+ [
+ AC_TRY_COMPILE([#include <inttypes.h>
+#ifdef PRId32
+char *p = PRId32;
+#endif
+], [], gt_cv_inttypes_pri_broken=no, gt_cv_inttypes_pri_broken=yes)
+ ])
+ fi
+ if test "$gt_cv_inttypes_pri_broken" = yes; then
+ AC_DEFINE_UNQUOTED(PRI_MACROS_BROKEN, 1,
+ [Define if <inttypes.h> exists and defines unusable PRI* macros.])
+ fi
+])
diff --git a/Linux-PAM/m4/inttypes.m4 b/Linux-PAM/m4/inttypes.m4
new file mode 100644
index 00000000..779bcea0
--- /dev/null
+++ b/Linux-PAM/m4/inttypes.m4
@@ -0,0 +1,25 @@
+# inttypes.m4 serial 1 (gettext-0.11.4)
+dnl Copyright (C) 1997-2002 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Paul Eggert.
+
+# Define HAVE_INTTYPES_H if <inttypes.h> exists and doesn't clash with
+# <sys/types.h>.
+
+AC_DEFUN([gt_HEADER_INTTYPES_H],
+[
+ AC_CACHE_CHECK([for inttypes.h], gt_cv_header_inttypes_h,
+ [
+ AC_TRY_COMPILE(
+ [#include <sys/types.h>
+#include <inttypes.h>],
+ [], gt_cv_header_inttypes_h=yes, gt_cv_header_inttypes_h=no)
+ ])
+ if test $gt_cv_header_inttypes_h = yes; then
+ AC_DEFINE_UNQUOTED(HAVE_INTTYPES_H, 1,
+ [Define if <inttypes.h> exists and doesn't clash with <sys/types.h>.])
+ fi
+])
diff --git a/Linux-PAM/m4/inttypes_h.m4 b/Linux-PAM/m4/inttypes_h.m4
new file mode 100644
index 00000000..a5d075d9
--- /dev/null
+++ b/Linux-PAM/m4/inttypes_h.m4
@@ -0,0 +1,26 @@
+# inttypes_h.m4 serial 6
+dnl Copyright (C) 1997-2004 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Paul Eggert.
+
+# Define HAVE_INTTYPES_H_WITH_UINTMAX if <inttypes.h> exists,
+# doesn't clash with <sys/types.h>, and declares uintmax_t.
+
+AC_DEFUN([gl_AC_HEADER_INTTYPES_H],
+[
+ AC_CACHE_CHECK([for inttypes.h], gl_cv_header_inttypes_h,
+ [AC_TRY_COMPILE(
+ [#include <sys/types.h>
+#include <inttypes.h>],
+ [uintmax_t i = (uintmax_t) -1;],
+ gl_cv_header_inttypes_h=yes,
+ gl_cv_header_inttypes_h=no)])
+ if test $gl_cv_header_inttypes_h = yes; then
+ AC_DEFINE_UNQUOTED(HAVE_INTTYPES_H_WITH_UINTMAX, 1,
+ [Define if <inttypes.h> exists, doesn't clash with <sys/types.h>,
+ and declares uintmax_t. ])
+ fi
+])
diff --git a/Linux-PAM/m4/isc-posix.m4 b/Linux-PAM/m4/isc-posix.m4
new file mode 100644
index 00000000..74dc8f26
--- /dev/null
+++ b/Linux-PAM/m4/isc-posix.m4
@@ -0,0 +1,24 @@
+# isc-posix.m4 serial 2 (gettext-0.11.2)
+dnl Copyright (C) 1995-2002 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+# This file is not needed with autoconf-2.53 and newer. Remove it in 2005.
+
+# This test replaces the one in autoconf.
+# Currently this macro should have the same name as the autoconf macro
+# because gettext's gettext.m4 (distributed in the automake package)
+# still uses it. Otherwise, the use in gettext.m4 makes autoheader
+# give these diagnostics:
+# configure.in:556: AC_TRY_COMPILE was called before AC_ISC_POSIX
+# configure.in:556: AC_TRY_RUN was called before AC_ISC_POSIX
+
+undefine([AC_ISC_POSIX])
+
+AC_DEFUN([AC_ISC_POSIX],
+ [
+ dnl This test replaces the obsolescent AC_ISC_POSIX kludge.
+ AC_CHECK_LIB(cposix, strerror, [LIBS="$LIBS -lcposix"])
+ ]
+)
diff --git a/Linux-PAM/m4/jh_path_xml_catalog.m4 b/Linux-PAM/m4/jh_path_xml_catalog.m4
new file mode 100644
index 00000000..dd01f165
--- /dev/null
+++ b/Linux-PAM/m4/jh_path_xml_catalog.m4
@@ -0,0 +1,54 @@
+# Checks the location of the XML Catalog
+# Usage:
+# JH_PATH_XML_CATALOG([ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
+# Defines XMLCATALOG and XML_CATALOG_FILE substitutions
+AC_DEFUN([JH_PATH_XML_CATALOG],
+[
+ # check for the presence of the XML catalog
+ AC_ARG_WITH([xml-catalog],
+ AC_HELP_STRING([--with-xml-catalog=CATALOG],
+ [path to xml catalog to use]),,
+ [with_xml_catalog=/etc/xml/catalog])
+ jh_found_xmlcatalog=true
+ XML_CATALOG_FILE="$with_xml_catalog"
+ AC_SUBST([XML_CATALOG_FILE])
+ AC_MSG_CHECKING([for XML catalog ($XML_CATALOG_FILE)])
+ if test -f "$XML_CATALOG_FILE"; then
+ AC_MSG_RESULT([found])
+ else
+ jh_found_xmlcatalog=false
+ AC_MSG_RESULT([not found])
+ fi
+
+ # check for the xmlcatalog program
+ AC_PATH_PROG(XMLCATALOG, xmlcatalog, no)
+ if test "x$XMLCATALOG" = xno; then
+ jh_found_xmlcatalog=false
+ fi
+
+ if $jh_found_xmlcatalog; then
+ ifelse([$1],,[:],[$1])
+ else
+ ifelse([$2],,[AC_MSG_ERROR([could not find XML catalog])],[$2])
+ fi
+])
+
+# Checks if a particular URI appears in the XML catalog
+# Usage:
+# JH_CHECK_XML_CATALOG(URI, [FRIENDLY-NAME], [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
+AC_DEFUN([JH_CHECK_XML_CATALOG],
+[
+ AC_REQUIRE([JH_PATH_XML_CATALOG],[JH_PATH_XML_CATALOG(,[:])])dnl
+ AC_MSG_CHECKING([for ifelse([$2],,[$1],[$2]) in XML catalog])
+ if $jh_found_xmlcatalog && \
+ AC_RUN_LOG([$XMLCATALOG --noout "$XML_CATALOG_FILE" "$1" >&2]); then
+ AC_MSG_RESULT([found])
+ ifelse([$3],,,[$3
+])dnl
+ else
+ AC_MSG_RESULT([not found])
+ ifelse([$4],,
+ [AC_MSG_ERROR([could not find ifelse([$2],,[$1],[$2]) in XML catalog])],
+ [$4])
+ fi
+])
diff --git a/Linux-PAM/m4/lcmessage.m4 b/Linux-PAM/m4/lcmessage.m4
new file mode 100644
index 00000000..19aa77e4
--- /dev/null
+++ b/Linux-PAM/m4/lcmessage.m4
@@ -0,0 +1,30 @@
+# lcmessage.m4 serial 4 (gettext-0.14.2)
+dnl Copyright (C) 1995-2002, 2004-2005 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+dnl
+dnl This file can can be used in projects which are not available under
+dnl the GNU General Public License or the GNU Library General Public
+dnl License but which still want to provide support for the GNU gettext
+dnl functionality.
+dnl Please note that the actual code of the GNU gettext library is covered
+dnl by the GNU Library General Public License, and the rest of the GNU
+dnl gettext package package is covered by the GNU General Public License.
+dnl They are *not* in the public domain.
+
+dnl Authors:
+dnl Ulrich Drepper <drepper@cygnus.com>, 1995.
+
+# Check whether LC_MESSAGES is available in <locale.h>.
+
+AC_DEFUN([gt_LC_MESSAGES],
+[
+ AC_CACHE_CHECK([for LC_MESSAGES], gt_cv_val_LC_MESSAGES,
+ [AC_TRY_LINK([#include <locale.h>], [return LC_MESSAGES],
+ gt_cv_val_LC_MESSAGES=yes, gt_cv_val_LC_MESSAGES=no)])
+ if test $gt_cv_val_LC_MESSAGES = yes; then
+ AC_DEFINE(HAVE_LC_MESSAGES, 1,
+ [Define if your <locale.h> file defines LC_MESSAGES.])
+ fi
+])
diff --git a/Linux-PAM/m4/ld-O1.m4 b/Linux-PAM/m4/ld-O1.m4
new file mode 100644
index 00000000..6efd3f34
--- /dev/null
+++ b/Linux-PAM/m4/ld-O1.m4
@@ -0,0 +1,24 @@
+# ld-O1.m4 serial 2
+
+# Test if ld supports -O1
+
+AC_DEFUN([PAM_LD_O1],
+ [
+ AC_CACHE_CHECK(whether ld supports -O1,
+ pam_cv_ld_O1, [ dnl
+ cat > conftest.c <<EOF
+int main (void) { return 0; }
+EOF
+ if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS
+ -o conftest.o conftest.c
+ -Wl,-O1 1>&AS_MESSAGE_LOG_FD])
+ then
+ pam_cv_ld_O1=yes
+ LDFLAGS="$LDFLAGS -Wl,-O1"
+ else
+ pam_cv_ld_O1=no
+ fi
+ rm -f conftest*])
+ AC_SUBST(pam_cv_ld_as_needed)
+ ]
+)
diff --git a/Linux-PAM/m4/ld-as-needed.m4 b/Linux-PAM/m4/ld-as-needed.m4
new file mode 100644
index 00000000..5ba6e0f9
--- /dev/null
+++ b/Linux-PAM/m4/ld-as-needed.m4
@@ -0,0 +1,24 @@
+# ld-as-needed.m4 serial 2
+
+# Test if ld supports --as-needed
+
+AC_DEFUN([PAM_LD_AS_NEEDED],
+ [
+ AC_CACHE_CHECK(whether ld supports --as-needed,
+ pam_cv_ld_as_needed, [ dnl
+ cat > conftest.c <<EOF
+int main (void) { return 0; }
+EOF
+ if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS
+ -o conftest.o conftest.c
+ -Wl,--as-needed 1>&AS_MESSAGE_LOG_FD])
+ then
+ pam_cv_ld_as_needed=yes
+ LDFLAGS="$LDFLAGS -Wl,--as-needed"
+ else
+ pam_cv_ld_as_needed=no
+ fi
+ rm -f conftest*])
+ AC_SUBST(pam_cv_ld_as_needed)
+ ]
+)
diff --git a/Linux-PAM/m4/lib-ld.m4 b/Linux-PAM/m4/lib-ld.m4
new file mode 100644
index 00000000..96c4e2c3
--- /dev/null
+++ b/Linux-PAM/m4/lib-ld.m4
@@ -0,0 +1,110 @@
+# lib-ld.m4 serial 3 (gettext-0.13)
+dnl Copyright (C) 1996-2003 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl Subroutines of libtool.m4,
+dnl with replacements s/AC_/AC_LIB/ and s/lt_cv/acl_cv/ to avoid collision
+dnl with libtool.m4.
+
+dnl From libtool-1.4. Sets the variable with_gnu_ld to yes or no.
+AC_DEFUN([AC_LIB_PROG_LD_GNU],
+[AC_CACHE_CHECK([if the linker ($LD) is GNU ld], acl_cv_prog_gnu_ld,
+[# I'd rather use --version here, but apparently some GNU ld's only accept -v.
+case `$LD -v 2>&1 </dev/null` in
+*GNU* | *'with BFD'*)
+ acl_cv_prog_gnu_ld=yes ;;
+*)
+ acl_cv_prog_gnu_ld=no ;;
+esac])
+with_gnu_ld=$acl_cv_prog_gnu_ld
+])
+
+dnl From libtool-1.4. Sets the variable LD.
+AC_DEFUN([AC_LIB_PROG_LD],
+[AC_ARG_WITH(gnu-ld,
+[ --with-gnu-ld assume the C compiler uses GNU ld [default=no]],
+test "$withval" = no || with_gnu_ld=yes, with_gnu_ld=no)
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AC_CANONICAL_HOST])dnl
+# Prepare PATH_SEPARATOR.
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
+ fi
+ rm -f conf$$.sh
+fi
+ac_prog=ld
+if test "$GCC" = yes; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ AC_MSG_CHECKING([for ld used by GCC])
+ case $host in
+ *-*-mingw*)
+ # gcc leaves a trailing carriage return which upsets mingw
+ ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+ *)
+ ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+ esac
+ case $ac_prog in
+ # Accept absolute paths.
+ [[\\/]* | [A-Za-z]:[\\/]*)]
+ [re_direlt='/[^/][^/]*/\.\./']
+ # Canonicalize the path of ld
+ ac_prog=`echo $ac_prog| sed 's%\\\\%/%g'`
+ while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do
+ ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"`
+ done
+ test -z "$LD" && LD="$ac_prog"
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test "$with_gnu_ld" = yes; then
+ AC_MSG_CHECKING([for GNU ld])
+else
+ AC_MSG_CHECKING([for non-GNU ld])
+fi
+AC_CACHE_VAL(acl_cv_path_LD,
+[if test -z "$LD"; then
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR-:}"
+ for ac_dir in $PATH; do
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+ acl_cv_path_LD="$ac_dir/$ac_prog"
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some GNU ld's only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ case `"$acl_cv_path_LD" -v 2>&1 < /dev/null` in
+ *GNU* | *'with BFD'*)
+ test "$with_gnu_ld" != no && break ;;
+ *)
+ test "$with_gnu_ld" != yes && break ;;
+ esac
+ fi
+ done
+ IFS="$ac_save_ifs"
+else
+ acl_cv_path_LD="$LD" # Let the user override the test with a path.
+fi])
+LD="$acl_cv_path_LD"
+if test -n "$LD"; then
+ AC_MSG_RESULT($LD)
+else
+ AC_MSG_RESULT(no)
+fi
+test -z "$LD" && AC_MSG_ERROR([no acceptable ld found in \$PATH])
+AC_LIB_PROG_LD_GNU
+])
diff --git a/Linux-PAM/m4/lib-link.m4 b/Linux-PAM/m4/lib-link.m4
new file mode 100644
index 00000000..92929193
--- /dev/null
+++ b/Linux-PAM/m4/lib-link.m4
@@ -0,0 +1,630 @@
+# lib-link.m4 serial 8 (gettext-0.15)
+dnl Copyright (C) 2001-2006 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+AC_PREREQ(2.50)
+
+dnl AC_LIB_LINKFLAGS(name [, dependencies]) searches for libname and
+dnl the libraries corresponding to explicit and implicit dependencies.
+dnl Sets and AC_SUBSTs the LIB${NAME} and LTLIB${NAME} variables and
+dnl augments the CPPFLAGS variable.
+AC_DEFUN([AC_LIB_LINKFLAGS],
+[
+ AC_REQUIRE([AC_LIB_PREPARE_PREFIX])
+ AC_REQUIRE([AC_LIB_RPATH])
+ define([Name],[translit([$1],[./-], [___])])
+ define([NAME],[translit([$1],[abcdefghijklmnopqrstuvwxyz./-],
+ [ABCDEFGHIJKLMNOPQRSTUVWXYZ___])])
+ AC_CACHE_CHECK([how to link with lib[]$1], [ac_cv_lib[]Name[]_libs], [
+ AC_LIB_LINKFLAGS_BODY([$1], [$2])
+ ac_cv_lib[]Name[]_libs="$LIB[]NAME"
+ ac_cv_lib[]Name[]_ltlibs="$LTLIB[]NAME"
+ ac_cv_lib[]Name[]_cppflags="$INC[]NAME"
+ ])
+ LIB[]NAME="$ac_cv_lib[]Name[]_libs"
+ LTLIB[]NAME="$ac_cv_lib[]Name[]_ltlibs"
+ INC[]NAME="$ac_cv_lib[]Name[]_cppflags"
+ AC_LIB_APPENDTOVAR([CPPFLAGS], [$INC]NAME)
+ AC_SUBST([LIB]NAME)
+ AC_SUBST([LTLIB]NAME)
+ dnl Also set HAVE_LIB[]NAME so that AC_LIB_HAVE_LINKFLAGS can reuse the
+ dnl results of this search when this library appears as a dependency.
+ HAVE_LIB[]NAME=yes
+ undefine([Name])
+ undefine([NAME])
+])
+
+dnl AC_LIB_HAVE_LINKFLAGS(name, dependencies, includes, testcode)
+dnl searches for libname and the libraries corresponding to explicit and
+dnl implicit dependencies, together with the specified include files and
+dnl the ability to compile and link the specified testcode. If found, it
+dnl sets and AC_SUBSTs HAVE_LIB${NAME}=yes and the LIB${NAME} and
+dnl LTLIB${NAME} variables and augments the CPPFLAGS variable, and
+dnl #defines HAVE_LIB${NAME} to 1. Otherwise, it sets and AC_SUBSTs
+dnl HAVE_LIB${NAME}=no and LIB${NAME} and LTLIB${NAME} to empty.
+AC_DEFUN([AC_LIB_HAVE_LINKFLAGS],
+[
+ AC_REQUIRE([AC_LIB_PREPARE_PREFIX])
+ AC_REQUIRE([AC_LIB_RPATH])
+ define([Name],[translit([$1],[./-], [___])])
+ define([NAME],[translit([$1],[abcdefghijklmnopqrstuvwxyz./-],
+ [ABCDEFGHIJKLMNOPQRSTUVWXYZ___])])
+
+ dnl Search for lib[]Name and define LIB[]NAME, LTLIB[]NAME and INC[]NAME
+ dnl accordingly.
+ AC_LIB_LINKFLAGS_BODY([$1], [$2])
+
+ dnl Add $INC[]NAME to CPPFLAGS before performing the following checks,
+ dnl because if the user has installed lib[]Name and not disabled its use
+ dnl via --without-lib[]Name-prefix, he wants to use it.
+ ac_save_CPPFLAGS="$CPPFLAGS"
+ AC_LIB_APPENDTOVAR([CPPFLAGS], [$INC]NAME)
+
+ AC_CACHE_CHECK([for lib[]$1], [ac_cv_lib[]Name], [
+ ac_save_LIBS="$LIBS"
+ LIBS="$LIBS $LIB[]NAME"
+ AC_TRY_LINK([$3], [$4], [ac_cv_lib[]Name=yes], [ac_cv_lib[]Name=no])
+ LIBS="$ac_save_LIBS"
+ ])
+ if test "$ac_cv_lib[]Name" = yes; then
+ HAVE_LIB[]NAME=yes
+ AC_DEFINE([HAVE_LIB]NAME, 1, [Define if you have the $1 library.])
+ AC_MSG_CHECKING([how to link with lib[]$1])
+ AC_MSG_RESULT([$LIB[]NAME])
+ else
+ HAVE_LIB[]NAME=no
+ dnl If $LIB[]NAME didn't lead to a usable library, we don't need
+ dnl $INC[]NAME either.
+ CPPFLAGS="$ac_save_CPPFLAGS"
+ LIB[]NAME=
+ LTLIB[]NAME=
+ fi
+ AC_SUBST([HAVE_LIB]NAME)
+ AC_SUBST([LIB]NAME)
+ AC_SUBST([LTLIB]NAME)
+ undefine([Name])
+ undefine([NAME])
+])
+
+dnl Determine the platform dependent parameters needed to use rpath:
+dnl libext, shlibext, hardcode_libdir_flag_spec, hardcode_libdir_separator,
+dnl hardcode_direct, hardcode_minus_L.
+AC_DEFUN([AC_LIB_RPATH],
+[
+ dnl Tell automake >= 1.10 to complain if config.rpath is missing.
+ m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([config.rpath])])
+ AC_REQUIRE([AC_PROG_CC]) dnl we use $CC, $GCC, $LDFLAGS
+ AC_REQUIRE([AC_LIB_PROG_LD]) dnl we use $LD, $with_gnu_ld
+ AC_REQUIRE([AC_CANONICAL_HOST]) dnl we use $host
+ AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT]) dnl we use $ac_aux_dir
+ AC_CACHE_CHECK([for shared library run path origin], acl_cv_rpath, [
+ CC="$CC" GCC="$GCC" LDFLAGS="$LDFLAGS" LD="$LD" with_gnu_ld="$with_gnu_ld" \
+ ${CONFIG_SHELL-/bin/sh} "$ac_aux_dir/config.rpath" "$host" > conftest.sh
+ . ./conftest.sh
+ rm -f ./conftest.sh
+ acl_cv_rpath=done
+ ])
+ wl="$acl_cv_wl"
+ libext="$acl_cv_libext"
+ shlibext="$acl_cv_shlibext"
+ hardcode_libdir_flag_spec="$acl_cv_hardcode_libdir_flag_spec"
+ hardcode_libdir_separator="$acl_cv_hardcode_libdir_separator"
+ hardcode_direct="$acl_cv_hardcode_direct"
+ hardcode_minus_L="$acl_cv_hardcode_minus_L"
+ dnl Determine whether the user wants rpath handling at all.
+ AC_ARG_ENABLE(rpath,
+ [ --disable-rpath do not hardcode runtime library paths],
+ :, enable_rpath=yes)
+])
+
+dnl AC_LIB_LINKFLAGS_BODY(name [, dependencies]) searches for libname and
+dnl the libraries corresponding to explicit and implicit dependencies.
+dnl Sets the LIB${NAME}, LTLIB${NAME} and INC${NAME} variables.
+AC_DEFUN([AC_LIB_LINKFLAGS_BODY],
+[
+ AC_REQUIRE([AC_LIB_PREPARE_MULTILIB])
+ define([NAME],[translit([$1],[abcdefghijklmnopqrstuvwxyz./-],
+ [ABCDEFGHIJKLMNOPQRSTUVWXYZ___])])
+ dnl By default, look in $includedir and $libdir.
+ use_additional=yes
+ AC_LIB_WITH_FINAL_PREFIX([
+ eval additional_includedir=\"$includedir\"
+ eval additional_libdir=\"$libdir\"
+ ])
+ AC_LIB_ARG_WITH([lib$1-prefix],
+[ --with-lib$1-prefix[=DIR] search for lib$1 in DIR/include and DIR/lib
+ --without-lib$1-prefix don't search for lib$1 in includedir and libdir],
+[
+ if test "X$withval" = "Xno"; then
+ use_additional=no
+ else
+ if test "X$withval" = "X"; then
+ AC_LIB_WITH_FINAL_PREFIX([
+ eval additional_includedir=\"$includedir\"
+ eval additional_libdir=\"$libdir\"
+ ])
+ else
+ additional_includedir="$withval/include"
+ additional_libdir="$withval/$acl_libdirstem"
+ fi
+ fi
+])
+ dnl Search the library and its dependencies in $additional_libdir and
+ dnl $LDFLAGS. Using breadth-first-seach.
+ LIB[]NAME=
+ LTLIB[]NAME=
+ INC[]NAME=
+ rpathdirs=
+ ltrpathdirs=
+ names_already_handled=
+ names_next_round='$1 $2'
+ while test -n "$names_next_round"; do
+ names_this_round="$names_next_round"
+ names_next_round=
+ for name in $names_this_round; do
+ already_handled=
+ for n in $names_already_handled; do
+ if test "$n" = "$name"; then
+ already_handled=yes
+ break
+ fi
+ done
+ if test -z "$already_handled"; then
+ names_already_handled="$names_already_handled $name"
+ dnl See if it was already located by an earlier AC_LIB_LINKFLAGS
+ dnl or AC_LIB_HAVE_LINKFLAGS call.
+ uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./-|ABCDEFGHIJKLMNOPQRSTUVWXYZ___|'`
+ eval value=\"\$HAVE_LIB$uppername\"
+ if test -n "$value"; then
+ if test "$value" = yes; then
+ eval value=\"\$LIB$uppername\"
+ test -z "$value" || LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$value"
+ eval value=\"\$LTLIB$uppername\"
+ test -z "$value" || LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }$value"
+ else
+ dnl An earlier call to AC_LIB_HAVE_LINKFLAGS has determined
+ dnl that this library doesn't exist. So just drop it.
+ :
+ fi
+ else
+ dnl Search the library lib$name in $additional_libdir and $LDFLAGS
+ dnl and the already constructed $LIBNAME/$LTLIBNAME.
+ found_dir=
+ found_la=
+ found_so=
+ found_a=
+ if test $use_additional = yes; then
+ if test -n "$shlibext" && test -f "$additional_libdir/lib$name.$shlibext"; then
+ found_dir="$additional_libdir"
+ found_so="$additional_libdir/lib$name.$shlibext"
+ if test -f "$additional_libdir/lib$name.la"; then
+ found_la="$additional_libdir/lib$name.la"
+ fi
+ else
+ if test -f "$additional_libdir/lib$name.$libext"; then
+ found_dir="$additional_libdir"
+ found_a="$additional_libdir/lib$name.$libext"
+ if test -f "$additional_libdir/lib$name.la"; then
+ found_la="$additional_libdir/lib$name.la"
+ fi
+ fi
+ fi
+ fi
+ if test "X$found_dir" = "X"; then
+ for x in $LDFLAGS $LTLIB[]NAME; do
+ AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"])
+ case "$x" in
+ -L*)
+ dir=`echo "X$x" | sed -e 's/^X-L//'`
+ if test -n "$shlibext" && test -f "$dir/lib$name.$shlibext"; then
+ found_dir="$dir"
+ found_so="$dir/lib$name.$shlibext"
+ if test -f "$dir/lib$name.la"; then
+ found_la="$dir/lib$name.la"
+ fi
+ else
+ if test -f "$dir/lib$name.$libext"; then
+ found_dir="$dir"
+ found_a="$dir/lib$name.$libext"
+ if test -f "$dir/lib$name.la"; then
+ found_la="$dir/lib$name.la"
+ fi
+ fi
+ fi
+ ;;
+ esac
+ if test "X$found_dir" != "X"; then
+ break
+ fi
+ done
+ fi
+ if test "X$found_dir" != "X"; then
+ dnl Found the library.
+ LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-L$found_dir -l$name"
+ if test "X$found_so" != "X"; then
+ dnl Linking with a shared library. We attempt to hardcode its
+ dnl directory into the executable's runpath, unless it's the
+ dnl standard /usr/lib.
+ if test "$enable_rpath" = no || test "X$found_dir" = "X/usr/$acl_libdirstem"; then
+ dnl No hardcoding is needed.
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so"
+ else
+ dnl Use an explicit option to hardcode DIR into the resulting
+ dnl binary.
+ dnl Potentially add DIR to ltrpathdirs.
+ dnl The ltrpathdirs will be appended to $LTLIBNAME at the end.
+ haveit=
+ for x in $ltrpathdirs; do
+ if test "X$x" = "X$found_dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ ltrpathdirs="$ltrpathdirs $found_dir"
+ fi
+ dnl The hardcoding into $LIBNAME is system dependent.
+ if test "$hardcode_direct" = yes; then
+ dnl Using DIR/libNAME.so during linking hardcodes DIR into the
+ dnl resulting binary.
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so"
+ else
+ if test -n "$hardcode_libdir_flag_spec" && test "$hardcode_minus_L" = no; then
+ dnl Use an explicit option to hardcode DIR into the resulting
+ dnl binary.
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so"
+ dnl Potentially add DIR to rpathdirs.
+ dnl The rpathdirs will be appended to $LIBNAME at the end.
+ haveit=
+ for x in $rpathdirs; do
+ if test "X$x" = "X$found_dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ rpathdirs="$rpathdirs $found_dir"
+ fi
+ else
+ dnl Rely on "-L$found_dir".
+ dnl But don't add it if it's already contained in the LDFLAGS
+ dnl or the already constructed $LIBNAME
+ haveit=
+ for x in $LDFLAGS $LIB[]NAME; do
+ AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"])
+ if test "X$x" = "X-L$found_dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-L$found_dir"
+ fi
+ if test "$hardcode_minus_L" != no; then
+ dnl FIXME: Not sure whether we should use
+ dnl "-L$found_dir -l$name" or "-L$found_dir $found_so"
+ dnl here.
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so"
+ else
+ dnl We cannot use $hardcode_runpath_var and LD_RUN_PATH
+ dnl here, because this doesn't fit in flags passed to the
+ dnl compiler. So give up. No hardcoding. This affects only
+ dnl very old systems.
+ dnl FIXME: Not sure whether we should use
+ dnl "-L$found_dir -l$name" or "-L$found_dir $found_so"
+ dnl here.
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-l$name"
+ fi
+ fi
+ fi
+ fi
+ else
+ if test "X$found_a" != "X"; then
+ dnl Linking with a static library.
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_a"
+ else
+ dnl We shouldn't come here, but anyway it's good to have a
+ dnl fallback.
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-L$found_dir -l$name"
+ fi
+ fi
+ dnl Assume the include files are nearby.
+ additional_includedir=
+ case "$found_dir" in
+ */$acl_libdirstem | */$acl_libdirstem/)
+ basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'`
+ additional_includedir="$basedir/include"
+ ;;
+ esac
+ if test "X$additional_includedir" != "X"; then
+ dnl Potentially add $additional_includedir to $INCNAME.
+ dnl But don't add it
+ dnl 1. if it's the standard /usr/include,
+ dnl 2. if it's /usr/local/include and we are using GCC on Linux,
+ dnl 3. if it's already present in $CPPFLAGS or the already
+ dnl constructed $INCNAME,
+ dnl 4. if it doesn't exist as a directory.
+ if test "X$additional_includedir" != "X/usr/include"; then
+ haveit=
+ if test "X$additional_includedir" = "X/usr/local/include"; then
+ if test -n "$GCC"; then
+ case $host_os in
+ linux* | gnu* | k*bsd*-gnu) haveit=yes;;
+ esac
+ fi
+ fi
+ if test -z "$haveit"; then
+ for x in $CPPFLAGS $INC[]NAME; do
+ AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"])
+ if test "X$x" = "X-I$additional_includedir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test -d "$additional_includedir"; then
+ dnl Really add $additional_includedir to $INCNAME.
+ INC[]NAME="${INC[]NAME}${INC[]NAME:+ }-I$additional_includedir"
+ fi
+ fi
+ fi
+ fi
+ fi
+ dnl Look for dependencies.
+ if test -n "$found_la"; then
+ dnl Read the .la file. It defines the variables
+ dnl dlname, library_names, old_library, dependency_libs, current,
+ dnl age, revision, installed, dlopen, dlpreopen, libdir.
+ save_libdir="$libdir"
+ case "$found_la" in
+ */* | *\\*) . "$found_la" ;;
+ *) . "./$found_la" ;;
+ esac
+ libdir="$save_libdir"
+ dnl We use only dependency_libs.
+ for dep in $dependency_libs; do
+ case "$dep" in
+ -L*)
+ additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'`
+ dnl Potentially add $additional_libdir to $LIBNAME and $LTLIBNAME.
+ dnl But don't add it
+ dnl 1. if it's the standard /usr/lib,
+ dnl 2. if it's /usr/local/lib and we are using GCC on Linux,
+ dnl 3. if it's already present in $LDFLAGS or the already
+ dnl constructed $LIBNAME,
+ dnl 4. if it doesn't exist as a directory.
+ if test "X$additional_libdir" != "X/usr/$acl_libdirstem"; then
+ haveit=
+ if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem"; then
+ if test -n "$GCC"; then
+ case $host_os in
+ linux* | gnu* | k*bsd*-gnu) haveit=yes;;
+ esac
+ fi
+ fi
+ if test -z "$haveit"; then
+ haveit=
+ for x in $LDFLAGS $LIB[]NAME; do
+ AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"])
+ if test "X$x" = "X-L$additional_libdir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test -d "$additional_libdir"; then
+ dnl Really add $additional_libdir to $LIBNAME.
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-L$additional_libdir"
+ fi
+ fi
+ haveit=
+ for x in $LDFLAGS $LTLIB[]NAME; do
+ AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"])
+ if test "X$x" = "X-L$additional_libdir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test -d "$additional_libdir"; then
+ dnl Really add $additional_libdir to $LTLIBNAME.
+ LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-L$additional_libdir"
+ fi
+ fi
+ fi
+ fi
+ ;;
+ -R*)
+ dir=`echo "X$dep" | sed -e 's/^X-R//'`
+ if test "$enable_rpath" != no; then
+ dnl Potentially add DIR to rpathdirs.
+ dnl The rpathdirs will be appended to $LIBNAME at the end.
+ haveit=
+ for x in $rpathdirs; do
+ if test "X$x" = "X$dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ rpathdirs="$rpathdirs $dir"
+ fi
+ dnl Potentially add DIR to ltrpathdirs.
+ dnl The ltrpathdirs will be appended to $LTLIBNAME at the end.
+ haveit=
+ for x in $ltrpathdirs; do
+ if test "X$x" = "X$dir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ ltrpathdirs="$ltrpathdirs $dir"
+ fi
+ fi
+ ;;
+ -l*)
+ dnl Handle this in the next round.
+ names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'`
+ ;;
+ *.la)
+ dnl Handle this in the next round. Throw away the .la's
+ dnl directory; it is already contained in a preceding -L
+ dnl option.
+ names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'`
+ ;;
+ *)
+ dnl Most likely an immediate library name.
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$dep"
+ LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }$dep"
+ ;;
+ esac
+ done
+ fi
+ else
+ dnl Didn't find the library; assume it is in the system directories
+ dnl known to the linker and runtime loader. (All the system
+ dnl directories known to the linker should also be known to the
+ dnl runtime loader, otherwise the system is severely misconfigured.)
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-l$name"
+ LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-l$name"
+ fi
+ fi
+ fi
+ done
+ done
+ if test "X$rpathdirs" != "X"; then
+ if test -n "$hardcode_libdir_separator"; then
+ dnl Weird platform: only the last -rpath option counts, the user must
+ dnl pass all path elements in one option. We can arrange that for a
+ dnl single library, but not when more than one $LIBNAMEs are used.
+ alldirs=
+ for found_dir in $rpathdirs; do
+ alldirs="${alldirs}${alldirs:+$hardcode_libdir_separator}$found_dir"
+ done
+ dnl Note: hardcode_libdir_flag_spec uses $libdir and $wl.
+ acl_save_libdir="$libdir"
+ libdir="$alldirs"
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ libdir="$acl_save_libdir"
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$flag"
+ else
+ dnl The -rpath options are cumulative.
+ for found_dir in $rpathdirs; do
+ acl_save_libdir="$libdir"
+ libdir="$found_dir"
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ libdir="$acl_save_libdir"
+ LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$flag"
+ done
+ fi
+ fi
+ if test "X$ltrpathdirs" != "X"; then
+ dnl When using libtool, the option that works for both libraries and
+ dnl executables is -R. The -R options are cumulative.
+ for found_dir in $ltrpathdirs; do
+ LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-R$found_dir"
+ done
+ fi
+])
+
+dnl AC_LIB_APPENDTOVAR(VAR, CONTENTS) appends the elements of CONTENTS to VAR,
+dnl unless already present in VAR.
+dnl Works only for CPPFLAGS, not for LIB* variables because that sometimes
+dnl contains two or three consecutive elements that belong together.
+AC_DEFUN([AC_LIB_APPENDTOVAR],
+[
+ for element in [$2]; do
+ haveit=
+ for x in $[$1]; do
+ AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"])
+ if test "X$x" = "X$element"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ [$1]="${[$1]}${[$1]:+ }$element"
+ fi
+ done
+])
+
+dnl For those cases where a variable contains several -L and -l options
+dnl referring to unknown libraries and directories, this macro determines the
+dnl necessary additional linker options for the runtime path.
+dnl AC_LIB_LINKFLAGS_FROM_LIBS([LDADDVAR], [LIBSVALUE], [USE-LIBTOOL])
+dnl sets LDADDVAR to linker options needed together with LIBSVALUE.
+dnl If USE-LIBTOOL evaluates to non-empty, linking with libtool is assumed,
+dnl otherwise linking without libtool is assumed.
+AC_DEFUN([AC_LIB_LINKFLAGS_FROM_LIBS],
+[
+ AC_REQUIRE([AC_LIB_RPATH])
+ AC_REQUIRE([AC_LIB_PREPARE_MULTILIB])
+ $1=
+ if test "$enable_rpath" != no; then
+ if test -n "$hardcode_libdir_flag_spec" && test "$hardcode_minus_L" = no; then
+ dnl Use an explicit option to hardcode directories into the resulting
+ dnl binary.
+ rpathdirs=
+ next=
+ for opt in $2; do
+ if test -n "$next"; then
+ dir="$next"
+ dnl No need to hardcode the standard /usr/lib.
+ if test "X$dir" != "X/usr/$acl_libdirstem"; then
+ rpathdirs="$rpathdirs $dir"
+ fi
+ next=
+ else
+ case $opt in
+ -L) next=yes ;;
+ -L*) dir=`echo "X$opt" | sed -e 's,^X-L,,'`
+ dnl No need to hardcode the standard /usr/lib.
+ if test "X$dir" != "X/usr/$acl_libdirstem"; then
+ rpathdirs="$rpathdirs $dir"
+ fi
+ next= ;;
+ *) next= ;;
+ esac
+ fi
+ done
+ if test "X$rpathdirs" != "X"; then
+ if test -n ""$3""; then
+ dnl libtool is used for linking. Use -R options.
+ for dir in $rpathdirs; do
+ $1="${$1}${$1:+ }-R$dir"
+ done
+ else
+ dnl The linker is used for linking directly.
+ if test -n "$hardcode_libdir_separator"; then
+ dnl Weird platform: only the last -rpath option counts, the user
+ dnl must pass all path elements in one option.
+ alldirs=
+ for dir in $rpathdirs; do
+ alldirs="${alldirs}${alldirs:+$hardcode_libdir_separator}$dir"
+ done
+ acl_save_libdir="$libdir"
+ libdir="$alldirs"
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ libdir="$acl_save_libdir"
+ $1="$flag"
+ else
+ dnl The -rpath options are cumulative.
+ for dir in $rpathdirs; do
+ acl_save_libdir="$libdir"
+ libdir="$dir"
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ libdir="$acl_save_libdir"
+ $1="${$1}${$1:+ }$flag"
+ done
+ fi
+ fi
+ fi
+ fi
+ fi
+ AC_SUBST([$1])
+])
diff --git a/Linux-PAM/m4/lib-prefix.m4 b/Linux-PAM/m4/lib-prefix.m4
new file mode 100644
index 00000000..a8684e17
--- /dev/null
+++ b/Linux-PAM/m4/lib-prefix.m4
@@ -0,0 +1,185 @@
+# lib-prefix.m4 serial 5 (gettext-0.15)
+dnl Copyright (C) 2001-2005 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+dnl AC_LIB_ARG_WITH is synonymous to AC_ARG_WITH in autoconf-2.13, and
+dnl similar to AC_ARG_WITH in autoconf 2.52...2.57 except that is doesn't
+dnl require excessive bracketing.
+ifdef([AC_HELP_STRING],
+[AC_DEFUN([AC_LIB_ARG_WITH], [AC_ARG_WITH([$1],[[$2]],[$3],[$4])])],
+[AC_DEFUN([AC_][LIB_ARG_WITH], [AC_ARG_WITH([$1],[$2],[$3],[$4])])])
+
+dnl AC_LIB_PREFIX adds to the CPPFLAGS and LDFLAGS the flags that are needed
+dnl to access previously installed libraries. The basic assumption is that
+dnl a user will want packages to use other packages he previously installed
+dnl with the same --prefix option.
+dnl This macro is not needed if only AC_LIB_LINKFLAGS is used to locate
+dnl libraries, but is otherwise very convenient.
+AC_DEFUN([AC_LIB_PREFIX],
+[
+ AC_BEFORE([$0], [AC_LIB_LINKFLAGS])
+ AC_REQUIRE([AC_PROG_CC])
+ AC_REQUIRE([AC_CANONICAL_HOST])
+ AC_REQUIRE([AC_LIB_PREPARE_MULTILIB])
+ AC_REQUIRE([AC_LIB_PREPARE_PREFIX])
+ dnl By default, look in $includedir and $libdir.
+ use_additional=yes
+ AC_LIB_WITH_FINAL_PREFIX([
+ eval additional_includedir=\"$includedir\"
+ eval additional_libdir=\"$libdir\"
+ ])
+ AC_LIB_ARG_WITH([lib-prefix],
+[ --with-lib-prefix[=DIR] search for libraries in DIR/include and DIR/lib
+ --without-lib-prefix don't search for libraries in includedir and libdir],
+[
+ if test "X$withval" = "Xno"; then
+ use_additional=no
+ else
+ if test "X$withval" = "X"; then
+ AC_LIB_WITH_FINAL_PREFIX([
+ eval additional_includedir=\"$includedir\"
+ eval additional_libdir=\"$libdir\"
+ ])
+ else
+ additional_includedir="$withval/include"
+ additional_libdir="$withval/$acl_libdirstem"
+ fi
+ fi
+])
+ if test $use_additional = yes; then
+ dnl Potentially add $additional_includedir to $CPPFLAGS.
+ dnl But don't add it
+ dnl 1. if it's the standard /usr/include,
+ dnl 2. if it's already present in $CPPFLAGS,
+ dnl 3. if it's /usr/local/include and we are using GCC on Linux,
+ dnl 4. if it doesn't exist as a directory.
+ if test "X$additional_includedir" != "X/usr/include"; then
+ haveit=
+ for x in $CPPFLAGS; do
+ AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"])
+ if test "X$x" = "X-I$additional_includedir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test "X$additional_includedir" = "X/usr/local/include"; then
+ if test -n "$GCC"; then
+ case $host_os in
+ linux* | gnu* | k*bsd*-gnu) haveit=yes;;
+ esac
+ fi
+ fi
+ if test -z "$haveit"; then
+ if test -d "$additional_includedir"; then
+ dnl Really add $additional_includedir to $CPPFLAGS.
+ CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }-I$additional_includedir"
+ fi
+ fi
+ fi
+ fi
+ dnl Potentially add $additional_libdir to $LDFLAGS.
+ dnl But don't add it
+ dnl 1. if it's the standard /usr/lib,
+ dnl 2. if it's already present in $LDFLAGS,
+ dnl 3. if it's /usr/local/lib and we are using GCC on Linux,
+ dnl 4. if it doesn't exist as a directory.
+ if test "X$additional_libdir" != "X/usr/$acl_libdirstem"; then
+ haveit=
+ for x in $LDFLAGS; do
+ AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"])
+ if test "X$x" = "X-L$additional_libdir"; then
+ haveit=yes
+ break
+ fi
+ done
+ if test -z "$haveit"; then
+ if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem"; then
+ if test -n "$GCC"; then
+ case $host_os in
+ linux*) haveit=yes;;
+ esac
+ fi
+ fi
+ if test -z "$haveit"; then
+ if test -d "$additional_libdir"; then
+ dnl Really add $additional_libdir to $LDFLAGS.
+ LDFLAGS="${LDFLAGS}${LDFLAGS:+ }-L$additional_libdir"
+ fi
+ fi
+ fi
+ fi
+ fi
+])
+
+dnl AC_LIB_PREPARE_PREFIX creates variables acl_final_prefix,
+dnl acl_final_exec_prefix, containing the values to which $prefix and
+dnl $exec_prefix will expand at the end of the configure script.
+AC_DEFUN([AC_LIB_PREPARE_PREFIX],
+[
+ dnl Unfortunately, prefix and exec_prefix get only finally determined
+ dnl at the end of configure.
+ if test "X$prefix" = "XNONE"; then
+ acl_final_prefix="$ac_default_prefix"
+ else
+ acl_final_prefix="$prefix"
+ fi
+ if test "X$exec_prefix" = "XNONE"; then
+ acl_final_exec_prefix='${prefix}'
+ else
+ acl_final_exec_prefix="$exec_prefix"
+ fi
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ eval acl_final_exec_prefix=\"$acl_final_exec_prefix\"
+ prefix="$acl_save_prefix"
+])
+
+dnl AC_LIB_WITH_FINAL_PREFIX([statement]) evaluates statement, with the
+dnl variables prefix and exec_prefix bound to the values they will have
+dnl at the end of the configure script.
+AC_DEFUN([AC_LIB_WITH_FINAL_PREFIX],
+[
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+ acl_save_exec_prefix="$exec_prefix"
+ exec_prefix="$acl_final_exec_prefix"
+ $1
+ exec_prefix="$acl_save_exec_prefix"
+ prefix="$acl_save_prefix"
+])
+
+dnl AC_LIB_PREPARE_MULTILIB creates a variable acl_libdirstem, containing
+dnl the basename of the libdir, either "lib" or "lib64".
+AC_DEFUN([AC_LIB_PREPARE_MULTILIB],
+[
+ dnl There is no formal standard regarding lib and lib64. The current
+ dnl practice is that on a system supporting 32-bit and 64-bit instruction
+ dnl sets or ABIs, 64-bit libraries go under $prefix/lib64 and 32-bit
+ dnl libraries go under $prefix/lib. We determine the compiler's default
+ dnl mode by looking at the compiler's library search path. If at least
+ dnl of its elements ends in /lib64 or points to a directory whose absolute
+ dnl pathname ends in /lib64, we assume a 64-bit ABI. Otherwise we use the
+ dnl default, namely "lib".
+ acl_libdirstem=lib
+ searchpath=`(LC_ALL=C $CC -print-search-dirs) 2>/dev/null | sed -n -e 's,^libraries: ,,p' | sed -e 's,^=,,'`
+ if test -n "$searchpath"; then
+ acl_save_IFS="${IFS= }"; IFS=":"
+ for searchdir in $searchpath; do
+ if test -d "$searchdir"; then
+ case "$searchdir" in
+ */lib64/ | */lib64 ) acl_libdirstem=lib64 ;;
+ *) searchdir=`cd "$searchdir" && pwd`
+ case "$searchdir" in
+ */lib64 ) acl_libdirstem=lib64 ;;
+ esac ;;
+ esac
+ fi
+ done
+ IFS="$acl_save_IFS"
+ fi
+])
diff --git a/Linux-PAM/m4/libprelude.m4 b/Linux-PAM/m4/libprelude.m4
new file mode 100644
index 00000000..2c61d35a
--- /dev/null
+++ b/Linux-PAM/m4/libprelude.m4
@@ -0,0 +1,176 @@
+dnl Autoconf macros for libprelude
+dnl $id$
+
+# Modified for LIBPRELUDE -- Yoann Vandoorselaere
+# Modified for LIBGNUTLS -- nmav
+# Configure paths for LIBGCRYPT
+# Shamelessly stolen from the one of XDELTA by Owen Taylor
+# Werner Koch 99-12-09
+
+dnl AM_PATH_LIBPRELUDE([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+dnl Test for libprelude, and define LIBPRELUDE_PREFIX, LIBPRELUDE_CFLAGS, LIBPRELUDE_PTHREAD_CFLAGS,
+dnl LIBPRELUDE_LDFLAGS, and LIBPRELUDE_LIBS
+dnl
+AC_DEFUN([AM_PATH_LIBPRELUDE],
+[dnl
+dnl Get the cflags and libraries from the libprelude-config script
+dnl
+AC_ARG_WITH(libprelude-prefix, AC_HELP_STRING(--with-libprelude-prefix=PFX,
+ Prefix where libprelude is installed (optional)),
+ libprelude_config_prefix="$withval", libprelude_config_prefix="")
+
+ if test x$libprelude_config_prefix != x ; then
+ if test x${LIBPRELUDE_CONFIG+set} != xset ; then
+ LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
+ fi
+ fi
+
+ AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
+ min_libprelude_version=ifelse([$1], ,0.1.0,$1)
+ AC_MSG_CHECKING(for libprelude - version >= $min_libprelude_version)
+ no_libprelude=""
+ if test "$LIBPRELUDE_CONFIG" = "no" ; then
+ no_libprelude=yes
+ else
+ LIBPRELUDE_CFLAGS=`$LIBPRELUDE_CONFIG $libprelude_config_args --cflags`
+ LIBPRELUDE_PTHREAD_CFLAGS=`$LIBPRELUDE_CONFIG $libprelude_config_args --pthread-cflags`
+ LIBPRELUDE_LDFLAGS=`$LIBPRELUDE_CONFIG $libprelude_config_args --ldflags`
+ LIBPRELUDE_LIBS=`$LIBPRELUDE_CONFIG $libprelude_config_args --libs`
+ LIBPRELUDE_PREFIX=`$LIBPRELUDE_CONFIG $libprelude_config_args --prefix`
+ LIBPRELUDE_CONFIG_PREFIX=`$LIBPRELUDE_CONFIG $libprelude_config_args --config-prefix`
+ libprelude_config_version=`$LIBPRELUDE_CONFIG $libprelude_config_args --version`
+
+
+ ac_save_CFLAGS="$CFLAGS"
+ ac_save_LDFLAGS="$LDFLAGS"
+ ac_save_LIBS="$LIBS"
+ CFLAGS="$CFLAGS $LIBPRELUDE_CFLAGS"
+ LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
+ LIBS="$LIBS $LIBPRELUDE_LIBS"
+dnl
+dnl Now check if the installed libprelude is sufficiently new. Also sanity
+dnl checks the results of libprelude-config to some extent
+dnl
+ rm -f conf.libpreludetest
+ AC_TRY_RUN([
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <libprelude/prelude.h>
+
+int
+main ()
+{
+ system ("touch conf.libpreludetest");
+
+ if( strcmp( prelude_check_version(NULL), "$libprelude_config_version" ) )
+ {
+ printf("\n*** 'libprelude-config --version' returned %s, but LIBPRELUDE (%s)\n",
+ "$libprelude_config_version", prelude_check_version(NULL) );
+ printf("*** was found! If libprelude-config was correct, then it is best\n");
+ printf("*** to remove the old version of LIBPRELUDE. You may also be able to fix the error\n");
+ printf("*** by modifying your LD_LIBRARY_PATH enviroment variable, or by editing\n");
+ printf("*** /etc/ld.so.conf. Make sure you have run ldconfig if that is\n");
+ printf("*** required on your system.\n");
+ printf("*** If libprelude-config was wrong, set the environment variable LIBPRELUDE_CONFIG\n");
+ printf("*** to point to the correct copy of libprelude-config, and remove the file config.cache\n");
+ printf("*** before re-running configure\n");
+ }
+ else if ( strcmp(prelude_check_version(NULL), LIBPRELUDE_VERSION ) )
+ {
+ printf("\n*** LIBPRELUDE header file (version %s) does not match\n", LIBPRELUDE_VERSION);
+ printf("*** library (version %s)\n", prelude_check_version(NULL) );
+ }
+ else
+ {
+ if ( prelude_check_version( "$min_libprelude_version" ) )
+ {
+ return 0;
+ }
+ else
+ {
+ printf("no\n*** An old version of LIBPRELUDE (%s) was found.\n",
+ prelude_check_version(NULL) );
+ printf("*** You need a version of LIBPRELUDE newer than %s. The latest version of\n",
+ "$min_libprelude_version" );
+ printf("*** LIBPRELUDE is always available from http://www.prelude-ids.org/download/releases.\n");
+ printf("*** \n");
+ printf("*** If you have already installed a sufficiently new version, this error\n");
+ printf("*** probably means that the wrong copy of the libprelude-config shell script is\n");
+ printf("*** being found. The easiest way to fix this is to remove the old version\n");
+ printf("*** of LIBPRELUDE, but you can also set the LIBPRELUDE_CONFIG environment to point to the\n");
+ printf("*** correct copy of libprelude-config. (In this case, you will have to\n");
+ printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n");
+ printf("*** so that the correct libraries are found at run-time))\n");
+ }
+ }
+ return 1;
+}
+],, no_libprelude=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"])
+ CFLAGS="$ac_save_CFLAGS"
+ LIBS="$ac_save_LIBS"
+ LDFLAGS="$ac_save_LDFLAGS"
+ fi
+
+ if test "x$no_libprelude" = x ; then
+ AC_MSG_RESULT(yes)
+ ifelse([$2], , :, [$2])
+ else
+ if test -f conf.libpreludetest ; then
+ :
+ else
+ AC_MSG_RESULT(no)
+ fi
+ if test "$LIBPRELUDE_CONFIG" = "no" ; then
+ echo "*** The libprelude-config script installed by LIBPRELUDE could not be found"
+ echo "*** If LIBPRELUDE was installed in PREFIX, make sure PREFIX/bin is in"
+ echo "*** your path, or set the LIBPRELUDE_CONFIG environment variable to the"
+ echo "*** full path to libprelude-config."
+ else
+ if test -f conf.libpreludetest ; then
+ :
+ else
+ echo "*** Could not run libprelude test program, checking why..."
+ CFLAGS="$CFLAGS $LIBPRELUDE_CFLAGS"
+ LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
+ LIBS="$LIBS $LIBPRELUDE_LIBS"
+ AC_TRY_LINK([
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <libprelude/prelude.h>
+], [ return !!prelude_check_version(NULL); ],
+ [ echo "*** The test program compiled, but did not run. This usually means"
+ echo "*** that the run-time linker is not finding LIBPRELUDE or finding the wrong"
+ echo "*** version of LIBPRELUDE. If it is not finding LIBPRELUDE, you'll need to set your"
+ echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point"
+ echo "*** to the installed location Also, make sure you have run ldconfig if that"
+ echo "*** is required on your system"
+ echo "***"
+ echo "*** If you have an old version installed, it is best to remove it, although"
+ echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH"
+ echo "***" ],
+ [ echo "*** The test program failed to compile or link. See the file config.log for the"
+ echo "*** exact error that occured. This usually means LIBPRELUDE was incorrectly installed"
+ echo "*** or that you have moved LIBPRELUDE since it was installed. In the latter case, you"
+ echo "*** may want to edit the libprelude-config script: $LIBPRELUDE_CONFIG" ])
+ CFLAGS="$ac_save_CFLAGS"
+ LDFLAGS="$ac_save_LDFLAGS"
+ LIBS="$ac_save_LIBS"
+ fi
+ fi
+ LIBPRELUDE_CFLAGS=""
+ LIBPRELUDE_LDFLAGS=""
+ LIBPRELUDE_LIBS=""
+ ifelse([$3], , :, [$3])
+ fi
+ rm -f conf.libpreludetest
+ AC_SUBST(LIBPRELUDE_CFLAGS)
+ AC_SUBST(LIBPRELUDE_PTHREAD_CFLAGS)
+ AC_SUBST(LIBPRELUDE_LDFLAGS)
+ AC_SUBST(LIBPRELUDE_LIBS)
+ AC_SUBST(LIBPRELUDE_PREFIX)
+ AC_SUBST(LIBPRELUDE_CONFIG_PREFIX)
+])
+
+dnl *-*wedit:notab*-* Please keep this as the last line.
diff --git a/Linux-PAM/m4/lock.m4 b/Linux-PAM/m4/lock.m4
new file mode 100644
index 00000000..d1ea1ca8
--- /dev/null
+++ b/Linux-PAM/m4/lock.m4
@@ -0,0 +1,289 @@
+# lock.m4 serial 2 (gettext-0.15)
+dnl Copyright (C) 2005 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+dnl Tests for a multithreading library to be used.
+dnl Defines at most one of the macros USE_POSIX_THREADS, USE_SOLARIS_THREADS,
+dnl USE_PTH_THREADS, USE_WIN32_THREADS
+dnl Sets the variables LIBTHREAD and LTLIBTHREAD to the linker options for use
+dnl in a Makefile (LIBTHREAD for use without libtool, LTLIBTHREAD for use with
+dnl libtool).
+dnl Sets the variables LIBMULTITHREAD and LTLIBMULTITHREAD similarly, for
+dnl programs that really need multithread functionality. The difference
+dnl between LIBTHREAD and LIBMULTITHREAD is that on platforms supporting weak
+dnl symbols, typically LIBTHREAD="" whereas LIBMULTITHREAD="-lpthread".
+dnl Adds to CPPFLAGS the flag -D_REENTRANT or -D_THREAD_SAFE if needed for
+dnl multithread-safe programs.
+
+AC_DEFUN([gl_LOCK],
+[
+ AC_REQUIRE([gl_LOCK_BODY])
+])
+
+dnl The guts of gl_LOCK. Needs to be expanded only once.
+
+AC_DEFUN([gl_LOCK_BODY],
+[
+ dnl Ordering constraints: This macro modifies CPPFLAGS in a way that
+ dnl influences the result of the autoconf tests that test for *_unlocked
+ dnl declarations, on AIX 5 at least. Therefore it must come early.
+ AC_BEFORE([$0], [gl_FUNC_GLIBC_UNLOCKED_IO])dnl
+ AC_BEFORE([$0], [gl_ARGP])dnl
+
+ AC_REQUIRE([AC_CANONICAL_HOST])
+ AC_REQUIRE([AC_GNU_SOURCE]) dnl needed for pthread_rwlock_t on glibc systems
+ dnl Check for multithreading.
+ AC_ARG_ENABLE(threads,
+AC_HELP_STRING([--enable-threads={posix|solaris|pth|win32}], [specify multithreading API])
+AC_HELP_STRING([--disable-threads], [build without multithread safety]),
+ gl_use_threads=$enableval, gl_use_threads=yes)
+ gl_threads_api=none
+ LIBTHREAD=
+ LTLIBTHREAD=
+ LIBMULTITHREAD=
+ LTLIBMULTITHREAD=
+ if test "$gl_use_threads" != no; then
+ dnl Check whether the compiler and linker support weak declarations.
+ AC_MSG_CHECKING([whether imported symbols can be declared weak])
+ gl_have_weak=no
+ AC_TRY_LINK([extern void xyzzy ();
+#pragma weak xyzzy], [xyzzy();], [gl_have_weak=yes])
+ AC_MSG_RESULT([$gl_have_weak])
+ if test "$gl_use_threads" = yes || test "$gl_use_threads" = posix; then
+ # On OSF/1, the compiler needs the flag -pthread or -D_REENTRANT so that
+ # it groks <pthread.h>.
+ gl_save_CPPFLAGS="$CPPFLAGS"
+ CPPFLAGS="$CPPFLAGS -D_REENTRANT"
+ AC_CHECK_HEADER(pthread.h, gl_have_pthread_h=yes, gl_have_pthread_h=no)
+ CPPFLAGS="$gl_save_CPPFLAGS"
+ if test "$gl_have_pthread_h" = yes; then
+ # Other possible tests:
+ # -lpthreads (FSU threads, PCthreads)
+ # -lgthreads
+ case "$host_os" in
+ osf*)
+ # On OSF/1, the compiler needs the flag -D_REENTRANT so that it
+ # groks <pthread.h>. cc also understands the flag -pthread, but
+ # we don't use it because 1. gcc-2.95 doesn't understand -pthread,
+ # 2. putting a flag into CPPFLAGS that has an effect on the linker
+ # causes the AC_TRY_LINK test below to succeed unexpectedly,
+ # leading to wrong values of LIBTHREAD and LTLIBTHREAD.
+ CPPFLAGS="$CPPFLAGS -D_REENTRANT"
+ ;;
+ esac
+ gl_have_pthread=
+ # Test whether both pthread_mutex_lock and pthread_mutexattr_init exist
+ # in libc. IRIX 6.5 has the first one in both libc and libpthread, but
+ # the second one only in libpthread, and lock.c needs it.
+ AC_TRY_LINK([#include <pthread.h>],
+ [pthread_mutex_lock((pthread_mutex_t*)0);
+ pthread_mutexattr_init((pthread_mutexattr_t*)0);],
+ [gl_have_pthread=yes])
+ # Test for libpthread by looking for pthread_kill. (Not pthread_self,
+ # since it is defined as a macro on OSF/1.)
+ if test -n "$gl_have_pthread"; then
+ # The program links fine without libpthread. But it may actually
+ # need to link with libpthread in order to create multiple threads.
+ AC_CHECK_LIB(pthread, pthread_kill,
+ [LIBMULTITHREAD=-lpthread LTLIBMULTITHREAD=-lpthread
+ # On Solaris and HP-UX, most pthread functions exist also in libc.
+ # Therefore pthread_in_use() needs to actually try to create a
+ # thread: pthread_create from libc will fail, whereas
+ # pthread_create will actually create a thread.
+ case "$host_os" in
+ solaris* | hpux*)
+ AC_DEFINE([PTHREAD_IN_USE_DETECTION_HARD], 1,
+ [Define if the pthread_in_use() detection is hard.])
+ esac
+ ])
+ else
+ # Some library is needed. Try libpthread and libc_r.
+ AC_CHECK_LIB(pthread, pthread_kill,
+ [gl_have_pthread=yes
+ LIBTHREAD=-lpthread LTLIBTHREAD=-lpthread
+ LIBMULTITHREAD=-lpthread LTLIBMULTITHREAD=-lpthread])
+ if test -z "$gl_have_pthread"; then
+ # For FreeBSD 4.
+ AC_CHECK_LIB(c_r, pthread_kill,
+ [gl_have_pthread=yes
+ LIBTHREAD=-lc_r LTLIBTHREAD=-lc_r
+ LIBMULTITHREAD=-lc_r LTLIBMULTITHREAD=-lc_r])
+ fi
+ fi
+ if test -n "$gl_have_pthread"; then
+ gl_threads_api=posix
+ AC_DEFINE([USE_POSIX_THREADS], 1,
+ [Define if the POSIX multithreading library can be used.])
+ if test -n "$LIBMULTITHREAD" || test -n "$LTLIBMULTITHREAD"; then
+ if test $gl_have_weak = yes; then
+ AC_DEFINE([USE_POSIX_THREADS_WEAK], 1,
+ [Define if references to the POSIX multithreading library should be made weak.])
+ LIBTHREAD=
+ LTLIBTHREAD=
+ fi
+ fi
+ # OSF/1 4.0 and MacOS X 10.1 lack the pthread_rwlock_t type and the
+ # pthread_rwlock_* functions.
+ AC_CHECK_TYPE([pthread_rwlock_t],
+ [AC_DEFINE([HAVE_PTHREAD_RWLOCK], 1,
+ [Define if the POSIX multithreading library has read/write locks.])],
+ [],
+ [#include <pthread.h>])
+ # glibc defines PTHREAD_MUTEX_RECURSIVE as enum, not as a macro.
+ AC_TRY_COMPILE([#include <pthread.h>],
+ [#if __FreeBSD__ == 4
+error "No, in FreeBSD 4.0 recursive mutexes actually don't work."
+#else
+int x = (int)PTHREAD_MUTEX_RECURSIVE;
+#endif],
+ [AC_DEFINE([HAVE_PTHREAD_MUTEX_RECURSIVE], 1,
+ [Define if the <pthread.h> defines PTHREAD_MUTEX_RECURSIVE.])])
+ # Some systems optimize for single-threaded programs by default, and
+ # need special flags to disable these optimizations. For example, the
+ # definition of 'errno' in <errno.h>.
+ case "$host_os" in
+ aix* | freebsd*) CPPFLAGS="$CPPFLAGS -D_THREAD_SAFE" ;;
+ solaris*) CPPFLAGS="$CPPFLAGS -D_REENTRANT" ;;
+ esac
+ fi
+ fi
+ fi
+ if test -z "$gl_have_pthread"; then
+ if test "$gl_use_threads" = yes || test "$gl_use_threads" = solaris; then
+ gl_have_solaristhread=
+ gl_save_LIBS="$LIBS"
+ LIBS="$LIBS -lthread"
+ AC_TRY_LINK([#include <thread.h>
+#include <synch.h>],
+ [thr_self();],
+ [gl_have_solaristhread=yes])
+ LIBS="$gl_save_LIBS"
+ if test -n "$gl_have_solaristhread"; then
+ gl_threads_api=solaris
+ LIBTHREAD=-lthread
+ LTLIBTHREAD=-lthread
+ LIBMULTITHREAD="$LIBTHREAD"
+ LTLIBMULTITHREAD="$LTLIBTHREAD"
+ AC_DEFINE([USE_SOLARIS_THREADS], 1,
+ [Define if the old Solaris multithreading library can be used.])
+ if test $gl_have_weak = yes; then
+ AC_DEFINE([USE_SOLARIS_THREADS_WEAK], 1,
+ [Define if references to the old Solaris multithreading library should be made weak.])
+ LIBTHREAD=
+ LTLIBTHREAD=
+ fi
+ fi
+ fi
+ fi
+ if test "$gl_use_threads" = pth; then
+ gl_save_CPPFLAGS="$CPPFLAGS"
+ AC_LIB_LINKFLAGS(pth)
+ gl_have_pth=
+ gl_save_LIBS="$LIBS"
+ LIBS="$LIBS -lpth"
+ AC_TRY_LINK([#include <pth.h>], [pth_self();], gl_have_pth=yes)
+ LIBS="$gl_save_LIBS"
+ if test -n "$gl_have_pth"; then
+ gl_threads_api=pth
+ LIBTHREAD="$LIBPTH"
+ LTLIBTHREAD="$LTLIBPTH"
+ LIBMULTITHREAD="$LIBTHREAD"
+ LTLIBMULTITHREAD="$LTLIBTHREAD"
+ AC_DEFINE([USE_PTH_THREADS], 1,
+ [Define if the GNU Pth multithreading library can be used.])
+ if test -n "$LIBMULTITHREAD" || test -n "$LTLIBMULTITHREAD"; then
+ if test $gl_have_weak = yes; then
+ AC_DEFINE([USE_PTH_THREADS_WEAK], 1,
+ [Define if references to the GNU Pth multithreading library should be made weak.])
+ LIBTHREAD=
+ LTLIBTHREAD=
+ fi
+ fi
+ else
+ CPPFLAGS="$gl_save_CPPFLAGS"
+ fi
+ fi
+ if test -z "$gl_have_pthread"; then
+ if test "$gl_use_threads" = yes || test "$gl_use_threads" = win32; then
+ if { case "$host_os" in
+ mingw*) true;;
+ *) false;;
+ esac
+ }; then
+ gl_threads_api=win32
+ AC_DEFINE([USE_WIN32_THREADS], 1,
+ [Define if the Win32 multithreading API can be used.])
+ fi
+ fi
+ fi
+ fi
+ AC_MSG_CHECKING([for multithread API to use])
+ AC_MSG_RESULT([$gl_threads_api])
+ AC_SUBST(LIBTHREAD)
+ AC_SUBST(LTLIBTHREAD)
+ AC_SUBST(LIBMULTITHREAD)
+ AC_SUBST(LTLIBMULTITHREAD)
+ gl_PREREQ_LOCK
+])
+
+# Prerequisites of lib/lock.c.
+AC_DEFUN([gl_PREREQ_LOCK], [
+ AC_REQUIRE([AC_C_INLINE])
+])
+
+dnl Survey of platforms:
+dnl
+dnl Platform Available Compiler Supports test-lock
+dnl flavours option weak result
+dnl --------------- --------- --------- -------- ---------
+dnl Linux 2.4/glibc posix -lpthread Y OK
+dnl
+dnl GNU Hurd/glibc posix
+dnl
+dnl FreeBSD 5.3 posix -lc_r Y
+dnl posix -lkse ? Y
+dnl posix -lpthread ? Y
+dnl posix -lthr Y
+dnl
+dnl FreeBSD 5.2 posix -lc_r Y
+dnl posix -lkse Y
+dnl posix -lthr Y
+dnl
+dnl FreeBSD 4.0,4.10 posix -lc_r Y OK
+dnl
+dnl NetBSD 1.6 --
+dnl
+dnl OpenBSD 3.4 posix -lpthread Y OK
+dnl
+dnl MacOS X 10.[123] posix -lpthread Y OK
+dnl
+dnl Solaris 7,8,9 posix -lpthread Y Sol 7,8: 0.0; Sol 9: OK
+dnl solaris -lthread Y Sol 7,8: 0.0; Sol 9: OK
+dnl
+dnl HP-UX 11 posix -lpthread N (cc) OK
+dnl Y (gcc)
+dnl
+dnl IRIX 6.5 posix -lpthread Y 0.5
+dnl
+dnl AIX 4.3,5.1 posix -lpthread N AIX 4: 0.5; AIX 5: OK
+dnl
+dnl OSF/1 4.0,5.1 posix -pthread (cc) N OK
+dnl -lpthread (gcc) Y
+dnl
+dnl Cygwin posix -lpthread Y OK
+dnl
+dnl Any of the above pth -lpth 0.0
+dnl
+dnl Mingw win32 N OK
+dnl
+dnl BeOS 5 --
+dnl
+dnl The test-lock result shows what happens if in test-lock.c EXPLICIT_YIELD is
+dnl turned off:
+dnl OK if all three tests terminate OK,
+dnl 0.5 if the first test terminates OK but the second one loops endlessly,
+dnl 0.0 if the first test already loops endlessly.
diff --git a/Linux-PAM/m4/longdouble.m4 b/Linux-PAM/m4/longdouble.m4
new file mode 100644
index 00000000..25590f47
--- /dev/null
+++ b/Linux-PAM/m4/longdouble.m4
@@ -0,0 +1,31 @@
+# longdouble.m4 serial 2 (gettext-0.15)
+dnl Copyright (C) 2002-2003, 2006 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+dnl Test whether the compiler supports the 'long double' type.
+dnl Prerequisite: AC_PROG_CC
+
+dnl This file is only needed in autoconf <= 2.59. Newer versions of autoconf
+dnl have a macro AC_TYPE_LONG_DOUBLE with identical semantics.
+
+AC_DEFUN([gt_TYPE_LONGDOUBLE],
+[
+ AC_CACHE_CHECK([for long double], gt_cv_c_long_double,
+ [if test "$GCC" = yes; then
+ gt_cv_c_long_double=yes
+ else
+ AC_TRY_COMPILE([
+ /* The Stardent Vistra knows sizeof(long double), but does not support it. */
+ long double foo = 0.0;
+ /* On Ultrix 4.3 cc, long double is 4 and double is 8. */
+ int array [2*(sizeof(long double) >= sizeof(double)) - 1];
+ ], ,
+ gt_cv_c_long_double=yes, gt_cv_c_long_double=no)
+ fi])
+ if test $gt_cv_c_long_double = yes; then
+ AC_DEFINE(HAVE_LONG_DOUBLE, 1, [Define if you have the 'long double' type.])
+ fi
+])
diff --git a/Linux-PAM/m4/longlong.m4 b/Linux-PAM/m4/longlong.m4
new file mode 100644
index 00000000..7b399e01
--- /dev/null
+++ b/Linux-PAM/m4/longlong.m4
@@ -0,0 +1,23 @@
+# longlong.m4 serial 5
+dnl Copyright (C) 1999-2004 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Paul Eggert.
+
+# Define HAVE_LONG_LONG if 'long long' works.
+
+AC_DEFUN([gl_AC_TYPE_LONG_LONG],
+[
+ AC_CACHE_CHECK([for long long], ac_cv_type_long_long,
+ [AC_TRY_LINK([long long ll = 1LL; int i = 63;],
+ [long long llmax = (long long) -1;
+ return ll << i | ll >> i | llmax / ll | llmax % ll;],
+ ac_cv_type_long_long=yes,
+ ac_cv_type_long_long=no)])
+ if test $ac_cv_type_long_long = yes; then
+ AC_DEFINE(HAVE_LONG_LONG, 1,
+ [Define if you have the 'long long' type.])
+ fi
+])
diff --git a/Linux-PAM/m4/nls.m4 b/Linux-PAM/m4/nls.m4
new file mode 100644
index 00000000..7967cc2f
--- /dev/null
+++ b/Linux-PAM/m4/nls.m4
@@ -0,0 +1,31 @@
+# nls.m4 serial 3 (gettext-0.15)
+dnl Copyright (C) 1995-2003, 2005-2006 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+dnl
+dnl This file can can be used in projects which are not available under
+dnl the GNU General Public License or the GNU Library General Public
+dnl License but which still want to provide support for the GNU gettext
+dnl functionality.
+dnl Please note that the actual code of the GNU gettext library is covered
+dnl by the GNU Library General Public License, and the rest of the GNU
+dnl gettext package package is covered by the GNU General Public License.
+dnl They are *not* in the public domain.
+
+dnl Authors:
+dnl Ulrich Drepper <drepper@cygnus.com>, 1995-2000.
+dnl Bruno Haible <haible@clisp.cons.org>, 2000-2003.
+
+AC_PREREQ(2.50)
+
+AC_DEFUN([AM_NLS],
+[
+ AC_MSG_CHECKING([whether NLS is requested])
+ dnl Default is enabled NLS
+ AC_ARG_ENABLE(nls,
+ [ --disable-nls do not use Native Language Support],
+ USE_NLS=$enableval, USE_NLS=yes)
+ AC_MSG_RESULT($USE_NLS)
+ AC_SUBST(USE_NLS)
+])
diff --git a/Linux-PAM/m4/po.m4 b/Linux-PAM/m4/po.m4
new file mode 100644
index 00000000..00133ef3
--- /dev/null
+++ b/Linux-PAM/m4/po.m4
@@ -0,0 +1,428 @@
+# po.m4 serial 13 (gettext-0.15)
+dnl Copyright (C) 1995-2006 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+dnl
+dnl This file can can be used in projects which are not available under
+dnl the GNU General Public License or the GNU Library General Public
+dnl License but which still want to provide support for the GNU gettext
+dnl functionality.
+dnl Please note that the actual code of the GNU gettext library is covered
+dnl by the GNU Library General Public License, and the rest of the GNU
+dnl gettext package package is covered by the GNU General Public License.
+dnl They are *not* in the public domain.
+
+dnl Authors:
+dnl Ulrich Drepper <drepper@cygnus.com>, 1995-2000.
+dnl Bruno Haible <haible@clisp.cons.org>, 2000-2003.
+
+AC_PREREQ(2.50)
+
+dnl Checks for all prerequisites of the po subdirectory.
+AC_DEFUN([AM_PO_SUBDIRS],
+[
+ AC_REQUIRE([AC_PROG_MAKE_SET])dnl
+ AC_REQUIRE([AC_PROG_INSTALL])dnl
+ AC_REQUIRE([AM_PROG_MKDIR_P])dnl defined by automake
+ AC_REQUIRE([AM_NLS])dnl
+
+ dnl Perform the following tests also if --disable-nls has been given,
+ dnl because they are needed for "make dist" to work.
+
+ dnl Search for GNU msgfmt in the PATH.
+ dnl The first test excludes Solaris msgfmt and early GNU msgfmt versions.
+ dnl The second test excludes FreeBSD msgfmt.
+ AM_PATH_PROG_WITH_TEST(MSGFMT, msgfmt,
+ [$ac_dir/$ac_word --statistics /dev/null >&]AS_MESSAGE_LOG_FD[ 2>&1 &&
+ (if $ac_dir/$ac_word --statistics /dev/null 2>&1 >/dev/null | grep usage >/dev/null; then exit 1; else exit 0; fi)],
+ :)
+ AC_PATH_PROG(GMSGFMT, gmsgfmt, $MSGFMT)
+
+ dnl Test whether it is GNU msgfmt >= 0.15.
+changequote(,)dnl
+ case `$MSGFMT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in
+ '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) MSGFMT_015=: ;;
+ *) MSGFMT_015=$MSGFMT ;;
+ esac
+changequote([,])dnl
+ AC_SUBST([MSGFMT_015])
+changequote(,)dnl
+ case `$GMSGFMT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in
+ '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) GMSGFMT_015=: ;;
+ *) GMSGFMT_015=$GMSGFMT ;;
+ esac
+changequote([,])dnl
+ AC_SUBST([GMSGFMT_015])
+
+ dnl Search for GNU xgettext 0.12 or newer in the PATH.
+ dnl The first test excludes Solaris xgettext and early GNU xgettext versions.
+ dnl The second test excludes FreeBSD xgettext.
+ AM_PATH_PROG_WITH_TEST(XGETTEXT, xgettext,
+ [$ac_dir/$ac_word --omit-header --copyright-holder= --msgid-bugs-address= /dev/null >&]AS_MESSAGE_LOG_FD[ 2>&1 &&
+ (if $ac_dir/$ac_word --omit-header --copyright-holder= --msgid-bugs-address= /dev/null 2>&1 >/dev/null | grep usage >/dev/null; then exit 1; else exit 0; fi)],
+ :)
+ dnl Remove leftover from FreeBSD xgettext call.
+ rm -f messages.po
+
+ dnl Test whether it is GNU xgettext >= 0.15.
+changequote(,)dnl
+ case `$XGETTEXT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in
+ '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) XGETTEXT_015=: ;;
+ *) XGETTEXT_015=$XGETTEXT ;;
+ esac
+changequote([,])dnl
+ AC_SUBST([XGETTEXT_015])
+
+ dnl Search for GNU msgmerge 0.11 or newer in the PATH.
+ AM_PATH_PROG_WITH_TEST(MSGMERGE, msgmerge,
+ [$ac_dir/$ac_word --update -q /dev/null /dev/null >&]AS_MESSAGE_LOG_FD[ 2>&1], :)
+
+ dnl Installation directories.
+ dnl Autoconf >= 2.60 defines localedir. For older versions of autoconf, we
+ dnl have to define it here, so that it can be used in po/Makefile.
+ test -n "$localedir" || localedir='${datadir}/locale'
+ AC_SUBST([localedir])
+
+ AC_CONFIG_COMMANDS([po-directories], [[
+ for ac_file in $CONFIG_FILES; do
+ # Support "outfile[:infile[:infile...]]"
+ case "$ac_file" in
+ *:*) ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
+ esac
+ # PO directories have a Makefile.in generated from Makefile.in.in.
+ case "$ac_file" in */Makefile.in)
+ # Adjust a relative srcdir.
+ ac_dir=`echo "$ac_file"|sed 's%/[^/][^/]*$%%'`
+ ac_dir_suffix="/`echo "$ac_dir"|sed 's%^\./%%'`"
+ ac_dots=`echo "$ac_dir_suffix"|sed 's%/[^/]*%../%g'`
+ # In autoconf-2.13 it is called $ac_given_srcdir.
+ # In autoconf-2.50 it is called $srcdir.
+ test -n "$ac_given_srcdir" || ac_given_srcdir="$srcdir"
+ case "$ac_given_srcdir" in
+ .) top_srcdir=`echo $ac_dots|sed 's%/$%%'` ;;
+ /*) top_srcdir="$ac_given_srcdir" ;;
+ *) top_srcdir="$ac_dots$ac_given_srcdir" ;;
+ esac
+ # Treat a directory as a PO directory if and only if it has a
+ # POTFILES.in file. This allows packages to have multiple PO
+ # directories under different names or in different locations.
+ if test -f "$ac_given_srcdir/$ac_dir/POTFILES.in"; then
+ rm -f "$ac_dir/POTFILES"
+ test -n "$as_me" && echo "$as_me: creating $ac_dir/POTFILES" || echo "creating $ac_dir/POTFILES"
+ cat "$ac_given_srcdir/$ac_dir/POTFILES.in" | sed -e "/^#/d" -e "/^[ ]*\$/d" -e "s,.*, $top_srcdir/& \\\\," | sed -e "\$s/\(.*\) \\\\/\1/" > "$ac_dir/POTFILES"
+ POMAKEFILEDEPS="POTFILES.in"
+ # ALL_LINGUAS, POFILES, UPDATEPOFILES, DUMMYPOFILES, GMOFILES depend
+ # on $ac_dir but don't depend on user-specified configuration
+ # parameters.
+ if test -f "$ac_given_srcdir/$ac_dir/LINGUAS"; then
+ # The LINGUAS file contains the set of available languages.
+ if test -n "$OBSOLETE_ALL_LINGUAS"; then
+ test -n "$as_me" && echo "$as_me: setting ALL_LINGUAS in configure.in is obsolete" || echo "setting ALL_LINGUAS in configure.in is obsolete"
+ fi
+ ALL_LINGUAS_=`sed -e "/^#/d" -e "s/#.*//" "$ac_given_srcdir/$ac_dir/LINGUAS"`
+ # Hide the ALL_LINGUAS assigment from automake < 1.5.
+ eval 'ALL_LINGUAS''=$ALL_LINGUAS_'
+ POMAKEFILEDEPS="$POMAKEFILEDEPS LINGUAS"
+ else
+ # The set of available languages was given in configure.in.
+ # Hide the ALL_LINGUAS assigment from automake < 1.5.
+ eval 'ALL_LINGUAS''=$OBSOLETE_ALL_LINGUAS'
+ fi
+ # Compute POFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).po)
+ # Compute UPDATEPOFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(lang).po-update)
+ # Compute DUMMYPOFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(lang).nop)
+ # Compute GMOFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).gmo)
+ case "$ac_given_srcdir" in
+ .) srcdirpre= ;;
+ *) srcdirpre='$(srcdir)/' ;;
+ esac
+ POFILES=
+ UPDATEPOFILES=
+ DUMMYPOFILES=
+ GMOFILES=
+ for lang in $ALL_LINGUAS; do
+ POFILES="$POFILES $srcdirpre$lang.po"
+ UPDATEPOFILES="$UPDATEPOFILES $lang.po-update"
+ DUMMYPOFILES="$DUMMYPOFILES $lang.nop"
+ GMOFILES="$GMOFILES $srcdirpre$lang.gmo"
+ done
+ # CATALOGS depends on both $ac_dir and the user's LINGUAS
+ # environment variable.
+ INST_LINGUAS=
+ if test -n "$ALL_LINGUAS"; then
+ for presentlang in $ALL_LINGUAS; do
+ useit=no
+ if test "%UNSET%" != "$LINGUAS"; then
+ desiredlanguages="$LINGUAS"
+ else
+ desiredlanguages="$ALL_LINGUAS"
+ fi
+ for desiredlang in $desiredlanguages; do
+ # Use the presentlang catalog if desiredlang is
+ # a. equal to presentlang, or
+ # b. a variant of presentlang (because in this case,
+ # presentlang can be used as a fallback for messages
+ # which are not translated in the desiredlang catalog).
+ case "$desiredlang" in
+ "$presentlang"*) useit=yes;;
+ esac
+ done
+ if test $useit = yes; then
+ INST_LINGUAS="$INST_LINGUAS $presentlang"
+ fi
+ done
+ fi
+ CATALOGS=
+ if test -n "$INST_LINGUAS"; then
+ for lang in $INST_LINGUAS; do
+ CATALOGS="$CATALOGS $lang.gmo"
+ done
+ fi
+ test -n "$as_me" && echo "$as_me: creating $ac_dir/Makefile" || echo "creating $ac_dir/Makefile"
+ sed -e "/^POTFILES =/r $ac_dir/POTFILES" -e "/^# Makevars/r $ac_given_srcdir/$ac_dir/Makevars" -e "s|@POFILES@|$POFILES|g" -e "s|@UPDATEPOFILES@|$UPDATEPOFILES|g" -e "s|@DUMMYPOFILES@|$DUMMYPOFILES|g" -e "s|@GMOFILES@|$GMOFILES|g" -e "s|@CATALOGS@|$CATALOGS|g" -e "s|@POMAKEFILEDEPS@|$POMAKEFILEDEPS|g" "$ac_dir/Makefile.in" > "$ac_dir/Makefile"
+ for f in "$ac_given_srcdir/$ac_dir"/Rules-*; do
+ if test -f "$f"; then
+ case "$f" in
+ *.orig | *.bak | *~) ;;
+ *) cat "$f" >> "$ac_dir/Makefile" ;;
+ esac
+ fi
+ done
+ fi
+ ;;
+ esac
+ done]],
+ [# Capture the value of obsolete ALL_LINGUAS because we need it to compute
+ # POFILES, UPDATEPOFILES, DUMMYPOFILES, GMOFILES, CATALOGS. But hide it
+ # from automake < 1.5.
+ eval 'OBSOLETE_ALL_LINGUAS''="$ALL_LINGUAS"'
+ # Capture the value of LINGUAS because we need it to compute CATALOGS.
+ LINGUAS="${LINGUAS-%UNSET%}"
+ ])
+])
+
+dnl Postprocesses a Makefile in a directory containing PO files.
+AC_DEFUN([AM_POSTPROCESS_PO_MAKEFILE],
+[
+ # When this code is run, in config.status, two variables have already been
+ # set:
+ # - OBSOLETE_ALL_LINGUAS is the value of LINGUAS set in configure.in,
+ # - LINGUAS is the value of the environment variable LINGUAS at configure
+ # time.
+
+changequote(,)dnl
+ # Adjust a relative srcdir.
+ ac_dir=`echo "$ac_file"|sed 's%/[^/][^/]*$%%'`
+ ac_dir_suffix="/`echo "$ac_dir"|sed 's%^\./%%'`"
+ ac_dots=`echo "$ac_dir_suffix"|sed 's%/[^/]*%../%g'`
+ # In autoconf-2.13 it is called $ac_given_srcdir.
+ # In autoconf-2.50 it is called $srcdir.
+ test -n "$ac_given_srcdir" || ac_given_srcdir="$srcdir"
+ case "$ac_given_srcdir" in
+ .) top_srcdir=`echo $ac_dots|sed 's%/$%%'` ;;
+ /*) top_srcdir="$ac_given_srcdir" ;;
+ *) top_srcdir="$ac_dots$ac_given_srcdir" ;;
+ esac
+
+ # Find a way to echo strings without interpreting backslash.
+ if test "X`(echo '\t') 2>/dev/null`" = 'X\t'; then
+ gt_echo='echo'
+ else
+ if test "X`(printf '%s\n' '\t') 2>/dev/null`" = 'X\t'; then
+ gt_echo='printf %s\n'
+ else
+ echo_func () {
+ cat <<EOT
+$*
+EOT
+ }
+ gt_echo='echo_func'
+ fi
+ fi
+
+ # A sed script that extracts the value of VARIABLE from a Makefile.
+ sed_x_variable='
+# Test if the hold space is empty.
+x
+s/P/P/
+x
+ta
+# Yes it was empty. Look if we have the expected variable definition.
+/^[ ]*VARIABLE[ ]*=/{
+ # Seen the first line of the variable definition.
+ s/^[ ]*VARIABLE[ ]*=//
+ ba
+}
+bd
+:a
+# Here we are processing a line from the variable definition.
+# Remove comment, more precisely replace it with a space.
+s/#.*$/ /
+# See if the line ends in a backslash.
+tb
+:b
+s/\\$//
+# Print the line, without the trailing backslash.
+p
+tc
+# There was no trailing backslash. The end of the variable definition is
+# reached. Clear the hold space.
+s/^.*$//
+x
+bd
+:c
+# A trailing backslash means that the variable definition continues in the
+# next line. Put a nonempty string into the hold space to indicate this.
+s/^.*$/P/
+x
+:d
+'
+changequote([,])dnl
+
+ # Set POTFILES to the value of the Makefile variable POTFILES.
+ sed_x_POTFILES=`$gt_echo "$sed_x_variable" | sed -e '/^ *#/d' -e 's/VARIABLE/POTFILES/g'`
+ POTFILES=`sed -n -e "$sed_x_POTFILES" < "$ac_file"`
+ # Compute POTFILES_DEPS as
+ # $(foreach file, $(POTFILES), $(top_srcdir)/$(file))
+ POTFILES_DEPS=
+ for file in $POTFILES; do
+ POTFILES_DEPS="$POTFILES_DEPS "'$(top_srcdir)/'"$file"
+ done
+ POMAKEFILEDEPS=""
+
+ if test -n "$OBSOLETE_ALL_LINGUAS"; then
+ test -n "$as_me" && echo "$as_me: setting ALL_LINGUAS in configure.in is obsolete" || echo "setting ALL_LINGUAS in configure.in is obsolete"
+ fi
+ if test -f "$ac_given_srcdir/$ac_dir/LINGUAS"; then
+ # The LINGUAS file contains the set of available languages.
+ ALL_LINGUAS_=`sed -e "/^#/d" -e "s/#.*//" "$ac_given_srcdir/$ac_dir/LINGUAS"`
+ POMAKEFILEDEPS="$POMAKEFILEDEPS LINGUAS"
+ else
+ # Set ALL_LINGUAS to the value of the Makefile variable LINGUAS.
+ sed_x_LINGUAS=`$gt_echo "$sed_x_variable" | sed -e '/^ *#/d' -e 's/VARIABLE/LINGUAS/g'`
+ ALL_LINGUAS_=`sed -n -e "$sed_x_LINGUAS" < "$ac_file"`
+ fi
+ # Hide the ALL_LINGUAS assigment from automake < 1.5.
+ eval 'ALL_LINGUAS''=$ALL_LINGUAS_'
+ # Compute POFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).po)
+ # Compute UPDATEPOFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(lang).po-update)
+ # Compute DUMMYPOFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(lang).nop)
+ # Compute GMOFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).gmo)
+ # Compute PROPERTIESFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(top_srcdir)/$(DOMAIN)_$(lang).properties)
+ # Compute CLASSFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(top_srcdir)/$(DOMAIN)_$(lang).class)
+ # Compute QMFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).qm)
+ # Compute MSGFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(frob $(lang)).msg)
+ # Compute RESOURCESDLLFILES
+ # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(frob $(lang))/$(DOMAIN).resources.dll)
+ case "$ac_given_srcdir" in
+ .) srcdirpre= ;;
+ *) srcdirpre='$(srcdir)/' ;;
+ esac
+ POFILES=
+ UPDATEPOFILES=
+ DUMMYPOFILES=
+ GMOFILES=
+ PROPERTIESFILES=
+ CLASSFILES=
+ QMFILES=
+ MSGFILES=
+ RESOURCESDLLFILES=
+ for lang in $ALL_LINGUAS; do
+ POFILES="$POFILES $srcdirpre$lang.po"
+ UPDATEPOFILES="$UPDATEPOFILES $lang.po-update"
+ DUMMYPOFILES="$DUMMYPOFILES $lang.nop"
+ GMOFILES="$GMOFILES $srcdirpre$lang.gmo"
+ PROPERTIESFILES="$PROPERTIESFILES \$(top_srcdir)/\$(DOMAIN)_$lang.properties"
+ CLASSFILES="$CLASSFILES \$(top_srcdir)/\$(DOMAIN)_$lang.class"
+ QMFILES="$QMFILES $srcdirpre$lang.qm"
+ frobbedlang=`echo $lang | sed -e 's/\..*$//' -e 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/'`
+ MSGFILES="$MSGFILES $srcdirpre$frobbedlang.msg"
+ frobbedlang=`echo $lang | sed -e 's/_/-/g' -e 's/^sr-CS/sr-SP/' -e 's/@latin$/-Latn/' -e 's/@cyrillic$/-Cyrl/' -e 's/^sr-SP$/sr-SP-Latn/' -e 's/^uz-UZ$/uz-UZ-Latn/'`
+ RESOURCESDLLFILES="$RESOURCESDLLFILES $srcdirpre$frobbedlang/\$(DOMAIN).resources.dll"
+ done
+ # CATALOGS depends on both $ac_dir and the user's LINGUAS
+ # environment variable.
+ INST_LINGUAS=
+ if test -n "$ALL_LINGUAS"; then
+ for presentlang in $ALL_LINGUAS; do
+ useit=no
+ if test "%UNSET%" != "$LINGUAS"; then
+ desiredlanguages="$LINGUAS"
+ else
+ desiredlanguages="$ALL_LINGUAS"
+ fi
+ for desiredlang in $desiredlanguages; do
+ # Use the presentlang catalog if desiredlang is
+ # a. equal to presentlang, or
+ # b. a variant of presentlang (because in this case,
+ # presentlang can be used as a fallback for messages
+ # which are not translated in the desiredlang catalog).
+ case "$desiredlang" in
+ "$presentlang"*) useit=yes;;
+ esac
+ done
+ if test $useit = yes; then
+ INST_LINGUAS="$INST_LINGUAS $presentlang"
+ fi
+ done
+ fi
+ CATALOGS=
+ JAVACATALOGS=
+ QTCATALOGS=
+ TCLCATALOGS=
+ CSHARPCATALOGS=
+ if test -n "$INST_LINGUAS"; then
+ for lang in $INST_LINGUAS; do
+ CATALOGS="$CATALOGS $lang.gmo"
+ JAVACATALOGS="$JAVACATALOGS \$(DOMAIN)_$lang.properties"
+ QTCATALOGS="$QTCATALOGS $lang.qm"
+ frobbedlang=`echo $lang | sed -e 's/\..*$//' -e 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/'`
+ TCLCATALOGS="$TCLCATALOGS $frobbedlang.msg"
+ frobbedlang=`echo $lang | sed -e 's/_/-/g' -e 's/^sr-CS/sr-SP/' -e 's/@latin$/-Latn/' -e 's/@cyrillic$/-Cyrl/' -e 's/^sr-SP$/sr-SP-Latn/' -e 's/^uz-UZ$/uz-UZ-Latn/'`
+ CSHARPCATALOGS="$CSHARPCATALOGS $frobbedlang/\$(DOMAIN).resources.dll"
+ done
+ fi
+
+ sed -e "s|@POTFILES_DEPS@|$POTFILES_DEPS|g" -e "s|@POFILES@|$POFILES|g" -e "s|@UPDATEPOFILES@|$UPDATEPOFILES|g" -e "s|@DUMMYPOFILES@|$DUMMYPOFILES|g" -e "s|@GMOFILES@|$GMOFILES|g" -e "s|@PROPERTIESFILES@|$PROPERTIESFILES|g" -e "s|@CLASSFILES@|$CLASSFILES|g" -e "s|@QMFILES@|$QMFILES|g" -e "s|@MSGFILES@|$MSGFILES|g" -e "s|@RESOURCESDLLFILES@|$RESOURCESDLLFILES|g" -e "s|@CATALOGS@|$CATALOGS|g" -e "s|@JAVACATALOGS@|$JAVACATALOGS|g" -e "s|@QTCATALOGS@|$QTCATALOGS|g" -e "s|@TCLCATALOGS@|$TCLCATALOGS|g" -e "s|@CSHARPCATALOGS@|$CSHARPCATALOGS|g" -e 's,^#distdir:,distdir:,' < "$ac_file" > "$ac_file.tmp"
+ if grep -l '@TCLCATALOGS@' "$ac_file" > /dev/null; then
+ # Add dependencies that cannot be formulated as a simple suffix rule.
+ for lang in $ALL_LINGUAS; do
+ frobbedlang=`echo $lang | sed -e 's/\..*$//' -e 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/'`
+ cat >> "$ac_file.tmp" <<EOF
+$frobbedlang.msg: $lang.po
+ @echo "\$(MSGFMT) -c --tcl -d \$(srcdir) -l $lang $srcdirpre$lang.po"; \
+ \$(MSGFMT) -c --tcl -d "\$(srcdir)" -l $lang $srcdirpre$lang.po || { rm -f "\$(srcdir)/$frobbedlang.msg"; exit 1; }
+EOF
+ done
+ fi
+ if grep -l '@CSHARPCATALOGS@' "$ac_file" > /dev/null; then
+ # Add dependencies that cannot be formulated as a simple suffix rule.
+ for lang in $ALL_LINGUAS; do
+ frobbedlang=`echo $lang | sed -e 's/_/-/g' -e 's/^sr-CS/sr-SP/' -e 's/@latin$/-Latn/' -e 's/@cyrillic$/-Cyrl/' -e 's/^sr-SP$/sr-SP-Latn/' -e 's/^uz-UZ$/uz-UZ-Latn/'`
+ cat >> "$ac_file.tmp" <<EOF
+$frobbedlang/\$(DOMAIN).resources.dll: $lang.po
+ @echo "\$(MSGFMT) -c --csharp -d \$(srcdir) -l $lang $srcdirpre$lang.po -r \$(DOMAIN)"; \
+ \$(MSGFMT) -c --csharp -d "\$(srcdir)" -l $lang $srcdirpre$lang.po -r "\$(DOMAIN)" || { rm -f "\$(srcdir)/$frobbedlang.msg"; exit 1; }
+EOF
+ done
+ fi
+ if test -n "$POMAKEFILEDEPS"; then
+ cat >> "$ac_file.tmp" <<EOF
+Makefile: $POMAKEFILEDEPS
+EOF
+ fi
+ mv "$ac_file.tmp" "$ac_file"
+])
diff --git a/Linux-PAM/m4/printf-posix.m4 b/Linux-PAM/m4/printf-posix.m4
new file mode 100644
index 00000000..af10170a
--- /dev/null
+++ b/Linux-PAM/m4/printf-posix.m4
@@ -0,0 +1,44 @@
+# printf-posix.m4 serial 2 (gettext-0.13.1)
+dnl Copyright (C) 2003 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+dnl Test whether the printf() function supports POSIX/XSI format strings with
+dnl positions.
+
+AC_DEFUN([gt_PRINTF_POSIX],
+[
+ AC_REQUIRE([AC_PROG_CC])
+ AC_CACHE_CHECK([whether printf() supports POSIX/XSI format strings],
+ gt_cv_func_printf_posix,
+ [
+ AC_TRY_RUN([
+#include <stdio.h>
+#include <string.h>
+/* The string "%2$d %1$d", with dollar characters protected from the shell's
+ dollar expansion (possibly an autoconf bug). */
+static char format[] = { '%', '2', '$', 'd', ' ', '%', '1', '$', 'd', '\0' };
+static char buf[100];
+int main ()
+{
+ sprintf (buf, format, 33, 55);
+ return (strcmp (buf, "55 33") != 0);
+}], gt_cv_func_printf_posix=yes, gt_cv_func_printf_posix=no,
+ [
+ AC_EGREP_CPP(notposix, [
+#if defined __NetBSD__ || defined _MSC_VER || defined __MINGW32__ || defined __CYGWIN__
+ notposix
+#endif
+ ], gt_cv_func_printf_posix="guessing no",
+ gt_cv_func_printf_posix="guessing yes")
+ ])
+ ])
+ case $gt_cv_func_printf_posix in
+ *yes)
+ AC_DEFINE(HAVE_POSIX_PRINTF, 1,
+ [Define if your printf() function supports format strings with positions.])
+ ;;
+ esac
+])
diff --git a/Linux-PAM/m4/progtest.m4 b/Linux-PAM/m4/progtest.m4
new file mode 100644
index 00000000..a56365cd
--- /dev/null
+++ b/Linux-PAM/m4/progtest.m4
@@ -0,0 +1,92 @@
+# progtest.m4 serial 4 (gettext-0.14.2)
+dnl Copyright (C) 1996-2003, 2005 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+dnl
+dnl This file can can be used in projects which are not available under
+dnl the GNU General Public License or the GNU Library General Public
+dnl License but which still want to provide support for the GNU gettext
+dnl functionality.
+dnl Please note that the actual code of the GNU gettext library is covered
+dnl by the GNU Library General Public License, and the rest of the GNU
+dnl gettext package package is covered by the GNU General Public License.
+dnl They are *not* in the public domain.
+
+dnl Authors:
+dnl Ulrich Drepper <drepper@cygnus.com>, 1996.
+
+AC_PREREQ(2.50)
+
+# Search path for a program which passes the given test.
+
+dnl AM_PATH_PROG_WITH_TEST(VARIABLE, PROG-TO-CHECK-FOR,
+dnl TEST-PERFORMED-ON-FOUND_PROGRAM [, VALUE-IF-NOT-FOUND [, PATH]])
+AC_DEFUN([AM_PATH_PROG_WITH_TEST],
+[
+# Prepare PATH_SEPARATOR.
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ echo "#! /bin/sh" >conf$$.sh
+ echo "exit 0" >>conf$$.sh
+ chmod +x conf$$.sh
+ if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+ PATH_SEPARATOR=';'
+ else
+ PATH_SEPARATOR=:
+ fi
+ rm -f conf$$.sh
+fi
+
+# Find out how to test for executable files. Don't use a zero-byte file,
+# as systems may use methods other than mode bits to determine executability.
+cat >conf$$.file <<_ASEOF
+#! /bin/sh
+exit 0
+_ASEOF
+chmod +x conf$$.file
+if test -x conf$$.file >/dev/null 2>&1; then
+ ac_executable_p="test -x"
+else
+ ac_executable_p="test -f"
+fi
+rm -f conf$$.file
+
+# Extract the first word of "$2", so it can be a program name with args.
+set dummy $2; ac_word=[$]2
+AC_MSG_CHECKING([for $ac_word])
+AC_CACHE_VAL(ac_cv_path_$1,
+[case "[$]$1" in
+ [[\\/]]* | ?:[[\\/]]*)
+ ac_cv_path_$1="[$]$1" # Let the user override the test with a path.
+ ;;
+ *)
+ ac_save_IFS="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in ifelse([$5], , $PATH, [$5]); do
+ IFS="$ac_save_IFS"
+ test -z "$ac_dir" && ac_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $ac_executable_p "$ac_dir/$ac_word$ac_exec_ext"; then
+ echo "$as_me: trying $ac_dir/$ac_word..." >&AS_MESSAGE_LOG_FD
+ if [$3]; then
+ ac_cv_path_$1="$ac_dir/$ac_word$ac_exec_ext"
+ break 2
+ fi
+ fi
+ done
+ done
+ IFS="$ac_save_IFS"
+dnl If no 4th arg is given, leave the cache variable unset,
+dnl so AC_PATH_PROGS will keep looking.
+ifelse([$4], , , [ test -z "[$]ac_cv_path_$1" && ac_cv_path_$1="$4"
+])dnl
+ ;;
+esac])dnl
+$1="$ac_cv_path_$1"
+if test ifelse([$4], , [-n "[$]$1"], ["[$]$1" != "$4"]); then
+ AC_MSG_RESULT([$]$1)
+else
+ AC_MSG_RESULT(no)
+fi
+AC_SUBST($1)dnl
+])
diff --git a/Linux-PAM/m4/signed.m4 b/Linux-PAM/m4/signed.m4
new file mode 100644
index 00000000..048f5936
--- /dev/null
+++ b/Linux-PAM/m4/signed.m4
@@ -0,0 +1,17 @@
+# signed.m4 serial 1 (gettext-0.10.40)
+dnl Copyright (C) 2001-2002 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+AC_DEFUN([bh_C_SIGNED],
+[
+ AC_CACHE_CHECK([for signed], bh_cv_c_signed,
+ [AC_TRY_COMPILE(, [signed char x;], bh_cv_c_signed=yes, bh_cv_c_signed=no)])
+ if test $bh_cv_c_signed = no; then
+ AC_DEFINE(signed, ,
+ [Define to empty if the C compiler doesn't support this keyword.])
+ fi
+])
diff --git a/Linux-PAM/m4/size_max.m4 b/Linux-PAM/m4/size_max.m4
new file mode 100644
index 00000000..029e4719
--- /dev/null
+++ b/Linux-PAM/m4/size_max.m4
@@ -0,0 +1,60 @@
+# size_max.m4 serial 4
+dnl Copyright (C) 2003, 2005-2006 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+AC_DEFUN([gl_SIZE_MAX],
+[
+ AC_CHECK_HEADERS(stdint.h)
+ dnl First test whether the system already has SIZE_MAX.
+ AC_MSG_CHECKING([for SIZE_MAX])
+ result=
+ AC_EGREP_CPP([Found it], [
+#include <limits.h>
+#if HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#ifdef SIZE_MAX
+Found it
+#endif
+], result=yes)
+ if test -z "$result"; then
+ dnl Define it ourselves. Here we assume that the type 'size_t' is not wider
+ dnl than the type 'unsigned long'. Try hard to find a definition that can
+ dnl be used in a preprocessor #if, i.e. doesn't contain a cast.
+ _AC_COMPUTE_INT([sizeof (size_t) * CHAR_BIT - 1], size_t_bits_minus_1,
+ [#include <stddef.h>
+#include <limits.h>], size_t_bits_minus_1=)
+ _AC_COMPUTE_INT([sizeof (size_t) <= sizeof (unsigned int)], fits_in_uint,
+ [#include <stddef.h>], fits_in_uint=)
+ if test -n "$size_t_bits_minus_1" && test -n "$fits_in_uint"; then
+ if test $fits_in_uint = 1; then
+ dnl Even though SIZE_MAX fits in an unsigned int, it must be of type
+ dnl 'unsigned long' if the type 'size_t' is the same as 'unsigned long'.
+ AC_TRY_COMPILE([#include <stddef.h>
+ extern size_t foo;
+ extern unsigned long foo;
+ ], [], fits_in_uint=0)
+ fi
+ dnl We cannot use 'expr' to simplify this expression, because 'expr'
+ dnl works only with 'long' integers in the host environment, while we
+ dnl might be cross-compiling from a 32-bit platform to a 64-bit platform.
+ if test $fits_in_uint = 1; then
+ result="(((1U << $size_t_bits_minus_1) - 1) * 2 + 1)"
+ else
+ result="(((1UL << $size_t_bits_minus_1) - 1) * 2 + 1)"
+ fi
+ else
+ dnl Shouldn't happen, but who knows...
+ result='((size_t)~(size_t)0)'
+ fi
+ fi
+ AC_MSG_RESULT([$result])
+ if test "$result" != yes; then
+ AC_DEFINE_UNQUOTED([SIZE_MAX], [$result],
+ [Define as the maximum value of type 'size_t', if the system doesn't define it.])
+ fi
+])
diff --git a/Linux-PAM/m4/stdint_h.m4 b/Linux-PAM/m4/stdint_h.m4
new file mode 100644
index 00000000..3355f35a
--- /dev/null
+++ b/Linux-PAM/m4/stdint_h.m4
@@ -0,0 +1,26 @@
+# stdint_h.m4 serial 5
+dnl Copyright (C) 1997-2004 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Paul Eggert.
+
+# Define HAVE_STDINT_H_WITH_UINTMAX if <stdint.h> exists,
+# doesn't clash with <sys/types.h>, and declares uintmax_t.
+
+AC_DEFUN([gl_AC_HEADER_STDINT_H],
+[
+ AC_CACHE_CHECK([for stdint.h], gl_cv_header_stdint_h,
+ [AC_TRY_COMPILE(
+ [#include <sys/types.h>
+#include <stdint.h>],
+ [uintmax_t i = (uintmax_t) -1;],
+ gl_cv_header_stdint_h=yes,
+ gl_cv_header_stdint_h=no)])
+ if test $gl_cv_header_stdint_h = yes; then
+ AC_DEFINE_UNQUOTED(HAVE_STDINT_H_WITH_UINTMAX, 1,
+ [Define if <stdint.h> exists, doesn't clash with <sys/types.h>,
+ and declares uintmax_t. ])
+ fi
+])
diff --git a/Linux-PAM/m4/uintmax_t.m4 b/Linux-PAM/m4/uintmax_t.m4
new file mode 100644
index 00000000..bf83ed74
--- /dev/null
+++ b/Linux-PAM/m4/uintmax_t.m4
@@ -0,0 +1,30 @@
+# uintmax_t.m4 serial 9
+dnl Copyright (C) 1997-2004 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Paul Eggert.
+
+AC_PREREQ(2.13)
+
+# Define uintmax_t to 'unsigned long' or 'unsigned long long'
+# if it is not already defined in <stdint.h> or <inttypes.h>.
+
+AC_DEFUN([gl_AC_TYPE_UINTMAX_T],
+[
+ AC_REQUIRE([gl_AC_HEADER_INTTYPES_H])
+ AC_REQUIRE([gl_AC_HEADER_STDINT_H])
+ if test $gl_cv_header_inttypes_h = no && test $gl_cv_header_stdint_h = no; then
+ AC_REQUIRE([gl_AC_TYPE_UNSIGNED_LONG_LONG])
+ test $ac_cv_type_unsigned_long_long = yes \
+ && ac_type='unsigned long long' \
+ || ac_type='unsigned long'
+ AC_DEFINE_UNQUOTED(uintmax_t, $ac_type,
+ [Define to unsigned long or unsigned long long
+ if <stdint.h> and <inttypes.h> don't define.])
+ else
+ AC_DEFINE(HAVE_UINTMAX_T, 1,
+ [Define if you have the 'uintmax_t' type in <stdint.h> or <inttypes.h>.])
+ fi
+])
diff --git a/Linux-PAM/m4/ulonglong.m4 b/Linux-PAM/m4/ulonglong.m4
new file mode 100644
index 00000000..dee10ccc
--- /dev/null
+++ b/Linux-PAM/m4/ulonglong.m4
@@ -0,0 +1,23 @@
+# ulonglong.m4 serial 4
+dnl Copyright (C) 1999-2004 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Paul Eggert.
+
+# Define HAVE_UNSIGNED_LONG_LONG if 'unsigned long long' works.
+
+AC_DEFUN([gl_AC_TYPE_UNSIGNED_LONG_LONG],
+[
+ AC_CACHE_CHECK([for unsigned long long], ac_cv_type_unsigned_long_long,
+ [AC_TRY_LINK([unsigned long long ull = 1ULL; int i = 63;],
+ [unsigned long long ullmax = (unsigned long long) -1;
+ return ull << i | ull >> i | ullmax / ull | ullmax % ull;],
+ ac_cv_type_unsigned_long_long=yes,
+ ac_cv_type_unsigned_long_long=no)])
+ if test $ac_cv_type_unsigned_long_long = yes; then
+ AC_DEFINE(HAVE_UNSIGNED_LONG_LONG, 1,
+ [Define if you have the 'unsigned long long' type.])
+ fi
+])
diff --git a/Linux-PAM/m4/visibility.m4 b/Linux-PAM/m4/visibility.m4
new file mode 100644
index 00000000..2ff6330a
--- /dev/null
+++ b/Linux-PAM/m4/visibility.m4
@@ -0,0 +1,52 @@
+# visibility.m4 serial 1 (gettext-0.15)
+dnl Copyright (C) 2005 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+dnl Tests whether the compiler supports the command-line option
+dnl -fvisibility=hidden and the function and variable attributes
+dnl __attribute__((__visibility__("hidden"))) and
+dnl __attribute__((__visibility__("default"))).
+dnl Does *not* test for __visibility__("protected") - which has tricky
+dnl semantics (see the 'vismain' test in glibc) and does not exist e.g. on
+dnl MacOS X.
+dnl Does *not* test for __visibility__("internal") - which has processor
+dnl dependent semantics.
+dnl Does *not* test for #pragma GCC visibility push(hidden) - which is
+dnl "really only recommended for legacy code".
+dnl Set the variable CFLAG_VISIBILITY.
+dnl Defines and sets the variable HAVE_VISIBILITY.
+
+AC_DEFUN([gl_VISIBILITY],
+[
+ AC_REQUIRE([AC_PROG_CC])
+ CFLAG_VISIBILITY=
+ HAVE_VISIBILITY=0
+ if test -n "$GCC"; then
+ AC_MSG_CHECKING([for simple visibility declarations])
+ AC_CACHE_VAL(gl_cv_cc_visibility, [
+ gl_save_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS -fvisibility=hidden"
+ AC_TRY_COMPILE(
+ [extern __attribute__((__visibility__("hidden"))) int hiddenvar;
+ extern __attribute__((__visibility__("default"))) int exportedvar;
+ extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void);
+ extern __attribute__((__visibility__("default"))) int exportedfunc (void);],
+ [],
+ gl_cv_cc_visibility=yes,
+ gl_cv_cc_visibility=no)
+ CFLAGS="$gl_save_CFLAGS"])
+ AC_MSG_RESULT([$gl_cv_cc_visibility])
+ if test $gl_cv_cc_visibility = yes; then
+ CFLAG_VISIBILITY="-fvisibility=hidden"
+ HAVE_VISIBILITY=1
+ fi
+ fi
+ AC_SUBST([CFLAG_VISIBILITY])
+ AC_SUBST([HAVE_VISIBILITY])
+ AC_DEFINE_UNQUOTED([HAVE_VISIBILITY], [$HAVE_VISIBILITY],
+ [Define to 1 or 0, depending whether the compiler supports simple visibility declarations.])
+])
diff --git a/Linux-PAM/m4/wchar_t.m4 b/Linux-PAM/m4/wchar_t.m4
new file mode 100644
index 00000000..cde2129a
--- /dev/null
+++ b/Linux-PAM/m4/wchar_t.m4
@@ -0,0 +1,20 @@
+# wchar_t.m4 serial 1 (gettext-0.12)
+dnl Copyright (C) 2002-2003 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+dnl Test whether <stddef.h> has the 'wchar_t' type.
+dnl Prerequisite: AC_PROG_CC
+
+AC_DEFUN([gt_TYPE_WCHAR_T],
+[
+ AC_CACHE_CHECK([for wchar_t], gt_cv_c_wchar_t,
+ [AC_TRY_COMPILE([#include <stddef.h>
+ wchar_t foo = (wchar_t)'\0';], ,
+ gt_cv_c_wchar_t=yes, gt_cv_c_wchar_t=no)])
+ if test $gt_cv_c_wchar_t = yes; then
+ AC_DEFINE(HAVE_WCHAR_T, 1, [Define if you have the 'wchar_t' type.])
+ fi
+])
diff --git a/Linux-PAM/m4/wint_t.m4 b/Linux-PAM/m4/wint_t.m4
new file mode 100644
index 00000000..b8fff9c8
--- /dev/null
+++ b/Linux-PAM/m4/wint_t.m4
@@ -0,0 +1,20 @@
+# wint_t.m4 serial 1 (gettext-0.12)
+dnl Copyright (C) 2003 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+dnl Test whether <wchar.h> has the 'wint_t' type.
+dnl Prerequisite: AC_PROG_CC
+
+AC_DEFUN([gt_TYPE_WINT_T],
+[
+ AC_CACHE_CHECK([for wint_t], gt_cv_c_wint_t,
+ [AC_TRY_COMPILE([#include <wchar.h>
+ wint_t foo = (wchar_t)'\0';], ,
+ gt_cv_c_wint_t=yes, gt_cv_c_wint_t=no)])
+ if test $gt_cv_c_wint_t = yes; then
+ AC_DEFINE(HAVE_WINT_T, 1, [Define if you have the 'wint_t' type.])
+ fi
+])
diff --git a/Linux-PAM/m4/xsize.m4 b/Linux-PAM/m4/xsize.m4
new file mode 100644
index 00000000..85bb721e
--- /dev/null
+++ b/Linux-PAM/m4/xsize.m4
@@ -0,0 +1,13 @@
+# xsize.m4 serial 3
+dnl Copyright (C) 2003-2004 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+AC_DEFUN([gl_XSIZE],
+[
+ dnl Prerequisites of lib/xsize.h.
+ AC_REQUIRE([gl_SIZE_MAX])
+ AC_REQUIRE([AC_C_INLINE])
+ AC_CHECK_HEADERS(stdint.h)
+])
diff --git a/Linux-PAM/missing b/Linux-PAM/missing
new file mode 100755
index 00000000..894e786e
--- /dev/null
+++ b/Linux-PAM/missing
@@ -0,0 +1,360 @@
+#! /bin/sh
+# Common stub for a few missing GNU programs while installing.
+
+scriptversion=2005-06-08.21
+
+# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005
+# Free Software Foundation, Inc.
+# Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+if test $# -eq 0; then
+ echo 1>&2 "Try \`$0 --help' for more information"
+ exit 1
+fi
+
+run=:
+
+# In the cases where this matters, `missing' is being run in the
+# srcdir already.
+if test -f configure.ac; then
+ configure_ac=configure.ac
+else
+ configure_ac=configure.in
+fi
+
+msg="missing on your system"
+
+case "$1" in
+--run)
+ # Try to run requested program, and just exit if it succeeds.
+ run=
+ shift
+ "$@" && exit 0
+ # Exit code 63 means version mismatch. This often happens
+ # when the user try to use an ancient version of a tool on
+ # a file that requires a minimum version. In this case we
+ # we should proceed has if the program had been absent, or
+ # if --run hadn't been passed.
+ if test $? = 63; then
+ run=:
+ msg="probably too old"
+ fi
+ ;;
+
+ -h|--h|--he|--hel|--help)
+ echo "\
+$0 [OPTION]... PROGRAM [ARGUMENT]...
+
+Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an
+error status if there is no known handling for PROGRAM.
+
+Options:
+ -h, --help display this help and exit
+ -v, --version output version information and exit
+ --run try to run the given command, and emulate it if it fails
+
+Supported PROGRAM values:
+ aclocal touch file \`aclocal.m4'
+ autoconf touch file \`configure'
+ autoheader touch file \`config.h.in'
+ automake touch all \`Makefile.in' files
+ bison create \`y.tab.[ch]', if possible, from existing .[ch]
+ flex create \`lex.yy.c', if possible, from existing .c
+ help2man touch the output file
+ lex create \`lex.yy.c', if possible, from existing .c
+ makeinfo touch the output file
+ tar try tar, gnutar, gtar, then tar without non-portable flags
+ yacc create \`y.tab.[ch]', if possible, from existing .[ch]
+
+Send bug reports to <bug-automake@gnu.org>."
+ exit $?
+ ;;
+
+ -v|--v|--ve|--ver|--vers|--versi|--versio|--version)
+ echo "missing $scriptversion (GNU Automake)"
+ exit $?
+ ;;
+
+ -*)
+ echo 1>&2 "$0: Unknown \`$1' option"
+ echo 1>&2 "Try \`$0 --help' for more information"
+ exit 1
+ ;;
+
+esac
+
+# Now exit if we have it, but it failed. Also exit now if we
+# don't have it and --version was passed (most likely to detect
+# the program).
+case "$1" in
+ lex|yacc)
+ # Not GNU programs, they don't have --version.
+ ;;
+
+ tar)
+ if test -n "$run"; then
+ echo 1>&2 "ERROR: \`tar' requires --run"
+ exit 1
+ elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
+ exit 1
+ fi
+ ;;
+
+ *)
+ if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
+ # We have it, but it failed.
+ exit 1
+ elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
+ # Could not run --version or --help. This is probably someone
+ # running `$TOOL --version' or `$TOOL --help' to check whether
+ # $TOOL exists and not knowing $TOOL uses missing.
+ exit 1
+ fi
+ ;;
+esac
+
+# If it does not exist, or fails to run (possibly an outdated version),
+# try to emulate it.
+case "$1" in
+ aclocal*)
+ echo 1>&2 "\
+WARNING: \`$1' is $msg. You should only need it if
+ you modified \`acinclude.m4' or \`${configure_ac}'. You might want
+ to install the \`Automake' and \`Perl' packages. Grab them from
+ any GNU archive site."
+ touch aclocal.m4
+ ;;
+
+ autoconf)
+ echo 1>&2 "\
+WARNING: \`$1' is $msg. You should only need it if
+ you modified \`${configure_ac}'. You might want to install the
+ \`Autoconf' and \`GNU m4' packages. Grab them from any GNU
+ archive site."
+ touch configure
+ ;;
+
+ autoheader)
+ echo 1>&2 "\
+WARNING: \`$1' is $msg. You should only need it if
+ you modified \`acconfig.h' or \`${configure_ac}'. You might want
+ to install the \`Autoconf' and \`GNU m4' packages. Grab them
+ from any GNU archive site."
+ files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}`
+ test -z "$files" && files="config.h"
+ touch_files=
+ for f in $files; do
+ case "$f" in
+ *:*) touch_files="$touch_files "`echo "$f" |
+ sed -e 's/^[^:]*://' -e 's/:.*//'`;;
+ *) touch_files="$touch_files $f.in";;
+ esac
+ done
+ touch $touch_files
+ ;;
+
+ automake*)
+ echo 1>&2 "\
+WARNING: \`$1' is $msg. You should only need it if
+ you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'.
+ You might want to install the \`Automake' and \`Perl' packages.
+ Grab them from any GNU archive site."
+ find . -type f -name Makefile.am -print |
+ sed 's/\.am$/.in/' |
+ while read f; do touch "$f"; done
+ ;;
+
+ autom4te)
+ echo 1>&2 "\
+WARNING: \`$1' is needed, but is $msg.
+ You might have modified some files without having the
+ proper tools for further handling them.
+ You can get \`$1' as part of \`Autoconf' from any GNU
+ archive site."
+
+ file=`echo "$*" | sed -n 's/.*--output[ =]*\([^ ]*\).*/\1/p'`
+ test -z "$file" && file=`echo "$*" | sed -n 's/.*-o[ ]*\([^ ]*\).*/\1/p'`
+ if test -f "$file"; then
+ touch $file
+ else
+ test -z "$file" || exec >$file
+ echo "#! /bin/sh"
+ echo "# Created by GNU Automake missing as a replacement of"
+ echo "# $ $@"
+ echo "exit 0"
+ chmod +x $file
+ exit 1
+ fi
+ ;;
+
+ bison|yacc)
+ echo 1>&2 "\
+WARNING: \`$1' $msg. You should only need it if
+ you modified a \`.y' file. You may need the \`Bison' package
+ in order for those modifications to take effect. You can get
+ \`Bison' from any GNU archive site."
+ rm -f y.tab.c y.tab.h
+ if [ $# -ne 1 ]; then
+ eval LASTARG="\${$#}"
+ case "$LASTARG" in
+ *.y)
+ SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'`
+ if [ -f "$SRCFILE" ]; then
+ cp "$SRCFILE" y.tab.c
+ fi
+ SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'`
+ if [ -f "$SRCFILE" ]; then
+ cp "$SRCFILE" y.tab.h
+ fi
+ ;;
+ esac
+ fi
+ if [ ! -f y.tab.h ]; then
+ echo >y.tab.h
+ fi
+ if [ ! -f y.tab.c ]; then
+ echo 'main() { return 0; }' >y.tab.c
+ fi
+ ;;
+
+ lex|flex)
+ echo 1>&2 "\
+WARNING: \`$1' is $msg. You should only need it if
+ you modified a \`.l' file. You may need the \`Flex' package
+ in order for those modifications to take effect. You can get
+ \`Flex' from any GNU archive site."
+ rm -f lex.yy.c
+ if [ $# -ne 1 ]; then
+ eval LASTARG="\${$#}"
+ case "$LASTARG" in
+ *.l)
+ SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'`
+ if [ -f "$SRCFILE" ]; then
+ cp "$SRCFILE" lex.yy.c
+ fi
+ ;;
+ esac
+ fi
+ if [ ! -f lex.yy.c ]; then
+ echo 'main() { return 0; }' >lex.yy.c
+ fi
+ ;;
+
+ help2man)
+ echo 1>&2 "\
+WARNING: \`$1' is $msg. You should only need it if
+ you modified a dependency of a manual page. You may need the
+ \`Help2man' package in order for those modifications to take
+ effect. You can get \`Help2man' from any GNU archive site."
+
+ file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'`
+ if test -z "$file"; then
+ file=`echo "$*" | sed -n 's/.*--output=\([^ ]*\).*/\1/p'`
+ fi
+ if [ -f "$file" ]; then
+ touch $file
+ else
+ test -z "$file" || exec >$file
+ echo ".ab help2man is required to generate this page"
+ exit 1
+ fi
+ ;;
+
+ makeinfo)
+ echo 1>&2 "\
+WARNING: \`$1' is $msg. You should only need it if
+ you modified a \`.texi' or \`.texinfo' file, or any other file
+ indirectly affecting the aspect of the manual. The spurious
+ call might also be the consequence of using a buggy \`make' (AIX,
+ DU, IRIX). You might want to install the \`Texinfo' package or
+ the \`GNU make' package. Grab either from any GNU archive site."
+ # The file to touch is that specified with -o ...
+ file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'`
+ if test -z "$file"; then
+ # ... or it is the one specified with @setfilename ...
+ infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'`
+ file=`sed -n '/^@setfilename/ { s/.* \([^ ]*\) *$/\1/; p; q; }' $infile`
+ # ... or it is derived from the source name (dir/f.texi becomes f.info)
+ test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info
+ fi
+ # If the file does not exist, the user really needs makeinfo;
+ # let's fail without touching anything.
+ test -f $file || exit 1
+ touch $file
+ ;;
+
+ tar)
+ shift
+
+ # We have already tried tar in the generic part.
+ # Look for gnutar/gtar before invocation to avoid ugly error
+ # messages.
+ if (gnutar --version > /dev/null 2>&1); then
+ gnutar "$@" && exit 0
+ fi
+ if (gtar --version > /dev/null 2>&1); then
+ gtar "$@" && exit 0
+ fi
+ firstarg="$1"
+ if shift; then
+ case "$firstarg" in
+ *o*)
+ firstarg=`echo "$firstarg" | sed s/o//`
+ tar "$firstarg" "$@" && exit 0
+ ;;
+ esac
+ case "$firstarg" in
+ *h*)
+ firstarg=`echo "$firstarg" | sed s/h//`
+ tar "$firstarg" "$@" && exit 0
+ ;;
+ esac
+ fi
+
+ echo 1>&2 "\
+WARNING: I can't seem to be able to run \`tar' with the given arguments.
+ You may want to install GNU tar or Free paxutils, or check the
+ command line arguments."
+ exit 1
+ ;;
+
+ *)
+ echo 1>&2 "\
+WARNING: \`$1' is needed, and is $msg.
+ You might have modified some files without having the
+ proper tools for further handling them. Check the \`README' file,
+ it often tells you about the needed prerequisites for installing
+ this package. You may also peek at any GNU archive site, in case
+ some other package would contain this missing \`$1' program."
+ exit 1
+ ;;
+esac
+
+exit 0
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-end: "$"
+# End:
diff --git a/Linux-PAM/mkinstalldirs b/Linux-PAM/mkinstalldirs
new file mode 100755
index 00000000..259dbfcd
--- /dev/null
+++ b/Linux-PAM/mkinstalldirs
@@ -0,0 +1,158 @@
+#! /bin/sh
+# mkinstalldirs --- make directory hierarchy
+
+scriptversion=2005-06-29.22
+
+# Original author: Noah Friedman <friedman@prep.ai.mit.edu>
+# Created: 1993-05-16
+# Public domain.
+#
+# This file is maintained in Automake, please report
+# bugs to <bug-automake@gnu.org> or send patches to
+# <automake-patches@gnu.org>.
+
+errstatus=0
+dirmode=
+
+usage="\
+Usage: mkinstalldirs [-h] [--help] [--version] [-m MODE] DIR ...
+
+Create each directory DIR (with mode MODE, if specified), including all
+leading file name components.
+
+Report bugs to <bug-automake@gnu.org>."
+
+# process command line arguments
+while test $# -gt 0 ; do
+ case $1 in
+ -h | --help | --h*) # -h for help
+ echo "$usage"
+ exit $?
+ ;;
+ -m) # -m PERM arg
+ shift
+ test $# -eq 0 && { echo "$usage" 1>&2; exit 1; }
+ dirmode=$1
+ shift
+ ;;
+ --version)
+ echo "$0 $scriptversion"
+ exit $?
+ ;;
+ --) # stop option processing
+ shift
+ break
+ ;;
+ -*) # unknown option
+ echo "$usage" 1>&2
+ exit 1
+ ;;
+ *) # first non-opt arg
+ break
+ ;;
+ esac
+done
+
+for file
+do
+ if test -d "$file"; then
+ shift
+ else
+ break
+ fi
+done
+
+case $# in
+ 0) exit 0 ;;
+esac
+
+# Solaris 8's mkdir -p isn't thread-safe. If you mkdir -p a/b and
+# mkdir -p a/c at the same time, both will detect that a is missing,
+# one will create a, then the other will try to create a and die with
+# a "File exists" error. This is a problem when calling mkinstalldirs
+# from a parallel make. We use --version in the probe to restrict
+# ourselves to GNU mkdir, which is thread-safe.
+case $dirmode in
+ '')
+ if mkdir -p --version . >/dev/null 2>&1 && test ! -d ./--version; then
+ echo "mkdir -p -- $*"
+ exec mkdir -p -- "$@"
+ else
+ # On NextStep and OpenStep, the `mkdir' command does not
+ # recognize any option. It will interpret all options as
+ # directories to create, and then abort because `.' already
+ # exists.
+ test -d ./-p && rmdir ./-p
+ test -d ./--version && rmdir ./--version
+ fi
+ ;;
+ *)
+ if mkdir -m "$dirmode" -p --version . >/dev/null 2>&1 &&
+ test ! -d ./--version; then
+ echo "mkdir -m $dirmode -p -- $*"
+ exec mkdir -m "$dirmode" -p -- "$@"
+ else
+ # Clean up after NextStep and OpenStep mkdir.
+ for d in ./-m ./-p ./--version "./$dirmode";
+ do
+ test -d $d && rmdir $d
+ done
+ fi
+ ;;
+esac
+
+for file
+do
+ case $file in
+ /*) pathcomp=/ ;;
+ *) pathcomp= ;;
+ esac
+ oIFS=$IFS
+ IFS=/
+ set fnord $file
+ shift
+ IFS=$oIFS
+
+ for d
+ do
+ test "x$d" = x && continue
+
+ pathcomp=$pathcomp$d
+ case $pathcomp in
+ -*) pathcomp=./$pathcomp ;;
+ esac
+
+ if test ! -d "$pathcomp"; then
+ echo "mkdir $pathcomp"
+
+ mkdir "$pathcomp" || lasterr=$?
+
+ if test ! -d "$pathcomp"; then
+ errstatus=$lasterr
+ else
+ if test ! -z "$dirmode"; then
+ echo "chmod $dirmode $pathcomp"
+ lasterr=
+ chmod "$dirmode" "$pathcomp" || lasterr=$?
+
+ if test ! -z "$lasterr"; then
+ errstatus=$lasterr
+ fi
+ fi
+ fi
+ fi
+
+ pathcomp=$pathcomp/
+ done
+done
+
+exit $errstatus
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-end: "$"
+# End:
diff --git a/Linux-PAM/modules/Makefile b/Linux-PAM/modules/Makefile
deleted file mode 100644
index 58be5a24..00000000
--- a/Linux-PAM/modules/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# $Id: Makefile,v 1.4 2004/09/28 13:48:47 kukuk Exp $
-#
-# Makefile
-#
-# This makefile controls the build process of shared and static PAM modules.
-#
-#
-
-include ../Make.Rules
-
-MODDIRS=$(shell /bin/ls -d pam_*/Makefile | cut -f1 -d/)
-
-all:
- @echo building the static modutil library
- make -C pammodutil all
- @echo modules sources available are:
- @ls -d $(MODDIRS) 2>/dev/null ; echo :--------
- @echo
-ifdef STATIC
- rm -f ./_static_module_*
-endif
- @for i in $(MODDIRS) ; do \
- if [ -d $$i ]; then { \
- $(MAKE) -C $$i all ; \
- if [ $$? -ne 0 ]; then exit 1 ; fi ; \
- } elif [ -f ./.$$i ]; then { \
- cat ./.$$i ; \
- } fi ; \
- done
-
-download:
- @./download-all
-
-install:
- for i in $(MODDIRS) ; do \
- if [ -d $$i ]; then { \
- $(MAKE) -C $$i install ; \
- if [ $$? -ne 0 ]; then exit 1 ; fi ; \
- } fi ; \
- done
-
-remove:
- for i in $(MODDIRS) ; do \
- if [ -d $$i ]; then { \
- $(MAKE) -C $$i remove ; \
- } fi ; \
- done
-
-lclean:
- rm -f _static_module_*
-
-clean: lclean
- for i in $(MODDIRS) ; do \
- if [ -d $$i ]; then { \
- $(MAKE) -C $$i clean ; \
- } fi ; \
- done
- make -C pammodutil clean
diff --git a/Linux-PAM/modules/Makefile.am b/Linux-PAM/modules/Makefile.am
new file mode 100644
index 00000000..1272b0e8
--- /dev/null
+++ b/Linux-PAM/modules/Makefile.am
@@ -0,0 +1,16 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \
+ pam_env pam_filter pam_ftp pam_group pam_issue pam_keyinit \
+ pam_lastlog pam_limits pam_listfile pam_localuser pam_mail \
+ pam_mkhomedir pam_motd pam_nologin pam_permit pam_rhosts pam_rootok \
+ pam_securetty pam_selinux pam_shells pam_stress pam_succeed_if \
+ pam_tally pam_time pam_umask pam_unix pam_userdb pam_warn \
+ pam_wheel pam_xauth pam_exec pam_namespace pam_loginuid \
+ pam_faildelay
+
+CLEANFILES = *~
+
+EXTRA_DIST = modules.map
diff --git a/Linux-PAM/modules/Makefile.in b/Linux-PAM/modules/Makefile.in
new file mode 100644
index 00000000..ea167a5c
--- /dev/null
+++ b/Linux-PAM/modules/Makefile.in
@@ -0,0 +1,553 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = modules
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+SOURCES =
+DIST_SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
+ html-recursive info-recursive install-data-recursive \
+ install-dvi-recursive install-exec-recursive \
+ install-html-recursive install-info-recursive \
+ install-pdf-recursive install-ps-recursive install-recursive \
+ installcheck-recursive installdirs-recursive pdf-recursive \
+ ps-recursive uninstall-recursive
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+ETAGS = etags
+CTAGS = ctags
+DIST_SUBDIRS = $(SUBDIRS)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \
+ pam_env pam_filter pam_ftp pam_group pam_issue pam_keyinit \
+ pam_lastlog pam_limits pam_listfile pam_localuser pam_mail \
+ pam_mkhomedir pam_motd pam_nologin pam_permit pam_rhosts pam_rootok \
+ pam_securetty pam_selinux pam_shells pam_stress pam_succeed_if \
+ pam_tally pam_time pam_umask pam_unix pam_userdb pam_warn \
+ pam_wheel pam_xauth pam_exec pam_namespace pam_loginuid \
+ pam_faildelay
+
+CLEANFILES = *~
+EXTRA_DIST = modules.map
+all: all-recursive
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run `make' without going through this Makefile.
+# To change the values of `make' variables: instead of editing Makefiles,
+# (1) if the variable is set in `config.status', edit `config.status'
+# (which will cause the Makefiles to be regenerated when you run `make');
+# (2) otherwise, pass the desired values on the `make' command line.
+$(RECURSIVE_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+$(RECURSIVE_CLEAN_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ rev=''; for subdir in $$list; do \
+ if test "$$subdir" = "."; then :; else \
+ rev="$$subdir $$rev"; \
+ fi; \
+ done; \
+ rev="$$rev ."; \
+ target=`echo $@ | sed s/-recursive//`; \
+ for subdir in $$rev; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done && test -z "$$fail"
+tags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
+ done
+ctags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+ list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ distdir=`$(am__cd) $(distdir) && pwd`; \
+ top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
+ (cd $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$top_distdir" \
+ distdir="$$distdir/$$subdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-recursive
+all-am: Makefile
+installdirs: installdirs-recursive
+installdirs-am:
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+info: info-recursive
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-recursive
+
+install-exec-am:
+
+install-html: install-html-recursive
+
+install-info: install-info-recursive
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-ps: install-ps-recursive
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \
+ install-strip
+
+.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
+ all all-am check check-am clean clean-generic clean-libtool \
+ ctags ctags-recursive distclean distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-ps install-ps-am install-strip installcheck \
+ installcheck-am installdirs installdirs-am maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \
+ uninstall uninstall-am
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/README b/Linux-PAM/modules/README
deleted file mode 100644
index 73d3cf0c..00000000
--- a/Linux-PAM/modules/README
+++ /dev/null
@@ -1,55 +0,0 @@
-This directory contains the modules.
-
-If you want to reserve a module name please email <pam-list@redhat.com>
-and announce its name. Andrew Morgan, <morgan@linux.kernel.org>, will
-add it to the Makefile in the next release of Linux-PAM.
-
-As of Linux-PAM-0.40 modules can optionally conform to the static
-modules conventions.
-
-This file was updated for Linux-PAM-0.53.
-
-The conventions are as follows:
-
-There are only 6 functions that a module may declare as "public" they
-fall into 4 managment groups as follows:
-
- functions Management group
- ------------------------------------------ ----------------
- pam_sm_authenticate, pam_sm_setcred, PAM_SM_AUTH
- pam_sm_acct_mgmt, PAM_SM_ACCOUNT
- pam_sm_open_session, pam_sm_close_session, PAM_SM_SESSION
- pam_sm_chauthtok PAM_SM_PASSWORD
-
-If a module contains definitions for any of the above functions, it
-must supply definitions for all of the functions in the corresponding
-management group.
-
-The header file that defines the ANSI prototypes for these functions
-is <security/pam_modules.h> . In the case that the module wishes to
-offer the functions of a given managment group, it must #define
-PAM_SM_XXX, where XXX is one of the above four tokens. These
-definitions must occur *prior* to the
-#include <security/pam_modules.h> line.
-
-The pam_sm_... functions should be defined to be of type 'PAM_EXTERN int'.
-
-In the case that a module is being compiled with PAM_STATIC #define'd
-it should also define a globally accessible structure
-_"NAME"_modstruct containing references to each of the functions
-defined by the module. (this structure is defined in
-<security/pam_modules.h>. "NAME" is the title of the module
-(eg. "pam_deny")
-
-If a module wants to be included in the static libpam.a its Makefile
-should execute "register_static" with appropriate arguments (in this
-directory).
-
-[
-For SIMPLE working examples, see
-
- ./modules/pam_deny/* and ./modules/pam_rootok/*
-.]
-
-Andrew Morgan
-96/11/10
diff --git a/Linux-PAM/modules/Simple.Rules b/Linux-PAM/modules/Simple.Rules
deleted file mode 100644
index 57b582de..00000000
--- a/Linux-PAM/modules/Simple.Rules
+++ /dev/null
@@ -1,109 +0,0 @@
-# $Id: Simple.Rules,v 1.7 2004/09/28 13:48:47 kukuk Exp $
-#
-# For simple modules with no significant dependencies, set $(TITLE)
-# and include this file.
-#
-# There are a few ways to customize this set of rules. Namely, define
-#
-# $(MODULE_SIMPLE_EXTRACLEAN)
-# $(MODULE_SIMPLE_CLEAN)
-# $(MODULE_SIMPLE_REMOVE)
-# $(MODULE_SIMPLE_INSTALL)
-# $(MODULE_SIMPLE_EXTRALIBS) - other things to link with the module
-# $(MODULE_SIMPLE_EXTRAFILES) - other files to build (no .c suffix)
-#
-
--include ../Make.Rules
-
-LIBFILES = $(TITLE) $(MODULE_SIMPLE_EXTRAFILES)
-LIBSRC = $(addsuffix .c,$(LIBFILES))
-LIBOBJ = $(addsuffix .o,$(LIBFILES))
-LIBOBJD = $(addprefix dynamic/,$(LIBOBJ))
-LIBOBJS = $(addprefix static/,$(LIBOBJ))
-
-LINK_PAMMODUTILS = -L../pammodutil -lpammodutil -L../../libpam -lpam
-INCLUDE_PAMMODUTILS = -I../pammodutil/include
-
-ifdef DYNAMIC
-LIBSHARED = $(TITLE).so
-endif
-
-ifdef STATIC
-LIBSTATIC = lib$(TITLE).o
-endif
-
-####################### don't edit below #######################
-
-all: dirs $(LIBSHARED) $(LIBSTATIC) register
-
-dynamic/%.o : %.c
- $(CC) $(CFLAGS) $(INCLUDE_PAMMODUTILS) $(DYNAMIC) $(TARGET_ARCH) -c $< -o $@
-
-static/%.o : %.c
- $(CC) $(CFLAGS) $(INCLUDE_PAMMODUTILS) $(STATIC) $(TARGET_ARCH) -c $< -o $@
-
-dirs:
-ifdef DYNAMIC
- $(MKDIR) ./dynamic
-endif
-ifdef STATIC
- $(MKDIR) ./static
-endif
-
-register:
-ifdef STATIC
- ( cd .. ; ./register_static $(TITLE) $(TITLE)/$(LIBSTATIC) )
-endif
-
-ifdef DYNAMIC
-$(LIBOBJD): $(LIBSRC)
-endif
-
-ifdef DYNAMIC
-$(LIBSHARED): $(LIBOBJD)
- $(LD_D) -o $@ $(LIBOBJD) $(MODULE_SIMPLE_EXTRALIBS) $(NEED_LINK_LIB_C) $(LINK_PAMMODUTILS)
-
-endif
-
-ifdef STATIC
-$(LIBOBJS): $(LIBSRC)
-endif
-
-ifdef STATIC
-$(LIBSTATIC): $(LIBOBJS)
- $(LD) -r -o $@ $(LIBOBJS) $(MODULE_SIMPLE_EXTRALIBS) $(LINK_PAMMODUTILS)
-endif
-
-install: all
- $(MKDIR) $(FAKEROOT)$(SECUREDIR)
-ifdef DYNAMIC
- $(INSTALL) -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR)
-endif
-ifdef MAN3
- test -d $(FAKEROOT)$(mandir)/man3 || $(MKDIR) $(FAKEROOT)$(mandir)/man3
- $(INSTALL) -m $(MANMODE) $(MAN3) $(FAKEROOT)$(mandir)/man3/
-endif
-ifdef MAN5
- test -d $(FAKEROOT)$(mandir)/man5 || $(MKDIR) $(FAKEROOT)$(mandir)/man5
- $(INSTALL) -m $(MANMODE) $(MAN5) $(FAKEROOT)$(mandir)/man5/
-endif
-ifdef MAN8
- test -d $(FAKEROOT)$(mandir)/man8 || $(MKDIR) $(FAKEROOT)$(mandir)/man8
- $(INSTALL) -m $(MANMODE) $(MAN8) $(FAKEROOT)$(mandir)/man8/
-endif
- $(MODULE_SIMPLE_INSTALL)
-
-remove:
- rm -f $(FAKEROOT)$(SECUREDIR)/$(TITLE).so
- $(MODULE_SIMPLE_REMOVE)
-
-clean:
- rm -f $(LIBOBJD) $(LIBOBJS) core *~
- $(MODULE_SIMPLE_CLEAN)
- rm -f *.a *.o *.so *.bak
- rm -rf dynamic static
- $(MODULE_SIMPLE_EXTRACLEAN)
-
-.c.o:
- $(CC) $(CFLAGS) -c $<
-
diff --git a/Linux-PAM/modules/dont_makefile b/Linux-PAM/modules/dont_makefile
deleted file mode 100644
index 48307f02..00000000
--- a/Linux-PAM/modules/dont_makefile
+++ /dev/null
@@ -1,21 +0,0 @@
-#########################################################################
-# $Id: dont_makefile,v 1.2 2000/11/19 23:54:03 agmorgan Exp $
-#########################################################################
-# This is a makefile that does nothing. It is designed to be included
-# by module Makefile-s when they are not compatable with the local
-# system
-#########################################################################
-
-all:
- @echo "This module will not be compiled on this system"
-
-remove: clean
-
-install: clean
-
-clean:
- @echo "Nothing to do"
-
-#########################################################################
-# all over..
-#########################################################################
diff --git a/Linux-PAM/modules/download-all b/Linux-PAM/modules/download-all
deleted file mode 100755
index 9b6cf655..00000000
--- a/Linux-PAM/modules/download-all
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-#
-# $Id: download-all,v 1.1.1.1 2000/06/20 22:11:29 agmorgan Exp $
-#
-cat <<EOT
-For a number of reasons it is not practical for Linux-PAM to be
-distributed with every module out there. However, this shell script
-is intended as a convenient way for users to download modules from the
-'net in some semiautomated fashion.
-
-Please feel free to send (pam-list@redhat.com) snippets of code that
-will help others to download and unpack your favorite module into the
-Linux-PAM source tree. Especially welcome are snippets of the
-following form:
-
-ncftp ftp://my.ftpsite.org/pub/fluff/pam_fluff.tar.gz
-rm -fr pam_fluff
-tar zvfx pam_fluff.tar.gz
-
-Cheers
-
-Andrew
-morgan@linux.kernel.org
-EOT
-
-# --- insert your snippets below ---
-
-# --- insert your snippets above ---
-
-exit 0
diff --git a/Linux-PAM/modules/install_conf b/Linux-PAM/modules/install_conf
deleted file mode 100755
index 80f6be29..00000000
--- a/Linux-PAM/modules/install_conf
+++ /dev/null
@@ -1,49 +0,0 @@
-#!/bin/bash
-
-FAKEROOT=$1
-CONFD=$1$2
-CONFILE=$1$3
-MODULE=$4
-CONF=$5
-
-IGNORE_AGE=./.ignore_age
-QUIET_INSTALL=../../.quiet_install
-
-echo
-
-if [ -f "$QUIET_INSTALL" ]; then
- if [ ! -f "$CONFILE" ]; then
- yes="y"
- else
- yes="skip"
- fi
-elif [ -f "$IGNORE_AGE" ]; then
- echo "you don't want to be bothered with the age of your $CONFILE file"
- yes="n"
-elif [ ! -f "$CONFILE" ] || [ "$CONF" -nt "$CONFILE" ]; then
- if [ -f "$CONFILE" ]; then
- echo "An older $MODULE configuration file already exists ($CONFILE)"
- echo "Do you wish to copy the $CONF file in this distribution"
- echo "to $CONFILE ? (y/n) [skip] "
- read yes
- else
- yes="y"
- fi
-else
- yes="skip"
-fi
-
-if [ "$yes" = "y" ]; then
- mkdir -p $CONFD
- echo " copying $CONF to $CONFILE"
- cp $CONF $CONFILE
-else
- echo " Skipping $CONF installation"
- if [ "$yes" = "n" ]; then
- touch "$IGNORE_AGE"
- fi
-fi
-
-echo
-
-exit 0
diff --git a/Linux-PAM/modules/modules.map b/Linux-PAM/modules/modules.map
new file mode 100644
index 00000000..2234aa40
--- /dev/null
+++ b/Linux-PAM/modules/modules.map
@@ -0,0 +1,11 @@
+{
+ global:
+ pam_sm_acct_mgmt;
+ pam_sm_authenticate;
+ pam_sm_chauthtok;
+ pam_sm_close_session;
+ pam_sm_open_session;
+ pam_sm_setcred;
+ local: *;
+};
+
diff --git a/Linux-PAM/modules/pam_access/Makefile b/Linux-PAM/modules/pam_access/Makefile
deleted file mode 100644
index d8a71ee5..00000000
--- a/Linux-PAM/modules/pam_access/Makefile
+++ /dev/null
@@ -1,24 +0,0 @@
-# $Id: Makefile,v 1.3 2003/07/13 18:41:04 vorlon Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-
-include ../../Make.Rules
-
-TITLE=pam_access
-LOCAL_CONFILE=./access.conf
-INSTALLED_CONFILE=$(SCONFIGD)/access.conf
-ifeq ($(HAVE_LIBNSL),yes)
-MODULE_SIMPLE_EXTRALIBS=-lnsl
-endif
-
-DEFS=-DDEFAULT_CONF_FILE=\"$(INSTALLED_CONFILE)\"
-CFLAGS += $(DEFS)
-
-MODULE_SIMPLE_INSTALL=bash -f ../install_conf "$(FAKEROOT)" "$(SCONFIGD)" "$(INSTALLED_CONFILE)" "$(TITLE)" "$(LOCAL_CONFILE)"
-MODULE_SIMPLE_REMOVE=rm -f $(FAKEROOT)$(INSTALLED_CONFILE)
-MODULE_SIMPLE_CLEAN=rm -f ./.ignore_age
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_access/Makefile.am b/Linux-PAM/modules/pam_access/Makefile.am
new file mode 100644
index 00000000..8641b97c
--- /dev/null
+++ b/Linux-PAM/modules/pam_access/Makefile.am
@@ -0,0 +1,37 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README access.conf $(MANS) $(XMLS) tst-pam_access
+
+man_MANS = access.conf.5 pam_access.8
+
+XMLS = README.xml access.conf.5.xml pam_access.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DPAM_ACCESS_CONFIG=\"$(SCONFIGDIR)/access.conf\"
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam @LIBNSL@
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_access.la
+
+secureconf_DATA = access.conf
+
+if ENABLE_REGENERATE_MAN
+
+noinst_DATA = README
+
+README: pam_access.8.xml access.conf.5.xml
+
+-include $(top_srcdir)/Make.xml.rules
+endif
+
+TESTS = tst-pam_access
diff --git a/Linux-PAM/modules/pam_access/Makefile.in b/Linux-PAM/modules/pam_access/Makefile.in
new file mode 100644
index 00000000..86303308
--- /dev/null
+++ b/Linux-PAM/modules/pam_access/Makefile.in
@@ -0,0 +1,738 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_access
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" \
+ "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_access_la_LIBADD =
+pam_access_la_SOURCES = pam_access.c
+pam_access_la_OBJECTS = pam_access.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_access.c
+DIST_SOURCES = pam_access.c
+man5dir = $(mandir)/man5
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+secureconfDATA_INSTALL = $(INSTALL_DATA)
+DATA = $(noinst_DATA) $(secureconf_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README access.conf $(MANS) $(XMLS) tst-pam_access
+man_MANS = access.conf.5 pam_access.8
+XMLS = README.xml access.conf.5.xml pam_access.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DPAM_ACCESS_CONFIG=\"$(SCONFIGDIR)/access.conf\"
+
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam @LIBNSL@ $(am__append_1)
+securelib_LTLIBRARIES = pam_access.la
+secureconf_DATA = access.conf
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+TESTS = tst-pam_access
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_access/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_access/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_access.la: $(pam_access_la_OBJECTS) $(pam_access_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_access_la_OBJECTS) $(pam_access_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_access.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man5: $(man5_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)"
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+uninstall-man5:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+install-secureconfDATA: $(secureconf_DATA)
+ @$(NORMAL_INSTALL)
+ test -z "$(secureconfdir)" || $(MKDIR_P) "$(DESTDIR)$(secureconfdir)"
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(secureconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ $(secureconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+uninstall-secureconfDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-secureconfDATA \
+ install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man5 install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-secureconfDATA \
+ uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man5 uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man5 install-man8 \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-secureconfDATA install-securelibLTLIBRARIES \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-man \
+ uninstall-man5 uninstall-man8 uninstall-secureconfDATA \
+ uninstall-securelibLTLIBRARIES
+
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_access.8.xml access.conf.5.xml
+
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_access/README b/Linux-PAM/modules/pam_access/README
index ddd4725f..c3561da0 100644
--- a/Linux-PAM/modules/pam_access/README
+++ b/Linux-PAM/modules/pam_access/README
@@ -1,44 +1,103 @@
-# Description of its configuration file
-#
-# (The default config file is "/etc/security/access.conf". This
-# default can be overridden with a module config argument
-# 'accessfile=<full-path>'):
-#
-# Login access control table.
-#
-# When someone logs in, the table is scanned for the first entry that
-# matches the (user, host) combination, or, in case of non-networked
-# logins, the first entry that matches the (user, tty) combination. The
-# permissions field of that table entry determines whether the login will
-# be accepted or refused.
-#
-# Format of the login access control table is three fields separated by a
-# ":" character:
-#
-# permission : users : origins
-#
-# The first field should be a "+" (access granted) or "-" (access denied)
-# character.
-#
-# The second field should be a list of one or more login names, group
-# names, or ALL (always matches). A pattern of the form user@host is
-# matched when the login name matches the "user" part, and when the
-# "host" part matches the local machine name.
-#
-# The third field should be a list of one or more tty names (for
-# non-networked logins), host names, domain names (begin with "."), host
-# addresses, internet network numbers (end with "."), ALL (always
-# matches) or LOCAL (matches any string that does not contain a "."
-# character).
-#
-# If you run NIS you can use @netgroupname in host or user patterns; this
-# even works for @usergroup@@hostgroup patterns. Weird.
-#
-# The EXCEPT operator makes it possible to write very compact rules.
-#
-# The group file is searched only when a name does not match that of the
-# logged-in user. Both the user's primary group is matched, as well as
-# groups in which users are explicitly listed.
-#
-# Alexei Nogin <alexei@nogin.dnttm.ru> 1997/06/15
-############################################################################
+pam_access — PAM module for logdaemon style login access control
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_access PAM module is mainly for access management. It provides
+logdaemon style login access control based on login names, host or domain
+names, internet addresses or network numbers, or on terminal line names in case
+of non-networked logins.
+
+By default rules for access management are taken from config file /etc/security
+/access.conf if you don't specify another file.
+
+OPTIONS
+
+accessfile=/path/to/access.conf
+
+ Indicate an alternative access.conf style configuration file to override
+ the default. This can be useful when different services need different
+ access lists.
+
+debug
+
+ A lot of debug informations are printed with syslog(3).
+
+fieldsep=separators
+
+ This option modifies the field separator character that pam_access will
+ recognize when parsing the access configuration file. For example: fieldsep
+ =| will cause the default `:' character to be treated as part of a field
+ value and `|' becomes the field separator. Doing this may be useful in
+ conjuction with a system that wants to use pam_access with X based
+ applications, since the PAM_TTY item is likely to be of the form
+ "hostname:0" which includes a `:' character in its value. But you should
+ not need this.
+
+listsep=separators
+
+ This option modifies the list separator character that pam_access will
+ recognize when parsing the access configuration file. For example: listsep
+ =, will cause the default ` ' (space) and `\t' (tab) characters to be
+ treated as part of a list element value and `,' becomes the only list
+ element separator. Doing this may be useful on a system with group
+ information obtained from a Windows domain, where the default built-in
+ groups "Domain Users", "Domain Admins" contain a space.
+
+EXAMPLES
+
+These are some example lines which might be specified in /etc/security/
+access.conf.
+
+User root should be allowed to get access via cron, X11 terminal :0, tty1, ...,
+tty5, tty6.
+
++ : root : crond :0 tty1 tty2 tty3 tty4 tty5 tty6
+
+User root should be allowed to get access from hosts which own the IPv4
+addresses. This does not mean that the connection have to be a IPv4 one, a IPv6
+connection from a host with one of this IPv4 addresses does work, too.
+
++ : root : 192.168.200.1 192.168.200.4 192.168.200.9
+
++ : root : 127.0.0.1
+
+User root should get access from network 192.168.201. where the term will be
+evaluated by string matching. But it might be better to use network/netmask
+instead. The same meaning of 192.168.201. is 192.168.201.0/24 or 192.168.201.0/
+255.255.255.0.
+
++ : root : 192.168.201.
+
+User root should be able to have access from hosts foo1.bar.org and
+foo2.bar.org (uses string matching also).
+
++ : root : foo1.bar.org foo2.bar.org
+
+User root should be able to have access from domain foo.bar.org (uses string
+matching also).
+
++ : root : .foo.bar.org
+
+User root should be denied to get access from all other sources.
+
+- : root : ALL
+
+User foo and members of netgroup admins should be allowed to get access from
+all sources. This will only work if netgroup service is available.
+
++ : @admins foo : ALL
+
+User john and foo should get access from IPv6 host address.
+
++ : john foo : 2001:4ca0:0:101::1
+
+User john should get access from IPv6 net/mask.
+
++ : john : 2001:4ca0:0:101::/64
+
+All other users should be denied to get access from all sources.
+
+- : ALL : ALL
+
diff --git a/Linux-PAM/modules/pam_access/README.xml b/Linux-PAM/modules/pam_access/README.xml
new file mode 100644
index 00000000..8c7d078b
--- /dev/null
+++ b/Linux-PAM/modules/pam_access/README.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_access.8.xml">
+-->
+<!--
+<!ENTITY accessconf SYSTEM "access.conf.5.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_access.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_access-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_access.8.xml" xpointer='xpointer(//refsect1[@id = "pam_access-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_access.8.xml" xpointer='xpointer(//refsect1[@id = "pam_access-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="access.conf.5.xml" xpointer='xpointer(//refsect1[@id = "access.conf-examples"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_access/access.conf b/Linux-PAM/modules/pam_access/access.conf
index cec2be0c..b22f1d43 100644
--- a/Linux-PAM/modules/pam_access/access.conf
+++ b/Linux-PAM/modules/pam_access/access.conf
@@ -1,5 +1,8 @@
# Login access control table.
#
+# Comment line must start with "#", no space at front.
+# Order of lines is important.
+#
# When someone logs in, the table is scanned for the first entry that
# matches the (user, host) combination, or, in case of non-networked
# logins, the first entry that matches the (user, tty) combination. The
@@ -28,11 +31,11 @@
# The third field should be a list of one or more tty names (for
# non-networked logins), host names, domain names (begin with "."), host
# addresses, internet network numbers (end with "."), ALL (always
-# matches) or LOCAL (matches any string that does not contain a "."
-# character).
+# matches), NONE (matches no tty on non-networked logins) or
+# LOCAL (matches any string that does not contain a "." character).
#
-# If you run NIS you can use @netgroupname in host or user patterns; this
-# even works for @usergroup@@hostgroup patterns. Weird.
+# You can use @netgroupname in host or user patterns; this even works
+# for @usergroup@@hostgroup patterns.
#
# The EXCEPT operator makes it possible to write very compact rules.
#
@@ -63,3 +66,49 @@
#
# All other accounts are allowed to login from anywhere.
#
+##############################################################################
+# All lines from here up to the end are building a more complex example.
+##############################################################################
+#
+# User "root" should be allowed to get access via cron .. tty5 tty6.
+#+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6
+#
+# User "root" should be allowed to get access from hosts with ip addresses.
+#+ : root : 192.168.200.1 192.168.200.4 192.168.200.9
+#+ : root : 127.0.0.1
+#
+# User "root" should get access from network 192.168.201.
+# This term will be evaluated by string matching.
+# comment: It might be better to use network/netmask instead.
+# The same is 192.168.201.0/24 or 192.168.201.0/255.255.255.0
+#+ : root : 192.168.201.
+#
+# User "root" should be able to have access from domain.
+# Uses string matching also.
+#+ : root : .foo.bar.org
+#
+# User "root" should be denied to get access from all other sources.
+#- : root : ALL
+#
+# User "foo" and members of netgroup "nis_group" should be
+# allowed to get access from all sources.
+# This will only work if netgroup service is available.
+#+ : @nis_group foo : ALL
+#
+# User "john" should get access from ipv4 net/mask
+#+ : john : 127.0.0.0/24
+#
+# User "john" should get access from ipv4 as ipv6 net/mask
+#+ : john : ::ffff:127.0.0.0/127
+#
+# User "john" should get access from ipv6 host address
+#+ : john : 2001:4ca0:0:101::1
+#
+# User "john" should get access from ipv6 host address (same as above)
+#+ : john : 2001:4ca0:0:101:0:0:0:1
+#
+# User "john" should get access from ipv6 net/mask
+#+ : john : 2001:4ca0:0:101::/64
+#
+# All other users should be denied to get access from all sources.
+#- : ALL : ALL
diff --git a/Linux-PAM/modules/pam_access/access.conf.5 b/Linux-PAM/modules/pam_access/access.conf.5
new file mode 100644
index 00000000..43cc4fce
--- /dev/null
+++ b/Linux-PAM/modules/pam_access/access.conf.5
@@ -0,0 +1,163 @@
+.\" Title: access.conf
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/21/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "ACCESS.CONF" "5" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+access.conf \- the login access control table file
+.SH "DESCRIPTION"
+.PP
+The
+\fI/etc/security/access.conf\fR
+file specifies (\fIuser\fR,
+\fIhost\fR), (\fIuser\fR,
+\fInetwork/netmask\fR) or (\fIuser\fR,
+\fItty\fR) combinations for which a login will be either accepted or refused.
+.PP
+When someone logs in, the file
+\fIaccess.conf\fR
+is scanned for the first entry that matches the (\fIuser\fR,
+\fIhost\fR) or (\fIuser\fR,
+\fInetwork/netmask\fR) combination, or, in case of non\-networked logins, the first entry that matches the (\fIuser\fR,
+\fItty\fR) combination. The permissions field of that table entry determines whether the login will be accepted or refused.
+.PP
+Each line of the login access control table has three fields separated by a ":" character (colon):
+.PP
+
+\fIpermission\fR:\fIusers\fR:\fIorigins\fR
+.PP
+The first field, the
+\fIpermission\fR
+field, can be either a "\fI+\fR" character (plus) for access granted or a "\fI\-\fR" character (minus) for access denied.
+.PP
+The second field, the
+\fIusers\fR
+field, should be a list of one or more login names, group names, or
+\fIALL\fR
+(which always matches).
+.PP
+The third field, the
+\fIorigins\fR
+field, should be a list of one or more tty names (for non\-networked logins), host names, domain names (begin with "."), host addresses, internet network numbers (end with "."), internet network addresses with network mask (where network mask can be a decimal number or an internet address also),
+\fIALL\fR
+(which always matches) or
+\fILOCAL\fR
+(which matches any string that does not contain a "." character). If supported by the system you can use
+\fI@netgroupname\fR
+in host or user patterns.
+.PP
+The
+\fIexcept\fR
+operator makes it possible to write very compact rules.
+.PP
+The group file is searched only when a name does not match that of the logged\-in user. Only groups are matched in which users are explicitly listed. However the PAM module does not look at the primary group id of a user.
+.PP
+The "\fI#\fR" character at start of line (no space at front) can be used to mark this line as a comment line.
+.SH "EXAMPLES"
+.PP
+These are some example lines which might be specified in
+\fI/etc/security/access.conf\fR.
+.PP
+User
+\fIroot\fR
+should be allowed to get access via
+\fIcron\fR, X11 terminal
+\fI:0\fR,
+\fItty1\fR, ...,
+\fItty5\fR,
+\fItty6\fR.
+.PP
++ : root : crond :0 tty1 tty2 tty3 tty4 tty5 tty6
+.PP
+User
+\fIroot\fR
+should be allowed to get access from hosts which own the IPv4 addresses. This does not mean that the connection have to be a IPv4 one, a IPv6 connection from a host with one of this IPv4 addresses does work, too.
+.PP
++ : root : 192.168.200.1 192.168.200.4 192.168.200.9
+.PP
++ : root : 127.0.0.1
+.PP
+User
+\fIroot\fR
+should get access from network
+192.168.201.
+where the term will be evaluated by string matching. But it might be better to use network/netmask instead. The same meaning of
+192.168.201.
+is
+\fI192.168.201.0/24\fR
+or
+\fI192.168.201.0/255.255.255.0\fR.
+.PP
++ : root : 192.168.201.
+.PP
+User
+\fIroot\fR
+should be able to have access from hosts
+\fIfoo1.bar.org\fR
+and
+\fIfoo2.bar.org\fR
+(uses string matching also).
+.PP
++ : root : foo1.bar.org foo2.bar.org
+.PP
+User
+\fIroot\fR
+should be able to have access from domain
+\fIfoo.bar.org\fR
+(uses string matching also).
+.PP
++ : root : .foo.bar.org
+.PP
+User
+\fIroot\fR
+should be denied to get access from all other sources.
+.PP
+\- : root : ALL
+.PP
+User
+\fIfoo\fR
+and members of netgroup
+\fIadmins\fR
+should be allowed to get access from all sources. This will only work if netgroup service is available.
+.PP
++ : @admins foo : ALL
+.PP
+User
+\fIjohn\fR
+and
+\fIfoo\fR
+should get access from IPv6 host address.
+.PP
++ : john foo : 2001:4ca0:0:101::1
+.PP
+User
+\fIjohn\fR
+should get access from IPv6 net/mask.
+.PP
++ : john : 2001:4ca0:0:101::/64
+.PP
+All other users should be denied to get access from all sources.
+.PP
+\- : ALL : ALL
+.SH "SEE ALSO"
+.PP
+
+\fBpam_access\fR(8),
+\fBpam.d\fR(5),
+\fBpam\fR(8)
+.SH "AUTHORS"
+.PP
+Original
+\fBlogin.access\fR(5)
+manual was provided by Guido van Rooij which was renamed to
+\fBaccess.conf\fR(5)
+to reflect relation to default config file.
+.PP
+Network address / netmask description and example text was introduced by Mike Becher <mike.becher@lrz\-muenchen.de>.
diff --git a/Linux-PAM/modules/pam_access/access.conf.5.xml b/Linux-PAM/modules/pam_access/access.conf.5.xml
new file mode 100644
index 00000000..492f995d
--- /dev/null
+++ b/Linux-PAM/modules/pam_access/access.conf.5.xml
@@ -0,0 +1,194 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+
+<refentry id="access.conf">
+
+ <refmeta>
+ <refentrytitle>access.conf</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv>
+ <refname>access.conf</refname>
+ <refpurpose>the login access control table file</refpurpose>
+ </refnamediv>
+
+
+ <refsect1 id='access.conf-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <filename>/etc/security/access.conf</filename> file specifies
+ (<replaceable>user</replaceable>, <replaceable>host</replaceable>),
+ (<replaceable>user</replaceable>, <replaceable>network/netmask</replaceable>) or
+ (<replaceable>user</replaceable>, <replaceable>tty</replaceable>)
+ combinations for which a login will be either accepted or refused.
+ </para>
+ <para>
+ When someone logs in, the file <filename>access.conf</filename> is
+ scanned for the first entry that matches the
+ (<replaceable>user</replaceable>, <replaceable>host</replaceable>) or
+ (<replaceable>user</replaceable>, <replaceable>network/netmask</replaceable>)
+ combination, or, in case of non-networked logins, the first entry
+ that matches the
+ (<replaceable>user</replaceable>, <replaceable>tty</replaceable>)
+ combination. The permissions field of that table entry determines
+ whether the login will be accepted or refused.
+ </para>
+
+ <para>
+ Each line of the login access control table has three fields separated
+ by a ":" character (colon):
+ </para>
+
+ <para>
+ <replaceable>permission</replaceable>:<replaceable>users</replaceable>:<replaceable>origins</replaceable>
+ </para>
+
+
+ <para>
+ The first field, the <replaceable>permission</replaceable> field, can be either a
+ "<emphasis>+</emphasis>" character (plus) for access granted or a
+ "<emphasis>-</emphasis>" character (minus) for access denied.
+ </para>
+
+ <para>
+ The second field, the <replaceable>users</replaceable>
+ field, should be a list of one or more login names, group names, or
+ <emphasis>ALL</emphasis> (which always matches).
+ </para>
+
+ <para>
+ The third field, the <replaceable>origins</replaceable>
+ field, should be a list of one or more tty names (for non-networked
+ logins), host names, domain names (begin with "."), host addresses,
+ internet network numbers (end with "."), internet network addresses
+ with network mask (where network mask can be a decimal number or an
+ internet address also), <emphasis>ALL</emphasis> (which always matches)
+ or <emphasis>LOCAL</emphasis> (which matches any string that does not
+ contain a "." character). If supported by the system you can use
+ <emphasis>@netgroupname</emphasis> in host or user patterns.
+ </para>
+
+ <para>
+ The <replaceable>except</replaceable> operator makes it possible to
+ write very compact rules.
+ </para>
+
+ <para>
+ The group file is searched only when a name does not match that of
+ the logged-in user. Only groups are matched in which users are
+ explicitly listed. However the PAM module does not look at the
+ primary group id of a user.
+ </para>
+
+
+ <para>
+ The "<emphasis>#</emphasis>" character at start of line (no space
+ at front) can be used to mark this line as a comment line.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="access.conf-examples">
+ <title>EXAMPLES</title>
+ <para>
+ These are some example lines which might be specified in
+ <filename>/etc/security/access.conf</filename>.
+ </para>
+
+ <para>
+ User <emphasis>root</emphasis> should be allowed to get access via
+ <emphasis>cron</emphasis>, X11 terminal <emphasis remap='I'>:0</emphasis>,
+ <emphasis>tty1</emphasis>, ..., <emphasis>tty5</emphasis>,
+ <emphasis>tty6</emphasis>.
+ </para>
+ <para>+ : root : crond :0 tty1 tty2 tty3 tty4 tty5 tty6</para>
+
+ <para>
+ User <emphasis>root</emphasis> should be allowed to get access from
+ hosts which own the IPv4 addresses. This does not mean that the
+ connection have to be a IPv4 one, a IPv6 connection from a host with
+ one of this IPv4 addresses does work, too.
+ </para>
+ <para>+ : root : 192.168.200.1 192.168.200.4 192.168.200.9</para>
+ <para>+ : root : 127.0.0.1</para>
+
+ <para>
+ User <emphasis>root</emphasis> should get access from network
+ <literal>192.168.201.</literal> where the term will be evaluated by
+ string matching. But it might be better to use network/netmask instead.
+ The same meaning of <literal>192.168.201.</literal> is
+ <emphasis>192.168.201.0/24</emphasis> or
+ <emphasis>192.168.201.0/255.255.255.0</emphasis>.
+ </para>
+ <para>+ : root : 192.168.201.</para>
+
+ <para>
+ User <emphasis>root</emphasis> should be able to have access from hosts
+ <emphasis>foo1.bar.org</emphasis> and <emphasis>foo2.bar.org</emphasis>
+ (uses string matching also).
+ </para>
+ <para>+ : root : foo1.bar.org foo2.bar.org</para>
+
+ <para>
+ User <emphasis>root</emphasis> should be able to have access from
+ domain <emphasis>foo.bar.org</emphasis> (uses string matching also).
+ </para>
+ <para>+ : root : .foo.bar.org</para>
+
+ <para>
+ User <emphasis>root</emphasis> should be denied to get access
+ from all other sources.
+ </para>
+ <para>- : root : ALL</para>
+
+ <para>
+ User <emphasis>foo</emphasis> and members of netgroup
+ <emphasis>admins</emphasis> should be allowed to get access
+ from all sources. This will only work if netgroup service is available.
+ </para>
+ <para>+ : @admins foo : ALL</para>
+
+ <para>
+ User <emphasis>john</emphasis> and <emphasis>foo</emphasis>
+ should get access from IPv6 host address.
+ </para>
+ <para>+ : john foo : 2001:4ca0:0:101::1</para>
+
+ <para>
+ User <emphasis>john</emphasis> should get access from IPv6 net/mask.
+ </para>
+ <para>+ : john : 2001:4ca0:0:101::/64</para>
+
+ <para>
+ All other users should be denied to get access from all sources.
+ </para>
+ <para>- : ALL : ALL</para>
+
+ </refsect1>
+
+ <refsect1 id="access.conf-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry><refentrytitle>pam_access</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id="access.conf-author">
+ <title>AUTHORS</title>
+ <para>
+ Original <citerefentry><refentrytitle>login.access</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ manual was provided by Guido van Rooij which was renamed to
+ <citerefentry><refentrytitle>access.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ to reflect relation to default config file.
+ </para>
+ <para>
+ Network address / netmask description and example text was
+ introduced by Mike Becher &lt;mike.becher@lrz-muenchen.de&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_access/pam_access.8 b/Linux-PAM/modules/pam_access/pam_access.8
new file mode 100644
index 00000000..b613e323
--- /dev/null
+++ b/Linux-PAM/modules/pam_access/pam_access.8
@@ -0,0 +1,80 @@
+.\" Title: pam_access
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets vsnapshot_2006\-08\-24_0226 <http://docbook.sf.net/>
+.\" Date: 08/31/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_ACCESS" "8" "08/31/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_access \- PAM module for logdaemon style login access control
+.SH "SYNOPSIS"
+.HP 14
+\fBpam_access.so\fR [debug] [accessfile=\fIfile\fR] [fieldsep=\fIsep\fR] [listsep=\fIsep\fR]
+.SH "DESCRIPTION"
+.PP
+The pam_access PAM module is mainly for access management. It provides logdaemon style login access control based on login names, host or domain names, internet addresses or network numbers, or on terminal line names in case of non\-networked logins.
+.PP
+By default rules for access management are taken from config file
+\fI/etc/security/access.conf\fR
+if you don't specify another file.
+.SH "OPTIONS"
+.TP 3n
+\fBaccessfile=\fR\fB\fI/path/to/access.conf\fR\fR
+Indicate an alternative
+\fIaccess.conf\fR
+style configuration file to override the default. This can be useful when different services need different access lists.
+.TP 3n
+\fBdebug\fR
+A lot of debug informations are printed with
+\fBsyslog\fR(3).
+.TP 3n
+\fBfieldsep=\fR\fB\fIseparators\fR\fR
+This option modifies the field separator character that pam_access will recognize when parsing the access configuration file. For example:
+\fBfieldsep=|\fR
+will cause the default `:' character to be treated as part of a field value and `|' becomes the field separator. Doing this may be useful in conjuction with a system that wants to use pam_access with X based applications, since the
+\fBPAM_TTY\fR
+item is likely to be of the form "hostname:0" which includes a `:' character in its value. But you should not need this.
+.TP 3n
+\fBlistsep=\fR\fB\fIseparators\fR\fR
+This option modifies the list separator character that pam_access will recognize when parsing the access configuration file. For example:
+\fBlistsep=,\fR
+will cause the default ` ' (space) and `\\t' (tab) characters to be treated as part of a list element value and `,' becomes the only list element separator. Doing this may be useful on a system with group information obtained from a Windows domain, where the default built\-in groups "Domain Users", "Domain Admins" contain a space.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+All services are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+Access was granted.
+.TP 3n
+PAM_PERM_DENIED
+Access was not granted.
+.TP 3n
+PAM_IGNORE
+
+\fBpam_setcred\fR
+was called which does nothing.
+.TP 3n
+PAM_ABORT
+Not all relevant data or options could be gotten.
+.TP 3n
+PAM_USER_UNKNOWN
+The user is not known to the system.
+.SH "FILES"
+.TP 3n
+\fI/etc/security/access.conf\fR
+Default configuration file
+.SH "SEE ALSO"
+.PP
+
+\fBaccess.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8).
+.SH "AUTHORS"
+.PP
+The logdaemon style login access control scheme was designed and implemented by Wietse Venema. The pam_access PAM module was developed by Alexei Nogin <alexei@nogin.dnttm.ru>. The IPv6 support and the network(address) / netmask feature was developed and provided by Mike Becher <mike.becher@lrz\-muenchen.de>.
diff --git a/Linux-PAM/modules/pam_access/pam_access.8.xml b/Linux-PAM/modules/pam_access/pam_access.8.xml
new file mode 100644
index 00000000..74e39993
--- /dev/null
+++ b/Linux-PAM/modules/pam_access/pam_access.8.xml
@@ -0,0 +1,220 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_access'>
+
+ <refmeta>
+ <refentrytitle>pam_access</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_access-name'>
+ <refname>pam_access</refname>
+ <refpurpose>
+ PAM module for logdaemon style login access control
+ </refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_access-cmdsynopsis">
+ <command>pam_access.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ accessfile=<replaceable>file</replaceable>
+ </arg>
+ <arg choice="opt">
+ fieldsep=<replaceable>sep</replaceable>
+ </arg>
+ <arg choice="opt">
+ listsep=<replaceable>sep</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_access-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_access PAM module is mainly for access management.
+ It provides logdaemon style login access control based on login
+ names, host or domain names, internet addresses or network numbers,
+ or on terminal line names in case of non-networked logins.
+ </para>
+ <para>
+ By default rules for access management are taken from config file
+ <filename>/etc/security/access.conf</filename> if you don't specify
+ another file.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_access-options">
+ <title>OPTIONS</title>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>accessfile=<replaceable>/path/to/access.conf</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Indicate an alternative <filename>access.conf</filename>
+ style configuration file to override the default. This can
+ be useful when different services need different access lists.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ A lot of debug informations are printed with
+ <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>fieldsep=<replaceable>separators</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ This option modifies the field separator character that
+ pam_access will recognize when parsing the access
+ configuration file. For example:
+ <emphasis remap='B'>fieldsep=|</emphasis> will cause the
+ default `:' character to be treated as part of a field value
+ and `|' becomes the field separator. Doing this may be
+ useful in conjuction with a system that wants to use
+ pam_access with X based applications, since the
+ <emphasis remap='B'>PAM_TTY</emphasis> item is likely to be
+ of the form "hostname:0" which includes a `:' character in
+ its value. But you should not need this.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>listsep=<replaceable>separators</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ This option modifies the list separator character that
+ pam_access will recognize when parsing the access
+ configuration file. For example:
+ <emphasis remap='B'>listsep=,</emphasis> will cause the
+ default ` ' (space) and `\t' (tab) characters to be treated
+ as part of a list element value and `,' becomes the only
+ list element separator. Doing this may be useful on a system
+ with group information obtained from a Windows domain,
+ where the default built-in groups "Domain Users",
+ "Domain Admins" contain a space.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_access-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ All services are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_access-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Access was granted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ Access was not granted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ <function>pam_setcred</function> was called which does nothing.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ Not all relevant data or options could be gotten.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ The user is not known to the system.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_access-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/security/access.conf</filename></term>
+ <listitem>
+ <para>Default configuration file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_access-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>access.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_access-authors">
+ <title>AUTHORS</title>
+ <para>
+ The logdaemon style login access control scheme was designed and implemented by
+ Wietse Venema.
+ The pam_access PAM module was developed by
+ Alexei Nogin &lt;alexei@nogin.dnttm.ru&gt;.
+ The IPv6 support and the network(address) / netmask feature
+ was developed and provided by Mike Becher &lt;mike.becher@lrz-muenchen.de&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_access/pam_access.c b/Linux-PAM/modules/pam_access/pam_access.c
index 4f6cf574..80d94cc9 100644
--- a/Linux-PAM/modules/pam_access/pam_access.c
+++ b/Linux-PAM/modules/pam_access/pam_access.c
@@ -25,7 +25,7 @@
*************************************************************************
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
@@ -42,11 +42,9 @@
#include <ctype.h>
#include <sys/utsname.h>
#include <rpcsvc/ypclnt.h>
-
-#ifndef BROKEN_NETWORK_MATCH
-# include <netdb.h>
-# include <sys/socket.h>
-#endif
+#include <arpa/inet.h>
+#include <netdb.h>
+#include <sys/socket.h>
/*
* here, we make definitions for the externally accessible functions
@@ -55,11 +53,15 @@
* modules include file to define their prototypes.
*/
+#define PAM_SM_AUTH
#define PAM_SM_ACCOUNT
+#define PAM_SM_SESSION
+#define PAM_SM_PASSWORD
#include <security/_pam_macros.h>
#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/* login_access.c from logdaemon-5.6 with several changes by A.Nogin: */
@@ -77,16 +79,10 @@
#define MAXHOSTNAMELEN 256
#endif
-#ifdef DEFAULT_CONF_FILE
-# define PAM_ACCESS_CONFIG DEFAULT_CONF_FILE
-#else
-# define PAM_ACCESS_CONFIG "/etc/security/access.conf"
-#endif
-
/* Delimiters for fields and for lists of users, ttys or hosts. */
static const char *fs = ":"; /* field separator */
-static const char sep[] = ", \t"; /* list-element separator */
+static const char *sep = ", \t"; /* list-element separator */
/* Constants to be used in assignments only, not in comparisons... */
@@ -98,28 +94,20 @@ static const char sep[] = ", \t"; /* list-element separator */
* functional interfaces as generic as possible.
*/
struct login_info {
- struct passwd *user;
- char *from;
+ const struct passwd *user;
+ const char *from;
const char *config_file;
- const char *service;
};
-/* --- static functions for checking whether the user should be let in --- */
-
-static void _log_err(const char *format, ... )
-{
- va_list args;
-
- va_start(args, format);
- openlog("pam_access", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(LOG_ERR, format, args);
- va_end(args);
- closelog();
-}
+/* Print debugging messages.
+ Default is NO which means don't print debugging messages. */
+static char pam_access_debug = NO;
/* Parse module config arguments */
-static int parse_args(struct login_info *loginfo, int argc, const char **argv)
+static int
+parse_args(pam_handle_t *pamh, struct login_info *loginfo,
+ int argc, const char **argv)
{
int i;
@@ -129,6 +117,11 @@ static int parse_args(struct login_info *loginfo, int argc, const char **argv)
/* the admin wants to override the default field separators */
fs = argv[i]+9;
+ } else if (!strncmp("listsep=", argv[i], 8)) {
+
+ /* the admin wants to override the default list separators */
+ sep = argv[i]+8;
+
} else if (!strncmp("accessfile=", argv[i], 11)) {
FILE *fp = fopen(11 + argv[i], "r");
@@ -136,26 +129,184 @@ static int parse_args(struct login_info *loginfo, int argc, const char **argv)
loginfo->config_file = 11 + argv[i];
fclose(fp);
} else {
- _log_err("for service [%s] failed to open accessfile=[%s]"
- , loginfo->service, 11 + argv[i]);
+ pam_syslog(pamh, LOG_ERR,
+ "failed to open accessfile=[%s]: %m", 11 + argv[i]);
return 0;
}
+ } else if (strcmp (argv[i], "debug") == 0) {
+ pam_access_debug = YES;
} else {
- _log_err("unrecognized option [%s]", argv[i]);
+ pam_syslog(pamh, LOG_ERR, "unrecognized option [%s]", argv[i]);
}
}
return 1; /* OK */
}
+/* --- static functions for checking whether the user should be let in --- */
+
typedef int match_func (pam_handle_t *, char *, struct login_info *);
static int list_match (pam_handle_t *, char *, struct login_info *,
match_func *);
static int user_match (pam_handle_t *, char *, struct login_info *);
static int from_match (pam_handle_t *, char *, struct login_info *);
-static int string_match (pam_handle_t *, char *, char *);
+static int string_match (pam_handle_t *, const char *, const char *);
+static int network_netmask_match (pam_handle_t *, const char *, const char *);
+
+
+/* isipaddr - find out if string provided is an IP address or not */
+
+static int
+isipaddr (const char *string, int *addr_type,
+ struct sockaddr_storage *addr)
+{
+ struct sockaddr_storage local_addr;
+ int is_ip;
+
+ /* We use struct sockaddr_storage addr because
+ * struct in_addr/in6_addr is an integral part
+ * of struct sockaddr and we doesn't want to
+ * use its value.
+ */
+
+ if (addr == NULL)
+ addr = &local_addr;
+
+ memset(addr, 0, sizeof(struct sockaddr_storage));
+
+ /* first ipv4 */
+ if (inet_pton(AF_INET, string, addr) > 0)
+ {
+ if (addr_type != NULL)
+ *addr_type = AF_INET;
+
+ is_ip = YES;
+ }
+ else if (inet_pton(AF_INET6, string, addr) > 0)
+ { /* then ipv6 */
+ if (addr_type != NULL) {
+ *addr_type = AF_INET6;
+ }
+ is_ip = YES;
+ }
+ else
+ is_ip = NO;
+
+ return is_ip;
+}
+
+
+/* are_addresses_equal - translate IP address strings to real IP
+ * addresses and compare them to find out if they are equal.
+ * If netmask was provided it will be used to focus comparation to
+ * relevant bits.
+ */
+static int
+are_addresses_equal (const char *ipaddr0, const char *ipaddr1,
+ const char *netmask)
+{
+ struct sockaddr_storage addr0;
+ struct sockaddr_storage addr1;
+ int addr_type0 = 0;
+ int addr_type1 = 0;
+
+ if (isipaddr (ipaddr0, &addr_type0, &addr0) == NO)
+ return NO;
+
+ if (isipaddr (ipaddr1, &addr_type1, &addr1) == NO)
+ return NO;
+
+ if (addr_type0 != addr_type1)
+ /* different address types */
+ return NO;
+
+ if (netmask != NULL) {
+ /* Got a netmask, so normalize addresses? */
+ struct sockaddr_storage nmask;
+ unsigned char *byte_a, *byte_nm;
+
+ memset(&nmask, 0, sizeof(struct sockaddr_storage));
+ if (inet_pton(addr_type0, netmask, (void *)&nmask) > 0) {
+ unsigned int i;
+ byte_a = (unsigned char *)(&addr0);
+ byte_nm = (unsigned char *)(&nmask);
+ for (i=0; i<sizeof(struct sockaddr_storage); i++) {
+ byte_a[i] = byte_a[i] & byte_nm[i];
+ }
+
+ byte_a = (unsigned char *)(&addr1);
+ byte_nm = (unsigned char *)(&nmask);
+ for (i=0; i<sizeof(struct sockaddr_storage); i++) {
+ byte_a[i] = byte_a[i] & byte_nm[i];
+ }
+ }
+ }
+
+
+ /* Are the two addresses equal? */
+ if (memcmp((void *)&addr0, (void *)&addr1,
+ sizeof(struct sockaddr_storage)) == 0) {
+ return(YES);
+ }
+
+ return(NO);
+}
+
+static char *
+number_to_netmask (long netmask, int addr_type,
+ char *ipaddr_buf, size_t ipaddr_buf_len)
+{
+ /* We use struct sockaddr_storage addr because
+ * struct in_addr/in6_addr is an integral part
+ * of struct sockaddr and we doesn't want to
+ * use its value.
+ */
+ struct sockaddr_storage nmask;
+ unsigned char *byte_nm;
+ const char *ipaddr_dst = NULL;
+ int i, ip_bytes;
+
+ if (netmask == 0) {
+ /* mask 0 is the same like no mask */
+ return(NULL);
+ }
+
+ memset(&nmask, 0, sizeof(struct sockaddr_storage));
+ if (addr_type == AF_INET6) {
+ /* ipv6 address mask */
+ ip_bytes = 16;
+ } else {
+ /* default might be an ipv4 address mask */
+ addr_type = AF_INET;
+ ip_bytes = 4;
+ }
+
+ byte_nm = (unsigned char *)(&nmask);
+ /* translate number to mask */
+ for (i=0; i<ip_bytes; i++) {
+ if (netmask >= 8) {
+ byte_nm[i] = 0xff;
+ netmask -= 8;
+ } else
+ if (netmask > 0) {
+ byte_nm[i] = 0xff << (8 - netmask);
+ break;
+ } else
+ if (netmask <= 0) {
+ break;
+ }
+ }
+
+ /* now generate netmask address string */
+ ipaddr_dst = inet_ntop(addr_type, &nmask, ipaddr_buf, ipaddr_buf_len);
+ if (ipaddr_dst == ipaddr_buf) {
+ return (ipaddr_buf);
+ }
+
+ return (NULL);
+}
/* login_access - match username/group and host/tty with access control file */
@@ -171,6 +322,12 @@ login_access (pam_handle_t *pamh, struct login_info *item)
int end;
int lineno = 0; /* for diagnostics */
+ if (pam_access_debug)
+ pam_syslog (pamh, LOG_DEBUG,
+ "login_access: user=%s, from=%s, file=%s",
+ item->user->pw_name,
+ item->from, item->config_file);
+
/*
* Process the table one line at a time and stop at the first match.
* Blank lines and lines that begin with a '#' character are ignored.
@@ -183,8 +340,9 @@ login_access (pam_handle_t *pamh, struct login_info *item)
while (!match && fgets(line, sizeof(line), fp)) {
lineno++;
if (line[end = strlen(line) - 1] != '\n') {
- _log_err("%s: line %d: missing newline or line too long",
- item->config_file, lineno);
+ pam_syslog(pamh, LOG_ERR,
+ "%s: line %d: missing newline or line too long",
+ item->config_file, lineno);
continue;
}
if (line[0] == '#')
@@ -195,30 +353,44 @@ login_access (pam_handle_t *pamh, struct login_info *item)
if (line[0] == 0) /* skip blank lines */
continue;
- /* Allow trailing: in last field fo froms */
+ /* Allow field seperator in last field of froms */
if (!(perm = strtok(line, fs))
|| !(users = strtok((char *) 0, fs))
- || !(froms = strtok((char *) 0, fs))) {
- _log_err("%s: line %d: bad field count",
- item->config_file, lineno);
+ || !(froms = strtok((char *) 0, "\n"))) {
+ pam_syslog(pamh, LOG_ERR, "%s: line %d: bad field count",
+ item->config_file, lineno);
continue;
}
if (perm[0] != '+' && perm[0] != '-') {
- _log_err("%s: line %d: bad first field",
- item->config_file, lineno);
+ pam_syslog(pamh, LOG_ERR, "%s: line %d: bad first field",
+ item->config_file, lineno);
continue;
}
- match = (list_match(pamh, froms, item, from_match)
- && list_match(pamh, users, item, user_match));
+ if (pam_access_debug)
+ pam_syslog (pamh, LOG_DEBUG,
+ "line %d: %s : %s : %s", lineno, perm, users, froms);
+ match = list_match(pamh, froms, item, from_match);
+ if (pam_access_debug)
+ pam_syslog (pamh, LOG_DEBUG,
+ "from_match=%d, \"%s\"", match, item->from);
+ match = match && list_match (pamh, users, item, user_match);
+ if (pam_access_debug)
+ pam_syslog (pamh, LOG_DEBUG, "user_match=%d, \"%s\"",
+ match, item->user->pw_name);
}
(void) fclose(fp);
- } else if (errno != ENOENT) {
- _log_err("cannot open %s: %m", item->config_file);
+ } else if (errno == ENOENT) {
+ /* This is no error. */
+ pam_syslog(pamh, LOG_WARNING, "warning: cannot open %s: %m",
+ item->config_file);
+ } else {
+ pam_syslog(pamh, LOG_ERR, "cannot open %s: %m", item->config_file);
return NO;
}
- return (match == 0 || (line[0] == '+'));
+ return (match == NO || (line[0] == '+'));
}
+
/* list_match - match an item against a list of tokens with exceptions */
static int list_match(pam_handle_t *pamh,
@@ -266,23 +438,39 @@ static char * myhostname(void)
/* netgroup_match - match group against machine or user */
-static int netgroup_match(char *group, char *machine, char *user)
+static int
+netgroup_match (pam_handle_t *pamh, const char *group,
+ const char *machine, const char *user)
{
- static char *mydomain = NULL;
+ char *mydomain = NULL;
+ int retval;
+
+ yp_get_default_domain(&mydomain);
+
+
+ retval = innetgr (group, machine, user, mydomain);
+ if (pam_access_debug == YES)
+ pam_syslog (pamh, LOG_DEBUG,
+ "netgroup_match: %d (group=%s, machine=%s, user=%s, domain=%s)",
+ retval, group ? group : "NULL", machine ? machine : "NULL",
+ user ? user : "NULL", mydomain ? mydomain : "NULL");
+ return retval;
- if (mydomain == 0)
- yp_get_default_domain(&mydomain);
- return (innetgr(group, machine, user, mydomain));
}
/* user_match - match a username against one token */
-static int user_match(pam_handle_t *pamh, char *tok, struct login_info *item)
+static int
+user_match (pam_handle_t *pamh, char *tok, struct login_info *item)
{
char *string = item->user->pw_name;
struct login_info fake_item;
char *at;
+ if (pam_access_debug)
+ pam_syslog (pamh, LOG_DEBUG,
+ "user_match: tok=%s, item=%s", tok, string);
+
/*
* If a token has the magic value "ALL" the match always succeeds.
* Otherwise, return YES if the token fully matches the username, if the
@@ -295,12 +483,13 @@ static int user_match(pam_handle_t *pamh, char *tok, struct login_info *item)
fake_item.from = myhostname();
if (fake_item.from == NULL)
return NO;
- return (user_match (pamh, tok, item) && from_match (pamh, at + 1, &fake_item));
+ return (user_match (pamh, tok, item) &&
+ from_match (pamh, at + 1, &fake_item));
} else if (tok[0] == '@') /* netgroup */
- return (netgroup_match(tok + 1, (char *) 0, string));
+ return (netgroup_match (pamh, tok + 1, (char *) 0, string));
else if (string_match (pamh, tok, string)) /* ALL or exact match */
return YES;
- else if (_pammodutil_user_in_group_nam_nam (pamh, item->user->pw_name, tok))
+ else if (pam_modutil_user_in_group_nam_nam (pamh, item->user->pw_name, tok))
/* try group membership */
return YES;
@@ -310,11 +499,15 @@ static int user_match(pam_handle_t *pamh, char *tok, struct login_info *item)
/* from_match - match a host or tty against a list of tokens */
static int
-from_match (pam_handle_t *pamh, char *tok, struct login_info *item)
+from_match (pam_handle_t *pamh UNUSED, char *tok, struct login_info *item)
{
- char *string = item->from;
- int tok_len;
- int str_len;
+ const char *string = item->from;
+ int tok_len;
+ int str_len;
+
+ if (pam_access_debug)
+ pam_syslog (pamh, LOG_DEBUG,
+ "from_match: tok=%s, item=%s", tok, string);
/*
* If a token has the magic value "ALL" the match always succeeds. Return
@@ -325,153 +518,322 @@ from_match (pam_handle_t *pamh, char *tok, struct login_info *item)
* if it matches the head of the string.
*/
- if (tok[0] == '@') { /* netgroup */
- return (netgroup_match(tok + 1, string, (char *) 0));
- } else if (string_match (pamh, tok, string)) /* ALL or exact match */
- return YES;
- else if (tok[0] == '.') { /* domain: match last fields */
+ if (string == NULL) {
+ return NO;
+ } else if (tok[0] == '@') { /* netgroup */
+ return (netgroup_match (pamh, tok + 1, string, (char *) 0));
+ } else if (string_match(pamh, tok, string)) {
+ /* ALL or exact match */
+ return (YES);
+ } else if (tok[0] == '.') { /* domain: match last fields */
if ((str_len = strlen(string)) > (tok_len = strlen(tok))
&& strcasecmp(tok, string + str_len - tok_len) == 0)
return (YES);
} else if (strcasecmp(tok, "LOCAL") == 0) { /* local: no dots */
if (strchr(string, '.') == 0)
return (YES);
-#ifdef BROKEN_NETWORK_MATCH
- } else if (tok[(tok_len = strlen(tok)) - 1] == '.' /* network */
- && strncmp(tok, string, tok_len) == 0) {
- return (YES);
-#else /* BROKEN_NETWORK_MATCH */
} else if (tok[(tok_len = strlen(tok)) - 1] == '.') {
- /*
- The code below does a more correct check if the address specified
- by "string" starts from "tok".
- 1998/01/27 Andrey V. Savochkin <saw@msu.ru>
- */
-
- struct hostent *h;
- char hn[3+1+3+1+3+1+3+1+1];
- int r;
-
- h = gethostbyname(string);
- if (h == NULL)
- return (NO);
- if (h->h_addrtype != AF_INET)
- return (NO);
- if (h->h_length != 4)
- return (NO); /* only IPv4 addresses (SAW) */
- r = snprintf(hn, sizeof(hn), "%u.%u.%u.%u.",
- (unsigned char)h->h_addr[0], (unsigned char)h->h_addr[1],
- (unsigned char)h->h_addr[2], (unsigned char)h->h_addr[3]);
- if (r < 0 || r >= sizeof(hn))
- return (NO);
- if (!strncmp(tok, hn, tok_len))
- return (YES);
-#endif /* BROKEN_NETWORK_MATCH */
+ struct addrinfo *res;
+ struct addrinfo hint;
+
+ memset (&hint, '\0', sizeof (hint));
+ hint.ai_flags = AI_CANONNAME;
+ hint.ai_family = AF_INET;
+
+ if (getaddrinfo (string, NULL, &hint, &res) != 0)
+ return NO;
+ else
+ {
+ struct addrinfo *runp = res;
+
+ while (runp != NULL)
+ {
+ char buf[INET_ADDRSTRLEN+2];
+
+ if (runp->ai_family == AF_INET)
+ {
+ inet_ntop (runp->ai_family,
+ &((struct sockaddr_in *) runp->ai_addr)->sin_addr,
+ buf, sizeof (buf));
+
+ strcat (buf, ".");
+
+ if (strncmp(tok, buf, tok_len) == 0)
+ {
+ freeaddrinfo (res);
+ return YES;
+ }
+ }
+ runp = runp->ai_next;
+ }
+ freeaddrinfo (res);
+ }
+ } else if (isipaddr(string, NULL, NULL) == YES) {
+ /* Assume network/netmask with a IP of a host. */
+ if (network_netmask_match(pamh, tok, string))
+ return YES;
+ } else {
+ /* Assume network/netmask with a name of a host. */
+ struct addrinfo *res;
+ struct addrinfo hint;
+
+ memset (&hint, '\0', sizeof (hint));
+ hint.ai_flags = AI_CANONNAME;
+ hint.ai_family = AF_UNSPEC;
+
+ if (getaddrinfo (string, NULL, &hint, &res) != 0)
+ return NO;
+ else
+ {
+ struct addrinfo *runp = res;
+
+ while (runp != NULL)
+ {
+ char buf[INET6_ADDRSTRLEN];
+
+ inet_ntop (runp->ai_family,
+ runp->ai_family == AF_INET
+ ? (void *) &((struct sockaddr_in *) runp->ai_addr)->sin_addr
+ : (void *) &((struct sockaddr_in6 *) runp->ai_addr)->sin6_addr,
+ buf, sizeof (buf));
+
+ if (network_netmask_match(pamh, tok, buf))
+ {
+ freeaddrinfo (res);
+ return YES;
+ }
+ runp = runp->ai_next;
+ }
+ freeaddrinfo (res);
+ }
}
- return (NO);
+
+ return NO;
}
/* string_match - match a string against one token */
static int
-string_match (pam_handle_t *pamh, char *tok, char *string)
+string_match (pam_handle_t *pamh, const char *tok, const char *string)
{
+ if (pam_access_debug)
+ pam_syslog (pamh, LOG_DEBUG,
+ "string_match: tok=%s, item=%s", tok, string);
+
/*
* If the token has the magic value "ALL" the match always succeeds.
* Otherwise, return YES if the token fully matches the string.
+ * "NONE" token matches NULL string.
*/
if (strcasecmp(tok, "ALL") == 0) { /* all: always matches */
return (YES);
- } else if (strcasecmp(tok, string) == 0) { /* try exact match */
+ } else if (string != NULL) {
+ if (strcasecmp(tok, string) == 0) { /* try exact match */
+ return (YES);
+ }
+ } else if (strcasecmp(tok, "NONE") == 0) {
return (YES);
}
return (NO);
}
-/* --- public account management functions --- */
-PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+/* network_netmask_match - match a string against one token
+ * where string is an ip (v4,v6) address and tok represents
+ * whether a single ip (v4,v6) address or a network/netmask
+ */
+static int
+network_netmask_match (pam_handle_t *pamh,
+ const char *tok, const char *string)
{
- struct login_info loginfo;
- const char *user=NULL, *service=NULL;
- char *from=NULL;
- struct passwd *user_pw;
+ if (pam_access_debug)
+ pam_syslog (pamh, LOG_DEBUG,
+ "network_netmask_match: tok=%s, item=%s", tok, string);
+
+ if (isipaddr(string, NULL, NULL) == YES)
+ {
+ char *netmask_ptr = NULL;
+ static char netmask_string[MAXHOSTNAMELEN + 1] = "";
+ int addr_type;
+
+ /* OK, check if tok is of type addr/mask */
+ if ((netmask_ptr = strchr(tok, '/')) != NULL)
+ {
+ long netmask = 0;
+
+ /* YES */
+ *netmask_ptr = 0;
+ netmask_ptr++;
+
+ if (isipaddr(tok, &addr_type, NULL) == NO)
+ { /* no netaddr */
+ return(NO);
+ }
- if ((pam_get_item(pamh, PAM_SERVICE, (const void **)&service)
- != PAM_SUCCESS) || (service == NULL) || (*service == ' ')) {
- _log_err("cannot find the service name");
- return PAM_ABORT;
+ /* check netmask */
+ if (isipaddr(netmask_ptr, NULL, NULL) == NO)
+ { /* netmask as integre value */
+ char *endptr = NULL;
+ netmask = strtol(netmask_ptr, &endptr, 0);
+ if ((endptr == NULL) || (*endptr != '\0'))
+ { /* invalid netmask value */
+ return(NO);
+ }
+ if ((netmask < 0) || (netmask >= 128))
+ { /* netmask value out of range */
+ return(NO);
+ }
+
+ netmask_ptr = number_to_netmask(netmask, addr_type,
+ netmask_string, MAXHOSTNAMELEN);
+ }
+
+ /* Netmask is now an ipv4/ipv6 address.
+ * This works also if netmask_ptr is NULL.
+ */
+ return (are_addresses_equal(string, tok, netmask_ptr));
+ }
+ else
+ /* NO, then check if it is only an addr */
+ if (isipaddr(tok, NULL, NULL) == YES)
+ { /* check if they are the same, no netmask */
+ return(are_addresses_equal(string, tok, NULL));
+ }
}
+ return (NO);
+}
+
+
+/* --- public PAM management functions --- */
+
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ struct login_info loginfo;
+ const char *user=NULL;
+ const void *void_from=NULL;
+ const char *from;
+ struct passwd *user_pw;
+
/* set username */
if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL
|| *user == '\0') {
- _log_err("cannot determine the user's name");
+ pam_syslog(pamh, LOG_ERR, "cannot determine the user's name");
return PAM_USER_UNKNOWN;
}
/* remote host name */
- if (pam_get_item(pamh, PAM_RHOST, (const void **)&from)
+ if (pam_get_item(pamh, PAM_RHOST, &void_from)
!= PAM_SUCCESS) {
- _log_err("cannot find the remote host name");
+ pam_syslog(pamh, LOG_ERR, "cannot find the remote host name");
return PAM_ABORT;
}
+ from = void_from;
if ((from==NULL) || (*from=='\0')) {
/* local login, set tty name */
- if (pam_get_item(pamh, PAM_TTY, (const void **)&from) != PAM_SUCCESS
- || from == NULL) {
+ if (pam_get_item(pamh, PAM_TTY, &void_from) != PAM_SUCCESS
+ || void_from == NULL) {
D(("PAM_TTY not set, probing stdin"));
from = ttyname(STDIN_FILENO);
- if (from == NULL) {
- _log_err("couldn't get the tty name");
- return PAM_ABORT;
- }
- if (pam_set_item(pamh, PAM_TTY, from) != PAM_SUCCESS) {
- _log_err("couldn't set tty name");
- return PAM_ABORT;
- }
- }
-
- if (from[0] == '/') { /* full path */
- from++;
- from = strchr(from, '/');
- from++;
+ if (from != NULL) {
+ if (pam_set_item(pamh, PAM_TTY, from) != PAM_SUCCESS)
+ pam_syslog(pamh, LOG_WARNING, "couldn't set tty name");
+ } else {
+ if (pam_get_item(pamh, PAM_SERVICE, &void_from) != PAM_SUCCESS
+ || void_from == NULL) {
+ pam_syslog (pamh, LOG_ERR,
+ "cannot determine remote host, tty or service name");
+ return PAM_ABORT;
+ }
+ from = void_from;
+ if (pam_access_debug)
+ pam_syslog (pamh, LOG_DEBUG,
+ "cannot determine tty or remote hostname, using service %s",
+ from);
+ }
}
+ else
+ from = void_from;
+
+ if (from[0] == '/') { /* full path, remove device path. */
+ const char *f;
+ from++;
+ if ((f = strchr(from, '/')) != NULL) {
+ from = f + 1;
+ }
+ }
}
- if ((user_pw=_pammodutil_getpwnam(pamh, user))==NULL) return (PAM_USER_UNKNOWN);
+ if ((user_pw=pam_modutil_getpwnam(pamh, user))==NULL)
+ return (PAM_USER_UNKNOWN);
/*
* Bundle up the arguments to avoid unnecessary clumsiness later on.
*/
loginfo.user = user_pw;
loginfo.from = from;
- loginfo.service = service;
loginfo.config_file = PAM_ACCESS_CONFIG;
/* parse the argument list */
- if (!parse_args(&loginfo, argc, argv)) {
- _log_err("failed to parse the module arguments");
+ if (!parse_args(pamh, &loginfo, argc, argv)) {
+ pam_syslog(pamh, LOG_ERR, "failed to parse the module arguments");
return PAM_ABORT;
}
if (login_access(pamh, &loginfo)) {
return (PAM_SUCCESS);
} else {
- _log_err("access denied for user `%s' from `%s'",user,from);
+ pam_syslog(pamh, LOG_ERR,
+ "access denied for user `%s' from `%s'",user,from);
return (PAM_PERM_DENIED);
}
}
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_IGNORE;
+}
+
+PAM_EXTERN int
+pam_sm_acct_mgmt (pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+{
+ return pam_sm_authenticate (pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_open_session(pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_close_session(pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_chauthtok(pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
/* end of module definition */
#ifdef PAM_STATIC
@@ -480,11 +842,11 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc
struct pam_module _pam_access_modstruct = {
"pam_access",
- NULL,
- NULL,
+ pam_sm_authenticate,
+ pam_sm_setcred,
pam_sm_acct_mgmt,
- NULL,
- NULL,
- NULL
+ pam_sm_open_session,
+ pam_sm_close_session,
+ pam_sm_chauthtok
};
#endif
diff --git a/Linux-PAM/modules/pam_access/tst-pam_access b/Linux-PAM/modules/pam_access/tst-pam_access
new file mode 100755
index 00000000..271e69fe
--- /dev/null
+++ b/Linux-PAM/modules/pam_access/tst-pam_access
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_access.so
diff --git a/Linux-PAM/modules/pam_cracklib/Makefile b/Linux-PAM/modules/pam_cracklib/Makefile
deleted file mode 100644
index 371ac0a8..00000000
--- a/Linux-PAM/modules/pam_cracklib/Makefile
+++ /dev/null
@@ -1,32 +0,0 @@
-#
-# $Id: Makefile,v 1.3 2001/02/10 22:15:23 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@kernel.org> 2000/10/08
-#
-
-include ../../Make.Rules
-
-TITLE=pam_cracklib
-
-ifeq ($(HAVE_LIBCRACK),yes)
-BUILD_THIS_MODULE=yes
-MODULE_SIMPLE_EXTRALIBS=-lcrack
-
-# These two should really be provided by ../../pam_aconf.h
-CFLAGS+=-DCRACKLIB_DICTPATH=\"$(CRACKLIB_DICTPATH)\"
-
-ifeq ($(HAVE_LIBCRYPT),yes)
- MODULE_SIMPLE_EXTRALIBS += -lcrypt
-endif
-
-endif
-
-ifeq ($(BUILD_THIS_MODULE),yes)
- include ../Simple.Rules
-else
- include ../dont_makefile
-endif
diff --git a/Linux-PAM/modules/pam_cracklib/Makefile.am b/Linux-PAM/modules/pam_cracklib/Makefile.am
new file mode 100644
index 00000000..cc8d6ff9
--- /dev/null
+++ b/Linux-PAM/modules/pam_cracklib/Makefile.am
@@ -0,0 +1,38 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_cracklib
+
+man_MANS = pam_cracklib.8
+
+XMLS = README.xml pam_cracklib.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+if HAVE_LIBCRACK
+securelib_LTLIBRARIES = pam_cracklib.la
+
+TESTS = tst-pam_cracklib
+endif
+
+pam_cracklib_la_LIBADD = @LIBCRACK@ @LIBCRYPT@
+
+if ENABLE_REGENERATE_MAN
+
+noinst_DATA = README
+
+README: pam_cracklib.8.xml
+
+-include $(top_srcdir)/Make.xml.rules
+endif
diff --git a/Linux-PAM/modules/pam_cracklib/Makefile.in b/Linux-PAM/modules/pam_cracklib/Makefile.in
new file mode 100644
index 00000000..bda59695
--- /dev/null
+++ b/Linux-PAM/modules/pam_cracklib/Makefile.in
@@ -0,0 +1,669 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_cracklib
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_cracklib_la_DEPENDENCIES =
+pam_cracklib_la_SOURCES = pam_cracklib.c
+pam_cracklib_la_OBJECTS = pam_cracklib.lo
+@HAVE_LIBCRACK_TRUE@am_pam_cracklib_la_rpath = -rpath $(securelibdir)
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_cracklib.c
+DIST_SOURCES = pam_cracklib.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_cracklib
+man_MANS = pam_cracklib.8
+XMLS = README.xml pam_cracklib.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+@HAVE_LIBCRACK_TRUE@securelib_LTLIBRARIES = pam_cracklib.la
+@HAVE_LIBCRACK_TRUE@TESTS = tst-pam_cracklib
+pam_cracklib_la_LIBADD = @LIBCRACK@ @LIBCRYPT@
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_cracklib/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_cracklib/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_cracklib.la: $(pam_cracklib_la_OBJECTS) $(pam_cracklib_la_DEPENDENCIES)
+ $(LINK) $(am_pam_cracklib_la_rpath) $(pam_cracklib_la_OBJECTS) $(pam_cracklib_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_cracklib.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_cracklib.8.xml
+
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_cracklib/README b/Linux-PAM/modules/pam_cracklib/README
index 69662f73..89e80318 100644
--- a/Linux-PAM/modules/pam_cracklib/README
+++ b/Linux-PAM/modules/pam_cracklib/README
@@ -1,37 +1,212 @@
+pam_cracklib — PAM module to check the password against dictionary words
-pam_cracklib:
- check the passwd against dictionary words.
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
-RECOGNIZED ARGUMENTS:
- debug verbose log
+DESCRIPTION
- type=XXX alter the message printed as a prompt to the user.
- the message printed is in the form
- "New XXX password: ".
- Default XXX=UNIX
+This module can be plugged into the password stack of a given application to
+provide some plug-in strength-checking for passwords.
- retry=N Prompt user at most N times before returning with
- error. Default N=1.
+The action of this module is to prompt the user for a password and check its
+strength against a system dictionary and a set of rules for identifying poor
+choices.
- difok=N How many characters can be the same in the new
- password relative to the old
- difignore=N How many characters long should the password be
- before we ignore difok.
+The first action is to prompt for a single password, check its strength and
+then, if it is considered strong, prompt for the password a second time (to
+verify that it was typed correctly on the first occasion). All being well, the
+password is passed on to subsequent modules to be installed as the new
+authentication token.
- minlen=N The minimum simplicity count for a good password.
+The strength checks works in the following manner: at first the Cracklib
+routine is called to check if the password is part of a dictionary; if this is
+not the case an additional set of strength checks is done. These checks are:
- dcredit=N
- ucredit=N
- lcredit=N
- ocredit=N Weight, digits, upper, lower, other characters with
- count N. Use these values to compute the
- 'unsimplicity' of the password.
+Palindrome
- use_authtok Get the proposed password from PAM_AUTHTOK
+ Is the new password a palindrome of the old one?
-MODULE SERVICES PROVIDED:
- passwd chauthtok
+Case Change Only
-AUTHOR:
- Cristian Gafton <gafton@redhat.com>
+ Is the new password the the old one with only a change of case?
+
+Similar
+
+ Is the new password too much like the old one? This is primarily controlled
+ by one argument, difok which is a number of characters that if different
+ between the old and new are enough to accept the new password, this
+ defaults to 10 or 1/2 the size of the new password whichever is smaller.
+
+ To avoid the lockup associated with trying to change a long and complicated
+ password, difignore is available. This argument can be used to specify the
+ minimum length a new password needs to be before the difok value is
+ ignored. The default value for difignore is 23.
+
+Simple
+
+ Is the new password too small? This is controlled by 5 arguments minlen,
+ dcredit, ucredit, lcredit, and ocredit. See the section on the arguments
+ for the details of how these work and there defaults.
+
+Rotated
+
+ Is the new password a rotated version of the old password?
+
+Already used
+
+ Was the password used in the past? Previously used passwords are to be
+ found in /etc/security/opasswd.
+
+This module with no arguments will work well for standard unix password
+encryption. With md5 encryption, passwords can be longer than 8 characters and
+the default settings for this module can make it hard for the user to choose a
+satisfactory new password. Notably, the requirement that the new password
+contain no more than 1/2 of the characters in the old password becomes a
+non-trivial constraint. For example, an old password of the form "the quick
+brown fox jumped over the lazy dogs" would be difficult to change... In
+addition, the default action is to allow passwords as small as 5 characters in
+length. For a md5 systems it can be a good idea to increase the required
+minimum size of a password. One can then allow more credit for different kinds
+of characters but accept that the new password may share most of these
+characters with the old password.
+
+OPTIONS
+
+debug
+
+ This option makes the module write information to syslog(3) indicating the
+ behavior of the module (this option does not write password information to
+ the log file).
+
+type=XXX
+
+ The default action is for the module to use the following prompts when
+ requesting passwords: "New UNIX password: " and "Retype UNIX password: ".
+ The default word UNIX can be replaced with this option.
+
+retry=N
+
+ Prompt user at most N times before returning with error. The default is 1
+
+difok=N
+
+ This argument will change the default of 5 for the number of characters in
+ the new password that must not be present in the old password. In addition,
+ if 1/2 of the characters in the new password are different then the new
+ password will be accepted anyway.
+
+difignore=N
+
+ How many characters should the password have before difok will be ignored.
+ The default is 23.
+
+minlen=N
+
+ The minimum acceptable size for the new password (plus one if credits are
+ not disabled which is the default). In addition to the number of characters
+ in the new password, credit (of +1 in length) is given for each different
+ kind of character (other, upper, lower and digit). The default for this
+ parameter is 9 which is good for a old style UNIX password all of the same
+ type of character but may be too low to exploit the added security of a md5
+ system. Note that there is a pair of length limits in Cracklib itself, a
+ "way too short" limit of 4 which is hard coded in and a defined limit (6)
+ that will be checked without reference to minlen. If you want to allow
+ passwords as short as 5 characters you should not use this module.
+
+dcredit=N
+
+ (N >= 0) This is the maximum credit for having digits in the new password.
+ If you have less than or N digits, each digit will count +1 towards meeting
+ the current minlen value. The default for dcredit is 1 which is the
+ recommended value for minlen less than 10.
+
+ (N < 0) This is the minimum number of digits that must be met for a new
+ password.
+
+ucredit=N
+
+ (N >= 0) This is the maximum credit for having upper case letters in the
+ new password. If you have less than or N upper case letters each letter
+ will count +1 towards meeting the current minlen value. The default for
+ ucredit is 1 which is the recommended value for minlen less than 10.
+
+ (N > 0) This is the minimum number of upper case letters that must be met
+ for a new password.
+
+lcredit=N
+
+ (N >= 0) This is the maximum credit for having lower case letters in the
+ new password. If you have less than or N lower case letters, each letter
+ will count +1 towards meeting the current minlen value. The default for
+ lcredit is 1 which is the recommended value for minlen less than 10.
+
+ (N < 0) This is the minimum number of lower case letters that must be met
+ for a new password.
+
+ocredit=N
+
+ (N >= 0) This is the maximum credit for having other characters in the new
+ password. If you have less than or N other characters, each character will
+ count +1 towards meeting the current minlen value. The default for ocredit
+ is 1 which is the recommended value for minlen less than 10.
+
+ (N < 0) This is the minimum number of other characters that must be met for
+ a new password.
+
+use_authtok
+
+ This argument is used to force the module to not prompt the user for a new
+ password but use the one provided by the previously stacked password
+ module.
+
+dictpath=/path/to/dict
+
+ Path to the cracklib dictionaries.
+
+EXAMPLES
+
+For an example of the use of this module, we show how it may be stacked with
+the password component of pam_unix(8)
+
+#
+# These lines stack two password type modules. In this example the
+# user is given 3 opportunities to enter a strong password. The
+# "use_authtok" argument ensures that the pam_unix module does not
+# prompt for a password, but instead uses the one provided by
+# pam_cracklib.
+#
+passwd password required pam_cracklib.so retry=3
+passwd password required pam_unix.so use_authtok
+
+
+Another example (in the /etc/pam.d/passwd format) is for the case that you want
+to use md5 password encryption:
+
+#%PAM-1.0
+#
+# These lines allow a md5 systems to support passwords of at least 14
+# bytes with extra credit of 2 for digits and 2 for others the new
+# password must have at least three bytes that are not present in the
+# old password
+#
+password required pam_cracklib.so \
+ difok=3 minlen=15 dcredit= 2 ocredit=2
+password required pam_unix.so use_authtok nullok md5
+
+
+And here is another example in case you don't want to use credits:
+
+#%PAM-1.0
+#
+# These lines require the user to select a password with a minimum
+# length of 8 and with at least 1 digit number, 1 upper case letter,
+# and 1 other character
+#
+password required pam_cracklib.so \
+ dcredit=-1 ucredit=-1 ocredit=-1 lcredit=0 minlen=8
+password required pam_unix.so use_authtok nullok md5
+
+
+AUTHOR
+
+pam_cracklib was written by Cristian Gafton <gafton@redhat.com>
diff --git a/Linux-PAM/modules/pam_cracklib/README.xml b/Linux-PAM/modules/pam_cracklib/README.xml
new file mode 100644
index 00000000..c4a7b54c
--- /dev/null
+++ b/Linux-PAM/modules/pam_cracklib/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_cracklib.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_cracklib.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_cracklib-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_cracklib.8.xml" xpointer='xpointer(//refsect1[@id = "pam_cracklib-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_cracklib.8.xml" xpointer='xpointer(//refsect1[@id = "pam_cracklib-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_cracklib.8.xml" xpointer='xpointer(//refsect1[@id = "pam_cracklib-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_cracklib.8.xml" xpointer='xpointer(//refsect1[@id = "pam_cracklib-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_cracklib/pam_cracklib.8 b/Linux-PAM/modules/pam_cracklib/pam_cracklib.8
new file mode 100644
index 00000000..526817a4
--- /dev/null
+++ b/Linux-PAM/modules/pam_cracklib/pam_cracklib.8
@@ -0,0 +1,258 @@
+.\" Title: pam_cracklib
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/02/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_CRACKLIB" "8" "06/02/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_cracklib \- PAM module to check the password against dictionary words
+.SH "SYNOPSIS"
+.HP 16
+\fBpam_cracklib.so\fR [\fI...\fR]
+.SH "DESCRIPTION"
+.PP
+This module can be plugged into the
+\fIpassword\fR
+stack of a given application to provide some plug\-in strength\-checking for passwords.
+.PP
+The action of this module is to prompt the user for a password and check its strength against a system dictionary and a set of rules for identifying poor choices.
+.PP
+The first action is to prompt for a single password, check its strength and then, if it is considered strong, prompt for the password a second time (to verify that it was typed correctly on the first occasion). All being well, the password is passed on to subsequent modules to be installed as the new authentication token.
+.PP
+The strength checks works in the following manner: at first the
+\fBCracklib\fR
+routine is called to check if the password is part of a dictionary; if this is not the case an additional set of strength checks is done. These checks are:
+.TP 3n
+Palindrome
+Is the new password a palindrome of the old one?
+.TP 3n
+Case Change Only
+Is the new password the the old one with only a change of case?
+.TP 3n
+Similar
+Is the new password too much like the old one? This is primarily controlled by one argument,
+\fBdifok\fR
+which is a number of characters that if different between the old and new are enough to accept the new password, this defaults to 10 or 1/2 the size of the new password whichever is smaller.
+.sp
+To avoid the lockup associated with trying to change a long and complicated password,
+\fBdifignore\fR
+is available. This argument can be used to specify the minimum length a new password needs to be before the
+\fBdifok\fR
+value is ignored. The default value for
+\fBdifignore\fR
+is 23.
+.TP 3n
+Simple
+Is the new password too small? This is controlled by 5 arguments
+\fBminlen\fR,
+\fBdcredit\fR,
+\fBucredit\fR,
+\fBlcredit\fR, and
+\fBocredit\fR. See the section on the arguments for the details of how these work and there defaults.
+.TP 3n
+Rotated
+Is the new password a rotated version of the old password?
+.TP 3n
+Already used
+Was the password used in the past? Previously used passwords are to be found in
+\fI/etc/security/opasswd\fR.
+.PP
+This module with no arguments will work well for standard unix password encryption. With md5 encryption, passwords can be longer than 8 characters and the default settings for this module can make it hard for the user to choose a satisfactory new password. Notably, the requirement that the new password contain no more than 1/2 of the characters in the old password becomes a non\-trivial constraint. For example, an old password of the form "the quick brown fox jumped over the lazy dogs" would be difficult to change... In addition, the default action is to allow passwords as small as 5 characters in length. For a md5 systems it can be a good idea to increase the required minimum size of a password. One can then allow more credit for different kinds of characters but accept that the new password may share most of these characters with the old password.
+.SH "OPTIONS"
+.PP
+.TP 3n
+\fBdebug\fR
+This option makes the module write information to
+\fBsyslog\fR(3)
+indicating the behavior of the module (this option does not write password information to the log file).
+.TP 3n
+\fBtype=\fR\fB\fIXXX\fR\fR
+The default action is for the module to use the following prompts when requesting passwords: "New UNIX password: " and "Retype UNIX password: ". The default word
+\fIUNIX\fR
+can be replaced with this option.
+.TP 3n
+\fBretry=\fR\fB\fIN\fR\fR
+Prompt user at most
+\fIN\fR
+times before returning with error. The default is
+\fI1\fR
+.TP 3n
+\fBdifok=\fR\fB\fIN\fR\fR
+This argument will change the default of
+\fI5\fR
+for the number of characters in the new password that must not be present in the old password. In addition, if 1/2 of the characters in the new password are different then the new password will be accepted anyway.
+.TP 3n
+\fBdifignore=\fR\fB\fIN\fR\fR
+How many characters should the password have before difok will be ignored. The default is
+\fI23\fR.
+.TP 3n
+\fBminlen=\fR\fB\fIN\fR\fR
+The minimum acceptable size for the new password (plus one if credits are not disabled which is the default). In addition to the number of characters in the new password, credit (of +1 in length) is given for each different kind of character (\fIother\fR,
+\fIupper\fR,
+\fIlower\fR
+and
+\fIdigit\fR). The default for this parameter is
+\fI9\fR
+which is good for a old style UNIX password all of the same type of character but may be too low to exploit the added security of a md5 system. Note that there is a pair of length limits in
+\fICracklib\fR
+itself, a "way too short" limit of 4 which is hard coded in and a defined limit (6) that will be checked without reference to
+\fBminlen\fR. If you want to allow passwords as short as 5 characters you should not use this module.
+.TP 3n
+\fBdcredit=\fR\fB\fIN\fR\fR
+(N >= 0) This is the maximum credit for having digits in the new password. If you have less than or
+\fIN\fR
+digits, each digit will count +1 towards meeting the current
+\fBminlen\fR
+value. The default for
+\fBdcredit\fR
+is 1 which is the recommended value for
+\fBminlen\fR
+less than 10.
+.sp
+(N < 0) This is the minimum number of digits that must be met for a new password.
+.TP 3n
+\fBucredit=\fR\fB\fIN\fR\fR
+(N >= 0) This is the maximum credit for having upper case letters in the new password. If you have less than or
+\fIN\fR
+upper case letters each letter will count +1 towards meeting the current
+\fBminlen\fR
+value. The default for
+\fBucredit\fR
+is
+\fI1\fR
+which is the recommended value for
+\fBminlen\fR
+less than 10.
+.sp
+(N > 0) This is the minimum number of upper case letters that must be met for a new password.
+.TP 3n
+\fBlcredit=\fR\fB\fIN\fR\fR
+(N >= 0) This is the maximum credit for having lower case letters in the new password. If you have less than or
+\fIN\fR
+lower case letters, each letter will count +1 towards meeting the current
+\fBminlen\fR
+value. The default for
+\fBlcredit\fR
+is 1 which is the recommended value for
+\fBminlen\fR
+less than 10.
+.sp
+(N < 0) This is the minimum number of lower case letters that must be met for a new password.
+.TP 3n
+\fBocredit=\fR\fB\fIN\fR\fR
+(N >= 0) This is the maximum credit for having other characters in the new password. If you have less than or
+\fIN\fR
+other characters, each character will count +1 towards meeting the current
+\fBminlen\fR
+value. The default for
+\fBocredit\fR
+is 1 which is the recommended value for
+\fBminlen\fR
+less than 10.
+.sp
+(N < 0) This is the minimum number of other characters that must be met for a new password.
+.TP 3n
+\fBuse_authtok\fR
+This argument is used to
+\fIforce\fR
+the module to not prompt the user for a new password but use the one provided by the previously stacked
+\fIpassword\fR
+module.
+.TP 3n
+\fBdictpath=\fR\fB\fI/path/to/dict\fR\fR
+Path to the cracklib dictionaries.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only he
+\fBpassword\fR
+service is supported.
+.SH "RETURN VALUES"
+.PP
+.TP 3n
+PAM_SUCCESS
+The new password passes all checks.
+.TP 3n
+PAM_AUTHTOK_ERR
+No new password was entered, the username could not be determined or the new password fails the strength checks.
+.TP 3n
+PAM_AUTHTOK_RECOVERY_ERR
+The old password was not supplied by a previous stackked module or got not requested from the user. The first error can happen if
+\fBuse_authtok\fR
+is specified.
+.TP 3n
+PAM_SERVICE_ERR
+A internal error occured.
+.SH "EXAMPLES"
+.PP
+For an example of the use of this module, we show how it may be stacked with the password component of
+\fBpam_unix\fR(8)
+.sp
+.RS 3n
+.nf
+#
+# These lines stack two password type modules. In this example the
+# user is given 3 opportunities to enter a strong password. The
+# "use_authtok" argument ensures that the pam_unix module does not
+# prompt for a password, but instead uses the one provided by
+# pam_cracklib.
+#
+passwd password required pam_cracklib.so retry=3
+passwd password required pam_unix.so use_authtok
+
+.fi
+.RE
+.sp
+.PP
+Another example (in the
+\fI/etc/pam.d/passwd\fR
+format) is for the case that you want to use md5 password encryption:
+.sp
+.RS 3n
+.nf
+#%PAM\-1.0
+#
+# These lines allow a md5 systems to support passwords of at least 14
+# bytes with extra credit of 2 for digits and 2 for others the new
+# password must have at least three bytes that are not present in the
+# old password
+#
+password required pam_cracklib.so \\
+ difok=3 minlen=15 dcredit= 2 ocredit=2
+password required pam_unix.so use_authtok nullok md5
+
+.fi
+.RE
+.sp
+.PP
+And here is another example in case you don't want to use credits:
+.sp
+.RS 3n
+.nf
+#%PAM\-1.0
+#
+# These lines require the user to select a password with a minimum
+# length of 8 and with at least 1 digit number, 1 upper case letter,
+# and 1 other character
+#
+password required pam_cracklib.so \\
+ dcredit=\-1 ucredit=\-1 ocredit=\-1 lcredit=0 minlen=8
+password required pam_unix.so use_authtok nullok md5
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_cracklib was written by Cristian Gafton <gafton@redhat.com>
diff --git a/Linux-PAM/modules/pam_cracklib/pam_cracklib.8.xml b/Linux-PAM/modules/pam_cracklib/pam_cracklib.8.xml
new file mode 100644
index 00000000..7edabe0f
--- /dev/null
+++ b/Linux-PAM/modules/pam_cracklib/pam_cracklib.8.xml
@@ -0,0 +1,495 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_cracklib">
+
+ <refmeta>
+ <refentrytitle>pam_cracklib</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_cracklib-name">
+ <refname>pam_cracklib</refname>
+ <refpurpose>PAM module to check the password against dictionary words</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_cracklib-cmdsynopsis">
+ <command>pam_cracklib.so</command>
+ <arg choice="opt">
+ <replaceable>...</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_cracklib-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ This module can be plugged into the <emphasis>password</emphasis> stack of
+ a given application to provide some plug-in strength-checking for passwords.
+ </para>
+
+ <para>
+ The action of this module is to prompt the user for a password and
+ check its strength against a system dictionary and a set of rules for
+ identifying poor choices.
+ </para>
+
+ <para>
+ The first action is to prompt for a single password, check its
+ strength and then, if it is considered strong, prompt for the password
+ a second time (to verify that it was typed correctly on the first
+ occasion). All being well, the password is passed on to subsequent
+ modules to be installed as the new authentication token.
+ </para>
+
+ <para>
+ The strength checks works in the following manner: at first the
+ <function>Cracklib</function> routine is called to check if the password
+ is part of a dictionary; if this is not the case an additional set of
+ strength checks is done. These checks are:
+ </para>
+
+ <variablelist>
+ <varlistentry>
+ <term>Palindrome</term>
+ <listitem>
+ <para>
+ Is the new password a palindrome of the old one?
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Case Change Only</term>
+ <listitem>
+ <para>
+ Is the new password the the old one with only a change of case?
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Similar</term>
+ <listitem>
+ <para>
+ Is the new password too much like the old one?
+ This is primarily controlled by one argument,
+ <option>difok</option> which is a number of characters
+ that if different between the old and new are enough to accept
+ the new password, this defaults to 10 or 1/2 the size of the
+ new password whichever is smaller.
+ </para>
+ <para>
+ To avoid the lockup associated with trying to change a long and
+ complicated password, <option>difignore</option> is available.
+ This argument can be used to specify the minimum length a new
+ password needs to be before the <option>difok</option> value is
+ ignored. The default value for <option>difignore</option> is 23.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Simple</term>
+ <listitem>
+ <para>
+ Is the new password too small?
+ This is controlled by 5 arguments <option>minlen</option>,
+ <option>dcredit</option>, <option>ucredit</option>,
+ <option>lcredit</option>, and <option>ocredit</option>. See the section
+ on the arguments for the details of how these work and there defaults.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Rotated</term>
+ <listitem>
+ <para>
+ Is the new password a rotated version of the old password?
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Already used</term>
+ <listitem>
+ <para>
+ Was the password used in the past? Previously used passwords
+ are to be found in <filename>/etc/security/opasswd</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ This module with no arguments will work well for standard unix
+ password encryption. With md5 encryption, passwords can be longer
+ than 8 characters and the default settings for this module can make it
+ hard for the user to choose a satisfactory new password. Notably, the
+ requirement that the new password contain no more than 1/2 of the
+ characters in the old password becomes a non-trivial constraint. For
+ example, an old password of the form "the quick brown fox jumped over
+ the lazy dogs" would be difficult to change... In addition, the
+ default action is to allow passwords as small as 5 characters in
+ length. For a md5 systems it can be a good idea to increase the
+ required minimum size of a password. One can then allow more credit
+ for different kinds of characters but accept that the new password may
+ share most of these characters with the old password.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_cracklib-options">
+
+ <title>OPTIONS</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ This option makes the module write information to
+ <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ indicating the behavior of the module (this option does
+ not write password information to the log file).
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>type=<replaceable>XXX</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The default action is for the module to use the
+ following prompts when requesting passwords:
+ "New UNIX password: " and "Retype UNIX password: ".
+ The default word <emphasis>UNIX</emphasis> can
+ be replaced with this option.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>retry=<replaceable>N</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Prompt user at most <replaceable>N</replaceable> times
+ before returning with error. The default is
+ <emphasis>1</emphasis>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>difok=<replaceable>N</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ This argument will change the default of
+ <emphasis>5</emphasis> for the number of characters in
+ the new password that must not be present in the old
+ password. In addition, if 1/2 of the characters in the
+ new password are different then the new password will
+ be accepted anyway.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>difignore=<replaceable>N</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ How many characters should the password have before
+ difok will be ignored. The default is
+ <emphasis>23</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>minlen=<replaceable>N</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The minimum acceptable size for the new password (plus
+ one if credits are not disabled which is the default).
+ In addition to the number of characters in the new password,
+ credit (of +1 in length) is given for each different kind
+ of character (<emphasis>other</emphasis>,
+ <emphasis>upper</emphasis>, <emphasis>lower</emphasis> and
+ <emphasis>digit</emphasis>). The default for this parameter
+ is <emphasis>9</emphasis> which is good for a old style UNIX
+ password all of the same type of character but may be too low
+ to exploit the added security of a md5 system. Note that
+ there is a pair of length limits in
+ <emphasis>Cracklib</emphasis> itself, a "way too short" limit
+ of 4 which is hard coded in and a defined limit (6) that will
+ be checked without reference to <option>minlen</option>.
+ If you want to allow passwords as short as 5 characters you
+ should not use this module.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>dcredit=<replaceable>N</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ (N &gt;= 0) This is the maximum credit for having digits in
+ the new password. If you have less than or
+ <replaceable>N</replaceable>
+ digits, each digit will count +1 towards meeting the current
+ <option>minlen</option> value. The default for
+ <option>dcredit</option> is 1 which is the recommended
+ value for <option>minlen</option> less than 10.
+ </para>
+ <para>
+ (N &lt; 0) This is the minimum number of digits that must
+ be met for a new password.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>ucredit=<replaceable>N</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ (N &gt;= 0) This is the maximum credit for having upper
+ case letters in the new password. If you have less than
+ or <replaceable>N</replaceable> upper case letters each
+ letter will count +1 towards meeting the current
+ <option>minlen</option> value. The default for
+ <option>ucredit</option> is <emphasis>1</emphasis> which
+ is the recommended value for <option>minlen</option> less
+ than 10.
+ </para>
+ <para>
+ (N &gt; 0) This is the minimum number of upper
+ case letters that must be met for a new password.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>lcredit=<replaceable>N</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ (N &gt;= 0) This is the maximum credit for having
+ lower case letters in the new password. If you have
+ less than or <replaceable>N</replaceable> lower case
+ letters, each letter will count +1 towards meeting the
+ current <option>minlen</option> value. The default for
+ <option>lcredit</option> is 1 which is the recommended
+ value for <option>minlen</option> less than 10.
+ </para>
+ <para>
+ (N &lt; 0) This is the minimum number of lower
+ case letters that must be met for a new password.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>ocredit=<replaceable>N</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ (N &gt;= 0) This is the maximum credit for having other
+ characters in the new password. If you have less than or
+ <replaceable>N</replaceable> other characters, each
+ character will count +1 towards meeting the current
+ <option>minlen</option> value. The default for
+ <option>ocredit</option> is 1 which is the recommended
+ value for <option>minlen</option> less than 10.
+ </para>
+ <para>
+ (N &lt; 0) This is the minimum number of other
+ characters that must be met for a new password.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>use_authtok</option>
+ </term>
+ <listitem>
+ <para>
+ This argument is used to <emphasis>force</emphasis> the
+ module to not prompt the user for a new password but use
+ the one provided by the previously stacked
+ <emphasis>password</emphasis> module.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>dictpath=<replaceable>/path/to/dict</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Path to the cracklib dictionaries.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_cracklib-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only he <option>password</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_cracklib-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The new password passes all checks.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_AUTHTOK_ERR</term>
+ <listitem>
+ <para>
+ No new password was entered,
+ the username could not be determined or the new
+ password fails the strength checks.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_AUTHTOK_RECOVERY_ERR</term>
+ <listitem>
+ <para>
+ The old password was not supplied by a previous stackked
+ module or got not requested from the user.
+ The first error can happen if <option>use_authtok</option>
+ is specified.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ A internal error occured.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_cracklib-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ For an example of the use of this module, we show how it may be
+ stacked with the password component of
+ <citerefentry>
+ <refentrytitle>pam_unix</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ <programlisting>
+#
+# These lines stack two password type modules. In this example the
+# user is given 3 opportunities to enter a strong password. The
+# "use_authtok" argument ensures that the pam_unix module does not
+# prompt for a password, but instead uses the one provided by
+# pam_cracklib.
+#
+passwd password required pam_cracklib.so retry=3
+passwd password required pam_unix.so use_authtok
+ </programlisting>
+ </para>
+
+ <para>
+ Another example (in the <filename>/etc/pam.d/passwd</filename> format)
+ is for the case that you want to use md5 password encryption:
+ <programlisting>
+#%PAM-1.0
+#
+# These lines allow a md5 systems to support passwords of at least 14
+# bytes with extra credit of 2 for digits and 2 for others the new
+# password must have at least three bytes that are not present in the
+# old password
+#
+password required pam_cracklib.so \
+ difok=3 minlen=15 dcredit= 2 ocredit=2
+password required pam_unix.so use_authtok nullok md5
+ </programlisting>
+ </para>
+
+ <para>
+ And here is another example in case you don't want to use credits:
+ <programlisting>
+#%PAM-1.0
+#
+# These lines require the user to select a password with a minimum
+# length of 8 and with at least 1 digit number, 1 upper case letter,
+# and 1 other character
+#
+password required pam_cracklib.so \
+ dcredit=-1 ucredit=-1 ocredit=-1 lcredit=0 minlen=8
+password required pam_unix.so use_authtok nullok md5
+ </programlisting>
+ </para>
+
+ </refsect1>
+
+ <refsect1 id='pam_cracklib-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_cracklib-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_cracklib was written by Cristian Gafton &lt;gafton@redhat.com&gt;
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_cracklib/pam_cracklib.c b/Linux-PAM/modules/pam_cracklib/pam_cracklib.c
index 8f3e4c42..9b496202 100644
--- a/Linux-PAM/modules/pam_cracklib/pam_cracklib.c
+++ b/Linux-PAM/modules/pam_cracklib/pam_cracklib.c
@@ -1,6 +1,5 @@
/*
* pam_cracklib module
- * $Id: pam_cracklib.c,v 1.9 2004/09/15 12:06:17 kukuk Exp $
*/
/*
@@ -35,7 +34,7 @@
* S.A.G. in the section on the cracklib module.
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#ifdef HAVE_CRYPT_H
@@ -49,16 +48,19 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <ctype.h>
+#include <limits.h>
+#ifdef HAVE_CRACK_H
+#include <crack.h>
+#else
extern char *FascistCheck(char *pw, const char *dictpath);
-
-#ifndef CRACKLIB_DICTPATH
-#define CRACKLIB_DICTPATH "/usr/share/dict/cracklib_dict"
#endif
-#define PROMPT1 "New %s%spassword: "
-#define PROMPT2 "Retype new %s%spassword: "
-#define MISTYPED_PASS "Sorry, passwords do not match"
+/* For Translators: "%s%s" could be replaced with "<service> " or "". */
+#define PROMPT1 _("New %s%spassword: ")
+/* For Translators: "%s%s" could be replaced with "<service> " or "". */
+#define PROMPT2 _("Retype new %s%spassword: ")
+#define MISTYPED_PASS _("Sorry, passwords do not match.")
#ifdef MIN
#undef MIN
@@ -76,23 +78,7 @@ extern char *FascistCheck(char *pw, const char *dictpath);
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-
-#ifndef LINUX_PAM
-#include <security/pam_appl.h>
-#endif /* LINUX_PAM */
-
-/* some syslogging */
-
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-Cracklib", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
+#include <security/pam_ext.h>
/* argument parsing */
#define PAM_DEBUG_ARG 0x0001
@@ -108,6 +94,7 @@ struct cracklib_options {
int oth_credit;
int use_authtok;
char prompt_type[BUFSIZ];
+ char cracklib_dictpath[PATH_MAX];
};
#define CO_RETRY_TIMES 1
@@ -121,7 +108,9 @@ struct cracklib_options {
#define CO_OTH_CREDIT 1
#define CO_USE_AUTHTOK 0
-static int _pam_parse(struct cracklib_options *opt, int argc, const char **argv)
+static int
+_pam_parse (pam_handle_t *pamh, struct cracklib_options *opt,
+ int argc, const char **argv)
{
int ctrl=0;
@@ -169,63 +158,21 @@ static int _pam_parse(struct cracklib_options *opt, int argc, const char **argv)
opt->oth_credit = 0;
} else if (!strncmp(*argv,"use_authtok",11)) {
opt->use_authtok = 1;
+ } else if (!strncmp(*argv,"dictpath=",9)) {
+ strncpy(opt->cracklib_dictpath, *argv+9,
+ sizeof(opt->cracklib_dictpath) - 1);
} else {
- _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv);
+ pam_syslog(pamh,LOG_ERR,"pam_parse: unknown option; %s",*argv);
}
}
opt->prompt_type[sizeof(opt->prompt_type) - 1] = '\0';
+ opt->cracklib_dictpath[sizeof(opt->cracklib_dictpath) - 1] = '\0';
return ctrl;
}
/* Helper functions */
-/* this is a front-end for module-application conversations */
-static int converse(pam_handle_t *pamh, int ctrl, int nargs,
- struct pam_message **message,
- struct pam_response **response)
-{
- int retval;
- struct pam_conv *conv = NULL;
-
- retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv);
-
- if ( retval == PAM_SUCCESS && conv ) {
- retval = conv->conv(nargs, (const struct pam_message **)message,
- response, conv->appdata_ptr);
- if (retval != PAM_SUCCESS && (ctrl && PAM_DEBUG_ARG)) {
- _pam_log(LOG_DEBUG, "conversation failure [%s]",
- pam_strerror(pamh, retval));
- }
- } else {
- _pam_log(LOG_ERR, "couldn't obtain coversation function [%s]",
- pam_strerror(pamh, retval));
- if ( retval == PAM_SUCCESS )
- retval = PAM_BAD_ITEM; /* conv was NULL */
- }
-
- return retval; /* propagate error status */
-}
-
-static int make_remark(pam_handle_t *pamh, unsigned int ctrl,
- int type, const char *text)
-{
- struct pam_message *pmsg[1], msg[1];
- struct pam_response *resp;
- int retval;
-
- pmsg[0] = &msg[0];
- msg[0].msg = text;
- msg[0].msg_style = type;
- resp = NULL;
-
- retval = converse(pamh, ctrl, 1, pmsg, &resp);
- if (retval == PAM_SUCCESS)
- _pam_drop_reply(resp, 1);
-
- return retval;
-}
-
/* use this to free strings. ESPECIALLY password strings */
static char *_pam_delete(register char *xx)
{
@@ -237,7 +184,7 @@ static char *_pam_delete(register char *xx)
/*
* can't be a palindrome - like `R A D A R' or `M A D A M'
*/
-static int palindrome(const char *old, const char *new)
+static int palindrome(const char *new)
{
int i, j;
@@ -256,7 +203,8 @@ static int palindrome(const char *old, const char *new)
* the other
*/
-static int distdifferent(const char *old, const char *new, int i, int j)
+static int distdifferent(const char *old, const char *new,
+ size_t i, size_t j)
{
char c, d;
@@ -274,7 +222,7 @@ static int distdifferent(const char *old, const char *new, int i, int j)
}
static int distcalculate(int **distances, const char *old, const char *new,
- int i, int j)
+ size_t i, size_t j)
{
int tmp = 0;
@@ -295,7 +243,7 @@ static int distcalculate(int **distances, const char *old, const char *new,
static int distance(const char *old, const char *new)
{
int **distances = NULL;
- int m, n, i, j, r;
+ size_t m, n, i, j, r;
m = strlen(old);
n = strlen(new);
@@ -344,8 +292,7 @@ static int similar(struct cracklib_options *opt,
/*
* a nice mix of characters.
*/
-static int simple(struct cracklib_options *opt,
- const char *old, const char *new)
+static int simple(struct cracklib_options *opt, const char *new)
{
int digits = 0;
int uppers = 0;
@@ -428,7 +375,7 @@ static const char * password_check(struct cracklib_options *opt, const char *old
char *oldmono, *newmono, *wrapped;
if (strcmp(new, old) == 0) {
- msg = "is the same as the old one";
+ msg = _("is the same as the old one");
return msg;
}
@@ -438,20 +385,20 @@ static const char * password_check(struct cracklib_options *opt, const char *old
strcpy (wrapped, oldmono);
strcat (wrapped, oldmono);
- if (palindrome(oldmono, newmono))
- msg = "is a palindrome";
+ if (palindrome(newmono))
+ msg = _("is a palindrome");
if (!msg && strcmp(oldmono, newmono) == 0)
- msg = "case changes only";
+ msg = _("case changes only");
if (!msg && similar(opt, oldmono, newmono))
- msg = "is too similar to the old one";
+ msg = _("is too similar to the old one");
- if (!msg && simple(opt, old, new))
- msg = "is too simple";
+ if (!msg && simple(opt, new))
+ msg = _("is too simple");
if (!msg && strstr(wrapped, newmono))
- msg = "is rotated";
+ msg = _("is rotated");
memset(newmono, 0, strlen(newmono));
memset(oldmono, 0, strlen(oldmono));
@@ -486,7 +433,7 @@ static const char * check_old_password(const char *forwho, const char *newpass)
s_pas = strtok(NULL, ":,");
while (s_pas != NULL) {
if (!strcmp(crypt(newpass, s_pas), s_pas)) {
- msg = "has been already used";
+ msg = _("has been already used");
break;
}
s_pas = strtok(NULL, ":,");
@@ -507,15 +454,14 @@ static int _pam_unix_approve_pass(pam_handle_t *pamh,
const char *pass_new)
{
const char *msg = NULL;
- const char *user;
+ const void *user;
int retval;
if (pass_new == NULL || (pass_old && !strcmp(pass_old,pass_new))) {
- if (ctrl && PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG, "bad authentication token");
- make_remark(pamh, ctrl, PAM_ERROR_MSG,
- pass_new == NULL ?
- "No password supplied":"Password unchanged" );
+ if (ctrl & PAM_DEBUG_ARG)
+ pam_syslog(pamh, LOG_DEBUG, "bad authentication token");
+ pam_error(pamh, "%s", pass_new == NULL ?
+ _("No password supplied"):_("Password unchanged"));
return PAM_AUTHTOK_ERR;
}
@@ -525,25 +471,20 @@ static int _pam_unix_approve_pass(pam_handle_t *pamh,
*/
msg = password_check(opt, pass_old,pass_new);
if (!msg) {
- retval = pam_get_item(pamh, PAM_USER, (const void **)&user);
+ retval = pam_get_item(pamh, PAM_USER, &user);
if (retval != PAM_SUCCESS || user == NULL) {
- if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_ERR,"Can not get username");
- return PAM_AUTHTOK_ERR;
- }
+ if (ctrl & PAM_DEBUG_ARG)
+ pam_syslog(pamh,LOG_ERR,"Can not get username");
+ return PAM_AUTHTOK_ERR;
}
msg = check_old_password(user, pass_new);
}
if (msg) {
- char remark[BUFSIZ];
-
- memset(remark,0,sizeof(remark));
- snprintf(remark,sizeof(remark),"BAD PASSWORD: %s",msg);
- if (ctrl && PAM_DEBUG_ARG)
- _pam_log(LOG_NOTICE, "new passwd fails strength check: %s",
- msg);
- make_remark(pamh, ctrl, PAM_ERROR_MSG, remark);
+ if (ctrl & PAM_DEBUG_ARG)
+ pam_syslog(pamh, LOG_NOTICE,
+ "new passwd fails strength check: %s", msg);
+ pam_error(pamh, _("BAD PASSWORD: %s"), msg);
return PAM_AUTHTOK_ERR;
};
return PAM_SUCCESS;
@@ -573,45 +514,26 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
options.use_authtok = CO_USE_AUTHTOK;
memset(options.prompt_type, 0, BUFSIZ);
strcpy(options.prompt_type,"UNIX");
+ memset(options.cracklib_dictpath, 0,
+ sizeof (options.cracklib_dictpath));
- ctrl = _pam_parse(&options, argc, argv);
+ ctrl = _pam_parse(pamh, &options, argc, argv);
if (flags & PAM_PRELIM_CHECK) {
/* Check for passwd dictionary */
- struct stat st;
- char buf[sizeof(CRACKLIB_DICTPATH)+10];
-
- D(("prelim check"));
-
- memset(buf,0,sizeof(buf)); /* zero the buffer */
- snprintf(buf,sizeof(buf),"%s.pwd",CRACKLIB_DICTPATH);
-
- if (!stat(buf,&st) && st.st_size)
- return PAM_SUCCESS;
- else {
- if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_NOTICE,"dict path '%s'[.pwd] is invalid",
- CRACKLIB_DICTPATH);
- return PAM_ABORT;
- }
-
- /* Not reached */
- return PAM_SERVICE_ERR;
-
+ /* We cannot do that, since the original path is compiled
+ into the cracklib library and we don't know it. */
+ return PAM_SUCCESS;
} else if (flags & PAM_UPDATE_AUTHTOK) {
int retval;
- char *token1, *token2, *oldtoken;
- struct pam_message msg[1],*pmsg[1];
- struct pam_response *resp;
- const char *cracklib_dictpath = CRACKLIB_DICTPATH;
- char prompt[BUFSIZ];
+ char *token1, *token2, *resp;
+ const void *oldtoken;
D(("do update"));
- retval = pam_get_item(pamh, PAM_OLDAUTHTOK,
- (const void **)&oldtoken);
+ retval = pam_get_item(pamh, PAM_OLDAUTHTOK, &oldtoken);
if (retval != PAM_SUCCESS) {
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_ERR,"Can not get old passwd");
+ pam_syslog(pamh,LOG_ERR,"Can not get old passwd");
oldtoken=NULL;
retval = PAM_SUCCESS;
}
@@ -637,71 +559,60 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
*/
if (options.use_authtok == 1) {
- const char *item = NULL;
+ const void *item = NULL;
- retval = pam_get_item(pamh, PAM_AUTHTOK, (const void **) &item);
+ retval = pam_get_item(pamh, PAM_AUTHTOK, &item);
if (retval != PAM_SUCCESS) {
/* very strange. */
- _pam_log(LOG_ALERT
- ,"pam_get_item returned error to pam_cracklib"
- );
+ pam_syslog(pamh, LOG_ALERT,
+ "pam_get_item returned error to pam_cracklib");
} else if (item != NULL) { /* we have a password! */
token1 = x_strdup(item);
item = NULL;
} else {
- retval = PAM_AUTHTOK_RECOVER_ERR; /* didn't work */
+ retval = PAM_AUTHTOK_RECOVERY_ERR; /* didn't work */
}
} else {
/* Prepare to ask the user for the first time */
- memset(prompt,0,sizeof(prompt));
- snprintf(prompt,sizeof(prompt),PROMPT1,
- options.prompt_type, options.prompt_type[0]?" ":"");
- pmsg[0] = &msg[0];
- msg[0].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[0].msg = prompt;
-
resp = NULL;
- retval = converse(pamh, ctrl, 1, pmsg, &resp);
- if (resp != NULL) {
- /* interpret the response */
- if (retval == PAM_SUCCESS) { /* a good conversation */
- token1 = x_strdup(resp[0].resp);
- if (token1 == NULL) {
- _pam_log(LOG_NOTICE,
- "could not recover authentication token 1");
- retval = PAM_AUTHTOK_RECOVER_ERR;
- }
- }
+ retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp,
+ PROMPT1, options.prompt_type,
+ options.prompt_type[0]?" ":"");
+
+ if (retval == PAM_SUCCESS) { /* a good conversation */
+ token1 = x_strdup(resp);
+ if (token1 == NULL) {
+ pam_syslog(pamh, LOG_NOTICE,
+ "could not recover authentication token 1");
+ retval = PAM_AUTHTOK_RECOVERY_ERR;
+ }
/*
* tidy up the conversation (resp_retcode) is ignored
*/
- _pam_drop_reply(resp, 1);
+ _pam_drop(resp);
} else {
retval = (retval == PAM_SUCCESS) ?
- PAM_AUTHTOK_RECOVER_ERR:retval ;
+ PAM_AUTHTOK_RECOVERY_ERR:retval ;
}
}
if (retval != PAM_SUCCESS) {
- if (ctrl && PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG,"unable to obtain a password");
+ if (ctrl & PAM_DEBUG_ARG)
+ pam_syslog(pamh,LOG_DEBUG,"unable to obtain a password");
continue;
}
D(("testing password, retval = %s", pam_strerror(pamh, retval)));
/* now test this passwd against cracklib */
{
- char *crack_msg;
- char remark[BUFSIZ];
+ const char *crack_msg;
- bzero(remark,sizeof(remark));
D(("against cracklib"));
- if ((crack_msg = FascistCheck(token1, cracklib_dictpath))) {
- if (ctrl && PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG,"bad password: %s",crack_msg);
- snprintf(remark,sizeof(remark),"BAD PASSWORD: %s", crack_msg);
- make_remark(pamh, ctrl, PAM_ERROR_MSG, remark);
+ if ((crack_msg = FascistCheck(token1,options.cracklib_dictpath[0] == '\0'?NULL:options.cracklib_dictpath))) {
+ if (ctrl & PAM_DEBUG_ARG)
+ pam_syslog(pamh,LOG_DEBUG,"bad password: %s",crack_msg);
+ pam_error(pamh, _("BAD PASSWORD: %s"), crack_msg);
if (getuid() || (flags & PAM_CHANGE_EXPIRED_AUTHTOK))
retval = PAM_AUTHTOK_ERR;
else
@@ -735,51 +646,41 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
/* Now we have a good passwd. Ask for it once again */
if (options.use_authtok == 0) {
- bzero(prompt,sizeof(prompt));
- snprintf(prompt,sizeof(prompt),PROMPT2,
- options.prompt_type, options.prompt_type[0]?" ":"");
- pmsg[0] = &msg[0];
- msg[0].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[0].msg = prompt;
-
resp = NULL;
- retval = converse(pamh, ctrl, 1, pmsg, &resp);
- if (resp != NULL) {
- /* interpret the response */
- if (retval == PAM_SUCCESS) { /* a good conversation */
- token2 = x_strdup(resp[0].resp);
- if (token2 == NULL) {
- _pam_log(LOG_NOTICE,
- "could not recover authentication token 2");
- retval = PAM_AUTHTOK_RECOVER_ERR;
- }
- }
+ retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp,
+ PROMPT2, options.prompt_type,
+ options.prompt_type[0]?" ":"");
+ if (retval == PAM_SUCCESS) { /* a good conversation */
+ token2 = x_strdup(resp);
+ if (token2 == NULL) {
+ pam_syslog(pamh,LOG_NOTICE,
+ "could not recover authentication token 2");
+ retval = PAM_AUTHTOK_RECOVERY_ERR;
+ }
/*
* tidy up the conversation (resp_retcode) is ignored
*/
- _pam_drop_reply(resp, 1);
- } else {
- retval = (retval == PAM_SUCCESS) ?
- PAM_AUTHTOK_RECOVER_ERR:retval ;
+ _pam_drop(resp);
}
- if (retval != PAM_SUCCESS) {
- if (ctrl && PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG
- ,"unable to obtain the password a second time");
- continue;
- }
+ /* No else, the a retval == PAM_SUCCESS path can change retval
+ to a failure code. */
+ if (retval != PAM_SUCCESS) {
+ if (ctrl & PAM_DEBUG_ARG)
+ pam_syslog(pamh,LOG_DEBUG,"unable to obtain retyped password");
+ continue;
+ }
/* Hopefully now token1 and token2 the same password ... */
if (strcmp(token1,token2) != 0) {
/* tell the user */
- make_remark(pamh, ctrl, PAM_ERROR_MSG, MISTYPED_PASS);
+ pam_error(pamh, "%s", MISTYPED_PASS);
token1 = _pam_delete(token1);
token2 = _pam_delete(token2);
pam_set_item(pamh, PAM_AUTHTOK, NULL);
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_NOTICE,"Password mistyped");
- retval = PAM_AUTHTOK_RECOVER_ERR;
+ pam_syslog(pamh,LOG_NOTICE,"Password mistyped");
+ retval = PAM_AUTHTOK_RECOVERY_ERR;
continue;
}
@@ -788,7 +689,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
*/
{
- const char *item = NULL;
+ const void *item = NULL;
retval = pam_set_item(pamh, PAM_AUTHTOK, token1);
@@ -797,10 +698,9 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
token2 = _pam_delete(token2);
if ( (retval != PAM_SUCCESS) ||
- ((retval = pam_get_item(pamh, PAM_AUTHTOK,
- (const void **)&item)
+ ((retval = pam_get_item(pamh, PAM_AUTHTOK, &item)
) != PAM_SUCCESS) ) {
- _pam_log(LOG_CRIT, "error manipulating password");
+ pam_syslog(pamh, LOG_CRIT, "error manipulating password");
continue;
}
item = NULL; /* break link to password */
@@ -812,7 +712,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
} else {
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_NOTICE, "UNKNOWN flags setting %02X",flags);
+ pam_syslog(pamh, LOG_NOTICE, "UNKNOWN flags setting %02X",flags);
return PAM_SERVICE_ERR;
}
diff --git a/Linux-PAM/modules/pam_cracklib/tst-pam_cracklib b/Linux-PAM/modules/pam_cracklib/tst-pam_cracklib
new file mode 100755
index 00000000..46a7060d
--- /dev/null
+++ b/Linux-PAM/modules/pam_cracklib/tst-pam_cracklib
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_cracklib.so
diff --git a/Linux-PAM/modules/pam_debug/Makefile b/Linux-PAM/modules/pam_debug/Makefile
deleted file mode 100644
index 56e9a14e..00000000
--- a/Linux-PAM/modules/pam_debug/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.1 2001/10/10 05:00:11 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_debug
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_debug/Makefile.am b/Linux-PAM/modules/pam_debug/Makefile.am
new file mode 100644
index 00000000..889d7877
--- /dev/null
+++ b/Linux-PAM/modules/pam_debug/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_debug
+
+man_MANS = pam_debug.8
+XMLS = README.xml pam_debug.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_debug.la
+
+TESTS = tst-pam_debug
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_debug.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_debug/Makefile.in b/Linux-PAM/modules/pam_debug/Makefile.in
new file mode 100644
index 00000000..b2d11867
--- /dev/null
+++ b/Linux-PAM/modules/pam_debug/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_debug
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_debug_la_LIBADD =
+pam_debug_la_SOURCES = pam_debug.c
+pam_debug_la_OBJECTS = pam_debug.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_debug.c
+DIST_SOURCES = pam_debug.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_debug
+man_MANS = pam_debug.8
+XMLS = README.xml pam_debug.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_debug.la
+TESTS = tst-pam_debug
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_debug/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_debug/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_debug.la: $(pam_debug_la_OBJECTS) $(pam_debug_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_debug_la_OBJECTS) $(pam_debug_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_debug.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_debug.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_debug/README b/Linux-PAM/modules/pam_debug/README
index 85401651..4afff114 100644
--- a/Linux-PAM/modules/pam_debug/README
+++ b/Linux-PAM/modules/pam_debug/README
@@ -1,15 +1,64 @@
-# $Id: README,v 1.1 2001/10/10 05:00:11 agmorgan Exp $
-#
+pam_debug — PAM module to debug the PAM stack
-This module returns what its module arguments tell it to return. It
-can be used for debugging libpam and/or an application.
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
-Here are some example ways to use it:
+DESCRIPTION
-auth requisite pam_permit.so
+The pam_debug PAM module is intended as a debugging aide for determining how
+the PAM stack is operating. This module returns what its module arguments tell
+it to return.
+
+OPTIONS
+
+auth=value
+
+ The pam_sm_authenticate(3) function will return value.
+
+cred=value
+
+ The pam_sm_setcred(3) function will return value.
+
+acct=value
+
+ The pam_sm_acct_mgmt(3) function will return value.
+
+prechauthtok=value
+
+ The pam_sm_chauthtok(3) function will return value if the PAM_PRELIM_CHECK
+ flag is set.
+
+chauthtok=value
+
+ The pam_sm_chauthtok(3) function will return value if the PAM_PRELIM_CHECK
+ flag is not set.
+
+open_session=value
+
+ The pam_sm_open_session(3) function will return value.
+
+close_session=value
+
+ The pam_sm_close_session(3) function will return value.
+
+Where value can be one of: success, open_err, symbol_err, service_err,
+system_err, buf_err, perm_denied, auth_err, cred_insufficient,
+authinfo_unavail, user_unknown, maxtries, new_authtok_reqd, acct_expired,
+session_err, cred_unavail, cred_expired, cred_err, no_module_data, conv_err,
+authtok_err, authtok_recover_err, authtok_lock_busy, authtok_disable_aging,
+try_again, ignore, abort, authtok_expired, module_unknown, bad_item,
+conv_again, incomplete.
+
+EXAMPLES
+
+auth requisite pam_permit.so
auth [success=2 default=ok] pam_debug.so auth=perm_denied cred=success
auth [default=reset] pam_debug.so auth=success cred=perm_denied
auth [success=done default=die] pam_debug.so
auth optional pam_debug.so auth=perm_denied cred=perm_denied
auth sufficient pam_debug.so auth=success cred=success
+
+AUTHOR
+
+pam_debug was written by Andrew G. Morgan <morgan@kernel.org>.
+
diff --git a/Linux-PAM/modules/pam_debug/README.xml b/Linux-PAM/modules/pam_debug/README.xml
new file mode 100644
index 00000000..ef41911b
--- /dev/null
+++ b/Linux-PAM/modules/pam_debug/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_debug.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_debug.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_debug-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_debug.8.xml" xpointer='xpointer(//refsect1[@id = "pam_debug-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_debug.8.xml" xpointer='xpointer(//refsect1[@id = "pam_debug-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_debug.8.xml" xpointer='xpointer(//refsect1[@id = "pam_debug-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_debug.8.xml" xpointer='xpointer(//refsect1[@id = "pam_debug-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_debug/pam_debug.8 b/Linux-PAM/modules/pam_debug/pam_debug.8
new file mode 100644
index 00000000..ae4a1407
--- /dev/null
+++ b/Linux-PAM/modules/pam_debug/pam_debug.8
@@ -0,0 +1,110 @@
+.\" Title: pam_debug
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/23/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_DEBUG" "8" "06/23/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_debug \- PAM module to debug the PAM stack
+.SH "SYNOPSIS"
+.HP 13
+\fBpam_debug.so\fR [auth=\fIvalue\fR] [cred=\fIvalue\fR] [acct=\fIvalue\fR] [prechauthtok=\fIvalue\fR] [chauthtok=\fIvalue\fR] [auth=\fIvalue\fR] [open_session=\fIvalue\fR] [close_session=\fIvalue\fR]
+.SH "DESCRIPTION"
+.PP
+The pam_debug PAM module is intended as a debugging aide for determining how the PAM stack is operating. This module returns what its module arguments tell it to return.
+.SH "OPTIONS"
+.TP 3n
+\fBauth=\fR\fB\fIvalue\fR\fR
+The
+\fBpam_sm_authenticate\fR(3)
+function will return
+\fIvalue\fR.
+.TP 3n
+\fBcred=\fR\fB\fIvalue\fR\fR
+The
+\fBpam_sm_setcred\fR(3)
+function will return
+\fIvalue\fR.
+.TP 3n
+\fBacct=\fR\fB\fIvalue\fR\fR
+The
+\fBpam_sm_acct_mgmt\fR(3)
+function will return
+\fIvalue\fR.
+.TP 3n
+\fBprechauthtok=\fR\fB\fIvalue\fR\fR
+The
+\fBpam_sm_chauthtok\fR(3)
+function will return
+\fIvalue\fR
+if the
+\fIPAM_PRELIM_CHECK\fR
+flag is set.
+.TP 3n
+\fBchauthtok=\fR\fB\fIvalue\fR\fR
+The
+\fBpam_sm_chauthtok\fR(3)
+function will return
+\fIvalue\fR
+if the
+\fIPAM_PRELIM_CHECK\fR
+flag is
+\fBnot\fR
+set.
+.TP 3n
+\fBopen_session=\fR\fB\fIvalue\fR\fR
+The
+\fBpam_sm_open_session\fR(3)
+function will return
+\fIvalue\fR.
+.TP 3n
+\fBclose_session=\fR\fB\fIvalue\fR\fR
+The
+\fBpam_sm_close_session\fR(3)
+function will return
+\fIvalue\fR.
+.PP
+Where
+\fIvalue\fR
+can be one of: success, open_err, symbol_err, service_err, system_err, buf_err, perm_denied, auth_err, cred_insufficient, authinfo_unavail, user_unknown, maxtries, new_authtok_reqd, acct_expired, session_err, cred_unavail, cred_expired, cred_err, no_module_data, conv_err, authtok_err, authtok_recover_err, authtok_lock_busy, authtok_disable_aging, try_again, ignore, abort, authtok_expired, module_unknown, bad_item, conv_again, incomplete.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The services
+\fBauth\fR,
+\fBaccount\fR,
+\fBpassword\fR
+and
+\fBsession\fR
+are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+Default return code if no other value was specified, else specified return value.
+.SH "EXAMPLES"
+.sp
+.RS 3n
+.nf
+auth requisite pam_permit.so
+auth [success=2 default=ok] pam_debug.so auth=perm_denied cred=success
+auth [default=reset] pam_debug.so auth=success cred=perm_denied
+auth [success=done default=die] pam_debug.so
+auth optional pam_debug.so auth=perm_denied cred=perm_denied
+auth sufficient pam_debug.so auth=success cred=success
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_debug was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_debug/pam_debug.8.xml b/Linux-PAM/modules/pam_debug/pam_debug.8.xml
new file mode 100644
index 00000000..65519852
--- /dev/null
+++ b/Linux-PAM/modules/pam_debug/pam_debug.8.xml
@@ -0,0 +1,231 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_debug">
+
+ <refmeta>
+ <refentrytitle>pam_debug</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_debug-name">
+ <refname>pam_debug</refname>
+ <refpurpose>PAM module to debug the PAM stack</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_debug-cmdsynopsis">
+ <command>pam_debug.so</command>
+ <arg choice="opt">
+ auth=<replaceable>value</replaceable>
+ </arg>
+ <arg choice="opt">
+ cred=<replaceable>value</replaceable>
+ </arg>
+ <arg choice="opt">
+ acct=<replaceable>value</replaceable>
+ </arg>
+ <arg choice="opt">
+ prechauthtok=<replaceable>value</replaceable>
+ </arg>
+ <arg choice="opt">
+ chauthtok=<replaceable>value</replaceable>
+ </arg>
+ <arg choice="opt">
+ auth=<replaceable>value</replaceable>
+ </arg>
+ <arg choice="opt">
+ open_session=<replaceable>value</replaceable>
+ </arg>
+ <arg choice="opt">
+ close_session=<replaceable>value</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_debug-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_debug PAM module is intended as a debugging aide for
+ determining how the PAM stack is operating. This module returns
+ what its module arguments tell it to return.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_debug-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>auth=<replaceable>value</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_sm_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function will return
+ <replaceable>value</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>cred=<replaceable>value</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_sm_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function will return
+ <replaceable>value</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>acct=<replaceable>value</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_sm_acct_mgmt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function will return
+ <replaceable>value</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>prechauthtok=<replaceable>value</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_sm_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function will return
+ <replaceable>value</replaceable> if the
+ <emphasis>PAM_PRELIM_CHECK</emphasis> flag is set.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>chauthtok=<replaceable>value</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_sm_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function will return
+ <replaceable>value</replaceable> if the
+ <emphasis>PAM_PRELIM_CHECK</emphasis> flag is
+ <emphasis remap='B'>not</emphasis> set.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>open_session=<replaceable>value</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_sm_open_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function will return
+ <replaceable>value</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>close_session=<replaceable>value</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The
+ <citerefentry>
+ <refentrytitle>pam_sm_close_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function will return
+ <replaceable>value</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ Where <replaceable>value</replaceable> can be one of: success,
+ open_err, symbol_err, service_err, system_err, buf_err, perm_denied,
+ auth_err, cred_insufficient, authinfo_unavail, user_unknown,
+ maxtries, new_authtok_reqd, acct_expired, session_err, cred_unavail,
+ cred_expired, cred_err, no_module_data, conv_err, authtok_err,
+ authtok_recover_err, authtok_lock_busy, authtok_disable_aging,
+ try_again, ignore, abort, authtok_expired, module_unknown,
+ bad_item, conv_again, incomplete.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_debug-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The services <option>auth</option>, <option>account</option>,
+ <option>password</option> and <option>session</option> are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_debug-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Default return code if no other value was specified,
+ else specified return value.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_debug-examples'>
+ <title>EXAMPLES</title>
+ <programlisting>
+auth requisite pam_permit.so
+auth [success=2 default=ok] pam_debug.so auth=perm_denied cred=success
+auth [default=reset] pam_debug.so auth=success cred=perm_denied
+auth [success=done default=die] pam_debug.so
+auth optional pam_debug.so auth=perm_denied cred=perm_denied
+auth sufficient pam_debug.so auth=success cred=success
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id='pam_debug-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_debug-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_debug was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_debug/pam_debug.c b/Linux-PAM/modules/pam_debug/pam_debug.c
index 819cd651..b0f5bf59 100644
--- a/Linux-PAM/modules/pam_debug/pam_debug.c
+++ b/Linux-PAM/modules/pam_debug/pam_debug.c
@@ -1,7 +1,7 @@
/* pam_permit module */
/*
- * $Id: pam_debug.c,v 1.2 2004/09/15 12:06:17 kukuk Exp $
+ * $Id: pam_debug.c,v 1.5 2006/01/24 09:42:46 kukuk Exp $
*
* Written by Andrew Morgan <morgan@kernel.org> 2001/02/04
*
@@ -9,6 +9,8 @@
#define DEFAULT_USER "nobody"
+#include "config.h"
+
#include <stdio.h>
/*
@@ -28,6 +30,7 @@
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
+#include <security/pam_ext.h>
#define _PAM_ACTION_UNDEF (-10)
#include "../../libpam/pam_tokens.h"
@@ -37,24 +40,11 @@
static int state(pam_handle_t *pamh, const char *text)
{
int retval;
- struct pam_conv *conv;
- struct pam_message msg[1], *mesg[1];
- struct pam_response *response;
-
- retval = pam_get_item(pamh, PAM_CONV, (const void **)&conv);
- if ((retval != PAM_SUCCESS) || (conv == NULL)) {
- D(("failed to obtain conversation function"));
- return PAM_ABORT;
- }
- msg[0].msg_style = PAM_TEXT_INFO;
- msg[0].msg = text;
- mesg[0] = &msg[0];
+ retval = pam_info (pamh, "%s", text);
- retval = conv->conv(1, (const struct pam_message **) mesg,
- &response, conv->appdata_ptr);
if (retval != PAM_SUCCESS) {
- D(("conversation failed"));
+ D(("pam_info failed"));
}
return retval;
@@ -86,8 +76,8 @@ static int parse_args(int retval, const char *event,
}
PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
int retval;
const char *user=NULL;
@@ -114,8 +104,8 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
}
PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_setcred(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
return parse_args(PAM_SUCCESS, "cred", pamh, argc, argv);
}
@@ -123,8 +113,8 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
/* --- account management functions --- */
PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
return parse_args(PAM_SUCCESS, "acct", pamh, argc, argv);
}
@@ -132,8 +122,8 @@ int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
/* --- password management --- */
PAM_EXTERN
-int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_chauthtok(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
if (flags & PAM_PRELIM_CHECK) {
return parse_args(PAM_SUCCESS, "prechauthtok", pamh, argc, argv);
@@ -145,15 +135,15 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc,
/* --- session management --- */
PAM_EXTERN
-int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc,
- const char **argv)
+int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
return parse_args(PAM_SUCCESS, "open_session", pamh, argc, argv);
}
PAM_EXTERN
-int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
return parse_args(PAM_SUCCESS, "close_session", pamh, argc, argv);
}
@@ -164,7 +154,7 @@ int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc
/* static module data */
-struct pam_module _pam_permit_modstruct = {
+struct pam_module _pam_debug_modstruct = {
"pam_debug",
pam_sm_authenticate,
pam_sm_setcred,
diff --git a/Linux-PAM/modules/pam_debug/tst-pam_debug b/Linux-PAM/modules/pam_debug/tst-pam_debug
new file mode 100755
index 00000000..f07ff640
--- /dev/null
+++ b/Linux-PAM/modules/pam_debug/tst-pam_debug
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_debug.so
diff --git a/Linux-PAM/modules/pam_deny/Makefile b/Linux-PAM/modules/pam_deny/Makefile
deleted file mode 100644
index 2fdd6e11..00000000
--- a/Linux-PAM/modules/pam_deny/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:03 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_deny
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_deny/Makefile.am b/Linux-PAM/modules/pam_deny/Makefile.am
new file mode 100644
index 00000000..9837f880
--- /dev/null
+++ b/Linux-PAM/modules/pam_deny/Makefile.am
@@ -0,0 +1,34 @@
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_deny
+
+man_MANS = pam_deny.8
+
+XMLS = README.xml pam_deny.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_deny.la
+
+if ENABLE_REGENERATE_MAN
+
+noinst_DATA = README
+
+README: pam_deny.8.xml
+
+-include $(top_srcdir)/Make.xml.rules
+endif
+
+TESTS = tst-pam_deny
diff --git a/Linux-PAM/modules/pam_deny/Makefile.in b/Linux-PAM/modules/pam_deny/Makefile.in
new file mode 100644
index 00000000..3fcee127
--- /dev/null
+++ b/Linux-PAM/modules/pam_deny/Makefile.in
@@ -0,0 +1,667 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_deny
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_deny_la_LIBADD =
+pam_deny_la_SOURCES = pam_deny.c
+pam_deny_la_OBJECTS = pam_deny.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_deny.c
+DIST_SOURCES = pam_deny.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_deny
+man_MANS = pam_deny.8
+XMLS = README.xml pam_deny.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_deny.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+TESTS = tst-pam_deny
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_deny/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_deny/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_deny.la: $(pam_deny_la_OBJECTS) $(pam_deny_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_deny_la_OBJECTS) $(pam_deny_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_deny.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_deny.8.xml
+
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_deny/README b/Linux-PAM/modules/pam_deny/README
index 2eb96d4e..6b3a86f8 100644
--- a/Linux-PAM/modules/pam_deny/README
+++ b/Linux-PAM/modules/pam_deny/README
@@ -1,4 +1,31 @@
-# $Id: README,v 1.1.1.1 2000/06/20 22:11:33 agmorgan Exp $
+pam_deny — The locking-out PAM module
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+This module can be used to deny access. It always indicates a failure to the
+application through the PAM framework. It might be suitable for using for
+default (the OTHER) entries.
+
+EXAMPLES
+
+#%PAM-1.0
#
+# If we don't have config entries for a service, the
+# OTHER entries are used. To be secure, warn and deny
+# access to everything.
+other auth required pam_warn.so
+other auth required pam_deny.so
+other account required pam_warn.so
+other account required pam_deny.so
+other password required pam_warn.so
+other password required pam_deny.so
+other session required pam_warn.so
+other session required pam_deny.so
+
+
+AUTHOR
+
+pam_deny was written by Andrew G. Morgan <morgan@kernel.org>
-this module always fails, it ignores all options.
diff --git a/Linux-PAM/modules/pam_deny/README.xml b/Linux-PAM/modules/pam_deny/README.xml
new file mode 100644
index 00000000..ff2e82b0
--- /dev/null
+++ b/Linux-PAM/modules/pam_deny/README.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_deny.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_deny.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_deny-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_deny.8.xml" xpointer='xpointer(//refsect1[@id = "pam_deny-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_deny.8.xml" xpointer='xpointer(//refsect1[@id = "pam_deny-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_deny.8.xml" xpointer='xpointer(//refsect1[@id = "pam_deny-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_deny/pam_deny.8 b/Linux-PAM/modules/pam_deny/pam_deny.8
new file mode 100644
index 00000000..f9f2d439
--- /dev/null
+++ b/Linux-PAM/modules/pam_deny/pam_deny.8
@@ -0,0 +1,74 @@
+.\" Title: pam_deny
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/21/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_DENY" "8" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_deny \- The locking\-out PAM module
+.SH "SYNOPSIS"
+.HP 12
+\fBpam_deny.so\fR
+.SH "DESCRIPTION"
+.PP
+This module can be used to deny access. It always indicates a failure to the application through the PAM framework. It might be suitable for using for default (the
+\fIOTHER\fR) entries.
+.SH "OPTIONS"
+.PP
+This module does not recognice any options.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+All services (\fBaccount\fR,
+\fBauth\fR,
+\fBpassword\fR
+and
+\fBsession\fR) are supported.
+.SH "RETURN VALUES"
+.PP
+.TP 3n
+PAM_AUTH_ERR
+This is returned by the account and auth services.
+.TP 3n
+PAM_CRED_ERR
+This is returned by the setcred function.
+.TP 3n
+PAM_AUTHTOK_ERR
+This is returned by the password service.
+.TP 3n
+PAM_SESSION_ERR
+This is returned by the session service.
+.SH "EXAMPLES"
+.sp
+.RS 3n
+.nf
+#%PAM\-1.0
+#
+# If we don't have config entries for a service, the
+# OTHER entries are used. To be secure, warn and deny
+# access to everything.
+other auth required pam_warn.so
+other auth required pam_deny.so
+other account required pam_warn.so
+other account required pam_deny.so
+other password required pam_warn.so
+other password required pam_deny.so
+other session required pam_warn.so
+other session required pam_deny.so
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_deny was written by Andrew G. Morgan <morgan@kernel.org>
diff --git a/Linux-PAM/modules/pam_deny/pam_deny.8.xml b/Linux-PAM/modules/pam_deny/pam_deny.8.xml
new file mode 100644
index 00000000..91916003
--- /dev/null
+++ b/Linux-PAM/modules/pam_deny/pam_deny.8.xml
@@ -0,0 +1,135 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_deny">
+
+ <refmeta>
+ <refentrytitle>pam_deny</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_deny-name">
+ <refname>pam_deny</refname>
+ <refpurpose>The locking-out PAM module</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_deny-cmdsynopsis">
+ <command>pam_deny.so</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_deny-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ This module can be used to deny access. It always indicates a failure
+ to the application through the PAM framework. It might be suitable
+ for using for default (the <emphasis>OTHER</emphasis>) entries.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_deny-options">
+ <title>OPTIONS</title>
+ <para>This module does not recognice any options.</para>
+ </refsect1>
+
+ <refsect1 id="pam_deny-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ All services (<option>account</option>, <option>auth</option>,
+ <option>password</option> and <option>session</option>) are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_deny-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ This is returned by the account and auth services.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_CRED_ERR</term>
+ <listitem>
+ <para>
+ This is returned by the setcred function.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_AUTHTOK_ERR</term>
+ <listitem>
+ <para>
+ This is returned by the password service.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SESSION_ERR</term>
+ <listitem>
+ <para>
+ This is returned by the session service.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_deny-examples'>
+ <title>EXAMPLES</title>
+ <programlisting>
+#%PAM-1.0
+#
+# If we don't have config entries for a service, the
+# OTHER entries are used. To be secure, warn and deny
+# access to everything.
+other auth required pam_warn.so
+other auth required pam_deny.so
+other account required pam_warn.so
+other account required pam_deny.so
+other password required pam_warn.so
+other password required pam_deny.so
+other session required pam_warn.so
+other session required pam_deny.so
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id='pam_deny-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_deny-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_deny was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_deny/pam_deny.c b/Linux-PAM/modules/pam_deny/pam_deny.c
index 8be1a8a8..83524802 100644
--- a/Linux-PAM/modules/pam_deny/pam_deny.c
+++ b/Linux-PAM/modules/pam_deny/pam_deny.c
@@ -1,7 +1,7 @@
-/* pam_permit module */
+/* pam_deny module */
/*
- * $Id: pam_deny.c,v 1.2 2000/12/04 19:02:34 baggins Exp $
+ * $Id: pam_deny.c,v 1.4 2005/12/14 09:58:32 kukuk Exp $
*
* Written by Andrew Morgan <morgan@parc.power.net> 1996/3/11
*
@@ -14,6 +14,8 @@
* modules include file to define their prototypes.
*/
+#include "config.h"
+
#define PAM_SM_AUTH
#define PAM_SM_ACCOUNT
#define PAM_SM_SESSION
@@ -23,46 +25,52 @@
/* --- authentication management functions --- */
-PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_AUTH_ERR;
}
-PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
- return PAM_CRED_UNAVAIL;
+ return PAM_CRED_ERR;
}
/* --- account management functions --- */
-PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
- return PAM_ACCT_EXPIRED;
+ return PAM_AUTH_ERR;
}
/* --- password management --- */
-PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_chauthtok(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_AUTHTOK_ERR;
}
/* --- session management --- */
-PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_open_session(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
- return PAM_SYSTEM_ERR;
+ return PAM_SESSION_ERR;
}
-PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_close_session(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
- return PAM_SYSTEM_ERR;
+ return PAM_SESSION_ERR;
}
/* end of module definition */
diff --git a/Linux-PAM/modules/pam_deny/tst-pam_deny b/Linux-PAM/modules/pam_deny/tst-pam_deny
new file mode 100755
index 00000000..7d9d6bad
--- /dev/null
+++ b/Linux-PAM/modules/pam_deny/tst-pam_deny
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_deny.so
diff --git a/Linux-PAM/modules/pam_echo/Makefile.am b/Linux-PAM/modules/pam_echo/Makefile.am
new file mode 100644
index 00000000..40415c7b
--- /dev/null
+++ b/Linux-PAM/modules/pam_echo/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_echo
+
+man_MANS = pam_echo.8
+
+XMLS = README.xml pam_echo.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_echo.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_echo.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
+TESTS = tst-pam_echo
diff --git a/Linux-PAM/modules/pam_echo/Makefile.in b/Linux-PAM/modules/pam_echo/Makefile.in
new file mode 100644
index 00000000..b584cfdd
--- /dev/null
+++ b/Linux-PAM/modules/pam_echo/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_echo
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_echo_la_LIBADD =
+pam_echo_la_SOURCES = pam_echo.c
+pam_echo_la_OBJECTS = pam_echo.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_echo.c
+DIST_SOURCES = pam_echo.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_echo
+man_MANS = pam_echo.8
+XMLS = README.xml pam_echo.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_echo.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+TESTS = tst-pam_echo
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_echo/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_echo/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_echo.la: $(pam_echo_la_OBJECTS) $(pam_echo_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_echo_la_OBJECTS) $(pam_echo_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_echo.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_echo.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_echo/README b/Linux-PAM/modules/pam_echo/README
new file mode 100644
index 00000000..fca26b77
--- /dev/null
+++ b/Linux-PAM/modules/pam_echo/README
@@ -0,0 +1,50 @@
+pam_echo — PAM module for printing text messages
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_echo PAM module is for printing text messages to inform user about
+special things. Sequences starting with the % character are interpreted in the
+following way:
+
+%H
+
+ The name of the remote host (PAM_RHOST).
+
+%h
+
+ The name of the local host.
+
+%s
+
+ The service name (PAM_SERVICE).
+
+%t
+
+ The name of the controlling terminal (PAM_TTY).
+
+%U
+
+ The remote user name (PAM_RUSER).
+
+%u
+
+ The local user name (PAM_USER).
+
+All other sequences beginning with % expands to the characters following the %
+character.
+
+EXAMPLES
+
+For an example of the use of this module, we show how it may be used to print
+informations about good passwords:
+
+password optional pam_echo.so file=/usr/share/doc/good-password.txt
+password required pam_unix.so
+
+
+AUTHOR
+
+Thorsten Kukuk <kukuk@thkukuk.de>
+
diff --git a/Linux-PAM/modules/pam_echo/README.xml b/Linux-PAM/modules/pam_echo/README.xml
new file mode 100644
index 00000000..b1556e38
--- /dev/null
+++ b/Linux-PAM/modules/pam_echo/README.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_echo.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_echo.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_echo-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_echo.8.xml" xpointer='xpointer(//refsect1[@id = "pam_echo-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_echo.8.xml" xpointer='xpointer(//refsect1[@id = "pam_echo-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_echo.8.xml" xpointer='xpointer(//refsect1[@id = "pam_echo-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_echo/pam_echo.8 b/Linux-PAM/modules/pam_echo/pam_echo.8
new file mode 100644
index 00000000..423a8e1b
--- /dev/null
+++ b/Linux-PAM/modules/pam_echo/pam_echo.8
@@ -0,0 +1,88 @@
+.\" Title: pam_echo
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/21/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_ECHO" "8" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_echo \- PAM module for printing text messages
+.SH "SYNOPSIS"
+.HP 12
+\fBpam_echo.so\fR [file=\fI/path/message\fR]
+.SH "DESCRIPTION"
+.PP
+The
+\fIpam_echo\fR
+PAM module is for printing text messages to inform user about special things. Sequences starting with the
+\fI%\fR
+character are interpreted in the following way:
+.TP 3n
+\fI%H\fR
+The name of the remote host (PAM_RHOST).
+.TP 3n
+\fB%h\fR
+The name of the local host.
+.TP 3n
+\fI%s\fR
+The service name (PAM_SERVICE).
+.TP 3n
+\fI%t\fR
+The name of the controlling terminal (PAM_TTY).
+.TP 3n
+\fI%U\fR
+The remote user name (PAM_RUSER).
+.TP 3n
+\fI%u\fR
+The local user name (PAM_USER).
+.PP
+All other sequences beginning with
+\fI%\fR
+expands to the characters following the
+\fI%\fR
+character.
+.SH "OPTIONS"
+.TP 3n
+\fBfile=\fR\fB\fI/path/message\fR\fR
+The content of the file
+\fI/path/message\fR
+will be printed with the PAM conversion function as PAM_TEXT_INFO.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+All services are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_SUCCESS
+Message was successful printed.
+.TP 3n
+PAM_IGNORE
+PAM_SILENT flag was given or message file does not exist, no message printed.
+.SH "EXAMPLES"
+.PP
+For an example of the use of this module, we show how it may be used to print informations about good passwords:
+.sp
+.RS 3n
+.nf
+password optional pam_echo.so file=/usr/share/doc/good\-password.txt
+password required pam_unix.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(8),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+Thorsten Kukuk <kukuk@thkukuk.de>
diff --git a/Linux-PAM/modules/pam_echo/pam_echo.8.xml b/Linux-PAM/modules/pam_echo/pam_echo.8.xml
new file mode 100644
index 00000000..4a495195
--- /dev/null
+++ b/Linux-PAM/modules/pam_echo/pam_echo.8.xml
@@ -0,0 +1,168 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_echo'>
+ <refmeta>
+ <refentrytitle>pam_echo</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_echo-name'>
+ <refname>pam_echo</refname>
+ <refpurpose>PAM module for printing text messages</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_echo-cmdsynopsis">
+ <command>pam_echo.so</command>
+ <arg choice="opt">
+ file=<replaceable>/path/message</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_echo-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <emphasis>pam_echo</emphasis> PAM module is for printing
+ text messages to inform user about special things. Sequences
+ starting with the <emphasis>%</emphasis> character are
+ interpreted in the following way:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term><emphasis>%H</emphasis></term>
+ <listitem>
+ <para>The name of the remote host (PAM_RHOST).</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>%h</emphasis></term>
+ <listitem>
+ <para>The name of the local host.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis>%s</emphasis></term>
+ <listitem>
+ <para>The service name (PAM_SERVICE).</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis>%t</emphasis></term>
+ <listitem>
+ <para>The name of the controlling terminal (PAM_TTY).</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis>%U</emphasis></term>
+ <listitem>
+ <para>The remote user name (PAM_RUSER).</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis>%u</emphasis></term>
+ <listitem>
+ <para>The local user name (PAM_USER).</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ All other sequences beginning with <emphasis>%</emphasis>
+ expands to the characters following the <emphasis>%</emphasis>
+ character.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_echo-options'>
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>file=<replaceable>/path/message</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The content of the file <filename>/path/message</filename>
+ will be printed with the PAM conversion function as PAM_TEXT_INFO.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_echo-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ All services are supported.
+ </para>
+ </refsect1>
+
+
+ <refsect1 id="pam_echo-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Message was successful printed.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ PAM_SILENT flag was given or message file does not
+ exist, no message printed.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_echo-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ For an example of the use of this module, we show how it may be
+ used to print informations about good passwords:
+ <programlisting>
+password optional pam_echo.so file=/usr/share/doc/good-password.txt
+password required pam_unix.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+
+ <refsect1 id='pam_echo-see_also'><title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry></para>
+ </refsect1>
+
+ <refsect1 id='pam_echo-author'>
+ <title>AUTHOR</title>
+ <para>Thorsten Kukuk &lt;kukuk@thkukuk.de&gt;</para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_echo/pam_echo.c b/Linux-PAM/modules/pam_echo/pam_echo.c
new file mode 100644
index 00000000..31ebca22
--- /dev/null
+++ b/Linux-PAM/modules/pam_echo/pam_echo.c
@@ -0,0 +1,269 @@
+/*
+ * Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#if defined(HAVE_CONFIG_H)
+#include "config.h"
+#endif
+
+#include <errno.h>
+#include <stdio.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <limits.h>
+#include <syslog.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#ifndef HOST_NAME_MAX
+#define HOST_NAME_MAX 255
+#endif
+
+#define PAM_SM_ACCOUNT
+#define PAM_SM_AUTH
+#define PAM_SM_PASSWORD
+#define PAM_SM_SESSION
+
+#include <security/pam_modules.h>
+#include <security/pam_modutil.h>
+#include <security/_pam_macros.h>
+#include <security/pam_ext.h>
+
+static int
+replace_and_print (pam_handle_t *pamh, const char *mesg)
+{
+ char *output;
+ size_t length = strlen (mesg) + PAM_MAX_MSG_SIZE;
+ char myhostname[HOST_NAME_MAX+1];
+ const void *str = NULL;
+ const char *p, *q;
+ int item;
+ size_t len;
+
+ output = malloc (length);
+ if (output == NULL)
+ {
+ pam_syslog (pamh, LOG_ERR, "running out of memory");
+ return PAM_BUF_ERR;
+ }
+
+ for (p = mesg, len = 0; *p != '\0' && len < length - 1; ++p)
+ {
+ if (*p != '%' || p[1] == '\0')
+ {
+ output[len++] = *p;
+ continue;
+ }
+ switch (*++p)
+ {
+ case 'H':
+ item = PAM_RHOST;
+ break;
+ case 'h':
+ item = -2; /* aka PAM_LOCALHOST */
+ break;
+ case 's':
+ item = PAM_SERVICE;
+ break;
+ case 't':
+ item = PAM_TTY;
+ break;
+ case 'U':
+ item = PAM_RUSER;
+ break;
+ case 'u':
+ item = PAM_USER;
+ break;
+ default:
+ output[len++] = *p;
+ continue;
+ }
+ if (item == -2)
+ {
+ if (gethostname (myhostname, sizeof (myhostname)) == -1)
+ str = NULL;
+ else
+ str = &myhostname;
+ }
+ else
+ pam_get_item (pamh, item, &str);
+ if (str == NULL)
+ str = "(null)";
+ for (q = str; *q != '\0' && len < length - 1; ++q)
+ output[len++] = *q;
+ }
+ output[len] = '\0';
+
+ pam_info (pamh, "%s", output);
+ free (output);
+
+ return PAM_SUCCESS;
+}
+
+static int
+pam_echo (pam_handle_t *pamh, int flags, int argc, const char **argv)
+{
+ int fd;
+ int orig_argc = argc;
+ const char **orig_argv = argv;
+ const char *file = NULL;
+ int retval;
+
+ if (flags & PAM_SILENT)
+ return PAM_IGNORE;
+
+ for (; argc-- > 0; ++argv)
+ {
+ if (!strncmp (*argv, "file=", 5))
+ file = (5 + *argv);
+ }
+
+ /* No file= option, use argument for output. */
+ if (file == NULL || file[0] == '\0')
+ {
+ char msg[PAM_MAX_MSG_SIZE];
+ const char *p;
+ int i;
+ size_t len;
+
+ for (i = 0, len = 0; i < orig_argc && len < sizeof (msg) - 1; ++i)
+ {
+ if (i > 0)
+ msg[len++] = ' ';
+ for (p = orig_argv[i]; *p != '\0' && len < sizeof(msg) - 1; ++p)
+ msg[len++] = *p;
+ }
+ msg[len] = '\0';
+
+ retval = replace_and_print (pamh, msg);
+ }
+ else if ((fd = open (file, O_RDONLY, 0)) >= 0)
+ {
+ char *mtmp = NULL;
+ struct stat st;
+
+ /* load file into message buffer. */
+ if ((fstat (fd, &st) < 0) || !st.st_size)
+ return PAM_IGNORE;
+
+ mtmp = malloc (st.st_size + 1);
+ if (!mtmp)
+ return PAM_BUF_ERR;
+
+ if (pam_modutil_read (fd, mtmp, st.st_size) == -1)
+ {
+ pam_syslog (pamh, LOG_ERR, "Error while reading %s: %m", file);
+ free (mtmp);
+ return PAM_IGNORE;
+ }
+
+ if (mtmp[st.st_size - 1] == '\n')
+ mtmp[st.st_size - 1] = '\0';
+ else
+ mtmp[st.st_size] = '\0';
+
+ close (fd);
+ retval = replace_and_print (pamh, mtmp);
+ free (mtmp);
+ }
+ else
+ {
+ pam_syslog (pamh, LOG_ERR, "Cannot open %s: %m", file);
+ retval = PAM_IGNORE;
+ }
+ return retval;
+}
+
+int
+pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc,
+ const char **argv)
+{
+ return pam_echo (pamh, flags, argc, argv);
+}
+
+int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_IGNORE;
+}
+
+int
+pam_sm_acct_mgmt (pam_handle_t *pamh, int flags, int argc,
+ const char **argv)
+{
+ return pam_echo (pamh, flags, argc, argv);
+}
+
+int
+pam_sm_open_session (pam_handle_t *pamh, int flags, int argc,
+ const char **argv)
+{
+ return pam_echo (pamh, flags, argc, argv);
+}
+
+int
+pam_sm_close_session (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_IGNORE;
+}
+
+int
+pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc,
+ const char **argv)
+{
+ if (flags & PAM_PRELIM_CHECK)
+ return pam_echo (pamh, flags, argc, argv);
+ else
+ return PAM_IGNORE;
+}
+
+#ifdef PAM_STATIC
+
+/* static module data */
+
+struct pam_module _pam_echo_modstruct = {
+ "pam_echo",
+ pam_sm_authenticate,
+ pam_sm_setcred,
+ pam_sm_acct_mgmt,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ pam_sm_chauthtok,
+};
+
+#endif
diff --git a/Linux-PAM/modules/pam_echo/tst-pam_echo b/Linux-PAM/modules/pam_echo/tst-pam_echo
new file mode 100755
index 00000000..483a2c23
--- /dev/null
+++ b/Linux-PAM/modules/pam_echo/tst-pam_echo
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_echo.so
diff --git a/Linux-PAM/modules/pam_env/Makefile b/Linux-PAM/modules/pam_env/Makefile
deleted file mode 100644
index 189f1ee3..00000000
--- a/Linux-PAM/modules/pam_env/Makefile
+++ /dev/null
@@ -1,22 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:03 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-
-include ../../Make.Rules
-
-TITLE=pam_env
-LOCAL_CONFILE=./pam_env.conf-example
-INSTALLED_CONFILE=$(SCONFIGD)/pam_env.conf
-
-DEFS=-DDEFAULT_CONF_FILE=\"$(INSTALLED_CONFILE)\"
-CFLAGS += $(DEFS)
-
-MODULE_SIMPLE_INSTALL=bash -f ../install_conf "$(FAKEROOT)" "$(SCONFIGD)" "$(INSTALLED_CONFILE)" "$(TITLE)" "$(LOCAL_CONFILE)"
-MODULE_SIMPLE_REMOVE=rm -f $(FAKEROOT)$(INSTALLED_CONFILE)
-MODULE_SIMPLE_CLEAN=rm -f ./.ignore_age
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_env/Makefile.am b/Linux-PAM/modules/pam_env/Makefile.am
new file mode 100644
index 00000000..83236e9b
--- /dev/null
+++ b/Linux-PAM/modules/pam_env/Makefile.am
@@ -0,0 +1,35 @@
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README pam_env.conf $(MANS) $(XMLS) tst-pam_env environment
+
+man_MANS = pam_env.conf.5 pam_env.8
+
+XMLS = README.xml pam_env.conf.5.xml pam_env.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DDEFAULT_CONF_FILE=\"$(SCONFIGDIR)/pam_env.conf\"
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_env.la
+
+secureconf_DATA = pam_env.conf
+sysconf_DATA = environment
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_env.8.xml pam_env.conf.5.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
+TESTS = tst-pam_env
diff --git a/Linux-PAM/modules/pam_env/Makefile.in b/Linux-PAM/modules/pam_env/Makefile.in
new file mode 100644
index 00000000..7bd1e9a3
--- /dev/null
+++ b/Linux-PAM/modules/pam_env/Makefile.in
@@ -0,0 +1,757 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_env
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" \
+ "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)" \
+ "$(DESTDIR)$(sysconfdir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_env_la_LIBADD =
+pam_env_la_SOURCES = pam_env.c
+pam_env_la_OBJECTS = pam_env.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_env.c
+DIST_SOURCES = pam_env.c
+man5dir = $(mandir)/man5
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+secureconfDATA_INSTALL = $(INSTALL_DATA)
+sysconfDATA_INSTALL = $(INSTALL_DATA)
+DATA = $(noinst_DATA) $(secureconf_DATA) $(sysconf_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README pam_env.conf $(MANS) $(XMLS) tst-pam_env environment
+man_MANS = pam_env.conf.5 pam_env.8
+XMLS = README.xml pam_env.conf.5.xml pam_env.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DDEFAULT_CONF_FILE=\"$(SCONFIGDIR)/pam_env.conf\"
+
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_env.la
+secureconf_DATA = pam_env.conf
+sysconf_DATA = environment
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+TESTS = tst-pam_env
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_env/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_env/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_env.la: $(pam_env_la_OBJECTS) $(pam_env_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_env_la_OBJECTS) $(pam_env_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_env.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man5: $(man5_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)"
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+uninstall-man5:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+install-secureconfDATA: $(secureconf_DATA)
+ @$(NORMAL_INSTALL)
+ test -z "$(secureconfdir)" || $(MKDIR_P) "$(DESTDIR)$(secureconfdir)"
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(secureconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ $(secureconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+uninstall-secureconfDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+install-sysconfDATA: $(sysconf_DATA)
+ @$(NORMAL_INSTALL)
+ test -z "$(sysconfdir)" || $(MKDIR_P) "$(DESTDIR)$(sysconfdir)"
+ @list='$(sysconf_DATA)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(sysconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(sysconfdir)/$$f'"; \
+ $(sysconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(sysconfdir)/$$f"; \
+ done
+
+uninstall-sysconfDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(sysconf_DATA)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(sysconfdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(sysconfdir)/$$f"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)" "$(DESTDIR)$(sysconfdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-secureconfDATA \
+ install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am: install-sysconfDATA
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man5 install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-secureconfDATA \
+ uninstall-securelibLTLIBRARIES uninstall-sysconfDATA
+
+uninstall-man: uninstall-man5 uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man5 install-man8 \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-secureconfDATA install-securelibLTLIBRARIES \
+ install-strip install-sysconfDATA installcheck installcheck-am \
+ installdirs maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \
+ uninstall-am uninstall-man uninstall-man5 uninstall-man8 \
+ uninstall-secureconfDATA uninstall-securelibLTLIBRARIES \
+ uninstall-sysconfDATA
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_env.8.xml pam_env.conf.5.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_env/README b/Linux-PAM/modules/pam_env/README
index 5053618a..81c63154 100644
--- a/Linux-PAM/modules/pam_env/README
+++ b/Linux-PAM/modules/pam_env/README
@@ -1,72 +1,74 @@
-# $Date: 2000/06/20 22:11:33 $
-# $Author: agmorgan $
-# $Id: README,v 1.1.1.1 2000/06/20 22:11:33 agmorgan Exp $
-#
-# This is the configuration file for pam_env, a PAM module to load in
-# a configurable list of environment variables for a
-#
-# The original idea for this came from Andrew G. Morgan ...
-#<quote>
-# Mmm. Perhaps you might like to write a pam_env module that reads a
-# default environment from a file? I can see that as REALLY
-# useful... Note it would be an "auth" module that returns PAM_IGNORE
-# for the auth part and sets the environment returning PAM_SUCCESS in
-# the setcred function...
-#</quote>
-#
-# What I wanted was the REMOTEHOST variable set, purely for selfish
-# reasons, and AGM didn't want it added to the SimpleApps login
-# program (which is where I added the patch). So, my first concern is
-# that variable, from there there are numerous others that might/would
-# be useful to be set: NNTPSERVER, LESS, PATH, PAGER, MANPAGER .....
-#
-# Of course, these are a different kind of variable than REMOTEHOST in
-# that they are things that are likely to be configured by
-# administrators rather than set by logging in, how to treat them both
-# in the same config file?
-#
-# Here is my idea:
-#
-# Each line starts with the variable name, there are then two possible
-# options for each variable DEFAULT and OVERRIDE.
-# DEFAULT allows and administrator to set the value of the
-# variable to some default value, if none is supplied then the empty
-# string is assumed. The OVERRIDE option tells pam_env that it should
-# enter in its value (overriding the default value) if there is one
-# to use. OVERRIDE is not used, "" is assumed and no override will be
-# done.
-#
-# VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]]
-#
-# (Possibly non-existent) environment variables may be used in values
-# using the ${string} syntax and (possibly non-existent) PAM_ITEMs may
-# be used in values using the @{string} syntax. Both the $ and @
-# characters can be backslash escaped to be used as literal values
-# values can be delimited with "", escaped " not supported.
-#
-#
-# First, some special variables
-#
-# Set the REMOTEHOST variable for any hosts that are remote, default
-# to "localhost" rather than not being set at all
-REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
-#
-# Set the DISPLAY variable if it seems reasonable
-DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
-#
-#
-# Now some simple variables
-#
-PAGER DEFAULT=less
-MANPAGER DEFAULT=less
-LESS DEFAULT="M q e h15 z23 b80"
-NNTPSERVER DEFAULT=localhost
-PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\
-:/usr/bin:/usr/local/bin/X11:/usr/bin/X11
-#
-# silly examples of escaped variables, just to show how they work.
-#
-DOLLAR DEFAULT=\$
-DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR}
-DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST}
-ATSIGN DEFAULT="" OVERRIDE=\@
+pam_env — PAM module to set/unset environment variables
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_env PAM module allows the (un)setting of environment variables.
+Supported is the use of previously set environment variables as well as
+PAM_ITEMs such as PAM_RHOST.
+
+By default rules for (un)setting of variables is taken from the config file /
+etc/security/pam_env.conf if no other file is specified.
+
+This module can also parse a file with simple KEY=VAL pairs on seperate lines
+(/etc/environment by default). You can change the default file to parse, with
+the envfile flag and turn it on or off by setting the readenv flag to 1 or 0
+respectively.
+
+OPTIONS
+
+conffile=/path/to/pam_env.conf
+
+ Indicate an alternative pam_env.conf style configuration file to override
+ the default. This can be useful when different services need different
+ environments.
+
+debug
+
+ A lot of debug informations are printed with syslog(3).
+
+envfile=/path/to/environment
+
+ Indicate an alternative environment file to override the default. This can
+ be useful when different services need different environments.
+
+readenv=0|1
+
+ Turns on or off the reading of the file specified by envfile (0 is off, 1
+ is on). By default this option is on.
+
+EXAMPLES
+
+These are some example lines which might be specified in /etc/security/
+pam_env.conf.
+
+Set the REMOTEHOST variable for any hosts that are remote, default to
+"localhost" rather than not being set at all
+
+ REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
+
+
+Set the DISPLAY variable if it seems reasonable
+
+ DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
+
+
+Now some simple variables
+
+ PAGER DEFAULT=less
+ MANPAGER DEFAULT=less
+ LESS DEFAULT="M q e h15 z23 b80"
+ NNTPSERVER DEFAULT=localhost
+ PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\
+ :/usr/bin:/usr/local/bin/X11:/usr/bin/X11
+
+
+Silly examples of escaped variables, just to show how they work.
+
+ DOLLAR DEFAULT=\$
+ DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR}
+ DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST}
+ ATSIGN DEFAULT="" OVERRIDE=\@
+
+
diff --git a/Linux-PAM/modules/pam_env/README.xml b/Linux-PAM/modules/pam_env/README.xml
new file mode 100644
index 00000000..21a9b855
--- /dev/null
+++ b/Linux-PAM/modules/pam_env/README.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_env.8.xml">
+-->
+<!--
+<!ENTITY accessconf SYSTEM "pam_env.conf.5.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_env.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_env-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_env.8.xml" xpointer='xpointer(//refsect1[@id = "pam_env-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_env.8.xml" xpointer='xpointer(//refsect1[@id = "pam_env-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_env.conf.5.xml" xpointer='xpointer(//refsect1[@id = "pam_env.conf-examples"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_env/environment b/Linux-PAM/modules/pam_env/environment
new file mode 100644
index 00000000..f46b8d94
--- /dev/null
+++ b/Linux-PAM/modules/pam_env/environment
@@ -0,0 +1,5 @@
+#
+# This file is parsed by pam_env module
+#
+# Syntax: simple "KEY=VAL" pairs on seperate lines
+#
diff --git a/Linux-PAM/modules/pam_env/pam_env.8 b/Linux-PAM/modules/pam_env/pam_env.8
new file mode 100644
index 00000000..e7746de3
--- /dev/null
+++ b/Linux-PAM/modules/pam_env/pam_env.8
@@ -0,0 +1,89 @@
+.\" Title: pam_env
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/21/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_ENV" "8" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_env \- PAM module to set/unset environment variables
+.SH "SYNOPSIS"
+.HP 11
+\fBpam_env.so\fR [debug] [conffile=\fIconf\-file\fR] [envfile=\fIenv\-file\fR] [readenv=\fI0|1\fR]
+.SH "DESCRIPTION"
+.PP
+The pam_env PAM module allows the (un)setting of environment variables. Supported is the use of previously set environment variables as well as
+\fIPAM_ITEM\fRs such as
+\fIPAM_RHOST\fR.
+.PP
+By default rules for (un)setting of variables is taken from the config file
+\fI/etc/security/pam_env.conf\fR
+if no other file is specified.
+.PP
+This module can also parse a file with simple
+\fIKEY=VAL\fR
+pairs on seperate lines (\fI/etc/environment\fR
+by default). You can change the default file to parse, with the
+\fIenvfile\fR
+flag and turn it on or off by setting the
+\fIreadenv\fR
+flag to 1 or 0 respectively.
+.SH "OPTIONS"
+.TP 3n
+\fBconffile=\fR\fB\fI/path/to/pam_env.conf\fR\fR
+Indicate an alternative
+\fIpam_env.conf\fR
+style configuration file to override the default. This can be useful when different services need different environments.
+.TP 3n
+\fBdebug\fR
+A lot of debug informations are printed with
+\fBsyslog\fR(3).
+.TP 3n
+\fBenvfile=\fR\fB\fI/path/to/environment\fR\fR
+Indicate an alternative
+\fIenvironment\fR
+file to override the default. This can be useful when different services need different environments.
+.TP 3n
+\fBreadenv=\fR\fB\fI0|1\fR\fR
+Turns on or off the reading of the file specified by envfile (0 is off, 1 is on). By default this option is on.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The
+\fBauth\fR
+and
+\fBsession\fR
+services are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_ABORT
+Not all relevant data or options could be gotten.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_IGNORE
+No pam_env.conf and environment file was found.
+.TP 3n
+PAM_SUCCESS
+Environment variables were set.
+.SH "FILES"
+.TP 3n
+\fI/etc/security/pam_env.conf\fR
+Default configuration file
+.TP 3n
+\fI/etc/environment\fR
+Default environment file
+.SH "SEE ALSO"
+.PP
+
+\fBpam_env.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8).
+.SH "AUTHOR"
+.PP
+pam_env was written by Dave Kinchlea <kinch@kinch.ark.com>.
diff --git a/Linux-PAM/modules/pam_env/pam_env.8.xml b/Linux-PAM/modules/pam_env/pam_env.8.xml
new file mode 100644
index 00000000..731c20b2
--- /dev/null
+++ b/Linux-PAM/modules/pam_env/pam_env.8.xml
@@ -0,0 +1,206 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_env'>
+
+ <refmeta>
+ <refentrytitle>pam_env</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_env-name'>
+ <refname>pam_env</refname>
+ <refpurpose>
+ PAM module to set/unset environment variables
+ </refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_env-cmdsynopsis">
+ <command>pam_env.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ conffile=<replaceable>conf-file</replaceable>
+ </arg>
+ <arg choice="opt">
+ envfile=<replaceable>env-file</replaceable>
+ </arg>
+ <arg choice="opt">
+ readenv=<replaceable>0|1</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_env-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_env PAM module allows the (un)setting of environment
+ variables. Supported is the use of previously set environment
+ variables as well as <emphasis>PAM_ITEM</emphasis>s such as
+ <emphasis>PAM_RHOST</emphasis>.
+ </para>
+ <para>
+ By default rules for (un)setting of variables is taken from the
+ config file <filename>/etc/security/pam_env.conf</filename> if
+ no other file is specified.
+ </para>
+ <para>
+ This module can also parse a file with simple
+ <emphasis>KEY=VAL</emphasis> pairs on seperate lines
+ (<filename>/etc/environment</filename> by default). You can
+ change the default file to parse, with the <emphasis>envfile</emphasis>
+ flag and turn it on or off by setting the <emphasis>readenv</emphasis>
+ flag to 1 or 0 respectively.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_env-options">
+ <title>OPTIONS</title>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>conffile=<replaceable>/path/to/pam_env.conf</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Indicate an alternative <filename>pam_env.conf</filename>
+ style configuration file to override the default. This can
+ be useful when different services need different environments.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ A lot of debug informations are printed with
+ <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>envfile=<replaceable>/path/to/environment</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Indicate an alternative <filename>environment</filename>
+ file to override the default. This can be useful when different
+ services need different environments.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>readenv=<replaceable>0|1</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Turns on or off the reading of the file specified by envfile
+ (0 is off, 1 is on). By default this option is on.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_env-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The <option>auth</option> and <option>session</option> services
+ are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_env-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ Not all relevant data or options could be gotten.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ No pam_env.conf and environment file was found.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Environment variables were set.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_env-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/security/pam_env.conf</filename></term>
+ <listitem>
+ <para>Default configuration file</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/environment</filename></term>
+ <listitem>
+ <para>Default environment file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_env-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_env.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_env-authors">
+ <title>AUTHOR</title>
+ <para>
+ pam_env was written by Dave Kinchlea &lt;kinch@kinch.ark.com&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_env/pam_env.c b/Linux-PAM/modules/pam_env/pam_env.c
index a3cf7684..1a41833c 100644
--- a/Linux-PAM/modules/pam_env/pam_env.c
+++ b/Linux-PAM/modules/pam_env/pam_env.c
@@ -1,21 +1,17 @@
-/* pam_mail module */
+/* pam_env module */
/*
- * $Id: pam_env.c,v 1.5 2004/09/15 12:06:17 kukuk Exp $
+ * $Id: pam_env.c,v 1.13 2005/12/12 14:45:00 ldv Exp $
*
* Written by Dave Kinchlea <kinch@kinch.ark.com> 1997/01/31
- * Inspired by Andrew Morgan <morgan@kernel.org>, who also supplied the
+ * Inspired by Andrew Morgan <morgan@kernel.org>, who also supplied the
* template for this file (via pam_mail)
*/
-#ifndef DEFAULT_CONF_FILE
-#define DEFAULT_CONF_FILE "/etc/security/pam_env.conf"
-#endif
-
#define DEFAULT_ETC_ENVFILE "/etc/environment"
-#define DEFAULT_READ_ENVFILE 0
+#define DEFAULT_READ_ENVFILE 1
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <ctype.h>
#include <errno.h>
@@ -43,6 +39,7 @@
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
+#include <security/pam_ext.h>
/* This little structure makes it easier to keep variables together */
@@ -59,34 +56,21 @@ typedef struct var {
#define GOOD_LINE 0
#define BAD_LINE 100 /* This must be > the largest PAM_* error code */
-#define DEFINE_VAR 101
+#define DEFINE_VAR 101
#define UNDEFINE_VAR 102
#define ILLEGAL_VAR 103
static int _assemble_line(FILE *, char *, int);
-static int _parse_line(char *, VAR *);
+static int _parse_line(const pam_handle_t *, char *, VAR *);
static int _check_var(pam_handle_t *, VAR *); /* This is the real meat */
-static void _clean_var(VAR *);
+static void _clean_var(VAR *);
static int _expand_arg(pam_handle_t *, char **);
static const char * _pam_get_item_byname(pam_handle_t *, const char *);
static int _define_var(pam_handle_t *, VAR *);
static int _undefine_var(pam_handle_t *, VAR *);
/* This is a flag used to designate an empty string */
-static char quote='Z';
-
-/* some syslogging */
-
-static void _log_err(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-env", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
+static char quote='Z';
/* argument parsing */
@@ -95,8 +79,9 @@ static void _log_err(int err, const char *format, ...)
#define PAM_ENV_SILENT 0x04
#define PAM_NEW_ENV_FILE 0x10
-static int _pam_parse(int flags, int argc, const char **argv, char **conffile,
- char **envfile, int *readenv)
+static int
+_pam_parse (const pam_handle_t *pamh, int argc, const char **argv,
+ const char **conffile, const char **envfile, int *readenv)
{
int ctrl=0;
@@ -109,59 +94,59 @@ static int _pam_parse(int flags, int argc, const char **argv, char **conffile,
if (!strcmp(*argv,"debug"))
ctrl |= PAM_DEBUG_ARG;
else if (!strncmp(*argv,"conffile=",9)) {
- *conffile = x_strdup(9+*argv);
- if (*conffile != NULL) {
+ *conffile = 9 + *argv;
+ if (**conffile != '\0') {
D(("new Configuration File: %s", *conffile));
ctrl |= PAM_NEW_CONF_FILE;
} else {
- _log_err(LOG_CRIT,
- "Configuration file specification missing argument - ignored");
+ pam_syslog(pamh, LOG_ERR,
+ "conffile= specification missing argument - ignored");
}
} else if (!strncmp(*argv,"envfile=",8)) {
- *envfile = x_strdup(8+*argv);
- if (*envfile != NULL) {
+ *envfile = 8 + *argv;
+ if (**envfile != '\0') {
D(("new Env File: %s", *envfile));
ctrl |= PAM_NEW_ENV_FILE;
} else {
- _log_err(LOG_CRIT,
- "Env file specification missing argument - ignored");
+ pam_syslog (pamh, LOG_ERR,
+ "envfile= specification missing argument - ignored");
}
} else if (!strncmp(*argv,"readenv=",8))
*readenv = atoi(8+*argv);
else
- _log_err(LOG_ERR,"pam_parse: unknown option; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
return ctrl;
}
-static int _parse_config_file(pam_handle_t *pamh, int ctrl, char **conffile)
+static int
+_parse_config_file(pam_handle_t *pamh, int ctrl, const char *conffile)
{
int retval;
const char *file;
char buffer[BUF_SIZE];
FILE *conf;
- VAR Var, *var=&Var;
+ VAR Var, *var=&Var;
var->name=NULL; var->defval=NULL; var->override=NULL;
D(("Called."));
if (ctrl & PAM_NEW_CONF_FILE) {
- file = *conffile;
+ file = conffile;
} else {
file = DEFAULT_CONF_FILE;
}
D(("Config file name is: %s", file));
- /*
- * Lets try to open the config file, parse it and process
+ /*
+ * Lets try to open the config file, parse it and process
* any variables found.
*/
if ((conf = fopen(file,"r")) == NULL) {
- _log_err(LOG_ERR, "Unable to open config file: %s",
- strerror(errno));
+ pam_syslog(pamh, LOG_ERR, "Unable to open config file: %s: %m", file);
return PAM_IGNORE;
}
@@ -172,36 +157,34 @@ static int _parse_config_file(pam_handle_t *pamh, int ctrl, char **conffile)
while (( retval = _assemble_line(conf, buffer, BUF_SIZE)) > 0) {
D(("Read line: %s", buffer));
- if ((retval = _parse_line(buffer, var)) == GOOD_LINE) {
+ if ((retval = _parse_line(pamh, buffer, var)) == GOOD_LINE) {
retval = _check_var(pamh, var);
if (DEFINE_VAR == retval) {
- retval = _define_var(pamh, var);
+ retval = _define_var(pamh, var);
} else if (UNDEFINE_VAR == retval) {
- retval = _undefine_var(pamh, var);
- }
- }
- if (PAM_SUCCESS != retval && ILLEGAL_VAR != retval
+ retval = _undefine_var(pamh, var);
+ }
+ }
+ if (PAM_SUCCESS != retval && ILLEGAL_VAR != retval
&& BAD_LINE != retval && PAM_BAD_ITEM != retval) break;
-
- _clean_var(var);
+
+ _clean_var(var);
} /* while */
-
+
(void) fclose(conf);
/* tidy up */
_clean_var(var); /* We could have got here prematurely,
* this is safe though */
- _pam_overwrite(*conffile);
- _pam_drop(*conffile);
- file = NULL;
D(("Exit."));
return (retval != 0 ? PAM_ABORT : PAM_SUCCESS);
}
-static int _parse_env_file(pam_handle_t *pamh, int ctrl, char **env_file)
+static int
+_parse_env_file(pam_handle_t *pamh, int ctrl, const char *env_file)
{
int retval=PAM_SUCCESS, i, t;
const char *file;
@@ -209,15 +192,15 @@ static int _parse_env_file(pam_handle_t *pamh, int ctrl, char **env_file)
FILE *conf;
if (ctrl & PAM_NEW_ENV_FILE)
- file = *env_file;
+ file = env_file;
else
file = DEFAULT_ETC_ENVFILE;
D(("Env file name is: %s", file));
if ((conf = fopen(file,"r")) == NULL) {
- D(("Unable to open env file: %s", strerror(errno)));
- return PAM_ABORT;
+ pam_syslog(pamh, LOG_ERR, "Unable to open env file: %s: %m", file);
+ return PAM_IGNORE;
}
while (_assemble_line(conf, buffer, BUF_SIZE) > 0) {
@@ -272,15 +255,12 @@ static int _parse_env_file(pam_handle_t *pamh, int ctrl, char **env_file)
break;
}
}
-
+
(void) fclose(conf);
/* tidy up */
- _pam_overwrite(*env_file);
- _pam_drop(*env_file);
- file = NULL;
D(("Exit."));
- return (retval != 0 ? PAM_IGNORE : PAM_SUCCESS);
+ return retval;
}
/*
@@ -365,43 +345,44 @@ static int _assemble_line(FILE *f, char *buffer, int buf_len)
return used;
}
-static int _parse_line(char *buffer, VAR *var)
+static int
+_parse_line (const pam_handle_t *pamh, char *buffer, VAR *var)
{
- /*
- * parse buffer into var, legal syntax is
+ /*
+ * parse buffer into var, legal syntax is
* VARIABLE [DEFAULT=[[string]] [OVERRIDE=[value]]
*
- * Any other options defined make this a bad line,
+ * Any other options defined make this a bad line,
* error logged and no var set
*/
-
+
int length, quoteflg=0;
- char *ptr, **valptr, *tmpptr;
-
+ char *ptr, **valptr, *tmpptr;
+
D(("Called buffer = <%s>", buffer));
length = strcspn(buffer," \t\n");
-
+
if ((var->name = malloc(length + 1)) == NULL) {
- _log_err(LOG_ERR, "Couldn't malloc %d bytes", length+1);
+ pam_syslog(pamh, LOG_ERR, "Couldn't malloc %d bytes", length+1);
return PAM_BUF_ERR;
}
-
- /*
- * The first thing on the line HAS to be the variable name,
+
+ /*
+ * The first thing on the line HAS to be the variable name,
* it may be the only thing though.
*/
strncpy(var->name, buffer, length);
var->name[length] = '\0';
D(("var->name = <%s>, length = %d", var->name, length));
- /*
+ /*
* Now we check for arguments, we only support two kinds and ('cause I am lazy)
* each one can actually be listed any number of times
*/
-
+
ptr = buffer+length;
- while ((length = strspn(ptr, " \t")) > 0) {
+ while ((length = strspn(ptr, " \t")) > 0) {
ptr += length; /* remove leading whitespace */
D((ptr));
if (strncmp(ptr,"DEFAULT=",8) == 0) {
@@ -414,24 +395,24 @@ static int _parse_line(char *buffer, VAR *var)
valptr=&(var->override);
} else {
D(("Unrecognized options: <%s> - ignoring line", ptr));
- _log_err(LOG_ERR, "Unrecognized Option: %s - ignoring line", ptr);
+ pam_syslog(pamh, LOG_ERR, "Unrecognized Option: %s - ignoring line", ptr);
return BAD_LINE;
}
-
+
if ('"' != *ptr) { /* Escaped quotes not supported */
length = strcspn(ptr, " \t\n");
tmpptr = ptr+length;
} else {
- tmpptr = strchr(++ptr, '"');
+ tmpptr = strchr(++ptr, '"');
if (!tmpptr) {
D(("Unterminated quoted string: %s", ptr-1));
- _log_err(LOG_ERR, "Unterminated quoted string: %s", ptr-1);
+ pam_syslog(pamh, LOG_ERR, "Unterminated quoted string: %s", ptr-1);
return BAD_LINE;
}
- length = tmpptr - ptr;
+ length = tmpptr - ptr;
if (*++tmpptr && ' ' != *tmpptr && '\t' != *tmpptr && '\n' != *tmpptr) {
D(("Quotes must cover the entire string: <%s>", ptr));
- _log_err(LOG_ERR, "Quotes must cover the entire string: <%s>", ptr);
+ pam_syslog(pamh, LOG_ERR, "Quotes must cover the entire string: <%s>", ptr);
return BAD_LINE;
}
quoteflg++;
@@ -439,7 +420,7 @@ static int _parse_line(char *buffer, VAR *var)
if (length) {
if ((*valptr = malloc(length + 1)) == NULL) {
D(("Couldn't malloc %d bytes", length+1));
- _log_err(LOG_ERR, "Couldn't malloc %d bytes", length+1);
+ pam_syslog(pamh, LOG_ERR, "Couldn't malloc %d bytes", length+1);
return PAM_BUF_ERR;
}
(void)strncpy(*valptr,ptr,length);
@@ -449,11 +430,11 @@ static int _parse_line(char *buffer, VAR *var)
}
ptr = tmpptr; /* Start the search where we stopped */
} /* while */
-
- /*
+
+ /*
* The line is parsed, all is well.
*/
-
+
D(("Exit."));
ptr = NULL; tmpptr = NULL; valptr = NULL;
return GOOD_LINE;
@@ -461,16 +442,16 @@ static int _parse_line(char *buffer, VAR *var)
static int _check_var(pam_handle_t *pamh, VAR *var)
{
- /*
- * Examine the variable and determine what action to take.
+ /*
+ * Examine the variable and determine what action to take.
* Returns DEFINE_VAR, UNDEFINE_VAR depending on action to take
* or a PAM_* error code if passed back from other routines
*
* if no DEFAULT provided, the empty string is assumed
* if no OVERRIDE provided, the empty string is assumed
- * if DEFAULT= and OVERRIDE evaluates to the empty string,
+ * if DEFAULT= and OVERRIDE evaluates to the empty string,
* this variable should be undefined
- * if DEFAULT="" and OVERRIDE evaluates to the empty string,
+ * if DEFAULT="" and OVERRIDE evaluates to the empty string,
* this variable should be defined with no value
* if OVERRIDE=value and value turns into the empty string, DEFAULT is used
*
@@ -498,18 +479,18 @@ static int _check_var(pam_handle_t *pamh, VAR *var)
}
/* Now its easy */
-
- if (var->override && *(var->override) && &quote != var->override) {
+
+ if (var->override && *(var->override) && &quote != var->override) {
/* if there is a non-empty string in var->override, we use it */
D(("OVERRIDE variable <%s> being used: <%s>", var->name, var->override));
var->value = var->override;
retval = DEFINE_VAR;
} else {
-
+
var->value = var->defval;
if (&quote == var->defval) {
- /*
- * This means that the empty string was given for defval value
+ /*
+ * This means that the empty string was given for defval value
* which indicates that a variable should be defined with no value
*/
*var->defval = '\0';
@@ -531,12 +512,12 @@ static int _check_var(pam_handle_t *pamh, VAR *var)
static int _expand_arg(pam_handle_t *pamh, char **value)
{
const char *orig=*value, *tmpptr=NULL;
- char *ptr; /*
- * Sure would be nice to use tmpptr but it needs to be
+ char *ptr; /*
+ * Sure would be nice to use tmpptr but it needs to be
* a constant so that the compiler will shut up when I
* call pam_getenv and _pam_get_item_byname -- sigh
*/
-
+
/* No unexpanded variable can be bigger than BUF_SIZE */
char type, tmpval[BUF_SIZE];
@@ -546,11 +527,11 @@ static int _expand_arg(pam_handle_t *pamh, char **value)
D(("Remember to initialize tmp!"));
memset(tmp, 0, MAX_ENV);
- /*
+ /*
* (possibly non-existent) environment variables can be used as values
* by prepending a "$" and wrapping in {} (ie: ${HOST}), can escape with "\"
- * (possibly non-existent) PAM items can be used as values
- * by prepending a "@" and wrapping in {} (ie: @{PAM_RHOST}, can escape
+ * (possibly non-existent) PAM items can be used as values
+ * by prepending a "@" and wrapping in {} (ie: @{PAM_RHOST}, can escape
*
*/
D(("Expanding <%s>",orig));
@@ -559,23 +540,24 @@ static int _expand_arg(pam_handle_t *pamh, char **value)
++orig;
if ('$' != *orig && '@' != *orig) {
D(("Unrecognized escaped character: <%c> - ignoring", *orig));
- _log_err(LOG_ERR, "Unrecognized escaped character: <%c> - ignoring",
- *orig);
+ pam_syslog(pamh, LOG_ERR,
+ "Unrecognized escaped character: <%c> - ignoring",
+ *orig);
} else if ((strlen(tmp) + 1) < MAX_ENV) {
tmp[strlen(tmp)] = *orig++; /* Note the increment */
} else {
/* is it really a good idea to try to log this? */
D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr));
- _log_err(LOG_ERR, "Variable buffer overflow: <%s> + <%s>",
+ pam_syslog (pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>",
tmp, tmpptr);
}
continue;
- }
+ }
if ('$' == *orig || '@' == *orig) {
if ('{' != *(orig+1)) {
D(("Expandable variables must be wrapped in {}"
" <%s> - ignoring", orig));
- _log_err(LOG_ERR, "Expandable variables must be wrapped in {}"
+ pam_syslog(pamh, LOG_ERR, "Expandable variables must be wrapped in {}"
" <%s> - ignoring", orig);
if ((strlen(tmp) + 1) < MAX_ENV) {
tmp[strlen(tmp)] = *orig++; /* Note the increment */
@@ -586,28 +568,29 @@ static int _expand_arg(pam_handle_t *pamh, char **value)
type = *orig;
orig+=2; /* skip the ${ or @{ characters */
ptr = strchr(orig, '}');
- if (ptr) {
+ if (ptr) {
*ptr++ = '\0';
} else {
D(("Unterminated expandable variable: <%s>", orig-2));
- _log_err(LOG_ERR, "Unterminated expandable variable: <%s>", orig-2);
+ pam_syslog(pamh, LOG_ERR,
+ "Unterminated expandable variable: <%s>", orig-2);
return PAM_ABORT;
}
strncpy(tmpval, orig, sizeof(tmpval));
tmpval[sizeof(tmpval)-1] = '\0';
orig=ptr;
- /*
- * so, we know we need to expand tmpval, it is either
+ /*
+ * so, we know we need to expand tmpval, it is either
* an environment variable or a PAM_ITEM. type will tell us which
*/
switch (type) {
-
+
case '$':
D(("Expanding env var: <%s>",tmpval));
tmpptr = pam_getenv(pamh, tmpval);
D(("Expanded to <%s>", tmpptr));
break;
-
+
case '@':
D(("Expanding pam item: <%s>",tmpval));
tmpptr = _pam_get_item_byname(pamh, tmpval);
@@ -616,17 +599,18 @@ static int _expand_arg(pam_handle_t *pamh, char **value)
default:
D(("Impossible error, type == <%c>", type));
- _log_err(LOG_CRIT, "Impossible error, type == <%c>", type);
+ pam_syslog(pamh, LOG_CRIT, "Impossible error, type == <%c>", type);
return PAM_ABORT;
} /* switch */
-
+
if (tmpptr) {
if ((strlen(tmp) + strlen(tmpptr)) < MAX_ENV) {
strcat(tmp, tmpptr);
} else {
/* is it really a good idea to try to log this? */
D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr));
- _log_err(LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr);
+ pam_syslog (pamh, LOG_ERR,
+ "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr);
}
}
} /* if ('{' != *orig++) */
@@ -636,7 +620,8 @@ static int _expand_arg(pam_handle_t *pamh, char **value)
} else {
/* is it really a good idea to try to log this? */
D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr));
- _log_err(LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr);
+ pam_syslog(pamh, LOG_ERR,
+ "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr);
}
}
} /* for (;*orig;) */
@@ -645,8 +630,8 @@ static int _expand_arg(pam_handle_t *pamh, char **value)
free(*value);
if ((*value = malloc(strlen(tmp) +1)) == NULL) {
D(("Couldn't malloc %d bytes for expanded var", strlen(tmp)+1));
- _log_err(LOG_ERR,"Couldn't malloc %d bytes for expanded var",
- strlen(tmp)+1);
+ pam_syslog (pamh, LOG_ERR, "Couldn't malloc %lu bytes for expanded var",
+ (unsigned long)strlen(tmp)+1);
return PAM_BUF_ERR;
}
}
@@ -659,13 +644,13 @@ static int _expand_arg(pam_handle_t *pamh, char **value)
static const char * _pam_get_item_byname(pam_handle_t *pamh, const char *name)
{
- /*
+ /*
* This function just allows me to use names as given in the config
* file and translate them into the appropriate PAM_ITEM macro
*/
int item;
- const char *itemval;
+ const void *itemval;
D(("Called."));
if (strcmp(name, "PAM_USER") == 0) {
@@ -680,11 +665,11 @@ static const char * _pam_get_item_byname(pam_handle_t *pamh, const char *name)
item = PAM_RHOST;
} else {
D(("Unknown PAM_ITEM: <%s>", name));
- _log_err(LOG_ERR, "Unknown PAM_ITEM: <%s>", name);
+ pam_syslog (pamh, LOG_ERR, "Unknown PAM_ITEM: <%s>", name);
return NULL;
}
-
- if (pam_get_item(pamh, item, (const void **)&itemval) != PAM_SUCCESS) {
+
+ if (pam_get_item(pamh, item, &itemval) != PAM_SUCCESS) {
D(("pam_get_item failed"));
return NULL; /* let pam_get_item() log the error */
}
@@ -695,20 +680,18 @@ static const char * _pam_get_item_byname(pam_handle_t *pamh, const char *name)
static int _define_var(pam_handle_t *pamh, VAR *var)
{
/* We have a variable to define, this is a simple function */
-
+
char *envvar;
- int size, retval=PAM_SUCCESS;
-
+ int retval = PAM_SUCCESS;
+
D(("Called."));
- size = strlen(var->name)+strlen(var->value)+2;
- if ((envvar = malloc(size)) == NULL) {
- D(("Malloc fail, size = %d", size));
- _log_err(LOG_ERR, "Malloc fail, size = %d", size);
+ if (asprintf(&envvar, "%s=%s", var->name, var->value) < 0) {
+ pam_syslog(pamh, LOG_ERR, "out of memory");
return PAM_BUF_ERR;
}
- (void) sprintf(envvar,"%s=%s",var->name,var->value);
+
retval = pam_putenv(pamh, envvar);
- free(envvar); envvar=NULL;
+ _pam_drop(envvar);
D(("Exit."));
return retval;
}
@@ -716,7 +699,7 @@ static int _define_var(pam_handle_t *pamh, VAR *var)
static int _undefine_var(pam_handle_t *pamh, VAR *var)
{
/* We have a variable to undefine, this is a simple function */
-
+
D(("Called and exit."));
return pam_putenv(pamh, var->name);
}
@@ -724,13 +707,13 @@ static int _undefine_var(pam_handle_t *pamh, VAR *var)
static void _clean_var(VAR *var)
{
if (var->name) {
- free(var->name);
+ free(var->name);
}
if (var->defval && (&quote != var->defval)) {
- free(var->defval);
+ free(var->defval);
}
if (var->override && (&quote != var->override)) {
- free(var->override);
+ free(var->override);
}
var->name = NULL;
var->value = NULL; /* never has memory specific to it */
@@ -743,84 +726,90 @@ static void _clean_var(VAR *var)
/* --- authentication management functions (only) --- */
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
-{
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
return PAM_IGNORE;
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
int retval, ctrl, readenv=DEFAULT_READ_ENVFILE;
- char *conf_file=NULL, *env_file=NULL;
+ const char *conf_file = NULL, *env_file = NULL;
/*
* this module sets environment variables read in from a file
*/
-
+
D(("Called."));
- ctrl = _pam_parse(flags, argc, argv, &conf_file, &env_file, &readenv);
+ ctrl = _pam_parse(pamh, argc, argv, &conf_file, &env_file, &readenv);
- retval = _parse_config_file(pamh, ctrl, &conf_file);
+ retval = _parse_config_file(pamh, ctrl, conf_file);
- if(readenv && retval == PAM_SUCCESS)
- retval = _parse_env_file(pamh, ctrl, &env_file);
+ if(readenv && retval == PAM_SUCCESS) {
+ retval = _parse_env_file(pamh, ctrl, env_file);
+ if (retval == PAM_IGNORE)
+ retval = PAM_SUCCESS;
+ }
/* indicate success or failure */
-
+
D(("Exit."));
return retval;
}
-PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_acct_mgmt (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
- _log_err(LOG_NOTICE, "pam_sm_acct_mgmt called inappropriatly");
+ pam_syslog (pamh, LOG_NOTICE, "pam_sm_acct_mgmt called inappropriately");
return PAM_SERVICE_ERR;
}
-
-PAM_EXTERN
-int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+
+PAM_EXTERN int
+pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
int retval, ctrl, readenv=DEFAULT_READ_ENVFILE;
- char *conf_file=NULL, *env_file=NULL;
-
+ const char *conf_file = NULL, *env_file = NULL;
+
/*
* this module sets environment variables read in from a file
*/
-
+
D(("Called."));
- ctrl = _pam_parse(flags, argc, argv, &conf_file, &env_file, &readenv);
-
- retval = _parse_config_file(pamh, ctrl, &conf_file);
-
- if(readenv && retval == PAM_SUCCESS)
- retval = _parse_env_file(pamh, ctrl, &env_file);
+ ctrl = _pam_parse(pamh, argc, argv, &conf_file, &env_file, &readenv);
+
+ retval = _parse_config_file(pamh, ctrl, conf_file);
+
+ if(readenv && retval == PAM_SUCCESS) {
+ retval = _parse_env_file(pamh, ctrl, env_file);
+ if (retval == PAM_IGNORE)
+ retval = PAM_SUCCESS;
+ }
/* indicate success or failure */
-
+
D(("Exit."));
return retval;
}
-PAM_EXTERN
-int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_close_session (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
D(("Called and Exit"));
return PAM_SUCCESS;
}
-PAM_EXTERN
-int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_chauthtok (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
- _log_err(LOG_NOTICE, "pam_sm_chauthtok called inappropriatly");
+ pam_syslog (pamh, LOG_NOTICE, "pam_sm_chauthtok called inappropriately");
return PAM_SERVICE_ERR;
}
diff --git a/Linux-PAM/modules/pam_env/pam_env.conf-example b/Linux-PAM/modules/pam_env/pam_env.conf
index 612a31c2..d0ba35c2 100644
--- a/Linux-PAM/modules/pam_env/pam_env.conf-example
+++ b/Linux-PAM/modules/pam_env/pam_env.conf
@@ -1,6 +1,3 @@
-# $Date: 2004/11/16 14:27:41 $
-# $Author: toady $
-# $Id: pam_env.conf-example,v 1.2 2004/11/16 14:27:41 toady Exp $
#
# This is the configuration file for pam_env, a PAM module to load in
# a configurable list of environment variables for a
diff --git a/Linux-PAM/modules/pam_env/pam_env.conf.5 b/Linux-PAM/modules/pam_env/pam_env.conf.5
new file mode 100644
index 00000000..17c1a19d
--- /dev/null
+++ b/Linux-PAM/modules/pam_env/pam_env.conf.5
@@ -0,0 +1,87 @@
+.\" Title: pam_env.conf
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/21/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_ENV.CONF" "5" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_env.conf \- the environment variables config file
+.SH "DESCRIPTION"
+.PP
+The
+\fI/etc/security/pam_env.conf\fR
+file specifies the environment variables to be set, unset or modified by
+\fBpam_env\fR(8). When someone logs in, this file is read and the environment variables are set according.
+.PP
+Each line starts with the variable name, there are then two possible options for each variable DEFAULT and OVERRIDE. DEFAULT allows and administrator to set the value of the variable to some default value, if none is supplied then the empty string is assumed. The OVERRIDE option tells pam_env that it should enter in its value (overriding the default value) if there is one to use. OVERRIDE is not used, "" is assumed and no override will be done.
+.PP
+
+\fIVARIABLE\fR
+[\fIDEFAULT=[value]\fR] [\fIOVERRIDE=[value]\fR]
+.PP
+(Possibly non\-existent) environment variables may be used in values using the ${string} syntax and (possibly non\-existent) PAM_ITEMs may be used in values using the @{string} syntax. Both the $ and @ characters can be backslash escaped to be used as literal values values can be delimited with "", escaped " not supported. Note that many environment variables that you would like to use may not be set by the time the module is called. For example, HOME is used below several times, but many PAM applications don't make it available by the time you need it.
+.PP
+The "\fI#\fR" character at start of line (no space at front) can be used to mark this line as a comment line.
+.SH "EXAMPLES"
+.PP
+These are some example lines which might be specified in
+\fI/etc/security/pam_env.conf\fR.
+.PP
+Set the REMOTEHOST variable for any hosts that are remote, default to "localhost" rather than not being set at all
+.sp
+.RS 3n
+.nf
+ REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
+
+.fi
+.RE
+.PP
+Set the DISPLAY variable if it seems reasonable
+.sp
+.RS 3n
+.nf
+ DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
+
+.fi
+.RE
+.PP
+Now some simple variables
+.sp
+.RS 3n
+.nf
+ PAGER DEFAULT=less
+ MANPAGER DEFAULT=less
+ LESS DEFAULT="M q e h15 z23 b80"
+ NNTPSERVER DEFAULT=localhost
+ PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\\
+ :/usr/bin:/usr/local/bin/X11:/usr/bin/X11
+
+.fi
+.RE
+.PP
+Silly examples of escaped variables, just to show how they work.
+.sp
+.RS 3n
+.nf
+ DOLLAR DEFAULT=\\$
+ DOLLARDOLLAR DEFAULT= OVERRIDE=\\$${DOLLAR}
+ DOLLARPLUS DEFAULT=\\${REMOTEHOST}${REMOTEHOST}
+ ATSIGN DEFAULT="" OVERRIDE=\\@
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBpam_env\fR(8),
+\fBpam.d\fR(5),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_env was written by Dave Kinchlea <kinch@kinch.ark.com>.
diff --git a/Linux-PAM/modules/pam_env/pam_env.conf.5.xml b/Linux-PAM/modules/pam_env/pam_env.conf.5.xml
new file mode 100644
index 00000000..090e0e75
--- /dev/null
+++ b/Linux-PAM/modules/pam_env/pam_env.conf.5.xml
@@ -0,0 +1,123 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_env.conf">
+
+ <refmeta>
+ <refentrytitle>pam_env.conf</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv>
+ <refname>pam_env.conf</refname>
+ <refpurpose>the environment variables config file</refpurpose>
+ </refnamediv>
+
+
+ <refsect1 id='pam_env.conf-description'>
+ <title>DESCRIPTION</title>
+
+ <para>
+ The <filename>/etc/security/pam_env.conf</filename> file specifies
+ the environment variables to be set, unset or modified by
+ <citerefentry><refentrytitle>pam_env</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
+ When someone logs in, this file is read and the environment
+ variables are set according.
+ </para>
+ <para>
+ Each line starts with the variable name, there are then two possible
+ options for each variable DEFAULT and OVERRIDE. DEFAULT allows and
+ administrator to set the value of the variable to some default
+ value, if none is supplied then the empty string is assumed. The
+ OVERRIDE option tells pam_env that it should enter in its value
+ (overriding the default value) if there is one to use. OVERRIDE is
+ not used, "" is assumed and no override will be done.
+ </para>
+ <para>
+ <replaceable>VARIABLE</replaceable>
+ [<replaceable>DEFAULT=[value]</replaceable>]
+ [<replaceable>OVERRIDE=[value]</replaceable>]
+ </para>
+
+ <para>
+ (Possibly non-existent) environment variables may be used in values
+ using the ${string} syntax and (possibly non-existent) PAM_ITEMs may
+ be used in values using the @{string} syntax. Both the $ and @
+ characters can be backslash escaped to be used as literal values
+ values can be delimited with "", escaped " not supported.
+ Note that many environment variables that you would like to use
+ may not be set by the time the module is called.
+ For example, HOME is used below several times, but
+ many PAM applications don't make it available by the time you need it.
+ </para>
+
+ <para>
+ The "<emphasis>#</emphasis>" character at start of line (no space
+ at front) can be used to mark this line as a comment line.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_env.conf-examples">
+ <title>EXAMPLES</title>
+ <para>
+ These are some example lines which might be specified in
+ <filename>/etc/security/pam_env.conf</filename>.
+ </para>
+
+ <para>
+ Set the REMOTEHOST variable for any hosts that are remote, default
+ to "localhost" rather than not being set at all
+ </para>
+ <programlisting>
+ REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
+ </programlisting>
+
+ <para>
+ Set the DISPLAY variable if it seems reasonable
+ </para>
+ <programlisting>
+ DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
+ </programlisting>
+
+ <para>
+ Now some simple variables
+ </para>
+ <programlisting>
+ PAGER DEFAULT=less
+ MANPAGER DEFAULT=less
+ LESS DEFAULT="M q e h15 z23 b80"
+ NNTPSERVER DEFAULT=localhost
+ PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\
+ :/usr/bin:/usr/local/bin/X11:/usr/bin/X11
+ </programlisting>
+
+ <para>
+ Silly examples of escaped variables, just to show how they work.
+ </para>
+ <programlisting>
+ DOLLAR DEFAULT=\$
+ DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR}
+ DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST}
+ ATSIGN DEFAULT="" OVERRIDE=\@
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id="pam_env.conf-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry><refentrytitle>pam_env</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_env.conf-author">
+ <title>AUTHOR</title>
+ <para>
+ pam_env was written by Dave Kinchlea &lt;kinch@kinch.ark.com&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_env/tst-pam_env b/Linux-PAM/modules/pam_env/tst-pam_env
new file mode 100755
index 00000000..c40e70a8
--- /dev/null
+++ b/Linux-PAM/modules/pam_env/tst-pam_env
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_env.so
diff --git a/Linux-PAM/modules/pam_exec/Makefile.am b/Linux-PAM/modules/pam_exec/Makefile.am
new file mode 100644
index 00000000..4fc28b28
--- /dev/null
+++ b/Linux-PAM/modules/pam_exec/Makefile.am
@@ -0,0 +1,34 @@
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_exec
+
+man_MANS = pam_exec.8
+
+XMLS = README.xml pam_exec.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_exec.la
+
+if ENABLE_REGENERATE_MAN
+
+noinst_DATA = README
+
+README: pam_exec.8.xml
+
+-include $(top_srcdir)/Make.xml.rules
+endif
+
+TESTS = tst-pam_exec
diff --git a/Linux-PAM/modules/pam_exec/Makefile.in b/Linux-PAM/modules/pam_exec/Makefile.in
new file mode 100644
index 00000000..34f7ac51
--- /dev/null
+++ b/Linux-PAM/modules/pam_exec/Makefile.in
@@ -0,0 +1,667 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_exec
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_exec_la_LIBADD =
+pam_exec_la_SOURCES = pam_exec.c
+pam_exec_la_OBJECTS = pam_exec.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_exec.c
+DIST_SOURCES = pam_exec.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_exec
+man_MANS = pam_exec.8
+XMLS = README.xml pam_exec.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_exec.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+TESTS = tst-pam_exec
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_exec/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_exec/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_exec.la: $(pam_exec_la_OBJECTS) $(pam_exec_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_exec_la_OBJECTS) $(pam_exec_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_exec.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_exec.8.xml
+
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_exec/README b/Linux-PAM/modules/pam_exec/README
new file mode 100644
index 00000000..8ff9a742
--- /dev/null
+++ b/Linux-PAM/modules/pam_exec/README
@@ -0,0 +1,42 @@
+pam_exec — PAM module which calls an external command
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_exec is a PAM module that can be used to run an external command.
+
+OPTIONS
+
+debug
+
+ Print debug information.
+
+log=file
+
+ The output of the command is appended to file
+
+seteuid
+
+ Per default pam_exec.so will execute the external command with the real
+ user ID of the calling process. Specifying this option means the command is
+ run with the effective user ID.
+
+EXAMPLES
+
+Add the following line to /etc/pam.d/passwd to rebuild the NIS database after
+each local password change:
+
+ passwd optional pam_exec.so seteuid make -C /var/yp
+
+
+This will execute the command
+
+make -C /var/yp
+
+with effective user ID.
+
+AUTHOR
+
+pam_exec was written by Thorsten Kukuk <kukuk@thkukuk.de>.
+
diff --git a/Linux-PAM/modules/pam_exec/README.xml b/Linux-PAM/modules/pam_exec/README.xml
new file mode 100644
index 00000000..5e76cab3
--- /dev/null
+++ b/Linux-PAM/modules/pam_exec/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_exec.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_exec.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_exec-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_exec.8.xml" xpointer='xpointer(//refsect1[@id = "pam_exec-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_exec.8.xml" xpointer='xpointer(//refsect1[@id = "pam_exec-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_exec.8.xml" xpointer='xpointer(//refsect1[@id = "pam_exec-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_exec.8.xml" xpointer='xpointer(//refsect1[@id = "pam_exec-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_exec/pam_exec.8 b/Linux-PAM/modules/pam_exec/pam_exec.8
new file mode 100644
index 00000000..ae8f8a46
--- /dev/null
+++ b/Linux-PAM/modules/pam_exec/pam_exec.8
@@ -0,0 +1,88 @@
+.\" Title: pam_exec
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/09/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_EXEC" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_exec \- PAM module which calls an external command
+.SH "SYNOPSIS"
+.HP 12
+\fBpam_exec.so\fR [debug] [seteuid] [log=\fIfile\fR] \fIcommand\fR [\fI...\fR]
+.SH "DESCRIPTION"
+.PP
+pam_exec is a PAM module that can be used to run an external command.
+.SH "OPTIONS"
+.PP
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBlog=\fR\fB\fIfile\fR\fR
+The output of the command is appended to
+\fIfile\fR
+.TP 3n
+\fBseteuid\fR
+Per default pam_exec.so will execute the external command with the real user ID of the calling process. Specifying this option means the command is run with the effective user ID.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The services
+\fBauth\fR,
+\fBaccount\fR,
+\fBpassword\fR
+and
+\fBsession\fR
+are supported.
+.SH "RETURN VALUES"
+.PP
+.TP 3n
+PAM_SUCCESS
+The external command runs successfull.
+.TP 3n
+PAM_SERVICE_ERR
+No argument or a wrong number of arguments were given.
+.TP 3n
+PAM_SYSTEM_ERR
+A system error occured or the command to execute failed.
+.TP 3n
+PAM_IGNORE
+
+\fBpam_setcred\fR
+was called, which does not execute the command.
+.SH "EXAMPLES"
+.PP
+Add the following line to
+\fI/etc/pam.d/passwd\fR
+to rebuild the NIS database after each local password change:
+.sp
+.RS 3n
+.nf
+ passwd optional pam_exec.so seteuid make \-C /var/yp
+
+.fi
+.RE
+.sp
+This will execute the command
+.sp
+.RS 3n
+.nf
+make \-C /var/yp
+.fi
+.RE
+.sp
+with effective user ID.
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_exec was written by Thorsten Kukuk <kukuk@thkukuk.de>.
diff --git a/Linux-PAM/modules/pam_exec/pam_exec.8.xml b/Linux-PAM/modules/pam_exec/pam_exec.8.xml
new file mode 100644
index 00000000..1e8bb0ba
--- /dev/null
+++ b/Linux-PAM/modules/pam_exec/pam_exec.8.xml
@@ -0,0 +1,189 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_exec">
+
+ <refmeta>
+ <refentrytitle>pam_exec</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_exec-name">
+ <refname>pam_exec</refname>
+ <refpurpose>PAM module which calls an external command</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_exec-cmdsynopsis">
+ <command>pam_exec.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ seteuid
+ </arg>
+ <arg choice="opt">
+ log=<replaceable>file</replaceable>
+ </arg>
+ <arg choice="plain">
+ <replaceable>command</replaceable>
+ </arg>
+ <arg choice="opt">
+ <replaceable>...</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_exec-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_exec is a PAM module that can be used to run
+ an external command.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_exec-options">
+
+ <title>OPTIONS</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>log=<replaceable>file</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The output of the command is appended to
+ <filename>file</filename>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>seteuid</option>
+ </term>
+ <listitem>
+ <para>
+ Per default pam_exec.so will execute the external command
+ with the real user ID of the calling process.
+ Specifying this option means the command is run
+ with the effective user ID.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_exec-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The services <option>auth</option>, <option>account</option>,
+ <option>password</option> and <option>session</option> are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_exec-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The external command runs successfull.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ No argument or a wrong number of arguments were given.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ A system error occured or the command to execute failed.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ <function>pam_setcred</function> was called, which
+ does not execute the command.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_exec-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add the following line to <filename>/etc/pam.d/passwd</filename> to
+ rebuild the NIS database after each local password change:
+ <programlisting>
+ passwd optional pam_exec.so seteuid make -C /var/yp
+ </programlisting>
+
+ This will execute the command
+ <programlisting>make -C /var/yp</programlisting>
+ with effective user ID.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_exec-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_exec-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_exec was written by Thorsten Kukuk &lt;kukuk@thkukuk.de&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_exec/pam_exec.c b/Linux-PAM/modules/pam_exec/pam_exec.c
new file mode 100644
index 00000000..34ba7404
--- /dev/null
+++ b/Linux-PAM/modules/pam_exec/pam_exec.c
@@ -0,0 +1,285 @@
+/*
+ * Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#if defined(HAVE_CONFIG_H)
+#include "config.h"
+#endif
+
+#include <time.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <string.h>
+#include <syslog.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <sys/wait.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+
+
+#define PAM_SM_AUTH
+#define PAM_SM_ACCOUNT
+#define PAM_SM_SESSION
+#define PAM_SM_PASSWORD
+
+#include <security/pam_modules.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
+
+static int
+call_exec (pam_handle_t *pamh, int argc, const char **argv)
+{
+ int debug = 0;
+ int call_setuid = 0;
+ int optargc;
+ const char *logfile = NULL;
+ pid_t pid;
+
+ if (argc < 1) {
+ pam_syslog (pamh, LOG_ERR,
+ "This module needs at least one argument");
+ return PAM_SERVICE_ERR;
+ }
+
+ for (optargc = 0; optargc < argc; optargc++)
+ {
+ if (argv[optargc][0] == '/') /* paths starts with / */
+ break;
+
+ if (strcasecmp (argv[optargc], "debug") == 0)
+ debug = 1;
+ else if (strncasecmp (argv[optargc], "log=", 4) == 0)
+ logfile = &argv[optargc][4];
+ else if (strcasecmp (argv[optargc], "seteuid") == 0)
+ call_setuid = 1;
+ else
+ break; /* Unknown option, assume program to execute. */
+ }
+
+
+ if (optargc >= argc) {
+ pam_syslog (pamh, LOG_ERR, "No path given as argument");
+ return PAM_SERVICE_ERR;
+ }
+
+ pid = fork();
+ if (pid == -1)
+ return PAM_SYSTEM_ERR;
+ if (pid > 0) /* parent */
+ {
+ int status = 0;
+ pid_t retval;
+ while ((retval = waitpid (pid, &status, 0)) == -1 &&
+ errno == EINTR);
+ if (retval == (pid_t)-1)
+ {
+ pam_syslog (pamh, LOG_ERR, "waitpid returns with -1: %m");
+ return PAM_SYSTEM_ERR;
+ }
+ else if (status != 0)
+ {
+ if (WIFEXITED(status))
+ {
+ pam_syslog (pamh, LOG_ERR, "%s failed: exit code %d",
+ argv[optargc], WEXITSTATUS(status));
+ pam_error (pamh, _("%s failed: exit code %d"),
+ argv[optargc], WEXITSTATUS(status));
+ }
+ else if (WIFSIGNALED(status))
+ {
+ pam_syslog (pamh, LOG_ERR, "%s failed: caught signal %d%s",
+ argv[optargc], WTERMSIG(status),
+ WCOREDUMP(status) ? " (core dumped)" : "");
+ pam_error (pamh, _("%s failed: caught signal %d%s"),
+ argv[optargc], WTERMSIG(status),
+ WCOREDUMP(status) ? " (core dumped)" : "");
+ }
+ else
+ {
+ pam_syslog (pamh, LOG_ERR, "%s failed: unknown status 0x%x",
+ argv[optargc], status);
+ pam_error (pamh, _("%s failed: unknown status 0x%x"),
+ argv[optargc], status);
+ }
+ return PAM_SYSTEM_ERR;
+ }
+ return PAM_SUCCESS;
+ }
+ else /* child */
+ {
+ char **arggv;
+ int i;
+
+ for (i = 0; i < sysconf (_SC_OPEN_MAX); i++)
+ close (i);
+
+ /* New stdin. */
+ if ((i = open ("/dev/null", O_RDWR)) < 0)
+ {
+ int err = errno;
+ pam_syslog (pamh, LOG_ERR, "open of /dev/null failed: %m");
+ exit (err);
+ }
+ /* New stdout and stderr. */
+ if (logfile)
+ {
+ time_t tm = time (NULL);
+ char *buffer = NULL;
+
+ if ((i = open (logfile, O_CREAT|O_APPEND|O_WRONLY,
+ S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) == -1)
+ {
+ int err = errno;
+ pam_syslog (pamh, LOG_ERR, "open of %s failed: %m",
+ logfile);
+ exit (err);
+ }
+ if (asprintf (&buffer, "*** %s", ctime (&tm)) > 0)
+ {
+ pam_modutil_write (i, buffer, strlen (buffer));
+ free (buffer);
+ }
+ }
+ else
+ if (dup (i) == -1)
+ {
+ int err = errno;
+ pam_syslog (pamh, LOG_ERR, "dup failed: %m");
+ exit (err);
+ }
+ if (dup (i) == -1)
+ {
+ int err = errno;
+ pam_syslog (pamh, LOG_ERR, "dup failed: %m");
+ exit (err);
+ }
+
+ if (call_setuid)
+ if (setuid (geteuid ()) == -1)
+ {
+ int err = errno;
+ pam_syslog (pamh, LOG_ERR, "setuid(%lu) failed: %m",
+ (unsigned long) geteuid ());
+ exit (err);
+ }
+
+ if (setsid () == -1)
+ {
+ int err = errno;
+ pam_syslog (pamh, LOG_ERR, "setsid failed: %m");
+ exit (err);
+ }
+
+ arggv = calloc (argc + 4, sizeof (char *));
+ if (arggv == NULL)
+ exit (ENOMEM);
+
+ for (i = 0; i < (argc - optargc); i++)
+ arggv[i] = argv[i+optargc];
+ arggv[i] = NULL;
+
+ if (debug)
+ pam_syslog (pamh, LOG_DEBUG, "Calling %s ...", arggv[0]);
+
+ if (execv (arggv[0], arggv) == -1)
+ {
+ int err = errno;
+ pam_syslog (pamh, LOG_ERR, "execv(%s,...) failed: %m",
+ arggv[0]);
+ exit (err);
+ }
+ exit (1); /* should never be reached. */
+ }
+ return PAM_SYSTEM_ERR;
+}
+
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ return call_exec (pamh, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_IGNORE;
+}
+
+/* password updating functions */
+
+PAM_EXTERN int
+pam_sm_chauthtok(pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+{
+ if (flags & PAM_PRELIM_CHECK)
+ return PAM_SUCCESS;
+ return call_exec (pamh, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ return call_exec (pamh, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ return call_exec (pamh, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ return call_exec (pamh, argc, argv);
+}
+
+#ifdef PAM_STATIC
+struct pam_module _pam_exec_modstruct = {
+ "pam_exec",
+ pam_sm_authenticate,
+ pam_sm_setcred,
+ pam_sm_acct_mgmt,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ pam_sm_chauthtok,
+};
+#endif
diff --git a/Linux-PAM/modules/pam_exec/tst-pam_exec b/Linux-PAM/modules/pam_exec/tst-pam_exec
new file mode 100755
index 00000000..a0b00393
--- /dev/null
+++ b/Linux-PAM/modules/pam_exec/tst-pam_exec
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_exec.so
diff --git a/Linux-PAM/modules/pam_faildelay/Makefile.am b/Linux-PAM/modules/pam_faildelay/Makefile.am
new file mode 100644
index 00000000..ac1bc1d3
--- /dev/null
+++ b/Linux-PAM/modules/pam_faildelay/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_faildelay
+
+man_MANS = pam_faildelay.8
+XMLS = README.xml pam_faildelay.8.xml
+
+TESTS = tst-pam_faildelay
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_faildelay.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_faildelay.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_faildelay/Makefile.in b/Linux-PAM/modules/pam_faildelay/Makefile.in
new file mode 100644
index 00000000..02c94322
--- /dev/null
+++ b/Linux-PAM/modules/pam_faildelay/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_faildelay
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_faildelay_la_LIBADD =
+pam_faildelay_la_SOURCES = pam_faildelay.c
+pam_faildelay_la_OBJECTS = pam_faildelay.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_faildelay.c
+DIST_SOURCES = pam_faildelay.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_faildelay
+man_MANS = pam_faildelay.8
+XMLS = README.xml pam_faildelay.8.xml
+TESTS = tst-pam_faildelay
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_faildelay.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_faildelay/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_faildelay/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_faildelay.la: $(pam_faildelay_la_OBJECTS) $(pam_faildelay_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_faildelay_la_OBJECTS) $(pam_faildelay_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_faildelay.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_faildelay.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_faildelay/README b/Linux-PAM/modules/pam_faildelay/README
new file mode 100644
index 00000000..a06d7e3f
--- /dev/null
+++ b/Linux-PAM/modules/pam_faildelay/README
@@ -0,0 +1,33 @@
+pam_faildelay — Change the delay on failure per-application
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_faildelay is a PAM module that can be used to set the delay on failure
+per-application.
+
+If no delay is given, pam_faildelay will use the value of FAIL_DELAY from /etc/
+login.defs.
+
+OPTIONS
+
+debug
+
+ Turns on debugging messages sent to syslog.
+
+delay=N
+
+ Set the delay on failure to N microseconds.
+
+EXAMPLES
+
+The following example will set the delay on failure to 10 seconds:
+
+auth optional pam_faildelay.so delay=10000000
+
+
+AUTHOR
+
+pam_faildelay was written by Darren Tucker <dtucker@zip.com.au>.
+
diff --git a/Linux-PAM/modules/pam_faildelay/README.xml b/Linux-PAM/modules/pam_faildelay/README.xml
new file mode 100644
index 00000000..64d4accc
--- /dev/null
+++ b/Linux-PAM/modules/pam_faildelay/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+"http://www.docbook.org/xml/4.4/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_faildelay.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_faildelay.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_faildelay-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_faildelay.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faildelay-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_faildelay.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faildelay-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_faildelay.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faildelay-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_faildelay.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faildelay-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_faildelay/pam_faildelay.8 b/Linux-PAM/modules/pam_faildelay/pam_faildelay.8
new file mode 100644
index 00000000..86eb031a
--- /dev/null
+++ b/Linux-PAM/modules/pam_faildelay/pam_faildelay.8
@@ -0,0 +1,65 @@
+.\" Title: pam_faildelay
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 12/06/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_FAILDELAY" "8" "12/06/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_faildelay \- Change the delay on failure per\-application
+.SH "SYNOPSIS"
+.HP 17
+\fBpam_faildelay.so\fR [debug] [delay=\fImicroseconds\fR]
+.SH "DESCRIPTION"
+.PP
+pam_faildelay is a PAM module that can be used to set the delay on failure per\-application.
+.PP
+If no
+\fBdelay\fR
+is given, pam_faildelay will use the value of FAIL_DELAY from
+\fI/etc/login.defs\fR.
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+Turns on debugging messages sent to syslog.
+.TP 3n
+\fBdelay=\fR\fB\fIN\fR\fR
+Set the delay on failure to N microseconds.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_IGNORE
+Delay was successful adjusted.
+.TP 3n
+PAM_SYSTEM_ERR
+The specified delay was not valid.
+.SH "EXAMPLES"
+.PP
+The following example will set the delay on failure to 10 seconds:
+.sp
+.RS 3n
+.nf
+auth optional pam_faildelay.so delay=10000000
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam_fail_delay\fR(3),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_faildelay was written by Darren Tucker <dtucker@zip.com.au>.
diff --git a/Linux-PAM/modules/pam_faildelay/pam_faildelay.8.xml b/Linux-PAM/modules/pam_faildelay/pam_faildelay.8.xml
new file mode 100644
index 00000000..d2dfd266
--- /dev/null
+++ b/Linux-PAM/modules/pam_faildelay/pam_faildelay.8.xml
@@ -0,0 +1,136 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+
+<refentry id="pam_faildelay">
+
+ <refmeta>
+ <refentrytitle>pam_faildelay</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_faildelay-name">
+ <refname>pam_faildelay</refname>
+ <refpurpose>Change the delay on failure per-application</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_faildelay-cmdsynopsis">
+ <command>pam_faildelay.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ delay=<replaceable>microseconds</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_faildelay-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_faildelay is a PAM module that can be used to set
+ the delay on failure per-application.
+ </para>
+ <para>
+ If no <option>delay</option> is given, pam_faildelay will
+ use the value of FAIL_DELAY from <filename>/etc/login.defs</filename>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_faildelay-options">
+
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Turns on debugging messages sent to syslog.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>delay=<replaceable>N</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Set the delay on failure to N microseconds.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_faildelay-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>auth</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_faildelay-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ Delay was successful adjusted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ The specified delay was not valid.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_faildelay-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ The following example will set the delay on failure to
+ 10 seconds:
+ <programlisting>
+auth optional pam_faildelay.so delay=10000000
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_faildelay-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_fail_delay</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_faildelay-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_faildelay was written by Darren Tucker &lt;dtucker@zip.com.au&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_faildelay/pam_faildelay.c b/Linux-PAM/modules/pam_faildelay/pam_faildelay.c
new file mode 100644
index 00000000..16cb7458
--- /dev/null
+++ b/Linux-PAM/modules/pam_faildelay/pam_faildelay.c
@@ -0,0 +1,231 @@
+/* pam_faildelay module */
+
+/*
+ * Allows an admin to set the delay on failure per-application.
+ * Provides "auth" interface only.
+ *
+ * Use by putting something like this in the relevant pam config:
+ * auth required pam_faildelay.so delay=[microseconds]
+ *
+ * eg:
+ * auth required pam_faildelay.so delay=10000000
+ * will set the delay on failure to 10 seconds.
+ *
+ * If no delay option was given, pam_faildelay.so will use the
+ * FAIL_DELAY value of /etc/login.defs.
+ *
+ * Based on pam_rootok and parts of pam_unix both by Andrew Morgan
+ * <morgan@linux.kernel.org>
+ *
+ * Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+ * - Rewrite to use extended PAM functions
+ * - Add /etc/login.defs support
+ *
+ * Portions Copyright (c) 2005 Darren Tucker <dtucker at zip com au>.
+ *
+ * Redistribution and use in source and binary forms of, with
+ * or without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * 1. Redistributions of source code must retain any existing copyright
+ * notice, and this entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ *
+ * 2. Redistributions in binary form must reproduce all prior and current
+ * copyright notices, this list of conditions, and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * 3. The name of any author may not be used to endorse or promote
+ * products derived from this software without their specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of the
+ * GNU General Public License, in which case the provisions of the GNU
+ * GPL are required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential conflict between the GNU GPL and the
+ * restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ */
+
+#include "config.h"
+
+#include <errno.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <limits.h>
+#include <unistd.h>
+#include <syslog.h>
+#include <string.h>
+#include <stdlib.h>
+
+
+#define PAM_SM_AUTH
+
+#include <security/pam_modules.h>
+#include <security/pam_ext.h>
+
+
+#define BUF_SIZE 8192
+#define LOGIN_DEFS "/etc/login.defs"
+
+static char *
+search_key (const char *filename)
+{
+ FILE *fp;
+ char *buf = NULL;
+ size_t buflen = 0;
+ char *retval = NULL;
+
+ fp = fopen (filename, "r");
+ if (NULL == fp)
+ return NULL;
+
+ while (!feof (fp))
+ {
+ char *tmp, *cp;
+#if defined(HAVE_GETLINE)
+ ssize_t n = getline (&buf, &buflen, fp);
+#elif defined (HAVE_GETDELIM)
+ ssize_t n = getdelim (&buf, &buflen, '\n', fp);
+#else
+ ssize_t n;
+
+ if (buf == NULL)
+ {
+ buflen = BUF_SIZE;
+ buf = malloc (buflen);
+ }
+ buf[0] = '\0';
+ if (fgets (buf, buflen - 1, fp) == NULL)
+ break;
+ else if (buf != NULL)
+ n = strlen (buf);
+ else
+ n = 0;
+#endif /* HAVE_GETLINE / HAVE_GETDELIM */
+ cp = buf;
+
+ if (n < 1)
+ break;
+
+ tmp = strchr (cp, '#'); /* remove comments */
+ if (tmp)
+ *tmp = '\0';
+ while (isspace ((int)*cp)) /* remove spaces and tabs */
+ ++cp;
+ if (*cp == '\0') /* ignore empty lines */
+ continue;
+
+ if (cp[strlen (cp) - 1] == '\n')
+ cp[strlen (cp) - 1] = '\0';
+
+ tmp = strsep (&cp, " \t=");
+ if (cp != NULL)
+ while (isspace ((int)*cp) || *cp == '=')
+ ++cp;
+
+ if (strcasecmp (tmp, "FAIL_DELAY") == 0)
+ {
+ retval = strdup (cp);
+ break;
+ }
+ }
+ fclose (fp);
+
+ free (buf);
+
+ return retval;
+}
+
+
+/* --- authentication management functions (only) --- */
+
+PAM_EXTERN
+int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ int i, debug_flag = 0;
+ long int delay = -1;
+
+ /* step through arguments */
+ for (i = 0; i < argc; i++) {
+ if (sscanf(argv[i], "delay=%ld", &delay) == 1) {
+ /* sscanf did already everything necessary */
+ } else if (strcmp (argv[i], "debug") == 0)
+ debug_flag = 1;
+ else
+ pam_syslog (pamh, LOG_ERR, "unknown option; %s", argv[i]);
+ }
+
+ if (delay == -1)
+ {
+ char *endptr;
+ char *val = search_key (LOGIN_DEFS);
+ const char *val_orig = val;
+
+ if (val == NULL)
+ return PAM_IGNORE;
+
+ errno = 0;
+ delay = strtol (val, &endptr, 10) & 0777;
+ if (((delay == 0) && (val_orig == endptr)) ||
+ ((delay == LONG_MIN || delay == LONG_MAX) && (errno == ERANGE)))
+ {
+ pam_syslog (pamh, LOG_ERR, "FAIL_DELAY=%s in %s not valid",
+ val, LOGIN_DEFS);
+ free (val);
+ return PAM_IGNORE;
+ }
+
+ free (val);
+ /* delay is in seconds, convert to microseconds. */
+ delay *= 1000000;
+ }
+
+ if (debug_flag)
+ pam_syslog (pamh, LOG_DEBUG, "setting fail delay to %ld", delay);
+
+ i = pam_fail_delay(pamh, delay);
+ if (i == PAM_SUCCESS)
+ return PAM_IGNORE;
+ else
+ return i;
+}
+
+PAM_EXTERN
+int pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_IGNORE;
+}
+
+
+#ifdef PAM_STATIC
+
+/* static module data */
+
+struct pam_module _pam_rootok_modstruct = {
+ "pam_faildelay",
+ pam_sm_authenticate,
+ pam_sm_setcred,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+};
+
+#endif
+
+/* end of module definition */
diff --git a/Linux-PAM/modules/pam_faildelay/tst-pam_faildelay b/Linux-PAM/modules/pam_faildelay/tst-pam_faildelay
new file mode 100755
index 00000000..87f7fd44
--- /dev/null
+++ b/Linux-PAM/modules/pam_faildelay/tst-pam_faildelay
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_faildelay.so
diff --git a/Linux-PAM/modules/pam_filter/.upperLOWER b/Linux-PAM/modules/pam_filter/.upperLOWER
deleted file mode 100644
index 2531b468..00000000
--- a/Linux-PAM/modules/pam_filter/.upperLOWER
+++ /dev/null
@@ -1 +0,0 @@
-a test filter that transposes upper and lower case characters
diff --git a/Linux-PAM/modules/pam_filter/Makefile b/Linux-PAM/modules/pam_filter/Makefile
deleted file mode 100644
index e7d7041e..00000000
--- a/Linux-PAM/modules/pam_filter/Makefile
+++ /dev/null
@@ -1,126 +0,0 @@
-#
-# $Id: Makefile,v 1.4 2001/11/11 07:43:54 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11
-#
-
-ifeq ($(OS),solaris)
-
-include ../dont_makefile
-
-else
-
-include ../../Make.Rules
-
-TITLE=pam_filter
-FILTERS=upperLOWER
-FILTERSDIR=$(SECUREDIR)/pam_filter
-export FILTERSDIR
-
-CFLAGS += -Iinclude
-
-LIBSRC = $(TITLE).c
-LIBOBJ = $(TITLE).o
-LIBOBJD = $(addprefix dynamic/,$(LIBOBJ))
-LIBOBJS = $(addprefix static/,$(LIBOBJ))
-
-dynamic/%.o : %.c
- $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-static/%.o : %.c
- $(CC) $(CFLAGS) $(STATIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-ifdef DYNAMIC
-LIBSHARED = $(TITLE).so
-endif
-
-ifdef STATIC
-LIBSTATIC = lib$(TITLE).o
-endif
-
-####################### don't edit below #######################
-
-#
-# this is where we compile this module
-#
-
-all: dirs $(LIBSHARED) $(LIBSTATIC) register filters
-
-dirs:
- if [ ! -r include/security ]; then ln -sf . include/security ; fi
-ifdef DYNAMIC
- $(MKDIR) ./dynamic
-endif
-ifdef STATIC
- $(MKDIR) ./static
-endif
-
-register:
-ifdef STATIC
- ( cd .. ; ./register_static $(TITLE) $(TITLE)/$(LIBSTATIC) )
-endif
-
-filters:
- @for i in $(FILTERS) ; do \
- if [ -d $$i ]; then \
- $(MAKE) -C $$i all ; \
- fi ; \
- done
-
-
-ifdef DYNAMIC
-$(LIBOBJD): $(LIBSRC)
-endif
-
-ifdef DYNAMIC
-$(LIBSHARED): $(LIBOBJD)
- $(LD_D) -o $@ $(LIBOBJD)
-endif
-
-ifdef STATIC
-$(LIBOBJS): $(LIBSRC)
-endif
-
-ifdef STATIC
-$(LIBSTATIC): $(LIBOBJS)
- $(LD) -r -o $@ $(LIBOBJS)
-endif
-
-remove:
- rm -f $(FAKEROOT)$(SECUREDIR)/$(TITLE).so
- rm -f $(FAKEROOT)$(INCLUDED)/pam_filter.h
- @for i in $(FILTERS) ; do \
- if [ -d $$i ]; then \
- $(MAKE) -C $$i remove ; \
- fi ; \
- done
-
-install: all
- @for i in $(FILTERS) ; do \
- if [ -d $$i ]; then \
- $(MAKE) -C $$i install ; \
- fi ; \
- done
- $(MKDIR) $(FAKEROOT)$(SECUREDIR)
-ifdef DYNAMIC
- $(INSTALL) -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR)
-endif
- $(MKDIR) $(FAKEROOT)$(INCLUDED)
- $(INSTALL) -m 644 include/pam_filter.h $(FAKEROOT)$(INCLUDED)
-
-clean:
- @for i in $(FILTERS) ; do \
- if [ -d $$i ]; then \
- $(MAKE) -C $$i clean ; \
- fi ; \
- done
- rm -f $(LIBSHARED) $(LIBOBJD) $(LIBOBJS) core *~
- rm -f include/security
- rm -fr dynamic static
- rm -f *.a *.o *.so *.bak
-
-endif
diff --git a/Linux-PAM/modules/pam_filter/Makefile.am b/Linux-PAM/modules/pam_filter/Makefile.am
new file mode 100644
index 00000000..b218bffb
--- /dev/null
+++ b/Linux-PAM/modules/pam_filter/Makefile.am
@@ -0,0 +1,34 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+SUBDIRS = upperLOWER
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_filter
+
+man_MANS = pam_filter.8
+XMLS = README.xml pam_filter.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+include_HEADERS=pam_filter.h
+
+securelib_LTLIBRARIES = pam_filter.la
+TESTS = tst-pam_filter
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_filter.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_filter/Makefile.in b/Linux-PAM/modules/pam_filter/Makefile.in
new file mode 100644
index 00000000..03b39bcd
--- /dev/null
+++ b/Linux-PAM/modules/pam_filter/Makefile.in
@@ -0,0 +1,805 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_filter
+DIST_COMMON = README $(include_HEADERS) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)" \
+ "$(DESTDIR)$(includedir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_filter_la_LIBADD =
+pam_filter_la_SOURCES = pam_filter.c
+pam_filter_la_OBJECTS = pam_filter.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_filter.c
+DIST_SOURCES = pam_filter.c
+RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
+ html-recursive info-recursive install-data-recursive \
+ install-dvi-recursive install-exec-recursive \
+ install-html-recursive install-info-recursive \
+ install-pdf-recursive install-ps-recursive install-recursive \
+ installcheck-recursive installdirs-recursive pdf-recursive \
+ ps-recursive uninstall-recursive
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+includeHEADERS_INSTALL = $(INSTALL_HEADER)
+HEADERS = $(include_HEADERS)
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+ETAGS = etags
+CTAGS = ctags
+DIST_SUBDIRS = $(SUBDIRS)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+SUBDIRS = upperLOWER
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_filter
+man_MANS = pam_filter.8
+XMLS = README.xml pam_filter.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+include_HEADERS = pam_filter.h
+securelib_LTLIBRARIES = pam_filter.la
+TESTS = tst-pam_filter
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-recursive
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_filter/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_filter/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_filter.la: $(pam_filter_la_OBJECTS) $(pam_filter_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_filter_la_OBJECTS) $(pam_filter_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_filter.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+install-includeHEADERS: $(include_HEADERS)
+ @$(NORMAL_INSTALL)
+ test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)"
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \
+ $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \
+ done
+
+uninstall-includeHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \
+ rm -f "$(DESTDIR)$(includedir)/$$f"; \
+ done
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run `make' without going through this Makefile.
+# To change the values of `make' variables: instead of editing Makefiles,
+# (1) if the variable is set in `config.status', edit `config.status'
+# (which will cause the Makefiles to be regenerated when you run `make');
+# (2) otherwise, pass the desired values on the `make' command line.
+$(RECURSIVE_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+$(RECURSIVE_CLEAN_TARGETS):
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
+ dot_seen=no; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ rev=''; for subdir in $$list; do \
+ if test "$$subdir" = "."; then :; else \
+ rev="$$subdir $$rev"; \
+ fi; \
+ done; \
+ rev="$$rev ."; \
+ target=`echo $@ | sed s/-recursive//`; \
+ for subdir in $$rev; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done && test -z "$$fail"
+tags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
+ done
+ctags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+ list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ distdir=`$(am__cd) $(distdir) && pwd`; \
+ top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
+ (cd $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$top_distdir" \
+ distdir="$$distdir/$$subdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-recursive
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA) $(HEADERS)
+installdirs: installdirs-recursive
+installdirs-am:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(includedir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+info: info-recursive
+
+info-am:
+
+install-data-am: install-includeHEADERS install-man \
+ install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-recursive
+
+install-exec-am:
+
+install-html: install-html-recursive
+
+install-info: install-info-recursive
+
+install-man: install-man8
+
+install-pdf: install-pdf-recursive
+
+install-ps: install-ps-recursive
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am: uninstall-includeHEADERS uninstall-man \
+ uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \
+ install-strip
+
+.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
+ all all-am check check-TESTS check-am clean clean-generic \
+ clean-libtool clean-securelibLTLIBRARIES ctags ctags-recursive \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am \
+ install-includeHEADERS install-info install-info-am \
+ install-man install-man8 install-pdf install-pdf-am install-ps \
+ install-ps-am install-securelibLTLIBRARIES install-strip \
+ installcheck installcheck-am installdirs installdirs-am \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags tags-recursive uninstall uninstall-am \
+ uninstall-includeHEADERS uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_filter.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_filter/README b/Linux-PAM/modules/pam_filter/README
index 12c4aeb5..4d4e2194 100644
--- a/Linux-PAM/modules/pam_filter/README
+++ b/Linux-PAM/modules/pam_filter/README
@@ -1,94 +1,78 @@
-#
-# $Id: README,v 1.1.1.1 2000/06/20 22:11:35 agmorgan Exp $
-#
-# This describes the behavior of this module with respect to the
-# /etc/pam.conf file.
-#
-# writen by Andrew Morgan <morgan@parc.power.net>
-#
+pam_filter — PAM filter module
-This module is intended to be a platform for providing access to all
-of the input/output that passes between the user and the application.
-It is only suitable for tty-based and (stdin/stdout) applications. And
-is only known to work on Linux based systems.
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
-The action of the module is dictated by the arguments it is given in
-the pam.conf file.
+DESCRIPTION
-recognized flags are:
+This module is intended to be a platform for providing access to all of the
+input/output that passes between the user and the application. It is only
+suitable for tty-based and (stdin/stdout) applications.
- debug print some information to syslog(3)
+To function this module requires filters to be installed on the system. The
+single filter provided with the module simply transposes upper and lower case
+letters in the input and output streams. (This can be very annoying and is not
+kind to termcap based editors).
- new_term set the PAM_TTY item to the new filtered
- terminal (the default is to set it
- to be that of the users terminal)
+Each component of the module has the potential to invoke the desired filter.
+The filter is always execv(2) with the privilege of the calling application and
+not that of the user. For this reason it cannot usually be killed by the user
+without closing their session.
- non_term don't try to set the PAM_TTY item
+OPTIONS
- run1/run2 these arguments indicate that the
- module should separate the application
- from the user and insert a filter
- program between them. The pathname of
- the filter program follows the 'runN'
- argument. Arguments that follow this
- pathname are passed as arguments to
- the filter program.
+debug
- The distinction between run1 and run2
- is which of the two functions of
- the given management-type triggers the
- execution of the indicated filter.
+ Print debug information.
- type: run1 run2
- ----- ---- ----
+new_term
- auth pam_sm_authenticate pam_sm_setcred
+ The default action of the filter is to set the PAM_TTY item to indicate the
+ terminal that the user is using to connect to the application. This
+ argument indicates that the filter should set PAM_TTY to the filtered
+ pseudo-terminal.
- account [ pam_sm_acct_mgmt (either is good) ]
+non_term
- session pam_sm_open_session pam_sm_close_session
+ don't try to set the PAM_TTY item.
- password pam_sm_chauthtok/PRELIM pam_sm_chauthtok/UPDATE
+runX
-Note, in the case of 'password' PRELIM/UPDATE indicates which of the
-two calls to pam_sm_chauthtok from libpam (not the application) will
-trigger the filter.
+ In order that the module can invoke a filter it should know when to invoke
+ it. This argument is required to tell the filter when to do this.
-What a filter program should expect:
-------------------------------------
+ Permitted values for X are 1 and 2. These indicate the precise time that
+ the filter is to be run. To understand this concept it will be useful to
+ have read the pam(3) manual page. Basically, for each management group
+ there are up to two ways of calling the module's functions. In the case of
+ the authentication and session components there are actually two separate
+ functions. For the case of authentication, these functions are
+ pam_authenticate(3) and pam_setcred(3), here run1 means run the filter from
+ the pam_authenticate function and run2 means run the filter from
+ pam_setcred. In the case of the session modules, run1 implies that the
+ filter is invoked at the pam_open_session(3) stage, and run2 for
+ pam_close_session(3).
-Definitions for filter programs (which may be locally designed) are
-contained in the <security/pam_filter.h> file.
+ For the case of the account component. Either run1 or run2 may be used.
-Arguments are not passed to the filter on the command line, since this
-is plainly visible when a user types 'ps -a'. Instead they are passed
-as the filter's environment. Other information is passed in this way
-too.
+ For the case of the password component, run1 is used to indicate that the
+ filter is run on the first occasion of pam_chauthtok(3) (the
+ PAM_PRELIM_CHECK phase) and run2 is used to indicate that the filter is run
+ on the second occasion (the PAM_UPDATE_AUTHTOK phase).
-Here is a list of the environment variables that a filter should
-expect:
+filter
- ARGS="filter_path_name argument list"
- SERVICE="service_name" (as it appears in /etc/pam.conf)
- USER="username"
- TYPE="module_fn" (the name of the function in pam_filter.so
- that invoked the filter)
+ The full pathname of the filter to be run and any command line arguments
+ that the filter might expect.
-[This list is likely to grow. If you want something added, email me!]
+EXAMPLES
-Among other things this module is intended to provide a useful means
-of logging the activity of users in as discrete a manner as possible.
+Add the following line to /etc/pam.d/login to see how to configure login to
+transpose upper and lower case letters once the user has logged in:
-Existing filters:
------------------
+ session required pam_filter.so run1 /lib/security/pam_filter/upperLOWER
-Currently, there is a single supplied filter (upperLOWER). The effect
-of using this filter is to transpose upper and lower case letters
-between the user and the application. This is really annoying when you
-try the 'xsh' example application! ;)
-TODO: provide more filters...
- Decide if providing stderr interception is really overkill.
+AUTHOR
-Andrew G. Morgan <morgan@parc.power.net> 1996/5/27
+pam_filter was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_filter/README.xml b/Linux-PAM/modules/pam_filter/README.xml
new file mode 100644
index 00000000..b76cb743
--- /dev/null
+++ b/Linux-PAM/modules/pam_filter/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_filter.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_filter.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_filter-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_filter.8.xml" xpointer='xpointer(//refsect1[@id = "pam_filter-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_filter.8.xml" xpointer='xpointer(//refsect1[@id = "pam_filter-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_filter.8.xml" xpointer='xpointer(//refsect1[@id = "pam_filter-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_filter.8.xml" xpointer='xpointer(//refsect1[@id = "pam_filter-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_filter/pam_filter.8 b/Linux-PAM/modules/pam_filter/pam_filter.8
new file mode 100644
index 00000000..7def7fe9
--- /dev/null
+++ b/Linux-PAM/modules/pam_filter/pam_filter.8
@@ -0,0 +1,140 @@
+.\" Title: pam_filter
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/09/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_FILTER" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_filter \- PAM filter module
+.SH "SYNOPSIS"
+.HP 14
+\fBpam_filter.so\fR [debug] [new_term] [non_term] run1|run2 \fIfilter\fR [\fI...\fR]
+.SH "DESCRIPTION"
+.PP
+This module is intended to be a platform for providing access to all of the input/output that passes between the user and the application. It is only suitable for tty\-based and (stdin/stdout) applications.
+.PP
+To function this module requires
+\fIfilters\fR
+to be installed on the system. The single filter provided with the module simply transposes upper and lower case letters in the input and output streams. (This can be very annoying and is not kind to termcap based editors).
+.PP
+Each component of the module has the potential to invoke the desired filter. The filter is always
+\fBexecv\fR(2)
+with the privilege of the calling application and
+\fInot\fR
+that of the user. For this reason it cannot usually be killed by the user without closing their session.
+.SH "OPTIONS"
+.PP
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBnew_term\fR
+The default action of the filter is to set the
+\fIPAM_TTY\fR
+item to indicate the terminal that the user is using to connect to the application. This argument indicates that the filter should set
+\fIPAM_TTY\fR
+to the filtered pseudo\-terminal.
+.TP 3n
+\fBnon_term\fR
+don't try to set the
+\fIPAM_TTY\fR
+item.
+.TP 3n
+\fBrunX\fR
+In order that the module can invoke a filter it should know when to invoke it. This argument is required to tell the filter when to do this.
+.sp
+Permitted values for
+\fIX\fR
+are
+\fI1\fR
+and
+\fI2\fR. These indicate the precise time that the filter is to be run. To understand this concept it will be useful to have read the
+\fBpam\fR(3)
+manual page. Basically, for each management group there are up to two ways of calling the module's functions. In the case of the
+\fIauthentication\fR
+and
+\fIsession\fR
+components there are actually two separate functions. For the case of authentication, these functions are
+\fBpam_authenticate\fR(3)
+and
+\fBpam_setcred\fR(3), here
+\fBrun1\fR
+means run the filter from the
+\fBpam_authenticate\fR
+function and
+\fBrun2\fR
+means run the filter from
+\fBpam_setcred\fR. In the case of the session modules,
+\fIrun1\fR
+implies that the filter is invoked at the
+\fBpam_open_session\fR(3)
+stage, and
+\fIrun2\fR
+for
+\fBpam_close_session\fR(3).
+.sp
+For the case of the account component. Either
+\fIrun1\fR
+or
+\fIrun2\fR
+may be used.
+.sp
+For the case of the password component,
+\fIrun1\fR
+is used to indicate that the filter is run on the first occasion of
+\fBpam_chauthtok\fR(3)
+(the
+\fIPAM_PRELIM_CHECK\fR
+phase) and
+\fIrun2\fR
+is used to indicate that the filter is run on the second occasion (the
+\fIPAM_UPDATE_AUTHTOK\fR
+phase).
+.TP 3n
+\fBfilter\fR
+The full pathname of the filter to be run and any command line arguments that the filter might expect.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The services
+\fBauth\fR,
+\fBaccount\fR,
+\fBpassword\fR
+and
+\fBsession\fR
+are supported.
+.SH "RETURN VALUES"
+.PP
+.TP 3n
+PAM_SUCCESS
+The new filter was set successfull.
+.TP 3n
+PAM_ABORT
+Critical error, immediate abort.
+.SH "EXAMPLES"
+.PP
+Add the following line to
+\fI/etc/pam.d/login\fR
+to see how to configure login to transpose upper and lower case letters once the user has logged in:
+.sp
+.RS 3n
+.nf
+ session required pam_filter.so run1 /lib/security/pam_filter/upperLOWER
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_filter was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_filter/pam_filter.8.xml b/Linux-PAM/modules/pam_filter/pam_filter.8.xml
new file mode 100644
index 00000000..d15d7e97
--- /dev/null
+++ b/Linux-PAM/modules/pam_filter/pam_filter.8.xml
@@ -0,0 +1,261 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_filter">
+
+ <refmeta>
+ <refentrytitle>pam_filter</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_filter-name">
+ <refname>pam_filter</refname>
+ <refpurpose>PAM filter module</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_filter-cmdsynopsis">
+ <command>pam_filter.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ new_term
+ </arg>
+ <arg choice="opt">
+ non_term
+ </arg>
+ <arg choice="plain">
+ run1|run2
+ </arg>
+ <arg choice="plain">
+ <replaceable>filter</replaceable>
+ </arg>
+ <arg choice="opt">
+ <replaceable>...</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_filter-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ This module is intended to be a platform for providing access to all
+ of the input/output that passes between the user and the application.
+ It is only suitable for tty-based and (stdin/stdout) applications.
+ </para>
+ <para>
+ To function this module requires <emphasis>filters</emphasis> to be
+ installed on the system.
+ The single filter provided with the module simply transposes upper and
+ lower case letters in the input and output streams. (This can be very
+ annoying and is not kind to termcap based editors).
+ </para>
+ <para>
+ Each component of the module has the potential to invoke the
+ desired filter. The filter is always
+ <citerefentry>
+ <refentrytitle>execv</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry> with the privilege of the calling application
+ and <emphasis>not</emphasis> that of the user. For this reason it
+ cannot usually be killed by the user without closing their session.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_filter-options">
+
+ <title>OPTIONS</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>new_term</option>
+ </term>
+ <listitem>
+ <para>
+ The default action of the filter is to set the
+ <emphasis>PAM_TTY</emphasis> item to indicate the
+ terminal that the user is using to connect to the
+ application. This argument indicates that the filter
+ should set <emphasis>PAM_TTY</emphasis> to the filtered
+ pseudo-terminal.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>non_term</option>
+ </term>
+ <listitem>
+ <para>
+ don't try to set the <emphasis>PAM_TTY</emphasis> item.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>runX</option>
+ </term>
+ <listitem>
+ <para>
+ In order that the module can invoke a filter it should
+ know when to invoke it. This argument is required to tell
+ the filter when to do this.
+ </para>
+ <para>
+ Permitted values for <emphasis>X</emphasis> are
+ <emphasis>1</emphasis> and <emphasis>2</emphasis>. These
+ indicate the precise time that the filter is to be run.
+ To understand this concept it will be useful to have read
+ the <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> manual page.
+ Basically, for each management group there are up to two ways
+ of calling the module's functions.
+ In the case of the <emphasis>authentication</emphasis> and
+ <emphasis>session</emphasis> components there are actually
+ two separate functions. For the case of authentication, these
+ functions are
+ <citerefentry>
+ <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and
+ <citerefentry>
+ <refentrytitle>pam_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>, here <option>run1</option> means run the
+ filter from the <function>pam_authenticate</function> function
+ and <option>run2</option> means run the filter from
+ <function>pam_setcred</function>. In the case of the
+ session modules, <emphasis>run1</emphasis> implies
+ that the filter is invoked at the
+ <citerefentry>
+ <refentrytitle>pam_open_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> stage, and <emphasis>run2</emphasis> for
+ <citerefentry>
+ <refentrytitle>pam_close_session</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ <para>
+ For the case of the account component. Either
+ <emphasis>run1</emphasis> or <emphasis>run2</emphasis>
+ may be used.
+ </para>
+ <para>
+ For the case of the password component, <emphasis>run1</emphasis>
+ is used to indicate that the filter is run on the first
+ occasion of
+ <citerefentry>
+ <refentrytitle>pam_chauthtok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> (the <emphasis>PAM_PRELIM_CHECK</emphasis>
+ phase) and <emphasis>run2</emphasis> is used to indicate
+ that the filter is run on the second occasion (the
+ <emphasis>PAM_UPDATE_AUTHTOK</emphasis> phase).
+
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>filter</option>
+ </term>
+ <listitem>
+ <para>
+ The full pathname of the filter to be run and any command line
+ arguments that the filter might expect.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_filter-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The services <option>auth</option>, <option>account</option>,
+ <option>password</option> and <option>session</option> are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_filter-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The new filter was set successfull.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ Critical error, immediate abort.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_filter-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add the following line to <filename>/etc/pam.d/login</filename> to
+ see how to configure login to transpose upper and lower case letters
+ once the user has logged in:
+
+ <programlisting>
+ session required pam_filter.so run1 /lib/security/pam_filter/upperLOWER
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_filter-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_filter-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_filter was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_filter/pam_filter.c b/Linux-PAM/modules/pam_filter/pam_filter.c
index 9aa23f29..1c7731b3 100644
--- a/Linux-PAM/modules/pam_filter/pam_filter.c
+++ b/Linux-PAM/modules/pam_filter/pam_filter.c
@@ -1,11 +1,11 @@
/*
- * $Id: pam_filter.c,v 1.6 2004/11/16 14:27:41 toady Exp $
+ * $Id: pam_filter.c,v 1.12 2005/12/12 14:45:00 ldv Exp $
*
* written by Andrew Morgan <morgan@transmeta.com> with much help from
* Richard Stevens' UNIX Network Programming book.
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdlib.h>
#include <syslog.h>
@@ -31,7 +31,8 @@
#define PAM_SM_PASSWORD
#include <security/pam_modules.h>
-#include <security/pam_filter.h>
+#include <security/pam_ext.h>
+#include "pam_filter.h"
/* ------ some tokens used for convenience throughout this file ------- */
@@ -47,20 +48,10 @@
#include <stdarg.h>
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("pam_filter", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
#define TERMINAL_LEN 12
-static int master(char *terminal)
+static int
+master (const pam_handle_t *pamh, char *terminal)
/*
* try to open all of the terminals in sequence return first free one,
* or -1
@@ -77,7 +68,8 @@ static int master(char *terminal)
terminal[8] = *pty++;
terminal[9] = '0';
if (stat(terminal,&tstat) < 0) {
- _pam_log(LOG_WARNING, "unknown pseudo terminal; %s", terminal);
+ pam_syslog(pamh, LOG_WARNING,
+ "unknown pseudo terminal: %s", terminal);
break;
}
for (hex = hexs; *hex; ) { /* step through 16 of these */
@@ -109,17 +101,17 @@ static int process_args(pam_handle_t *pamh
} else if (strcmp("run1",*argv) == 0) {
ctrl |= FILTER_RUN1;
if (argc <= 0) {
- _pam_log(LOG_ALERT,"no run filter supplied");
+ pam_syslog(pamh, LOG_ALERT, "no run filter supplied");
} else
break;
} else if (strcmp("run2",*argv) == 0) {
ctrl |= FILTER_RUN2;
if (argc <= 0) {
- _pam_log(LOG_ALERT,"no run filter supplied");
+ pam_syslog(pamh, LOG_ALERT, "no run filter supplied");
} else
break;
} else {
- _pam_log(LOG_ERR, "unrecognized option: %s (ignored)", *argv);
+ pam_syslog(pamh, LOG_ERR, "unrecognized option: %s", *argv);
}
++argv; /* step along list */
}
@@ -130,17 +122,18 @@ static int process_args(pam_handle_t *pamh
*evp = NULL;
} else {
char **levp;
- const char *tmp;
+ const char *user = NULL;
+ const void *tmp;
int i,size, retval;
*filtername = *++argv;
if (ctrl & FILTER_DEBUG) {
- _pam_log(LOG_DEBUG,"will run filter %s\n", *filtername);
+ pam_syslog(pamh, LOG_DEBUG, "will run filter %s", *filtername);
}
levp = (char **) malloc(5*sizeof(char *));
if (levp == NULL) {
- _pam_log(LOG_CRIT,"no memory for environment of filter");
+ pam_syslog(pamh, LOG_CRIT, "no memory for environment of filter");
return -1;
}
@@ -157,7 +150,7 @@ static int process_args(pam_handle_t *pamh
levp[0] = (char *) malloc(size);
if (levp[0] == NULL) {
- _pam_log(LOG_CRIT,"no memory for filter arguments");
+ pam_syslog(pamh, LOG_CRIT, "no memory for filter arguments");
if (levp) {
free(levp);
}
@@ -177,9 +170,9 @@ static int process_args(pam_handle_t *pamh
#define SERVICE_OFFSET 8 /* strlen('SERVICE='); */
#define SERVICE_NAME "SERVICE="
- retval = pam_get_item(pamh, PAM_SERVICE, (const void **)&tmp);
+ retval = pam_get_item(pamh, PAM_SERVICE, &tmp);
if (retval != PAM_SUCCESS || tmp == NULL) {
- _pam_log(LOG_CRIT,"service name not found");
+ pam_syslog(pamh, LOG_CRIT, "service name not found");
if (levp) {
free(levp[0]);
free(levp);
@@ -190,7 +183,7 @@ static int process_args(pam_handle_t *pamh
levp[1] = (char *) malloc(size+1);
if (levp[1] == NULL) {
- _pam_log(LOG_CRIT,"no memory for service name");
+ pam_syslog(pamh, LOG_CRIT, "no memory for service name");
if (levp) {
free(levp[0]);
free(levp);
@@ -207,16 +200,15 @@ static int process_args(pam_handle_t *pamh
#define USER_OFFSET 5 /* strlen('USER='); */
#define USER_NAME "USER="
- tmp = NULL;
- pam_get_user(pamh, &tmp, NULL);
- if (tmp == NULL) {
- tmp = "<unknown>";
+ pam_get_user(pamh, &user, NULL);
+ if (user == NULL) {
+ user = "<unknown>";
}
- size = USER_OFFSET+strlen(tmp);
+ size = USER_OFFSET+strlen(user);
levp[2] = (char *) malloc(size+1);
if (levp[2] == NULL) {
- _pam_log(LOG_CRIT,"no memory for user's name");
+ pam_syslog(pamh, LOG_CRIT, "no memory for user's name");
if (levp) {
free(levp[1]);
free(levp[0]);
@@ -226,7 +218,7 @@ static int process_args(pam_handle_t *pamh
}
strncpy(levp[2],USER_NAME,USER_OFFSET);
- strcpy(levp[2]+USER_OFFSET, tmp);
+ strcpy(levp[2]+USER_OFFSET, user);
levp[2][size] = '\0'; /* <NUL> terminate */
/* the "USER" variable */
@@ -238,7 +230,7 @@ static int process_args(pam_handle_t *pamh
levp[3] = (char *) malloc(size+1);
if (levp[3] == NULL) {
- _pam_log(LOG_CRIT,"no memory for type");
+ pam_syslog(pamh, LOG_CRIT, "no memory for type");
if (levp) {
free(levp[2]);
free(levp[1]);
@@ -260,10 +252,10 @@ static int process_args(pam_handle_t *pamh
if ((ctrl & FILTER_DEBUG) && *filtername) {
char **e;
- _pam_log(LOG_DEBUG,"filter[%s]: %s",type,*filtername);
- _pam_log(LOG_DEBUG,"environment:");
+ pam_syslog(pamh, LOG_DEBUG, "filter[%s]: %s", type, *filtername);
+ pam_syslog(pamh, LOG_DEBUG, "environment:");
for (e=*evp; e && *e; ++e) {
- _pam_log(LOG_DEBUG," %s",*e);
+ pam_syslog(pamh, LOG_DEBUG, " %s", *e);
}
}
@@ -282,8 +274,9 @@ static void free_evp(char *evp[])
free(evp);
}
-static int set_filter(pam_handle_t *pamh, int flags, int ctrl
- , const char **evp, const char *filtername)
+static int
+set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
+ const char **evp, const char *filtername)
{
int status=-1;
char terminal[TERMINAL_LEN];
@@ -291,7 +284,8 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
int fd[2], child=0, child2=0, aterminal;
if (filtername == NULL || *filtername != '/') {
- _pam_log(LOG_ALERT, "filtername not permitted; require full path");
+ pam_syslog(pamh, LOG_ALERT,
+ "filtername not permitted; full pathname required");
return PAM_ABORT;
}
@@ -305,9 +299,9 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
/* open the master pseudo terminal */
- fd[0] = master(terminal);
+ fd[0] = master(pamh,terminal);
if (fd[0] < 0) {
- _pam_log(LOG_CRIT,"no master terminal");
+ pam_syslog(pamh, LOG_CRIT, "no master terminal");
return PAM_AUTH_ERR;
}
@@ -317,9 +311,9 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
/* this is termios terminal handling... */
if ( tcgetattr(STDIN_FILENO, &stored_mode) < 0 ) {
+ pam_syslog(pamh, LOG_CRIT, "couldn't copy terminal mode: %m");
/* in trouble, so close down */
close(fd[0]);
- _pam_log(LOG_CRIT, "couldn't copy terminal mode");
return PAM_ABORT;
} else {
struct termios t_mode = stored_mode;
@@ -328,7 +322,10 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
t_mode.c_oflag &= ~OPOST; /* no ouput post processing */
/* no signals, canonical input, echoing, upper/lower output */
- t_mode.c_lflag &= ~(ISIG|ICANON|ECHO|XCASE);
+#ifdef XCASE
+ t_mode.c_lflag &= ~(XCASE);
+#endif
+ t_mode.c_lflag &= ~(ISIG|ICANON|ECHO);
t_mode.c_cflag &= ~(CSIZE|PARENB); /* no parity */
t_mode.c_cflag |= CS8; /* 8 bit chars */
@@ -336,8 +333,9 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
t_mode.c_cc[VTIME] = 0; /* 0/10th second for chars */
if ( tcsetattr(STDIN_FILENO, TCSAFLUSH, &t_mode) < 0 ) {
+ pam_syslog(pamh, LOG_WARNING,
+ "couldn't put terminal in RAW mode: %m");
close(fd[0]);
- _pam_log(LOG_WARNING, "couldn't put terminal in RAW mode");
return PAM_ABORT;
}
@@ -354,7 +352,7 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
*/
if ( socketpair(AF_UNIX, SOCK_STREAM, 0, fd) < 0 ) {
- _pam_log(LOG_CRIT,"couldn't open a stream pipe");
+ pam_syslog(pamh, LOG_CRIT, "couldn't open a stream pipe: %m");
return PAM_ABORT;
}
}
@@ -363,7 +361,7 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
if ( (child = fork()) < 0 ) {
- _pam_log(LOG_WARNING,"first fork failed");
+ pam_syslog(pamh, LOG_WARNING, "first fork failed: %m");
if (aterminal) {
(void) tcsetattr(STDIN_FILENO, TCSAFLUSH, &stored_mode);
}
@@ -389,7 +387,8 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
/* make this process it's own process leader */
if (setsid() == -1) {
- _pam_log(LOG_WARNING,"child cannot become new session");
+ pam_syslog(pamh, LOG_WARNING,
+ "child cannot become new session: %m");
return PAM_ABORT;
}
@@ -399,8 +398,8 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
close(fd[0]); /* process is the child -- uses line fd[1] */
if (fd[1] < 0) {
- _pam_log(LOG_WARNING,"cannot open slave terminal; %s"
- ,terminal);
+ pam_syslog(pamh, LOG_WARNING,
+ "cannot open slave terminal: %s: %m", terminal);
return PAM_ABORT;
}
@@ -408,8 +407,8 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
parent's was before we set it into RAW mode */
if ( tcsetattr(fd[1], TCSANOW, &stored_mode) < 0 ) {
- _pam_log(LOG_WARNING,"cannot set slave terminal mode; %s"
- ,terminal);
+ pam_syslog(pamh, LOG_WARNING,
+ "cannot set slave terminal mode: %s: %m", terminal);
close(fd[1]);
return PAM_ABORT;
}
@@ -425,8 +424,8 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
if ( dup2(fd[1],STDIN_FILENO) != STDIN_FILENO ||
dup2(fd[1],STDOUT_FILENO) != STDOUT_FILENO ||
dup2(fd[1],STDERR_FILENO) != STDERR_FILENO ) {
- _pam_log(LOG_WARNING
- ,"unable to re-assign STDIN/OUT/ERR...'s");
+ pam_syslog(pamh, LOG_WARNING,
+ "unable to re-assign STDIN/OUT/ERR: %m");
close(fd[1]);
return PAM_ABORT;
}
@@ -436,8 +435,8 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
if ( fcntl(STDIN_FILENO, F_SETFD, 0) ||
fcntl(STDOUT_FILENO,F_SETFD, 0) ||
fcntl(STDERR_FILENO,F_SETFD, 0) ) {
- _pam_log(LOG_WARNING
- ,"unable to re-assign STDIN/OUT/ERR...'s");
+ pam_syslog(pamh, LOG_WARNING,
+ "unable to re-assign STDIN/OUT/ERR: %m");
return PAM_ABORT;
}
@@ -470,7 +469,7 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
if ( (child2 = fork()) < 0 ) {
- _pam_log(LOG_WARNING,"filter fork failed");
+ pam_syslog(pamh, LOG_WARNING, "filter fork failed: %m");
child2 = 0;
} else if ( child2 == 0 ) { /* exec the child filter */
@@ -478,8 +477,8 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
if ( dup2(fd[0],APPIN_FILENO) != APPIN_FILENO ||
dup2(fd[0],APPOUT_FILENO) != APPOUT_FILENO ||
dup2(fd[0],APPERR_FILENO) != APPERR_FILENO ) {
- _pam_log(LOG_WARNING
- ,"unable to re-assign APPIN/OUT/ERR...'s");
+ pam_syslog(pamh, LOG_WARNING,
+ "unable to re-assign APPIN/OUT/ERR: %m");
close(fd[0]);
exit(1);
}
@@ -489,8 +488,8 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
if ( fcntl(APPIN_FILENO, F_SETFD, 0) == -1 ||
fcntl(APPOUT_FILENO,F_SETFD, 0) == -1 ||
fcntl(APPERR_FILENO,F_SETFD, 0) == -1 ) {
- _pam_log(LOG_WARNING
- ,"unable to retain APPIN/OUT/ERR...'s");
+ pam_syslog(pamh, LOG_WARNING,
+ "unable to retain APPIN/OUT/ERR: %m");
close(APPIN_FILENO);
close(APPOUT_FILENO);
close(APPERR_FILENO);
@@ -503,7 +502,7 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
/* getting to here is an error */
- _pam_log(LOG_ALERT, "filter: %s, not executable", filtername);
+ pam_syslog(pamh, LOG_ALERT, "filter: %s: %m", filtername);
} else { /* wait for either of the two children to exit */
@@ -531,10 +530,10 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
child2 = 0;
} else {
- _pam_log(LOG_ALERT
- ,"programming error <chid=%d,lstatus=%x>: "
- __FILE__ " line %d"
- , lstatus, __LINE__ );
+ pam_syslog(pamh, LOG_ALERT,
+ "programming error <chid=%d,lstatus=%x> "
+ "in file %s at line %d",
+ chid, lstatus, __FILE__, __LINE__);
child = child2 = 0;
status = -1;
@@ -569,10 +568,10 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
} else {
- _pam_log(LOG_ALERT
- ,"programming error <chid=%d,lstatus=%x>: "
- __FILE__ " line %d"
- , lstatus, __LINE__ );
+ pam_syslog(pamh, LOG_ALERT,
+ "programming error <chid=%d,lstatus=%x> "
+ "in file %s at line %d",
+ chid, lstatus, __FILE__, __LINE__);
child = child2 = 0;
status = -1;
@@ -585,27 +584,28 @@ static int set_filter(pam_handle_t *pamh, int flags, int ctrl
}
if (ctrl & FILTER_DEBUG) {
- _pam_log(LOG_DEBUG,"parent process exited"); /* clock off */
+ pam_syslog(pamh, LOG_DEBUG, "parent process exited"); /* clock off */
}
/* quit the parent process, returning the child's exit status */
exit(status);
+ return status; /* never reached, to make gcc happy */
}
static int set_the_terminal(pam_handle_t *pamh)
{
- const char *tty;
+ const void *tty;
- if (pam_get_item(pamh, PAM_TTY, (const void **)&tty) != PAM_SUCCESS
+ if (pam_get_item(pamh, PAM_TTY, &tty) != PAM_SUCCESS
|| tty == NULL) {
tty = ttyname(STDIN_FILENO);
if (tty == NULL) {
- _pam_log(LOG_ERR, "couldn't get the tty name");
+ pam_syslog(pamh, LOG_ERR, "couldn't get the tty name");
return PAM_ABORT;
}
if (pam_set_item(pamh, PAM_TTY, tty) != PAM_SUCCESS) {
- _pam_log(LOG_ERR, "couldn't set tty name");
+ pam_syslog(pamh, LOG_ERR, "couldn't set tty name");
return PAM_ABORT;
}
}
@@ -631,7 +631,7 @@ static int need_a_filter(pam_handle_t *pamh
if (!(ctrl & NON_TERM) && !(ctrl & NEW_TERM)) {
retval = set_the_terminal(pamh);
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_ERR, "tried and failed to set PAM_TTY");
+ pam_syslog(pamh, LOG_ERR, "tried and failed to set PAM_TTY");
}
} else {
retval = PAM_SUCCESS; /* nothing to do which is always a success */
@@ -642,20 +642,20 @@ static int need_a_filter(pam_handle_t *pamh
, (const char **)evp, filterfile);
}
- if (retval == PAM_SUCCESS
+ if (retval == PAM_SUCCESS
&& !(ctrl & NON_TERM) && (ctrl & NEW_TERM)) {
retval = set_the_terminal(pamh);
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_ERR
- , "tried and failed to set new terminal as PAM_TTY");
+ pam_syslog(pamh, LOG_ERR,
+ "tried and failed to set new terminal as PAM_TTY");
}
}
free_evp(evp);
if (ctrl & FILTER_DEBUG) {
- _pam_log(LOG_DEBUG, "filter/%s, returning %d", name, retval);
- _pam_log(LOG_DEBUG, "[%s]", pam_strerror(pamh, retval));
+ pam_syslog(pamh, LOG_DEBUG, "filter/%s, returning %d", name, retval);
+ pam_syslog(pamh, LOG_DEBUG, "[%s]", pam_strerror(pamh, retval));
}
return retval;
@@ -720,7 +720,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags
else if (flags & PAM_UPDATE_AUTHTOK)
runN = FILTER_RUN2;
else {
- _pam_log(LOG_ERR, "unknown flags for chauthtok (0x%X)", flags);
+ pam_syslog(pamh, LOG_ERR, "unknown flags for chauthtok (0x%X)", flags);
return PAM_TRY_AGAIN;
}
diff --git a/Linux-PAM/modules/pam_filter/include/pam_filter.h b/Linux-PAM/modules/pam_filter/pam_filter.h
index 69e3a3e2..d15d113c 100644
--- a/Linux-PAM/modules/pam_filter/include/pam_filter.h
+++ b/Linux-PAM/modules/pam_filter/pam_filter.h
@@ -1,5 +1,5 @@
/*
- * $Id: pam_filter.h,v 1.1.1.1 2000/06/20 22:11:36 agmorgan Exp $
+ * $Id: pam_filter.h,v 1.1 2005/08/16 12:27:42 kukuk Exp $
*
* this file is associated with the Linux-PAM filter module.
* it was written by Andrew G. Morgan <morgan@linux.kernel.org>
diff --git a/Linux-PAM/modules/pam_filter/tst-pam_filter b/Linux-PAM/modules/pam_filter/tst-pam_filter
new file mode 100755
index 00000000..56a5d083
--- /dev/null
+++ b/Linux-PAM/modules/pam_filter/tst-pam_filter
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_filter.so
diff --git a/Linux-PAM/modules/pam_filter/upperLOWER/Makefile b/Linux-PAM/modules/pam_filter/upperLOWER/Makefile
deleted file mode 100644
index c75f4964..00000000
--- a/Linux-PAM/modules/pam_filter/upperLOWER/Makefile
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# $Id: Makefile,v 1.4 2004/09/22 09:37:47 kukuk Exp $
-#
-# This directory contains a pam_filter filter executable
-#
-# Created by Andrew Morgan <morgan@transmeta.com> 1996/3/11
-#
-
-include ../../../Make.Rules
-
-TITLE=upperLOWER
-
-#
-
-CFLAGS += -I../include -I../../pammodutil/include
-
-OBJS = $(TITLE).o
-
-LIBS += $(GLIB_LIBS) -L../../pammodutil -lpammodutil
-LDFLAGS = $(LIBS)
-
-####################### don't edit below #######################
-
-all: $(TITLE)
-
-$(TITLE): $(OBJS)
- $(CC) $(CFLAGS) -o $(TITLE) $(OBJS) $(LDFLAGS)
- $(STRIP) $(TITLE)
-
-install:
- $(MKDIR) $(FAKEROOT)$(FILTERSDIR)
- $(INSTALL) -m 511 $(TITLE) $(FAKEROOT)$(FILTERSDIR)
-
-remove:
- cd $(FAKEROOT)$(FILTERSDIR) && rm -f $(TITLE)
-
-clean:
- rm -f $(TITLE) $(OBJS) core *~
-
-.c.o:
- $(CC) $(CFLAGS) -c $<
-
diff --git a/Linux-PAM/modules/pam_filter/upperLOWER/Makefile.am b/Linux-PAM/modules/pam_filter/upperLOWER/Makefile.am
new file mode 100644
index 00000000..205429c8
--- /dev/null
+++ b/Linux-PAM/modules/pam_filter/upperLOWER/Makefile.am
@@ -0,0 +1,14 @@
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+securelibfilterdir = $(SECUREDIR)/pam_filter
+
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -I$(srcdir)/.. @PIE_CFLAGS@
+AM_LDFLAGS = @PIE_LDFLAGS@ -L$(top_builddir)/libpam -lpam
+
+securelibfilter_PROGRAMS = upperLOWER
diff --git a/Linux-PAM/modules/pam_filter/upperLOWER/Makefile.in b/Linux-PAM/modules/pam_filter/upperLOWER/Makefile.in
new file mode 100644
index 00000000..e2d799f4
--- /dev/null
+++ b/Linux-PAM/modules/pam_filter/upperLOWER/Makefile.in
@@ -0,0 +1,525 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+securelibfilter_PROGRAMS = upperLOWER$(EXEEXT)
+subdir = modules/pam_filter/upperLOWER
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__installdirs = "$(DESTDIR)$(securelibfilterdir)"
+securelibfilterPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+PROGRAMS = $(securelibfilter_PROGRAMS)
+upperLOWER_SOURCES = upperLOWER.c
+upperLOWER_OBJECTS = upperLOWER.$(OBJEXT)
+upperLOWER_LDADD = $(LDADD)
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = upperLOWER.c
+DIST_SOURCES = upperLOWER.c
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+securelibfilterdir = $(SECUREDIR)/pam_filter
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -I$(srcdir)/.. @PIE_CFLAGS@
+
+AM_LDFLAGS = @PIE_LDFLAGS@ -L$(top_builddir)/libpam -lpam
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_filter/upperLOWER/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_filter/upperLOWER/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibfilterPROGRAMS: $(securelibfilter_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibfilterdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibfilterdir)"
+ @list='$(securelibfilter_PROGRAMS)'; for p in $$list; do \
+ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ if test -f $$p \
+ || test -f $$p1 \
+ ; then \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(securelibfilterPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(securelibfilterdir)/$$f'"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(securelibfilterPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(securelibfilterdir)/$$f" || exit 1; \
+ else :; fi; \
+ done
+
+uninstall-securelibfilterPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelibfilter_PROGRAMS)'; for p in $$list; do \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " rm -f '$(DESTDIR)$(securelibfilterdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(securelibfilterdir)/$$f"; \
+ done
+
+clean-securelibfilterPROGRAMS:
+ @list='$(securelibfilter_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+upperLOWER$(EXEEXT): $(upperLOWER_OBJECTS) $(upperLOWER_DEPENDENCIES)
+ @rm -f upperLOWER$(EXEEXT)
+ $(LINK) $(upperLOWER_OBJECTS) $(upperLOWER_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/upperLOWER.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(PROGRAMS)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibfilterdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibfilterPROGRAMS \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-securelibfilterPROGRAMS
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-securelibfilterPROGRAMS
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libtool clean-securelibfilterPROGRAMS ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-securelibfilterPROGRAMS install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-securelibfilterPROGRAMS
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_filter/upperLOWER/upperLOWER.c b/Linux-PAM/modules/pam_filter/upperLOWER/upperLOWER.c
index ee3544a1..c0fc5b17 100644
--- a/Linux-PAM/modules/pam_filter/upperLOWER/upperLOWER.c
+++ b/Linux-PAM/modules/pam_filter/upperLOWER/upperLOWER.c
@@ -1,17 +1,11 @@
/*
- * $Id: upperLOWER.c,v 1.5 2004/09/22 09:37:48 kukuk Exp $
- *
* This is a sample filter program, for use with pam_filter (a module
* provided with Linux-PAM). This filter simply transposes upper and
* lower case letters, it is intended for demonstration purposes and
* it serves no purpose other than to annoy the user...
*/
-#include <security/_pam_aconf.h>
-
-#ifdef MEMORY_DEBUG
-# undef exit
-#endif /* MEMORY_DEBUG */
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
@@ -20,29 +14,13 @@
#include <sys/types.h>
#include <unistd.h>
-#include <security/pam_filter.h>
+#include "pam_filter.h"
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-#include <security/_pam_modutil.h>
+#include <security/pam_modutil.h>
/* ---------------------------------------------------------------- */
-#include <stdarg.h>
-#ifdef hpux
-# define log_this syslog
-#else
-static void log_this(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("upperLOWER", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-#endif
-
#include <ctype.h>
static void do_transpose(char *buffer,int len)
@@ -59,13 +37,15 @@ static void do_transpose(char *buffer,int len)
extern char **environ;
-int main(int argc, char **argv)
+int main(int argc, char **argv UNUSED)
{
char buffer[BUFSIZ];
fd_set readers;
void (*before_user)(char *,int);
void (*before_app)(char *,int);
+ openlog("upperLOWER", LOG_CONS|LOG_PID, LOG_AUTHPRIV);
+
#ifdef DEBUG
{
int i;
@@ -82,7 +62,7 @@ int main(int argc, char **argv)
#ifdef DEBUG
fprintf(stderr,"filter invoked as conventional executable\n");
#else
- log_this(LOG_ERR, "filter invoked as conventional executable");
+ syslog(LOG_ERR, "filter invoked as conventional executable");
#endif
exit(1);
}
@@ -104,7 +84,7 @@ int main(int argc, char **argv)
#ifdef DEBUG
fprintf(stderr,"select failed\n");
#else
- log_this(LOG_WARNING,"select failed");
+ syslog(LOG_WARNING,"select failed");
#endif
break;
}
@@ -112,49 +92,49 @@ int main(int argc, char **argv)
/* application errors */
if ( FD_ISSET(APPERR_FILENO,&readers) ) {
- int got = _pammodutil_read(APPERR_FILENO, buffer, BUFSIZ);
+ int got = pam_modutil_read(APPERR_FILENO, buffer, BUFSIZ);
if (got <= 0) {
break;
} else {
/* translate to give to real terminal */
if (before_user != NULL)
before_user(buffer, got);
- if (_pammodutil_write(STDERR_FILENO, buffer, got) != got ) {
- log_this(LOG_WARNING,"couldn't write %d bytes?!",got);
+ if (pam_modutil_write(STDERR_FILENO, buffer, got) != got ) {
+ syslog(LOG_WARNING,"couldn't write %d bytes?!",got);
break;
}
}
} else if ( FD_ISSET(APPOUT_FILENO,&readers) ) { /* app output */
- int got = _pammodutil_read(APPOUT_FILENO, buffer, BUFSIZ);
+ int got = pam_modutil_read(APPOUT_FILENO, buffer, BUFSIZ);
if (got <= 0) {
break;
} else {
/* translate to give to real terminal */
if (before_user != NULL)
before_user(buffer, got);
- if (_pammodutil_write(STDOUT_FILENO, buffer, got) != got ) {
- log_this(LOG_WARNING,"couldn't write %d bytes!?",got);
+ if (pam_modutil_write(STDOUT_FILENO, buffer, got) != got ) {
+ syslog(LOG_WARNING,"couldn't write %d bytes!?",got);
break;
}
}
}
if ( FD_ISSET(STDIN_FILENO, &readers) ) { /* user input */
- int got = _pammodutil_read(STDIN_FILENO, buffer, BUFSIZ);
+ int got = pam_modutil_read(STDIN_FILENO, buffer, BUFSIZ);
if (got < 0) {
- log_this(LOG_WARNING,"user input junked");
+ syslog(LOG_WARNING,"user input junked");
break;
} else if (got) {
/* translate to give to application */
if (before_app != NULL)
before_app(buffer, got);
- if (_pammodutil_write(APPIN_FILENO, buffer, got) != got ) {
- log_this(LOG_WARNING,"couldn't pass %d bytes!?",got);
+ if (pam_modutil_write(APPIN_FILENO, buffer, got) != got ) {
+ syslog(LOG_WARNING,"couldn't pass %d bytes!?",got);
break;
}
} else {
/* nothing received -- an error? */
- log_this(LOG_WARNING,"user input null?");
+ syslog(LOG_WARNING,"user input null?");
break;
}
}
@@ -162,6 +142,3 @@ int main(int argc, char **argv)
exit(0);
}
-
-
-
diff --git a/Linux-PAM/modules/pam_ftp/Makefile b/Linux-PAM/modules/pam_ftp/Makefile
deleted file mode 100644
index 456161bf..00000000
--- a/Linux-PAM/modules/pam_ftp/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:03 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_ftp
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_ftp/Makefile.am b/Linux-PAM/modules/pam_ftp/Makefile.am
new file mode 100644
index 00000000..e6d510a1
--- /dev/null
+++ b/Linux-PAM/modules/pam_ftp/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_ftp
+
+man_MANS = pam_ftp.8
+XMLS = README.xml pam_ftp.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_ftp.la
+
+TESTS = tst-pam_ftp
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_ftp.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_ftp/Makefile.in b/Linux-PAM/modules/pam_ftp/Makefile.in
new file mode 100644
index 00000000..875a71a1
--- /dev/null
+++ b/Linux-PAM/modules/pam_ftp/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_ftp
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_ftp_la_LIBADD =
+pam_ftp_la_SOURCES = pam_ftp.c
+pam_ftp_la_OBJECTS = pam_ftp.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_ftp.c
+DIST_SOURCES = pam_ftp.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_ftp
+man_MANS = pam_ftp.8
+XMLS = README.xml pam_ftp.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_ftp.la
+TESTS = tst-pam_ftp
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_ftp/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_ftp/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_ftp.la: $(pam_ftp_la_OBJECTS) $(pam_ftp_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_ftp_la_OBJECTS) $(pam_ftp_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_ftp.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_ftp.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_ftp/README b/Linux-PAM/modules/pam_ftp/README
index 6d03330c..15f4130e 100644
--- a/Linux-PAM/modules/pam_ftp/README
+++ b/Linux-PAM/modules/pam_ftp/README
@@ -1,18 +1,52 @@
-This is the README for pam_ftp
-------------------------------
+pam_ftp — PAM module for anonymous access module
-This module is an authentication module that does simple ftp
-authentication.
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
-Recognized arguments:
+DESCRIPTION
- "debug" print debug messages
- "users=" comma separated list of users which
- could login only with email adress
- "ignore" allow invalid email adresses
+pam_ftp is a PAM module which provides a pluggable anonymous ftp mode of
+access.
-Options for:
-auth: for authentication it provides pam_authenticate() and
- pam_setcred() hooks.
+This module intercepts the user's name and password. If the name is ftp or
+anonymous, the user's password is broken up at the @ delimiter into a PAM_RUSER
+and a PAM_RHOST part; these pam-items being set accordingly. The username (
+PAM_USER) is set to ftp. In this case the module succeeds. Alternatively, the
+module sets the PAM_AUTHTOK item with the entered password and fails.
+
+This module is not safe and easily spoofable.
+
+OPTIONS
+
+debug
+
+ Print debug information.
+
+ignore
+
+ Pay no attention to the email address of the user (if supplied).
+
+ftp=XXX,YYY,...
+
+ Instead of ftp or anonymous, provide anonymous login to the comma separated
+ list of users: XXX,YYY,.... Should the applicant enter one of these
+ usernames the returned username is set to the first in the list: XXX.
+
+EXAMPLES
+
+Add the following line to /etc/pam.d/ftpd to handle ftp style anonymous login:
+
+#
+# ftpd; add ftp-specifics. These lines enable anonymous ftp over
+# standard UN*X access (the listfile entry blocks access to
+# users listed in /etc/ftpusers)
+#
+auth sufficient pam_ftp.so
+auth required pam_unix.so use_first_pass
+auth required pam_listfile.so \
+ onerr=succeed item=user sense=deny file=/etc/ftpusers
+
+
+AUTHOR
+
+pam_ftp was written by Andrew G. Morgan <morgan@kernel.org>.
-Thorsten Kukuk <kukuk@suse.de>, 17. June 1999
diff --git a/Linux-PAM/modules/pam_ftp/README.xml b/Linux-PAM/modules/pam_ftp/README.xml
new file mode 100644
index 00000000..65de28e3
--- /dev/null
+++ b/Linux-PAM/modules/pam_ftp/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_ftp.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_ftp.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_ftp-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_ftp.8.xml" xpointer='xpointer(//refsect1[@id = "pam_ftp-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_ftp.8.xml" xpointer='xpointer(//refsect1[@id = "pam_ftp-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_ftp.8.xml" xpointer='xpointer(//refsect1[@id = "pam_ftp-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_ftp.8.xml" xpointer='xpointer(//refsect1[@id = "pam_ftp-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_ftp/pam_ftp.8 b/Linux-PAM/modules/pam_ftp/pam_ftp.8
new file mode 100644
index 00000000..0c730267
--- /dev/null
+++ b/Linux-PAM/modules/pam_ftp/pam_ftp.8
@@ -0,0 +1,95 @@
+.\" Title: pam_ftp
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/09/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_FTP" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_ftp \- PAM module for anonymous access module
+.SH "SYNOPSIS"
+.HP 11
+\fBpam_ftp.so\fR [debug] [ignore] [users=\fIXXX,YYY,\fR...]
+.SH "DESCRIPTION"
+.PP
+pam_ftp is a PAM module which provides a pluggable anonymous ftp mode of access.
+.PP
+This module intercepts the user's name and password. If the name is
+\fIftp\fR
+or
+\fIanonymous\fR, the user's password is broken up at the
+\fI@\fR
+delimiter into a
+\fIPAM_RUSER\fR
+and a
+\fIPAM_RHOST\fR
+part; these pam\-items being set accordingly. The username (\fIPAM_USER\fR) is set to
+\fIftp\fR. In this case the module succeeds. Alternatively, the module sets the
+\fIPAM_AUTHTOK\fR
+item with the entered password and fails.
+.PP
+This module is not safe and easily spoofable.
+.SH "OPTIONS"
+.PP
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBignore\fR
+Pay no attention to the email address of the user (if supplied).
+.TP 3n
+\fBftp=\fR\fB\fIXXX,YYY,...\fR\fR
+Instead of
+\fIftp\fR
+or
+\fIanonymous\fR, provide anonymous login to the comma separated list of users:
+\fB\fIXXX,YYY,...\fR\fR. Should the applicant enter one of these usernames the returned username is set to the first in the list:
+\fIXXX\fR.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported.
+.SH "RETURN VALUES"
+.PP
+.TP 3n
+PAM_SUCCESS
+The authentication was successfull.
+.TP 3n
+PAM_USER_UNKNOWN
+User not known.
+.SH "EXAMPLES"
+.PP
+Add the following line to
+\fI/etc/pam.d/ftpd\fR
+to handle ftp style anonymous login:
+.sp
+.RS 3n
+.nf
+#
+# ftpd; add ftp\-specifics. These lines enable anonymous ftp over
+# standard UN*X access (the listfile entry blocks access to
+# users listed in /etc/ftpusers)
+#
+auth sufficient pam_ftp.so
+auth required pam_unix.so use_first_pass
+auth required pam_listfile.so \\
+ onerr=succeed item=user sense=deny file=/etc/ftpusers
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_ftp was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_ftp/pam_ftp.8.xml b/Linux-PAM/modules/pam_ftp/pam_ftp.8.xml
new file mode 100644
index 00000000..aca21694
--- /dev/null
+++ b/Linux-PAM/modules/pam_ftp/pam_ftp.8.xml
@@ -0,0 +1,183 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_ftp">
+
+ <refmeta>
+ <refentrytitle>pam_ftp</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_ftp-name">
+ <refname>pam_ftp</refname>
+ <refpurpose>PAM module for anonymous access module</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_ftp-cmdsynopsis">
+ <command>pam_ftp.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ ignore
+ </arg>
+ <arg choice="opt" rep='repeat'>
+ users=<replaceable>XXX,YYY,</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_ftp-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_ftp is a PAM module which provides a pluggable
+ anonymous ftp mode of access.
+ </para>
+ <para>
+ This module intercepts the user's name and password. If the name is
+ <emphasis>ftp</emphasis> or <emphasis>anonymous</emphasis>, the
+ user's password is broken up at the <emphasis>@</emphasis> delimiter
+ into a <emphasis>PAM_RUSER</emphasis> and a
+ <emphasis>PAM_RHOST</emphasis> part; these pam-items being set
+ accordingly. The username (<emphasis>PAM_USER</emphasis>) is set
+ to <emphasis>ftp</emphasis>. In this case the module succeeds.
+ Alternatively, the module sets the <emphasis>PAM_AUTHTOK</emphasis>
+ item with the entered password and fails.
+ </para>
+ <para>
+ This module is not safe and easily spoofable.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_ftp-options">
+
+ <title>OPTIONS</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>ignore</option>
+ </term>
+ <listitem>
+ <para>
+ Pay no attention to the email address of the user
+ (if supplied).
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>ftp=<replaceable>XXX,YYY,...</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Instead of <emphasis>ftp</emphasis> or
+ <emphasis>anonymous</emphasis>, provide anonymous login
+ to the comma separated list of users:
+ <option><replaceable>XXX,YYY,...</replaceable></option>.
+ Should the applicant enter
+ one of these usernames the returned username is set to
+ the first in the list: <emphasis>XXX</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_ftp-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>auth</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_ftp-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The authentication was successfull.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_ftp-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add the following line to <filename>/etc/pam.d/ftpd</filename> to
+ handle ftp style anonymous login:
+ <programlisting>
+#
+# ftpd; add ftp-specifics. These lines enable anonymous ftp over
+# standard UN*X access (the listfile entry blocks access to
+# users listed in /etc/ftpusers)
+#
+auth sufficient pam_ftp.so
+auth required pam_unix.so use_first_pass
+auth required pam_listfile.so \
+ onerr=succeed item=user sense=deny file=/etc/ftpusers
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_ftp-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_ftp-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_ftp was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_ftp/pam_ftp.c b/Linux-PAM/modules/pam_ftp/pam_ftp.c
index 64df95ac..948dd729 100644
--- a/Linux-PAM/modules/pam_ftp/pam_ftp.c
+++ b/Linux-PAM/modules/pam_ftp/pam_ftp.c
@@ -1,7 +1,7 @@
/* pam_ftp module */
/*
- * $Id: pam_ftp.c,v 1.3 2004/09/22 09:37:48 kukuk Exp $
+ * $Id: pam_ftp.c,v 1.10 2005/10/04 11:35:18 ldv Exp $
*
* Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11
*
@@ -14,7 +14,7 @@
/* the following is a password that "can't be correct" */
#define BLOCK_PASSWORD "\177BAD PASSWPRD\177"
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
@@ -34,53 +34,7 @@
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-
-/* some syslogging */
-
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-ftp", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
-static int converse(pam_handle_t *pamh, int nargs
- , struct pam_message **message
- , struct pam_response **response)
-{
- int retval;
- struct pam_conv *conv;
-
- D(("begin to converse\n"));
-
- retval = pam_get_item( pamh, PAM_CONV, (const void **) &conv ) ;
- if ( retval == PAM_SUCCESS && conv ) {
-
- retval = conv->conv(nargs, ( const struct pam_message ** ) message
- , response, conv->appdata_ptr);
-
- D(("returned from application's conversation function\n"));
-
- if ((retval != PAM_SUCCESS) && (retval != PAM_CONV_AGAIN)) {
- _pam_log(LOG_DEBUG, "conversation failure [%s]"
- , pam_strerror(pamh, retval));
- }
-
- } else {
- _pam_log(LOG_ERR, "couldn't obtain coversation function [%s]"
- , pam_strerror(pamh, retval));
- if (retval == PAM_SUCCESS)
- retval = PAM_BAD_ITEM; /* conv was NULL */
- }
-
- D(("ready to return from module conversation\n"));
-
- return retval; /* propagate error status */
-}
+#include <security/pam_ext.h>
/* argument parsing */
@@ -88,7 +42,8 @@ static int converse(pam_handle_t *pamh, int nargs
#define PAM_IGNORE_EMAIL 02
#define PAM_NO_ANON 04
-static int _pam_parse(int argc, const char **argv, char **users)
+static int
+_pam_parse(pam_handle_t *pamh, int argc, const char **argv, const char **users)
{
int ctrl=0;
@@ -100,15 +55,11 @@ static int _pam_parse(int argc, const char **argv, char **users)
if (!strcmp(*argv,"debug"))
ctrl |= PAM_DEBUG_ARG;
else if (!strncmp(*argv,"users=",6)) {
- *users = x_strdup(6+*argv);
- if (*users == NULL) {
- ctrl |= PAM_NO_ANON;
- _pam_log(LOG_CRIT, "failed to duplicate user list - anon off");
- }
+ *users = 6 + *argv;
} else if (!strcmp(*argv,"ignore")) {
ctrl |= PAM_IGNORE_EMAIL;
} else {
- _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
@@ -120,23 +71,26 @@ static int _pam_parse(int argc, const char **argv, char **users)
* return 1 if listed 0 if not.
*/
-static int lookup(const char *name, char *list, const char **_user)
+static int lookup(const char *name, const char *list, const char **_user)
{
int anon = 0;
*_user = name; /* this is the default */
- if (list) {
+ if (list && *list) {
const char *l;
- char *x;
+ char *list_copy, *x;
- x = list;
- while ((l = strtok(x, ","))) {
+ list_copy = x_strdup(list);
+ x = list_copy;
+ while (list_copy && (l = strtok(x, ","))) {
x = NULL;
if (!strcmp(name, l)) {
*_user = list;
anon = 1;
}
}
+ _pam_overwrite(list_copy);
+ _pam_drop(list_copy);
} else {
#define MAX_L 2
static const char *l[MAX_L] = { "ftp", "anonymous" };
@@ -156,13 +110,13 @@ static int lookup(const char *name, char *list, const char **_user)
/* --- authentication management functions (only) --- */
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
int retval, anon=0, ctrl;
const char *user;
- char *users=NULL;
+ const char *users = NULL;
/*
* this module checks if the user name is ftp or annonymous. If
@@ -170,11 +124,11 @@ int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
* address and SUCCEEDS, otherwise it FAILS.
*/
- ctrl = _pam_parse(argc, argv, &users);
+ ctrl = _pam_parse(pamh, argc, argv, &users);
retval = pam_get_user(pamh, &user, NULL);
if (retval != PAM_SUCCESS || user == NULL) {
- _pam_log(LOG_ERR, "no user specified");
+ pam_syslog(pamh, LOG_ERR, "no user specified");
return PAM_USER_UNKNOWN;
}
@@ -185,7 +139,7 @@ int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
if (anon) {
retval = pam_set_item(pamh, PAM_USER, (const void *)user);
if (retval != PAM_SUCCESS || user == NULL) {
- _pam_log(LOG_ERR, "user resetting failed");
+ pam_syslog(pamh, LOG_ERR, "user resetting failed");
return PAM_USER_UNKNOWN;
}
}
@@ -196,46 +150,27 @@ int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
*/
{
- struct pam_message msg[1], *mesg[1];
- struct pam_response *resp=NULL;
+ char *resp = NULL;
const char *token;
- char *prompt=NULL;
- int i=0;
-
- if (!anon) {
- prompt = malloc(strlen(PLEASE_ENTER_PASSWORD) + strlen(user));
- if (prompt == NULL) {
- D(("out of memory!?"));
- return PAM_BUF_ERR;
- } else {
- sprintf(prompt, PLEASE_ENTER_PASSWORD, user);
- msg[i].msg = prompt;
- }
- } else {
- msg[i].msg = GUEST_LOGIN_PROMPT;
- }
- msg[i].msg_style = PAM_PROMPT_ECHO_OFF;
- mesg[i] = &msg[i];
-
- retval = converse(pamh, ++i, mesg, &resp);
- if (prompt) {
- _pam_overwrite(prompt);
- _pam_drop(prompt);
- }
+ if (!anon)
+ retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp,
+ PLEASE_ENTER_PASSWORD, user);
+ else
+ retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp,
+ GUEST_LOGIN_PROMPT);
if (retval != PAM_SUCCESS) {
- if (resp != NULL)
- _pam_drop_reply(resp,i);
+ _pam_drop (resp);
return ((retval == PAM_CONV_AGAIN)
? PAM_INCOMPLETE:PAM_AUTHINFO_UNAVAIL);
}
if (anon) {
- /* XXX: Some effort should be made to verify this email address! */
+ /* XXX: Some effort should be made to verify this email address! */
if (!(ctrl & PAM_IGNORE_EMAIL)) {
- token = strtok(resp->resp, "@");
+ token = strtok(resp, "@");
retval = pam_set_item(pamh, PAM_RUSER, token);
if ((token) && (retval == PAM_SUCCESS)) {
@@ -252,7 +187,7 @@ int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
* we have a password so set AUTHTOK
*/
- (void) pam_set_item(pamh, PAM_AUTHTOK, resp->resp);
+ pam_set_item(pamh, PAM_AUTHTOK, resp);
/*
* this module failed, but the next one might succeed with
@@ -262,9 +197,8 @@ int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
retval = PAM_AUTH_ERR;
}
- if (resp) { /* clean up */
- _pam_drop_reply(resp, i);
- }
+ /* clean up */
+ _pam_drop(resp);
/* success or failure */
@@ -272,9 +206,9 @@ int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
}
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_IGNORE;
}
diff --git a/Linux-PAM/modules/pam_ftp/tst-pam_ftp b/Linux-PAM/modules/pam_ftp/tst-pam_ftp
new file mode 100755
index 00000000..1a4f67c7
--- /dev/null
+++ b/Linux-PAM/modules/pam_ftp/tst-pam_ftp
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_ftp.so
diff --git a/Linux-PAM/modules/pam_group/Makefile b/Linux-PAM/modules/pam_group/Makefile
deleted file mode 100644
index 06c88998..00000000
--- a/Linux-PAM/modules/pam_group/Makefile
+++ /dev/null
@@ -1,21 +0,0 @@
-# $Id: Makefile,v 1.3 2003/11/27 07:49:46 kukuk Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-
-include ../../Make.Rules
-
-TITLE=pam_group
-LOCAL_CONFILE=./group.conf
-INSTALLED_CONFILE=$(SCONFIGD)/group.conf
-
-DEFS=-DDEFAULT_CONF_FILE=\"$(INSTALLED_CONFILE)\"
-CFLAGS += $(DEFS)
-
-MODULE_SIMPLE_INSTALL=bash -f ../install_conf "$(FAKEROOT)" "$(SCONFIGD)" "$(INSTALLED_CONFILE)" "$(TITLE)" "$(LOCAL_CONFILE)"
-MODULE_SIMPLE_REMOVE=rm -f $(FAKEROOT)$(INSTALLED_CONFILE)
-MODULE_SIMPLE_CLEAN=rm -f ./.ignore_age
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_group/Makefile.am b/Linux-PAM/modules/pam_group/Makefile.am
new file mode 100644
index 00000000..544fa12f
--- /dev/null
+++ b/Linux-PAM/modules/pam_group/Makefile.am
@@ -0,0 +1,34 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README group.conf $(MANS) $(XMLS) tst-pam_group
+
+man_MANS = group.conf.5 pam_group.8
+XMLS = README.xml group.conf.5.xml pam_group.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DPAM_GROUP_CONF=\"$(SCONFIGDIR)/group.conf\"
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_group.la
+
+secureconf_DATA = group.conf
+
+TESTS = tst-pam_group
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_group.8.xml group.conf.5.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_group/Makefile.in b/Linux-PAM/modules/pam_group/Makefile.in
new file mode 100644
index 00000000..7deca09c
--- /dev/null
+++ b/Linux-PAM/modules/pam_group/Makefile.in
@@ -0,0 +1,736 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_group
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" \
+ "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_group_la_LIBADD =
+pam_group_la_SOURCES = pam_group.c
+pam_group_la_OBJECTS = pam_group.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_group.c
+DIST_SOURCES = pam_group.c
+man5dir = $(mandir)/man5
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+secureconfDATA_INSTALL = $(INSTALL_DATA)
+DATA = $(noinst_DATA) $(secureconf_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README group.conf $(MANS) $(XMLS) tst-pam_group
+man_MANS = group.conf.5 pam_group.8
+XMLS = README.xml group.conf.5.xml pam_group.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DPAM_GROUP_CONF=\"$(SCONFIGDIR)/group.conf\"
+
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_group.la
+secureconf_DATA = group.conf
+TESTS = tst-pam_group
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_group/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_group/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_group.la: $(pam_group_la_OBJECTS) $(pam_group_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_group_la_OBJECTS) $(pam_group_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_group.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man5: $(man5_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)"
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+uninstall-man5:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+install-secureconfDATA: $(secureconf_DATA)
+ @$(NORMAL_INSTALL)
+ test -z "$(secureconfdir)" || $(MKDIR_P) "$(DESTDIR)$(secureconfdir)"
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(secureconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ $(secureconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+uninstall-secureconfDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-secureconfDATA \
+ install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man5 install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-secureconfDATA \
+ uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man5 uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man5 install-man8 \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-secureconfDATA install-securelibLTLIBRARIES \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-man \
+ uninstall-man5 uninstall-man8 uninstall-secureconfDATA \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_group.8.xml group.conf.5.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_group/README b/Linux-PAM/modules/pam_group/README
new file mode 100644
index 00000000..2e1e37a5
--- /dev/null
+++ b/Linux-PAM/modules/pam_group/README
@@ -0,0 +1,45 @@
+pam_group — PAM module for group access
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_group PAM module does not authenticate the user, but instead it grants
+group memberships (in the credential setting phase of the authentication
+module) to the user. Such memberships are based on the service they are
+applying for.
+
+By default rules for group memberships are taken from config file /etc/security
+/group.conf.
+
+This module's usefulness relies on the file-systems accessible to the user. The
+point being that once granted the membership of a group, the user may attempt
+to create a setgid binary with a restricted group ownership. Later, when the
+user is not given membership to this group, they can recover group membership
+with the precompiled binary. The reason that the file-systems that the user has
+access to are so significant, is the fact that when a system is mounted nosuid
+the user is unable to create or execute such a binary file. For this module to
+provide any level of security, all file-systems that the user has write access
+to should be mounted nosuid.
+
+The pam_group module fuctions in parallel with the /etc/group file. If the user
+is granted any groups based on the behavior of this module, they are granted in
+addition to those entries /etc/group (or equivalent).
+
+EXAMPLES
+
+These are some example lines which might be specified in /etc/security/
+group.conf.
+
+Running 'xsh' on tty* (any ttyXXX device), the user 'us' is given access to the
+floppy (through membership of the floppy group)
+
+xsh;tty*&!ttyp*;us;Al0000-2400;floppy
+
+Running 'xsh' on tty* (any ttyXXX device), the user 'sword' is given access to
+games (through membership of the floppy group) after work hours.
+
+xsh; tty* ;sword;!Wk0900-1800;games, sound
+xsh; tty* ;*;Al0900-1800;floppy
+
+
diff --git a/Linux-PAM/modules/pam_group/README.xml b/Linux-PAM/modules/pam_group/README.xml
new file mode 100644
index 00000000..387d6987
--- /dev/null
+++ b/Linux-PAM/modules/pam_group/README.xml
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamgroup SYSTEM "pam_group.8.xml">
+-->
+<!--
+<!ENTITY groupconf SYSTEM "group.conf.5.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_group.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_group-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_group.8.xml" xpointer='xpointer(//refsect1[@id = "pam_group-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="group.conf.5.xml" xpointer='xpointer(//refsect1[@id = "group.conf-examples"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_group/group.conf b/Linux-PAM/modules/pam_group/group.conf
index e721b990..d4a10672 100644
--- a/Linux-PAM/modules/pam_group/group.conf
+++ b/Linux-PAM/modules/pam_group/group.conf
@@ -1,10 +1,7 @@
-##
-## Note, to get this to work as it is currently typed you need
-##
-## 1. to run an application as root
-## 2. add the following groups to the /etc/group file:
-## floppy, games, sound
-##
+#
+# This is the configuration file for the pam_group module.
+#
+
#
# *** Please note that giving group membership on a session basis is
# *** NOT inherently secure. If a user can create an executable that
@@ -16,11 +13,9 @@
# *** "chgrp games toplay; chmod g+s toplay". They are basically able
# *** to play games any time... You have been warned. AGM
#
-# this is an example configuration file for the pam_group module. Its
-# syntax is based on that of the pam_time module and (at some point in
-# the distant past was inspired by the 'shadow' package)
+
#
-# the syntax of the lines is as follows:
+# The syntax of the lines is as follows:
#
# services;ttys;users;times;groups
#
@@ -28,15 +23,59 @@
# newlines). From reading these comments, it is clear that
# text following a '#' is ignored to the end of the line.
#
-# the first four fields are described in the pam_time directory.
-# The only difference for these is how the time field is interpretted:
-# it is used to indicate "when" these groups are to be given to the user.
+# the combination of individual users/terminals etc is a logic list
+# namely individual tokens that are optionally prefixed with '!' (logical
+# not) and separated with '&' (logical and) and '|' (logical or).
+#
+# services
+# is a logic list of PAM service names that the rule applies to.
+#
+# ttys
+# is a logic list of terminal names that this rule applies to.
+#
+# users
+# is a logic list of users or a netgroup of users to whom this
+# rule applies.
+#
+# NB. For these items the simple wildcard '*' may be used only once.
+# With netgroups no wildcards or logic operators are allowed.
+#
+# times
+# It is used to indicate "when" these groups are to be given to the
+# user. The format here is a logic list of day/time-range
+# entries the days are specified by a sequence of two character
+# entries, MoTuSa for example is Monday Tuesday and Saturday. Note
+# that repeated days are unset MoMo = no day, and MoWk = all weekdays
+# bar Monday. The two character combinations accepted are
+#
+# Mo Tu We Th Fr Sa Su Wk Wd Al
+#
+# the last two being week-end days and all 7 days of the week
+# respectively. As a final example, AlFr means all days except Friday.
+#
+# Each day/time-range can be prefixed with a '!' to indicate "anything
+# but"
+#
+# The time-range part is two 24-hour times HHMM separated by a hyphen
+# indicating the start and finish time (if the finish time is smaller
+# than the start time it is deemed to apply on the following day).
#
# groups
-# The (comma or space separated) list of groups that the user
+# The (comma or space separated) list of groups that the user
# inherits membership of. These groups are added if the previous
# fields are satisfied by the user's request
#
+# For a rule to be active, ALL of service+ttys+users must be satisfied
+# by the applying process.
+#
+
+#
+# Note, to get this to work as it is currently typed you need
+#
+# 1. to run an application as root
+# 2. add the following groups to the /etc/group file:
+# floppy, games, sound
+#
#
# Here is a simple example: running 'xsh' on tty* (any ttyXXX device),
diff --git a/Linux-PAM/modules/pam_group/group.conf.5 b/Linux-PAM/modules/pam_group/group.conf.5
new file mode 100644
index 00000000..0e36ebf4
--- /dev/null
+++ b/Linux-PAM/modules/pam_group/group.conf.5
@@ -0,0 +1,83 @@
+.\" Title: group.conf
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/21/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "GROUP.CONF" "5" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+group.conf \- configuration file for the pam_group module
+.SH "DESCRIPTION"
+.PP
+The pam_group PAM module does not authenticate the user, but instead it grants group memberships (in the credential setting phase of the authentication module) to the user. Such memberships are based on the service they are applying for.
+.PP
+For this module to function correctly there must be a correctly formatted
+\fI/etc/security/group.conf\fR
+file present. White spaces are ignored and lines maybe extended with '\\' (escaped newlines). Text following a '#' is ignored to the end of the line.
+.PP
+The syntax of the lines is as follows:
+.PP
+
+\fIservices\fR;\fIttys\fR;\fIusers\fR;\fItimes\fR;\fIgroups\fR
+.PP
+The first field, the
+\fIservices\fR
+field, is a logic list of PAM service names that the rule applies to.
+.PP
+The second field, the
+\fItty\fR
+field, is a logic list of terminal names that this rule applies to.
+.PP
+The third field, the
+\fIusers\fR
+field, is a logic list of users or a netgroup of users to whom this rule applies.
+.PP
+For these items the simple wildcard '*' may be used only once. With netgroups no wildcards or logic operators are allowed.
+.PP
+The
+\fItimes\fR
+field is used to indicate "when" these groups are to be given to the user. The format here is a logic list of day/time\-range entries. The days are specified by a sequence of two character entries, MoTuSa for example is Monday Tuesday and Saturday. Note that repeated days are unset MoMo = no day, and MoWk = all weekdays bar Monday. The two character combinations accepted are Mo Tu We Th Fr Sa Su Wk Wd Al, the last two being week\-end days and all 7 days of the week respectively. As a final example, AlFr means all days except Friday.
+.PP
+Each day/time\-range can be prefixed with a '!' to indicate "anything but". The time\-range part is two 24\-hour times HHMM, separated by a hyphen, indicating the start and finish time (if the finish time is smaller than the start time it is deemed to apply on the following day).
+.PP
+The
+\fIgroups\fR
+field is a comma or space separated list of groups that the user inherits membership of. These groups are added if the previous fields are satisfied by the user's request.
+.PP
+For a rule to be active, ALL of service+ttys+users must be satisfied by the applying process.
+.SH "EXAMPLES"
+.PP
+These are some example lines which might be specified in
+\fI/etc/security/group.conf\fR.
+.PP
+Running 'xsh' on tty* (any ttyXXX device), the user 'us' is given access to the floppy (through membership of the floppy group)
+.sp
+.RS 3n
+.nf
+xsh;tty*&!ttyp*;us;Al0000\-2400;floppy
+.fi
+.RE
+.PP
+Running 'xsh' on tty* (any ttyXXX device), the user 'sword' is given access to games (through membership of the floppy group) after work hours.
+.sp
+.RS 3n
+.nf
+xsh; tty* ;sword;!Wk0900\-1800;games, sound
+xsh; tty* ;*;Al0900\-1800;floppy
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBpam_group\fR(8),
+\fBpam.d\fR(5),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_group was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_group/group.conf.5.xml b/Linux-PAM/modules/pam_group/group.conf.5.xml
new file mode 100644
index 00000000..9c008eb0
--- /dev/null
+++ b/Linux-PAM/modules/pam_group/group.conf.5.xml
@@ -0,0 +1,131 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="group.conf">
+
+ <refmeta>
+ <refentrytitle>group.conf</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv>
+ <refname>group.conf</refname>
+ <refpurpose>configuration file for the pam_group module</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='group.conf-description'>
+ <title>DESCRIPTION</title>
+
+ <para>
+ The pam_group PAM module does not authenticate the user, but instead
+ it grants group memberships (in the credential setting phase of the
+ authentication module) to the user. Such memberships are based on the
+ service they are applying for.
+ </para>
+ <para>
+ For this module to function correctly there must be a correctly
+ formatted <filename>/etc/security/group.conf</filename> file present.
+ White spaces are ignored and lines maybe extended with '\' (escaped
+ newlines). Text following a '#' is ignored to the end of the line.
+ </para>
+
+ <para>
+ The syntax of the lines is as follows:
+ </para>
+
+ <para>
+ <replaceable>services</replaceable>;<replaceable>ttys</replaceable>;<replaceable>users</replaceable>;<replaceable>times</replaceable>;<replaceable>groups</replaceable>
+ </para>
+
+
+ <para>
+ The first field, the <replaceable>services</replaceable> field, is a logic list
+ of PAM service names that the rule applies to.
+ </para>
+
+ <para>
+ The second field, the <replaceable>tty</replaceable>
+ field, is a logic list of terminal names that this rule applies to.
+ </para>
+
+ <para>
+ The third field, the <replaceable>users</replaceable>
+ field, is a logic list of users or a netgroup of users to whom this
+ rule applies.
+ </para>
+
+ <para>
+ For these items the simple wildcard '*' may be used only once.
+ With netgroups no wildcards or logic operators are allowed.
+ </para>
+
+ <para>
+ The <replaceable>times</replaceable> field is used to indicate "when"
+ these groups are to be given to the user. The format here is a logic
+ list of day/time-range entries. The days are specified by a sequence of
+ two character entries, MoTuSa for example is Monday Tuesday and Saturday.
+ Note that repeated days are unset MoMo = no day, and MoWk = all weekdays
+ bar Monday. The two character combinations accepted are Mo Tu We Th Fr Sa
+ Su Wk Wd Al, the last two being week-end days and all 7 days of the week
+ respectively. As a final example, AlFr means all days except Friday.
+ </para>
+ <para>
+ Each day/time-range can be prefixed with a '!' to indicate "anything but".
+ The time-range part is two 24-hour times HHMM, separated by a hyphen,
+ indicating the start and finish time (if the finish time is smaller
+ than the start time it is deemed to apply on the following day).
+ </para>
+
+ <para>
+ The <replaceable>groups</replaceable> field is a comma or space
+ separated list of groups that the user inherits membership of. These
+ groups are added if the previous fields are satisfied by the user's request.
+ </para>
+
+ <para>
+ For a rule to be active, ALL of service+ttys+users must be satisfied
+ by the applying process.
+ </para>
+ </refsect1>
+
+ <refsect1 id="group.conf-examples">
+ <title>EXAMPLES</title>
+ <para>
+ These are some example lines which might be specified in
+ <filename>/etc/security/group.conf</filename>.
+ </para>
+
+ <para>
+ Running 'xsh' on tty* (any ttyXXX device), the user 'us' is given access
+ to the floppy (through membership of the floppy group)
+ </para>
+ <programlisting>xsh;tty*&amp;!ttyp*;us;Al0000-2400;floppy</programlisting>
+
+ <para>
+ Running 'xsh' on tty* (any ttyXXX device), the user 'sword' is given access
+ to games (through membership of the floppy group) after work hours.
+ </para>
+ <programlisting>
+xsh; tty* ;sword;!Wk0900-1800;games, sound
+xsh; tty* ;*;Al0900-1800;floppy
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id="group.conf-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry><refentrytitle>pam_group</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id="group.conf-author">
+ <title>AUTHOR</title>
+ <para>
+ pam_group was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_group/pam_group.8 b/Linux-PAM/modules/pam_group/pam_group.8
new file mode 100644
index 00000000..7058f1aa
--- /dev/null
+++ b/Linux-PAM/modules/pam_group/pam_group.8
@@ -0,0 +1,80 @@
+.\" Title: pam_group
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/22/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_GROUP" "8" "06/22/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_group \- PAM module for group access
+.SH "SYNOPSIS"
+.HP 13
+\fBpam_group.so\fR
+.SH "DESCRIPTION"
+.PP
+The pam_group PAM module does not authenticate the user, but instead it grants group memberships (in the credential setting phase of the authentication module) to the user. Such memberships are based on the service they are applying for.
+.PP
+By default rules for group memberships are taken from config file
+\fI/etc/security/group.conf\fR.
+.PP
+This module's usefulness relies on the file\-systems accessible to the user. The point being that once granted the membership of a group, the user may attempt to create a
+\fBsetgid\fR
+binary with a restricted group ownership. Later, when the user is not given membership to this group, they can recover group membership with the precompiled binary. The reason that the file\-systems that the user has access to are so significant, is the fact that when a system is mounted
+\fInosuid\fR
+the user is unable to create or execute such a binary file. For this module to provide any level of security, all file\-systems that the user has write access to should be mounted
+\fInosuid\fR.
+.PP
+The pam_group module fuctions in parallel with the
+\fI/etc/group\fR
+file. If the user is granted any groups based on the behavior of this module, they are granted
+\fIin addition\fR
+to those entries
+\fI/etc/group\fR
+(or equivalent).
+.SH "OPTIONS"
+.PP
+This module does not recognice any options.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+group membership was granted.
+.TP 3n
+PAM_ABORT
+Not all relevant data could be gotten.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_CRED_ERR
+Group membership was not granted.
+.TP 3n
+PAM_IGNORE
+
+\fBpam_sm_authenticate\fR
+was called which does nothing.
+.TP 3n
+PAM_USER_UNKNOWN
+The user is not known to the system.
+.SH "FILES"
+.TP 3n
+\fI/etc/security/group.conf\fR
+Default configuration file
+.SH "SEE ALSO"
+.PP
+
+\fBgroup.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8).
+.SH "AUTHORS"
+.PP
+pam_group was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_group/pam_group.8.xml b/Linux-PAM/modules/pam_group/pam_group.8.xml
new file mode 100644
index 00000000..61c7eef1
--- /dev/null
+++ b/Linux-PAM/modules/pam_group/pam_group.8.xml
@@ -0,0 +1,162 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_group'>
+
+ <refmeta>
+ <refentrytitle>pam_group</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_group-name'>
+ <refname>pam_group</refname>
+ <refpurpose>
+ PAM module for group access
+ </refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_group-cmdsynopsis">
+ <command>pam_group.so</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_group-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_group PAM module does not authenticate the user, but instead
+ it grants group memberships (in the credential setting phase of the
+ authentication module) to the user. Such memberships are based on the
+ service they are applying for.
+ </para>
+ <para>
+ By default rules for group memberships are taken from config file
+ <filename>/etc/security/group.conf</filename>.
+ </para>
+ <para>
+ This module's usefulness relies on the file-systems
+ accessible to the user. The point being that once granted the
+ membership of a group, the user may attempt to create a
+ <function>setgid</function> binary with a restricted group ownership.
+ Later, when the user is not given membership to this group, they can
+ recover group membership with the precompiled binary. The reason that
+ the file-systems that the user has access to are so significant, is the
+ fact that when a system is mounted <emphasis>nosuid</emphasis> the user
+ is unable to create or execute such a binary file. For this module to
+ provide any level of security, all file-systems that the user has write
+ access to should be mounted <emphasis>nosuid</emphasis>.
+ </para>
+ <para>
+ The pam_group module fuctions in parallel with the
+ <filename>/etc/group</filename> file. If the user is granted any groups
+ based on the behavior of this module, they are granted
+ <emphasis>in addition</emphasis> to those entries
+ <filename>/etc/group</filename> (or equivalent).
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_group-options">
+ <title>OPTIONS</title>
+ <para>This module does not recognice any options.</para>
+ </refsect1>
+
+ <refsect1 id="pam_group-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>auth</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_group-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ group membership was granted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ Not all relevant data could be gotten.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_ERR</term>
+ <listitem>
+ <para>
+ Group membership was not granted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ <function>pam_sm_authenticate</function> was called which does nothing.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ The user is not known to the system.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_group-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/security/group.conf</filename></term>
+ <listitem>
+ <para>Default configuration file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_group-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>group.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_group-authors">
+ <title>AUTHORS</title>
+ <para>
+ pam_group was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_group/pam_group.c b/Linux-PAM/modules/pam_group/pam_group.c
index c7b75fe2..1dc329ef 100644
--- a/Linux-PAM/modules/pam_group/pam_group.c
+++ b/Linux-PAM/modules/pam_group/pam_group.c
@@ -1,17 +1,10 @@
/* pam_group module */
/*
- * $Id: pam_group.c,v 1.7 2004/09/24 13:13:20 kukuk Exp $
- *
* Written by Andrew Morgan <morgan@linux.kernel.org> 1996/7/6
*/
-const static char rcsid[] =
-"$Id: pam_group.c,v 1.7 2004/09/24 13:13:20 kukuk Exp $;\n"
-"Version 0.5 for Linux-PAM\n"
-"Copyright (c) Andrew G. Morgan 1996 <morgan@linux.kernel.org>\n";
-
-#define _BSD_SOURCE
+#include "config.h"
#include <sys/file.h>
#include <stdio.h>
@@ -27,23 +20,18 @@ const static char rcsid[] =
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
+#include <netdb.h>
-#ifdef DEFAULT_CONF_FILE
-# define PAM_GROUP_CONF DEFAULT_CONF_FILE /* from external define */
-#else
-# define PAM_GROUP_CONF "/etc/security/group.conf"
-#endif
#define PAM_GROUP_BUFLEN 1000
#define FIELD_SEPARATOR ';' /* this is new as of .02 */
-#ifdef TRUE
-# undef TRUE
-#endif
-#ifdef FALSE
-# undef FALSE
+#ifndef TRUE
+# define TRUE 1
+#endif
+#ifndef FALSE
+# define FALSE 0
#endif
-typedef enum { FALSE, TRUE } boolean;
typedef enum { AND, OR } operator;
/*
@@ -57,21 +45,11 @@ typedef enum { AND, OR } operator;
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-#include <security/_pam_modutil.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/* --- static functions for checking whether the user should be let in --- */
-static void _log_err(const char *format, ... )
-{
- va_list args;
-
- va_start(args, format);
- openlog("pam_group", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(LOG_CRIT, format, args);
- va_end(args);
- closelog();
-}
-
static void shift_bytes(char *mem, int from, int by)
{
while (by-- > 0) {
@@ -86,14 +64,15 @@ static void shift_bytes(char *mem, int from, int by)
* Therefore, always check buf after calling this to see if an error
* occurred.
*/
-static int read_field(int fd, char **buf, int *from, int *to)
+static int
+read_field (const pam_handle_t *pamh, int fd, char **buf, int *from, int *to)
{
/* is buf set ? */
if (! *buf) {
*buf = (char *) malloc(PAM_GROUP_BUFLEN);
if (! *buf) {
- _log_err("out of memory");
+ pam_syslog(pamh, LOG_ERR, "out of memory");
return -1;
}
*from = *to = 0;
@@ -103,7 +82,7 @@ static int read_field(int fd, char **buf, int *from, int *to)
/* do we have a file open ? return error */
if (fd < 0 && *to <= 0) {
- _log_err( PAM_GROUP_CONF " not opened");
+ pam_syslog(pamh, LOG_ERR, "%s not opened", PAM_GROUP_CONF);
memset(*buf, 0, PAM_GROUP_BUFLEN);
_pam_drop(*buf);
return -1;
@@ -132,7 +111,7 @@ static int read_field(int fd, char **buf, int *from, int *to)
i = read(fd, *to + *buf, PAM_GROUP_BUFLEN - *to);
if (i < 0) {
- _log_err("error reading " PAM_GROUP_CONF);
+ pam_syslog(pamh, LOG_ERR, "error reading %s: %m", PAM_GROUP_CONF);
close(fd);
return -1;
} else if (!i) {
@@ -140,7 +119,7 @@ static int read_field(int fd, char **buf, int *from, int *to)
fd = -1; /* end of file reached */
} else
*to += i;
-
+
/*
* contract the buffer. Delete any comments, and replace all
* multiple spaces with single commas
@@ -161,8 +140,9 @@ static int read_field(int fd, char **buf, int *from, int *to)
}
}
switch ((*buf)[i]) {
- int j,c;
+ int j, c;
case '#':
+ c = 0;
for (j=i; j < *to && (c = (*buf)[j]) != '\n'; ++j);
if (j >= *to) {
(*buf)[*to = ++i] = '\0';
@@ -171,8 +151,9 @@ static int read_field(int fd, char **buf, int *from, int *to)
*to -= j-i;
++i;
} else {
- _log_err("internal error in " __FILE__
- " at line %d", __LINE__ );
+ pam_syslog(pamh, LOG_CRIT,
+ "internal error in file %s at line %d",
+ __FILE__, __LINE__);
close(fd);
return -1;
}
@@ -236,11 +217,10 @@ static int read_field(int fd, char **buf, int *from, int *to)
static int logic_member(const char *string, int *at)
{
- int len,c,to;
+ int c,to;
int done=0;
int token=0;
- len=0;
to=*at;
do {
c = string[to++];
@@ -263,7 +243,7 @@ static int logic_member(const char *string, int *at)
default:
if (isalpha(c) || c == '*' || isdigit(c) || c == '_'
- || c == '-' || c == '.' || c == '/') {
+ || c == '-' || c == '.' || c == '/' || c == ':') {
token = 1;
} else if (token) {
--to;
@@ -279,11 +259,13 @@ static int logic_member(const char *string, int *at)
typedef enum { VAL, OP } expect;
-static boolean logic_field(const void *me, const char *x, int rule,
- boolean (*agrees)(const void *, const char *
- , int, int))
+static int
+logic_field (const pam_handle_t *pamh, const void *me,
+ const char *x, int rule,
+ int (*agrees)(const pam_handle_t *pamh, const void *,
+ const char *, int, int))
{
- boolean left=FALSE, right, not=FALSE;
+ int left=FALSE, right, not=FALSE;
operator oper=OR;
int at=0, l;
expect next=VAL;
@@ -294,15 +276,18 @@ static boolean logic_field(const void *me, const char *x, int rule,
if (next == VAL) {
if (c == '!')
not = !not;
- else if (isalpha(c) || c == '*') {
- right = not ^ agrees(me, x+at, l, rule);
+ else if (isalpha(c) || c == '*' || isdigit(c) || c == '_'
+ || c == '-' || c == '.' || c == '/' || c == ':') {
+ right = not ^ agrees(pamh, me, x+at, l, rule);
if (oper == AND)
left &= right;
else
left |= right;
next = OP;
} else {
- _log_err("garbled syntax; expected name (rule #%d)", rule);
+ pam_syslog(pamh, LOG_ERR,
+ "garbled syntax; expected name (rule #%d)",
+ rule);
return FALSE;
}
} else { /* OP */
@@ -314,8 +299,9 @@ static boolean logic_field(const void *me, const char *x, int rule,
oper = OR;
break;
default:
- _log_err("garbled syntax; expected & or | (rule #%d)"
- , rule);
+ pam_syslog(pamh, LOG_ERR,
+ "garbled syntax; expected & or | (rule #%d)",
+ rule);
D(("%c at %d",c,at));
return FALSE;
}
@@ -327,7 +313,9 @@ static boolean logic_field(const void *me, const char *x, int rule,
return left;
}
-static boolean is_same(const void *A, const char *b, int len, int rule)
+static int
+is_same (const pam_handle_t *pamh UNUSED,
+ const void *A, const char *b, int len, int rule UNUSED)
{
int i;
const char *a;
@@ -349,10 +337,10 @@ typedef struct {
int minute; /* integer, hour*100+minute for now */
} TIME;
-struct day {
+static struct day {
const char *d;
int bit;
-} static const days[11] = {
+} const days[11] = {
{ "su", 01 },
{ "mo", 02 },
{ "tu", 04 },
@@ -382,9 +370,11 @@ static TIME time_now(void)
}
/* take the current date and see if the range "date" passes it */
-static boolean check_time(const void *AT, const char *times, int len, int rule)
+static int
+check_time (const pam_handle_t *pamh, const void *AT,
+ const char *times, int len, int rule)
{
- boolean not,pass;
+ int not,pass;
int marked_day, time_start, time_end;
const TIME *at;
int i,j=0;
@@ -394,7 +384,8 @@ static boolean check_time(const void *AT, const char *times, int len, int rule)
if (times == NULL) {
/* this should not happen */
- _log_err("internal error: " __FILE__ " line %d", __LINE__);
+ pam_syslog(pamh, LOG_CRIT, "internal error in file %s at line %d",
+ __FILE__, __LINE__);
return FALSE;
}
@@ -418,13 +409,13 @@ static boolean check_time(const void *AT, const char *times, int len, int rule)
}
j += 2;
if (this_day == -1) {
- _log_err("bad day specified (rule #%d)", rule);
+ pam_syslog(pamh, LOG_ERR, "bad day specified (rule #%d)", rule);
return FALSE;
}
marked_day ^= this_day;
}
if (marked_day == 0) {
- _log_err("no day specified");
+ pam_syslog(pamh, LOG_ERR, "no day specified");
return FALSE;
}
D(("day range = 0%o", marked_day));
@@ -448,7 +439,7 @@ static boolean check_time(const void *AT, const char *times, int len, int rule)
D(("i=%d, time_end=%d, times[j]='%c'", i, time_end, times[j]));
if (i != 5 || time_end == -1) {
- _log_err("no/bad times specified (rule #%d)", rule);
+ pam_syslog(pamh, LOG_ERR, "no/bad times specified (rule #%d)", rule);
return TRUE;
}
D(("times(%d to %d)", time_start,time_end));
@@ -483,11 +474,10 @@ static boolean check_time(const void *AT, const char *times, int len, int rule)
static int find_member(const char *string, int *at)
{
- int len,c,to;
+ int c,to;
int done=0;
int token=0;
- len=0;
to=*at;
do {
c = string[to++];
@@ -547,7 +537,7 @@ static int mkgrplist(pam_handle_t *pamh, char *buf, gid_t **list, int len)
if (tmp != NULL) {
(*list) = tmp;
} else {
- _log_err("out of memory for group list");
+ pam_syslog(pamh, LOG_ERR, "out of memory for group list");
free(*list);
(*list) = NULL;
return -1;
@@ -561,44 +551,17 @@ static int mkgrplist(pam_handle_t *pamh, char *buf, gid_t **list, int len)
D(("found group: %s",buf+at));
/* this is where we convert a group name to a gid_t */
-#ifdef WANT_PWDB
- {
- int retval;
- const struct pwdb *pw=NULL;
-
- retval = pwdb_locate("group", PWDB_DEFAULT, buf+at
- , PWDB_ID_UNKNOWN, &pw);
- if (retval != PWDB_SUCCESS) {
- _log_err("bad group: %s; %s", buf+at, pwdb_strerror(retval));
- } else {
- const struct pwdb_entry *pwe=NULL;
-
- D(("group %s exists", buf+at));
- retval = pwdb_get_entry(pw, "gid", &pwe);
- if (retval == PWDB_SUCCESS) {
- D(("gid = %d [%p]",* (const gid_t *) pwe->value,list));
- (*list)[len++] = * (const gid_t *) pwe->value;
- pwdb_entry_delete(&pwe); /* tidy up */
- } else {
- _log_err("%s group entry is bad; %s"
- , pwdb_strerror(retval));
- }
- pw = NULL; /* break link - cached for later use */
- }
- }
-#else
{
const struct group *grp;
- grp = _pammodutil_getgrnam(pamh, buf+at);
+ grp = pam_modutil_getgrnam(pamh, buf+at);
if (grp == NULL) {
- _log_err("bad group: %s", buf+at);
+ pam_syslog(pamh, LOG_ERR, "bad group: %s", buf+at);
} else {
D(("group %s exists", buf+at));
(*list)[len++] = grp->gr_gid;
}
}
-#endif
/* next entry along */
@@ -630,7 +593,11 @@ static int check_account(pam_handle_t *pamh, const char *service,
if (no_grps > 0) {
grps = calloc( blk_size(no_grps) , sizeof(gid_t) );
D(("copying current list into grps [%d big]",blk_size(no_grps)));
- (void) getgroups(no_grps, grps);
+ if (getgroups(no_grps, grps) < 0) {
+ D(("getgroups call failed"));
+ no_grps = 0;
+ grps = NULL;
+ }
#ifdef DEBUG
{
int z;
@@ -653,7 +620,7 @@ static int check_account(pam_handle_t *pamh, const char *service,
/* here we get the service name field */
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh,fd,&buffer,&from,&to);
if (!buffer || !buffer[0]) {
/* empty line .. ? */
continue;
@@ -661,44 +628,51 @@ static int check_account(pam_handle_t *pamh, const char *service,
++count;
D(("working on rule #%d",count));
- good = logic_field(service, buffer, count, is_same);
+ good = logic_field(pamh,service, buffer, count, is_same);
D(("with service: %s", good ? "passes":"fails" ));
/* here we get the terminal name field */
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh,fd,&buffer,&from,&to);
if (!buffer || !buffer[0]) {
- _log_err(PAM_GROUP_CONF "; no tty entry #%d", count);
+ pam_syslog(pamh, LOG_ERR,
+ "%s: no tty entry #%d", PAM_GROUP_CONF, count);
continue;
}
- good &= logic_field(tty, buffer, count, is_same);
+ good &= logic_field(pamh,tty, buffer, count, is_same);
D(("with tty: %s", good ? "passes":"fails" ));
/* here we get the username field */
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh,fd,&buffer,&from,&to);
if (!buffer || !buffer[0]) {
- _log_err(PAM_GROUP_CONF "; no user entry #%d", count);
+ pam_syslog(pamh, LOG_ERR,
+ "%s: no user entry #%d", PAM_GROUP_CONF, count);
continue;
}
- good &= logic_field(user, buffer, count, is_same);
+ /* If buffer starts with @, we are using netgroups */
+ if (buffer[0] == '@')
+ good &= innetgr (&buffer[1], NULL, user, NULL);
+ else
+ good &= logic_field(pamh,user, buffer, count, is_same);
D(("with user: %s", good ? "passes":"fails" ));
/* here we get the time field */
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh,fd,&buffer,&from,&to);
if (!buffer || !buffer[0]) {
- _log_err(PAM_GROUP_CONF "; no time entry #%d", count);
+ pam_syslog(pamh, LOG_ERR,
+ "%s: no time entry #%d", PAM_GROUP_CONF, count);
continue;
}
- good &= logic_field(&here_and_now, buffer, count, check_time);
+ good &= logic_field(pamh,&here_and_now, buffer, count, check_time);
D(("with time: %s", good ? "passes":"fails" ));
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh,fd,&buffer,&from,&to);
if (!buffer || !buffer[0]) {
- _log_err(PAM_GROUP_CONF "; no listed groups for rule #%d"
- , count);
+ pam_syslog(pamh, LOG_ERR,
+ "%s: no listed groups for rule #%d", PAM_GROUP_CONF, count);
continue;
}
@@ -719,9 +693,10 @@ static int check_account(pam_handle_t *pamh, const char *service,
/* check the line is terminated correctly */
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh,fd,&buffer,&from,&to);
if (buffer && buffer[0]) {
- _log_err(PAM_GROUP_CONF "; poorly terminated rule #%d", count);
+ pam_syslog(pamh, LOG_ERR,
+ "%s: poorly terminated rule #%d", PAM_GROUP_CONF, count);
}
if (good > 0) {
@@ -737,17 +712,19 @@ static int check_account(pam_handle_t *pamh, const char *service,
/* now set the groups for the user */
if (no_grps > 0) {
+#ifdef DEBUG
int err;
+#endif
D(("trying to set %d groups", no_grps));
#ifdef DEBUG
for (err=0; err<no_grps; ++err) {
D(("gid[%d]=%d", err, grps[err]));
}
#endif
- if ((err = setgroups(no_grps, grps))) {
- D(("but couldn't set groups %d", err));
- _log_err("unable to set the group membership for user (err=%d)"
- , err);
+ if (setgroups(no_grps, grps) != 0) {
+ D(("but couldn't set groups %m"));
+ pam_syslog(pamh, LOG_ERR,
+ "unable to set the group membership for user: %m");
retval = PAM_CRED_ERR;
}
}
@@ -763,17 +740,20 @@ static int check_account(pam_handle_t *pamh, const char *service,
/* --- public authentication management functions --- */
-PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags
- , int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_IGNORE;
}
-PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags
- , int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh, int flags,
+ int argc UNUSED, const char **argv UNUSED)
{
- const char *service=NULL, *tty=NULL;
+ const void *service=NULL, *void_tty=NULL;
const char *user=NULL;
+ const char *tty;
int retval;
unsigned setting;
@@ -787,9 +767,9 @@ PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags
/* set service name */
- if (pam_get_item(pamh, PAM_SERVICE, (const void **)&service)
+ if (pam_get_item(pamh, PAM_SERVICE, &service)
!= PAM_SUCCESS || service == NULL) {
- _log_err("cannot find the current service name");
+ pam_syslog(pamh, LOG_ERR, "cannot find the current service name");
return PAM_ABORT;
}
@@ -797,28 +777,33 @@ PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags
if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL
|| *user == '\0') {
- _log_err("cannot determine the user's name");
+ pam_syslog(pamh, LOG_ERR, "cannot determine the user's name");
return PAM_USER_UNKNOWN;
}
/* set tty name */
- if (pam_get_item(pamh, PAM_TTY, (const void **)&tty) != PAM_SUCCESS
- || tty == NULL) {
+ if (pam_get_item(pamh, PAM_TTY, &void_tty) != PAM_SUCCESS
+ || void_tty == NULL) {
D(("PAM_TTY not set, probing stdin"));
tty = ttyname(STDIN_FILENO);
if (tty == NULL) {
- _log_err("couldn't get the tty name");
- return PAM_ABORT;
+ tty = "";
}
if (pam_set_item(pamh, PAM_TTY, tty) != PAM_SUCCESS) {
- _log_err("couldn't set tty name");
+ pam_syslog(pamh, LOG_ERR, "couldn't set tty name");
return PAM_ABORT;
}
}
-
- if (strncmp("/dev/",tty,5) == 0) { /* strip leading /dev/ */
- tty += 5;
+ else
+ tty = (const char *) void_tty;
+
+ if (tty[0] == '/') { /* full path */
+ const char *t;
+ tty++;
+ if ((t = strchr(tty, '/')) != NULL) {
+ tty = t + 1;
+ }
}
/* good, now we have the service name, the user and the terminal name */
@@ -827,22 +812,7 @@ PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags
D(("user=%s", user));
D(("tty=%s", tty));
-#ifdef WANT_PWDB
-
- /* We initialize the pwdb library and check the account */
- retval = pwdb_start(); /* initialize */
- if (retval == PWDB_SUCCESS) {
- retval = check_account(pamh, service,tty,user); /* get groups */
- (void) pwdb_end(); /* tidy up */
- } else {
- D(("failed to initialize pwdb; %s", pwdb_strerror(retval)));
- _log_err("unable to initialize libpwdb");
- retval = PAM_ABORT;
- }
-
-#else /* WANT_PWDB */
retval = check_account(pamh,service,tty,user); /* get groups */
-#endif /* WANT_PWDB */
return retval;
}
diff --git a/Linux-PAM/modules/pam_group/tst-pam_group b/Linux-PAM/modules/pam_group/tst-pam_group
new file mode 100755
index 00000000..29f7ba06
--- /dev/null
+++ b/Linux-PAM/modules/pam_group/tst-pam_group
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_group.so
diff --git a/Linux-PAM/modules/pam_issue/Makefile b/Linux-PAM/modules/pam_issue/Makefile
deleted file mode 100644
index 1bd2be21..00000000
--- a/Linux-PAM/modules/pam_issue/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:04 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_issue
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_issue/Makefile.am b/Linux-PAM/modules/pam_issue/Makefile.am
new file mode 100644
index 00000000..4e43bd05
--- /dev/null
+++ b/Linux-PAM/modules/pam_issue/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_issue
+
+man_MANS = pam_issue.8
+XMLS = README.xml pam_issue.8.xml
+
+TESTS = tst-pam_issue
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_issue.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_issue.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_issue/Makefile.in b/Linux-PAM/modules/pam_issue/Makefile.in
new file mode 100644
index 00000000..9cec3a85
--- /dev/null
+++ b/Linux-PAM/modules/pam_issue/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_issue
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_issue_la_LIBADD =
+pam_issue_la_SOURCES = pam_issue.c
+pam_issue_la_OBJECTS = pam_issue.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_issue.c
+DIST_SOURCES = pam_issue.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_issue
+man_MANS = pam_issue.8
+XMLS = README.xml pam_issue.8.xml
+TESTS = tst-pam_issue
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_issue.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_issue/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_issue/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_issue.la: $(pam_issue_la_OBJECTS) $(pam_issue_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_issue_la_OBJECTS) $(pam_issue_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_issue.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_issue.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_issue/README b/Linux-PAM/modules/pam_issue/README
new file mode 100644
index 00000000..e3192beb
--- /dev/null
+++ b/Linux-PAM/modules/pam_issue/README
@@ -0,0 +1,79 @@
+pam_issue — PAM module to add issue file to user prompt
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_issue is a PAM module to prepend an issue file to the username prompt. It
+also by default parses escape codes in the issue file similar to some common
+getty's (using \x format).
+
+Recognized escapes:
+
+\d
+
+ current day
+
+\l
+
+ name of this tty
+
+\m
+
+ machine architecture (uname -m)
+
+\n
+
+ machine's network node hostname (uname -n)
+
+\o
+
+ domain name of this system
+
+\r
+
+ release number of operating system (uname -r)
+
+\t
+
+ current time
+
+\s
+
+ operating system name (uname -s)
+
+\u
+
+ number of users currently logged in
+
+\U
+
+ same as \u except it is suffixed with "user" or "users" (eg. "1 user" or
+ "10 users")
+
+\v
+
+ operating system version and build date (uname -v)
+
+OPTIONS
+
+noesc
+
+ Turns off escape code parsing.
+
+issue=issue-file-name
+
+ The file to output if not using the default.
+
+EXAMPLES
+
+Add the following line to /etc/pam.d/login to set the user specific issue at
+login:
+
+ auth optional pam_issue.so issue=/etc/issue
+
+
+AUTHOR
+
+pam_issue was written by Ben Collins <bcollins@debian.org>.
+
diff --git a/Linux-PAM/modules/pam_issue/README.xml b/Linux-PAM/modules/pam_issue/README.xml
new file mode 100644
index 00000000..b5b61c3a
--- /dev/null
+++ b/Linux-PAM/modules/pam_issue/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_issue.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_issue.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_issue-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_issue/pam_issue.8 b/Linux-PAM/modules/pam_issue/pam_issue.8
new file mode 100644
index 00000000..011a5e91
--- /dev/null
+++ b/Linux-PAM/modules/pam_issue/pam_issue.8
@@ -0,0 +1,104 @@
+.\" Title: pam_issue
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/17/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_ISSUE" "8" "06/17/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_issue \- PAM module to add issue file to user prompt
+.SH "SYNOPSIS"
+.HP 13
+\fBpam_issue.so\fR [noesc] [issue=\fIissue\-file\-name\fR]
+.SH "DESCRIPTION"
+.PP
+pam_issue is a PAM module to prepend an issue file to the username prompt. It also by default parses escape codes in the issue file similar to some common getty's (using \\x format).
+.PP
+Recognized escapes:
+.TP 3n
+\fB\\d\fR
+current day
+.TP 3n
+\fB\\l\fR
+name of this tty
+.TP 3n
+\fB\\m\fR
+machine architecture (uname \-m)
+.TP 3n
+\fB\\n\fR
+machine's network node hostname (uname \-n)
+.TP 3n
+\fB\\o\fR
+domain name of this system
+.TP 3n
+\fB\\r\fR
+release number of operating system (uname \-r)
+.TP 3n
+\fB\\t\fR
+current time
+.TP 3n
+\fB\\s\fR
+operating system name (uname \-s)
+.TP 3n
+\fB\\u\fR
+number of users currently logged in
+.TP 3n
+\fB\\U\fR
+same as \\u except it is suffixed with "user" or "users" (eg. "1 user" or "10 users")
+.TP 3n
+\fB\\v\fR
+operating system version and build date (uname \-v)
+.SH "OPTIONS"
+.PP
+.TP 3n
+\fBnoesc\fR
+Turns off escape code parsing.
+.TP 3n
+\fBissue=\fR\fB\fIissue\-file\-name\fR\fR
+The file to output if not using the default.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported.
+.SH "RETURN VALUES"
+.PP
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_IGNORE
+The prompt was already changed.
+.TP 3n
+PAM_SERVICE_ERR
+A service module error occured.
+.TP 3n
+PAM_SUCCESS
+The new prompt was set successfull.
+.SH "EXAMPLES"
+.PP
+Add the following line to
+\fI/etc/pam.d/login\fR
+to set the user specific issue at login:
+.sp
+.RS 3n
+.nf
+ auth optional pam_issue.so issue=/etc/issue
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_issue was written by Ben Collins <bcollins@debian.org>.
diff --git a/Linux-PAM/modules/pam_issue/pam_issue.8.xml b/Linux-PAM/modules/pam_issue/pam_issue.8.xml
new file mode 100644
index 00000000..fd0d06ae
--- /dev/null
+++ b/Linux-PAM/modules/pam_issue/pam_issue.8.xml
@@ -0,0 +1,234 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_issue">
+
+ <refmeta>
+ <refentrytitle>pam_issue</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_issue-name">
+ <refname>pam_issue</refname>
+ <refpurpose>PAM module to add issue file to user prompt</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_issue-cmdsynopsis">
+ <command>pam_issue.so</command>
+ <arg choice="opt">
+ noesc
+ </arg>
+ <arg choice="opt">
+ issue=<replaceable>issue-file-name</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_issue-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_issue is a PAM module to prepend an issue file to the username
+ prompt. It also by default parses escape codes in the issue file
+ similar to some common getty's (using &bsol;x format).
+ </para>
+ <para>
+ Recognized escapes:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;d</emphasis></term>
+ <listitem>
+ <para>current day</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;l</emphasis></term>
+ <listitem>
+ <para>name of this tty</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;m</emphasis></term>
+ <listitem>
+ <para>machine architecture (uname -m)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;n</emphasis></term>
+ <listitem>
+ <para>machine's network node hostname (uname -n)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;o</emphasis></term>
+ <listitem>
+ <para>domain name of this system</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;r</emphasis></term>
+ <listitem>
+ <para>release number of operating system (uname -r)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;t</emphasis></term>
+ <listitem>
+ <para>current time</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;s</emphasis></term>
+ <listitem>
+ <para>operating system name (uname -s)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;u</emphasis></term>
+ <listitem>
+ <para>number of users currently logged in</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;U</emphasis></term>
+ <listitem>
+ <para>
+ same as &bsol;u except it is suffixed with "user" or
+ "users" (eg. "1 user" or "10 users")
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis remap='B'>&bsol;v</emphasis></term>
+ <listitem>
+ <para>operating system version and build date (uname -v)</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ </refsect1>
+
+ <refsect1 id="pam_issue-options">
+
+ <title>OPTIONS</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>noesc</option>
+ </term>
+ <listitem>
+ <para>
+ Turns off escape code parsing.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>issue=<replaceable>issue-file-name</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The file to output if not using the default.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_issue-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>auth</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_issue-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ The prompt was already changed.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ A service module error occured.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The new prompt was set successfull.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_issue-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add the following line to <filename>/etc/pam.d/login</filename> to
+ set the user specific issue at login:
+ <programlisting>
+ auth optional pam_issue.so issue=/etc/issue
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_issue-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_issue-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_issue was written by Ben Collins &lt;bcollins@debian.org&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_issue/pam_issue.c b/Linux-PAM/modules/pam_issue/pam_issue.c
index 5665966e..7a8a24d5 100644
--- a/Linux-PAM/modules/pam_issue/pam_issue.c
+++ b/Linux-PAM/modules/pam_issue/pam_issue.c
@@ -14,8 +14,7 @@
* Released under the GNU LGPL version 2 or later
*/
-#define _GNU_SOURCE
-#define _BSD_SOURCE
+#include "config.h"
#include <string.h>
#include <stdio.h>
@@ -27,50 +26,46 @@
#include <unistd.h>
#include <sys/utsname.h>
#include <utmp.h>
-#include <malloc.h>
#include <time.h>
-
-#include <security/_pam_macros.h>
+#include <syslog.h>
#define PAM_SM_AUTH
+#include <security/_pam_macros.h>
#include <security/pam_modules.h>
+#include <security/pam_ext.h>
static int _user_prompt_set = 0;
-static char *do_prompt (FILE *);
+static int read_issue_raw(pam_handle_t *pamh, FILE *fp, char **prompt);
+static int read_issue_quoted(pam_handle_t *pamh, FILE *fp, char **prompt);
/* --- authentication management functions (only) --- */
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
- int retval = PAM_SUCCESS;
- FILE *fd;
+ int retval = PAM_SERVICE_ERR;
+ FILE *fp;
+ const char *issue_file = NULL;
int parse_esc = 1;
- char *prompt_tmp = NULL;
- const char *cur_prompt = NULL;
- struct stat st;
- char *issue_file = NULL;
+ const void *item = NULL;
+ const char *cur_prompt;
+ char *issue_prompt = NULL;
/* If we've already set the prompt, don't set it again */
if(_user_prompt_set)
return PAM_IGNORE;
- else
- /* we set this here so if we fail below, we wont get further
- than this next time around (only one real failure) */
- _user_prompt_set = 1;
+
+ /* We set this here so if we fail below, we wont get further
+ than this next time around (only one real failure) */
+ _user_prompt_set = 1;
for ( ; argc-- > 0 ; ++argv ) {
if (!strncmp(*argv,"issue=",6)) {
- issue_file = (char *) strdup(6+*argv);
- if (issue_file != NULL) {
- D(("set issue_file to: %s", issue_file));
- } else {
- D(("failed to strdup issue_file - ignored"));
- return PAM_IGNORE;
- }
+ issue_file = 6 + *argv;
+ D(("set issue_file to: %s", issue_file));
} else if (!strcmp(*argv,"noesc")) {
parse_esc = 0;
D(("turning off escape parsing by request"));
@@ -79,152 +74,139 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
}
if (issue_file == NULL)
- issue_file = strdup("/etc/issue");
+ issue_file = "/etc/issue";
- if ((fd = fopen(issue_file, "r")) != NULL) {
- int tot_size = 0;
-
- if (fstat(fileno(fd), &st) < 0) {
- fclose(fd);
- if (issue_file)
- free(issue_file);
- return PAM_IGNORE;
- }
+ if ((fp = fopen(issue_file, "r")) == NULL) {
+ pam_syslog(pamh, LOG_ERR, "error opening %s: %m", issue_file);
+ return PAM_SERVICE_ERR;
+ }
- retval = pam_get_item(pamh, PAM_USER_PROMPT,
- (const void **) &cur_prompt);
- if (retval != PAM_SUCCESS) {
- fclose(fd);
- if (issue_file)
- free(issue_file);
- return PAM_IGNORE;
- }
- if (cur_prompt == NULL) {
- cur_prompt = "";
- }
+ if ((retval = pam_get_item(pamh, PAM_USER_PROMPT, &item)) != PAM_SUCCESS) {
+ fclose(fp);
+ return retval;
+ }
- /* first read in the issue file */
+ cur_prompt = item;
+ if (cur_prompt == NULL)
+ cur_prompt = "";
- if (parse_esc) {
- prompt_tmp = do_prompt(fd);
- if (prompt_tmp == NULL) {
- fclose(fd);
- if (issue_file)
- free(issue_file);
- return PAM_IGNORE;
- }
- } else {
- int count = 0;
-
- prompt_tmp = malloc(st.st_size + 1);
- if (prompt_tmp == NULL) {
- fclose(fd);
- if (issue_file)
- free(issue_file);
- return PAM_IGNORE;
- }
- memset (prompt_tmp, '\0', st.st_size + 1);
- count = fread(prompt_tmp, 1, st.st_size, fd);
- if (count != st.st_size) {
- fclose(fd);
- retval = PAM_IGNORE;
- goto cleanup;
- }
- prompt_tmp[st.st_size] = '\0';
- }
+ if (parse_esc)
+ retval = read_issue_quoted(pamh, fp, &issue_prompt);
+ else
+ retval = read_issue_raw(pamh, fp, &issue_prompt);
- fclose(fd);
+ fclose(fp);
- tot_size = strlen(prompt_tmp) + strlen(cur_prompt) + 1;
+ if (retval != PAM_SUCCESS)
+ goto out;
- /*
- * alloc some extra space for the original prompt
- * and postpend it to the buffer
- */
- {
- char *prompt_tmp_tmp = prompt_tmp;
+ {
+ size_t size = strlen(issue_prompt) + strlen(cur_prompt) + 1;
+ char *new_prompt = realloc(issue_prompt, size);
- prompt_tmp = realloc(prompt_tmp, tot_size + 1);
- if (prompt_tmp == NULL) {
- prompt_tmp = prompt_tmp_tmp;
- retval = PAM_IGNORE;
- goto cleanup;
- }
+ if (new_prompt == NULL) {
+ pam_syslog(pamh, LOG_ERR, "out of memory");
+ retval = PAM_BUF_ERR;
+ goto out;
}
+ issue_prompt = new_prompt;
+ }
- strcpy(prompt_tmp+strlen(prompt_tmp), cur_prompt);
+ strcat(issue_prompt, cur_prompt);
+ retval = pam_set_item(pamh, PAM_USER_PROMPT,
+ (const void *) issue_prompt);
+ out:
+ _pam_drop(issue_prompt);
+ return (retval == PAM_SUCCESS) ? PAM_IGNORE : retval;
+}
- prompt_tmp[tot_size] = '\0';
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_IGNORE;
+}
- retval = pam_set_item(pamh, PAM_USER_PROMPT,
- (const char *) prompt_tmp);
+static int
+read_issue_raw(pam_handle_t *pamh, FILE *fp, char **prompt)
+{
+ char *issue;
+ struct stat st;
- cleanup:
- free(issue_file);
- free(prompt_tmp);
+ *prompt = NULL;
- } else {
- D(("could not open issue_file: %s", issue_file));
- free(issue_file);
- return PAM_IGNORE;
+ if (fstat(fileno(fp), &st) < 0) {
+ pam_syslog(pamh, LOG_ERR, "stat error: %m");
+ return PAM_SERVICE_ERR;
}
- return retval;
-}
+ if ((issue = malloc(st.st_size + 1)) == NULL) {
+ pam_syslog(pamh, LOG_ERR, "out of memory");
+ return PAM_BUF_ERR;
+ }
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
-{
- return PAM_IGNORE;
+ if (fread(issue, 1, st.st_size, fp) != st.st_size) {
+ pam_syslog(pamh, LOG_ERR, "read error: %m");
+ _pam_drop(issue);
+ return PAM_SERVICE_ERR;
+ }
+
+ issue[st.st_size] = '\0';
+ *prompt = issue;
+ return PAM_SUCCESS;
}
-static char *do_prompt(FILE *fd)
+static int
+read_issue_quoted(pam_handle_t *pamh, FILE *fp, char **prompt)
{
- int c, size = 1024;
+ int c;
+ size_t size = 1024;
char *issue;
- char buf[1024];
struct utsname uts;
- if (fd == NULL)
- return NULL;
+ *prompt = NULL;
- issue = (char *)malloc(size);
- if (issue == NULL)
- return NULL;
+ if ((issue = malloc(size)) == NULL) {
+ pam_syslog(pamh, LOG_ERR, "out of memory");
+ return PAM_BUF_ERR;
+ }
- issue[0] = '\0'; /* zero this, for strcat to work on first buf */
+ issue[0] = '\0';
(void) uname(&uts);
- while ((c = getc(fd)) != EOF) {
+ while ((c = getc(fp)) != EOF) {
+ char buf[1024];
+
+ buf[0] = '\0';
if (c == '\\') {
- c = getc(fd);
+ if ((c = getc(fp)) == EOF)
+ break;
switch (c) {
case 's':
- snprintf (buf, 1024, "%s", uts.sysname);
+ strncat(buf, uts.sysname, sizeof(buf) - 1);
break;
case 'n':
- snprintf (buf, 1024, "%s", uts.nodename);
+ strncat(buf, uts.nodename, sizeof(buf) - 1);
break;
case 'r':
- snprintf (buf, 1024, "%s", uts.release);
+ strncat(buf, uts.release, sizeof(buf) - 1);
break;
case 'v':
- snprintf (buf, 1024, "%s", uts.version);
+ strncat(buf, uts.version, sizeof(buf) - 1);
break;
case 'm':
- snprintf (buf, 1024, "%s", uts.machine);
+ strncat(buf, uts.machine, sizeof(buf) - 1);
break;
case 'o':
{
char domainname[256];
- getdomainname(domainname, sizeof(domainname));
- domainname[sizeof(domainname)-1] = '\0';
- snprintf (buf, 1024, "%s", domainname);
+ if (getdomainname(domainname, sizeof(domainname)) >= 0) {
+ domainname[sizeof(domainname)-1] = '\0';
+ strncat(buf, domainname, sizeof(buf) - 1);
+ }
}
break;
-
case 'd':
case 't':
{
@@ -242,70 +224,71 @@ static char *do_prompt(FILE *fd)
tm = localtime(&now);
if (c == 'd')
- snprintf (buf, 1024, "%s %s %d %d",
+ snprintf (buf, sizeof buf, "%s %s %d %d",
weekday[tm->tm_wday], month[tm->tm_mon],
- tm->tm_mday,
- tm->tm_year + 1900);
+ tm->tm_mday, tm->tm_year + 1900);
else
- snprintf (buf, 1024, "%02d:%02d:%02d",
+ snprintf (buf, sizeof buf, "%02d:%02d:%02d",
tm->tm_hour, tm->tm_min, tm->tm_sec);
}
break;
case 'l':
{
char *ttyn = ttyname(1);
- if (!strncmp(ttyn, "/dev/", 5))
- ttyn += 5;
- snprintf (buf, 1024, "%s", ttyn);
+ if (ttyn) {
+ if (!strncmp(ttyn, "/dev/", 5))
+ ttyn += 5;
+ strncat(buf, ttyn, sizeof(buf) - 1);
+ }
}
break;
case 'u':
case 'U':
{
- int users = 0;
+ unsigned int users = 0;
struct utmp *ut;
setutent();
- while ((ut = getutent()))
+ while ((ut = getutent())) {
if (ut->ut_type == USER_PROCESS)
- users++;
+ ++users;
+ }
endutent();
- printf ("%d ", users);
if (c == 'U')
- snprintf (buf, 1024, "%s", (users == 1) ?
- " user" : " users");
+ snprintf (buf, sizeof buf, "%u %s", users,
+ (users == 1) ? "user" : "users");
+ else
+ snprintf (buf, sizeof buf, "%u", users);
break;
}
default:
buf[0] = c; buf[1] = '\0';
}
- if ((strlen(issue) + strlen(buf)) < size + 1) {
- char *old_issue = issue;
-
- size += strlen(buf) + 1;
- issue = (char *) realloc (issue, size);
- if (issue == NULL) {
- free(old_issue);
- return NULL;
- }
- }
- strcat(issue, buf);
} else {
buf[0] = c; buf[1] = '\0';
- if ((strlen(issue) + strlen(buf)) < size + 1) {
- char *old_issue = issue;
-
- size += strlen(buf) + 1;
- issue = (char *) realloc (issue, size);
- if (issue == NULL) {
- free(old_issue);
- return NULL;
- }
+ }
+
+ if ((strlen(issue) + strlen(buf)) + 1 > size) {
+ char *new_issue;
+
+ size += strlen(buf) + 1;
+ new_issue = (char *) realloc (issue, size);
+ if (new_issue == NULL) {
+ _pam_drop(issue);
+ return PAM_BUF_ERR;
}
+ issue = new_issue;
strcat(issue, buf);
}
}
- return issue;
+ if (ferror(fp)) {
+ pam_syslog(pamh, LOG_ERR, "read error: %m");
+ _pam_drop(issue);
+ return PAM_SERVICE_ERR;
+ }
+
+ *prompt = issue;
+ return PAM_SUCCESS;
}
#ifdef PAM_STATIC
diff --git a/Linux-PAM/modules/pam_issue/tst-pam_issue b/Linux-PAM/modules/pam_issue/tst-pam_issue
new file mode 100755
index 00000000..0fe4f763
--- /dev/null
+++ b/Linux-PAM/modules/pam_issue/tst-pam_issue
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_issue.so
diff --git a/Linux-PAM/modules/pam_keyinit/Makefile.am b/Linux-PAM/modules/pam_keyinit/Makefile.am
new file mode 100644
index 00000000..49e34d75
--- /dev/null
+++ b/Linux-PAM/modules/pam_keyinit/Makefile.am
@@ -0,0 +1,33 @@
+#
+# Copyright (c) 2006 David Howells <dhowells@redhat.com>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(XMLS) pam_keyinit.8 tst-pam_keyinit
+XMLS = README.xml pam_keyinit.8.xml
+
+if HAVE_KEY_MANAGEMENT
+ man_MANS = pam_keyinit.8
+ TESTS = tst-pam_keyinit
+endif
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_keyinit.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+if HAVE_KEY_MANAGEMENT
+ securelib_LTLIBRARIES = pam_keyinit.la
+endif
diff --git a/Linux-PAM/modules/pam_keyinit/Makefile.in b/Linux-PAM/modules/pam_keyinit/Makefile.in
new file mode 100644
index 00000000..401c09b6
--- /dev/null
+++ b/Linux-PAM/modules/pam_keyinit/Makefile.in
@@ -0,0 +1,667 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 David Howells <dhowells@redhat.com>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_keyinit
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_keyinit_la_LIBADD =
+pam_keyinit_la_SOURCES = pam_keyinit.c
+pam_keyinit_la_OBJECTS = pam_keyinit.lo
+@HAVE_KEY_MANAGEMENT_TRUE@am_pam_keyinit_la_rpath = -rpath \
+@HAVE_KEY_MANAGEMENT_TRUE@ $(securelibdir)
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_keyinit.c
+DIST_SOURCES = pam_keyinit.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(XMLS) pam_keyinit.8 tst-pam_keyinit
+XMLS = README.xml pam_keyinit.8.xml
+@HAVE_KEY_MANAGEMENT_TRUE@man_MANS = pam_keyinit.8
+@HAVE_KEY_MANAGEMENT_TRUE@TESTS = tst-pam_keyinit
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+@HAVE_KEY_MANAGEMENT_TRUE@securelib_LTLIBRARIES = pam_keyinit.la
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_keyinit/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_keyinit/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_keyinit.la: $(pam_keyinit_la_OBJECTS) $(pam_keyinit_la_DEPENDENCIES)
+ $(LINK) $(am_pam_keyinit_la_rpath) $(pam_keyinit_la_OBJECTS) $(pam_keyinit_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_keyinit.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_keyinit.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_keyinit/README b/Linux-PAM/modules/pam_keyinit/README
new file mode 100644
index 00000000..da22a535
--- /dev/null
+++ b/Linux-PAM/modules/pam_keyinit/README
@@ -0,0 +1,24 @@
+# $Id: README,v 1.1 2006/06/27 12:34:07 t8m Exp $ -*- text -*-
+#
+
+This module makes sure the calling process has its own session keyring rather
+than using the default per-user session keyring.
+
+The following words may be supplied as arguments to the module through the PAM
+configuration scripts:
+
+ (*) "force"
+
+ This will cause the process's current session keyring to be replaced with
+ a new one. If this isn't supplied, a session keyring will only be created
+ if the process doesn't already have its own.
+
+ (*) "revoke"
+
+ If the module actually created a keyring, this will cause that keyring to
+ be revoked on session closure.
+
+ (*) "debug"
+
+ This will cause the module to write some debugging information to the
+ syslog.
diff --git a/Linux-PAM/modules/pam_keyinit/README.xml b/Linux-PAM/modules/pam_keyinit/README.xml
new file mode 100644
index 00000000..47659e89
--- /dev/null
+++ b/Linux-PAM/modules/pam_keyinit/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_keyinit.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_keyinit.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_keyinit-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_keyinit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_keyinit-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_keyinit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_keyinit-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_keyinit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_keyinit-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_keyinit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_keyinit-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_keyinit/pam_keyinit.8 b/Linux-PAM/modules/pam_keyinit/pam_keyinit.8
new file mode 100644
index 00000000..40b1e125
--- /dev/null
+++ b/Linux-PAM/modules/pam_keyinit/pam_keyinit.8
@@ -0,0 +1,133 @@
+.\"Generated by db2man.xsl. Don't modify this, modify the source.
+.de Sh \" Subsection
+.br
+.if t .Sp
+.ne 5
+.PP
+\fB\\$1\fR
+.PP
+..
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Ip \" List item
+.br
+.ie \\n(.$>=3 .ne \\$3
+.el .ne 3
+.IP "\\$1" \\$2
+..
+.TH "PAM_KEYINIT" 8 "" "" ""
+.SH NAME
+pam_keyinit \- Kernel session keyring initialiser module
+.SH "SYNOPSIS"
+.ad l
+.hy 0
+.HP 15
+\fBpam_keyinit\&.so\fR [debug] [force] [revoke]
+.ad
+.hy
+
+.SH "DESCRIPTION"
+
+.PP
+The pam_keyinit PAM module ensures that the invoking process has a session keyring other than the user default session keyring\&.
+
+.PP
+The session component of the module checks to see if the process's session keyring is the user default, and, if it is, creates a new anonymous session keyring with which to replace it\&.
+
+.PP
+If a new session keyring is created, it will install a link to the user common keyring in the session keyring so that keys common to the user will be automatically accessible through it\&.
+
+.PP
+The session keyring of the invoking process will thenceforth be inherited by all its children unless they override it\&.
+
+.PP
+This module is intended primarily for use by login processes\&. Be aware that after the session keyring has been replaced, the old session keyring and the keys it contains will no longer be accessible\&.
+
+.PP
+This module should not, generally, be invoked by programs like \fIsu\fR, since it is usually desirable for the key set to percolate through to the alternate context\&. The keys have their own permissions system to manage this\&.
+
+.PP
+This module should be included as early as possible in a PAM configuration, so that other PAM modules can attach tokens to the keyring\&.
+
+.PP
+The keyutils package is used to manipulate keys more directly\&. This included in the Fedora Extras 5+ and Red Hat Enterprise Linux 4 U2+ and can also be obtained from:
+
+.PP
+ Keyutils : \fIhttp://people.redhat.com/~dhowells/keyutils/\fR
+
+.SH "OPTIONS"
+
+.TP
+\fBdebug\fR
+Log debug information with \fBsyslog\fR(3)\&.
+
+.TP
+\fBforce\fR
+Causes the session keyring of the invoking process to be replaced unconditionally\&.
+
+.TP
+\fBrevoke\fR
+Causes the session keyring of the invoking process to be revoked when the invoking process exits if the session keyring was created for this process in the first place\&.
+
+.SH "MODULE SERVICES PROVIDED"
+
+.PP
+Only the \fIsession\fR service is supported\&.
+
+.SH "RETURN VALUES"
+
+.TP
+PAM_SUCCESS
+This module will usually return this value
+
+.TP
+PAM_AUTH_ERR
+Authentication failure\&.
+
+.TP
+PAM_BUF_ERR
+Memory buffer error\&.
+
+.TP
+PAM_IGNORE
+The return value should be ignored by PAM dispatch\&.
+
+.TP
+PAM_SERVICE_ERR
+Cannot determine the user name\&.
+
+.TP
+PAM_SESSION_ERR
+This module will return this value if its arguments are invalid or if a system error such as ENOMEM occurs\&.
+
+.TP
+PAM_USER_UNKNOWN
+User not known\&.
+
+.SH "EXAMPLES"
+
+.PP
+Add this line to your login entries to start each login session with its own session keyring:
+
+.nf
+
+session required pam_keyinit\&.so
+
+.fi
+
+
+.PP
+This will prevent keys from one session leaking into another session for the same user\&.
+
+.SH "SEE ALSO"
+
+.PP
+ \fBpam\&.conf\fR(5), \fBpam\&.d\fR(8), \fBpam\fR(8) \fBkeyctl\fR(1)
+
+.SH "AUTHOR"
+
+.PP
+pam_keyinit was written by David Howells, <dhowells@redhat\&.com>\&.
+
diff --git a/Linux-PAM/modules/pam_keyinit/pam_keyinit.8.xml b/Linux-PAM/modules/pam_keyinit/pam_keyinit.8.xml
new file mode 100644
index 00000000..c7dddf54
--- /dev/null
+++ b/Linux-PAM/modules/pam_keyinit/pam_keyinit.8.xml
@@ -0,0 +1,241 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_keyinit">
+
+ <refmeta>
+ <refentrytitle>pam_keyinit</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_keyinit-name">
+ <refname>pam_keyinit</refname>
+ <refpurpose>Kernel session keyring initialiser module</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_keyinit-cmdsynopsis">
+ <command>pam_keyinit.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ force
+ </arg>
+ <arg choice="opt">
+ revoke
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_keyinit-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_keyinit PAM module ensures that the invoking process has a
+ session keyring other than the user default session keyring.
+ </para>
+ <para>
+ The session component of the module checks to see if the process's
+ session keyring is the user default, and, if it is, creates a new
+ anonymous session keyring with which to replace it.
+ </para>
+ <para>
+ If a new session keyring is created, it will install a link to the user
+ common keyring in the session keyring so that keys common to the user
+ will be automatically accessible through it.
+ </para>
+ <para>
+ The session keyring of the invoking process will thenceforth be inherited
+ by all its children unless they override it.
+ </para>
+ <para>
+ This module is intended primarily for use by login processes. Be aware
+ that after the session keyring has been replaced, the old session keyring
+ and the keys it contains will no longer be accessible.
+ </para>
+ <para>
+ This module should not, generally, be invoked by programs like
+ <emphasis remap='B'>su</emphasis>, since it is usually desirable for the
+ key set to percolate through to the alternate context. The keys have
+ their own permissions system to manage this.
+ </para>
+ <para>
+ This module should be included as early as possible in a PAM
+ configuration, so that other PAM modules can attach tokens to the
+ keyring.
+ </para>
+ <para>
+ The keyutils package is used to manipulate keys more directly. This
+ can be obtained from:
+ </para>
+ <para>
+ <ulink url="http://people.redhat.com/~dhowells/keyutils/">
+ Keyutils
+ </ulink>
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_keyinit-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Log debug information with <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>force</option>
+ </term>
+ <listitem>
+ <para>
+ Causes the session keyring of the invoking process to be replaced
+ unconditionally.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>revoke</option>
+ </term>
+ <listitem>
+ <para>
+ Causes the session keyring of the invoking process to be revoked
+ when the invoking process exits if the session keyring was created
+ for this process in the first place.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_keyinit-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <emphasis remap='B'>session</emphasis> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_keyinit-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ This module will usually return this value
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ Authentication failure.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ The return value should be ignored by PAM dispatch.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ Cannot determine the user name.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SESSION_ERR</term>
+ <listitem>
+ <para>
+ This module will return this value if its arguments are invalid or
+ if a system error such as ENOMEM occurs.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_keyinit-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add this line to your login entries to start each login session with its
+ own session keyring:
+ <programlisting>
+session required pam_keyinit.so
+ </programlisting>
+ </para>
+ <para>
+ This will prevent keys from one session leaking into another session for
+ the same user.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_keyinit-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ <citerefentry>
+ <refentrytitle>keyctl</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_keyinit-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_keyinit was written by David Howells, &lt;dhowells@redhat.com&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_keyinit/pam_keyinit.c b/Linux-PAM/modules/pam_keyinit/pam_keyinit.c
new file mode 100644
index 00000000..378a7723
--- /dev/null
+++ b/Linux-PAM/modules/pam_keyinit/pam_keyinit.c
@@ -0,0 +1,269 @@
+/* pam_keyinit.c: Initialise the session keyring on login through a PAM module
+ *
+ * Copyright (C) 2006 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version
+ * 2 of the License, or (at your option) any later version.
+ */
+
+#include "config.h"
+#include <stdarg.h>
+#include <string.h>
+#include <syslog.h>
+#include <pwd.h>
+#include <unistd.h>
+#include <errno.h>
+#include <security/pam_modules.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
+#include <sys/syscall.h>
+
+#define KEY_SPEC_SESSION_KEYRING -3 /* ID for session keyring */
+#define KEY_SPEC_USER_KEYRING -4 /* ID for UID-specific keyring */
+#define KEY_SPEC_USER_SESSION_KEYRING -5 /* - key ID for UID-session keyring */
+
+#define KEYCTL_GET_KEYRING_ID 0 /* ask for a keyring's ID */
+#define KEYCTL_JOIN_SESSION_KEYRING 1 /* start named session keyring */
+#define KEYCTL_REVOKE 3 /* revoke a key */
+#define KEYCTL_LINK 8 /* link a key into a keyring */
+
+static int my_session_keyring;
+static int session_counter;
+static int do_revoke;
+static int revoke_as_uid;
+static int revoke_as_gid;
+static int xdebug = 0;
+
+static void debug(pam_handle_t *pamh, const char *fmt, ...)
+ __attribute__((format(printf, 2, 3)));
+
+static void debug(pam_handle_t *pamh, const char *fmt, ...)
+{
+ va_list va;
+
+ if (xdebug) {
+ va_start(va, fmt);
+ pam_vsyslog(pamh, LOG_DEBUG, fmt, va);
+ va_end(va);
+ }
+}
+
+static int error(pam_handle_t *pamh, const char *fmt, ...)
+ __attribute__((format(printf, 2, 3)));
+
+static int error(pam_handle_t *pamh, const char *fmt, ...)
+{
+ va_list va;
+
+ va_start(va, fmt);
+ pam_vsyslog(pamh, LOG_ERR, fmt, va);
+ va_end(va);
+
+ return PAM_SESSION_ERR;
+}
+
+/*
+ * initialise the session keyring for this process
+ */
+static int init_keyrings(pam_handle_t *pamh, int force)
+{
+ int session, usession, ret;
+
+ if (!force) {
+ /* get the IDs of the session keyring and the user session
+ * keyring */
+ session = syscall(__NR_keyctl,
+ KEYCTL_GET_KEYRING_ID,
+ KEY_SPEC_SESSION_KEYRING,
+ 0);
+ debug(pamh, "GET SESSION = %d", session);
+ if (session < 0) {
+ /* don't worry about keyrings if facility not
+ * installed */
+ if (errno == ENOSYS)
+ return PAM_SUCCESS;
+ return PAM_SESSION_ERR;
+ }
+
+ usession = syscall(__NR_keyctl,
+ KEYCTL_GET_KEYRING_ID,
+ KEY_SPEC_USER_SESSION_KEYRING,
+ 0);
+ debug(pamh, "GET SESSION = %d", usession);
+ if (usession < 0)
+ return PAM_SESSION_ERR;
+
+ /* if the user session keyring is our keyring, then we don't
+ * need to do anything if we're not forcing */
+ if (session != usession)
+ return PAM_SUCCESS;
+ }
+
+ /* create a session keyring, discarding the old one */
+ ret = syscall(__NR_keyctl,
+ KEYCTL_JOIN_SESSION_KEYRING,
+ NULL);
+ debug(pamh, "JOIN = %d", ret);
+ if (ret < 0)
+ return PAM_SESSION_ERR;
+
+ my_session_keyring = ret;
+
+ /* make a link from the session keyring to the user keyring */
+ ret = syscall(__NR_keyctl,
+ KEYCTL_LINK,
+ KEY_SPEC_USER_KEYRING,
+ KEY_SPEC_SESSION_KEYRING);
+
+ return ret < 0 ? PAM_SESSION_ERR : PAM_SUCCESS;
+}
+
+/*
+ * revoke the session keyring for this process
+ */
+static void kill_keyrings(pam_handle_t *pamh)
+{
+ int old_uid, old_gid;
+
+ /* revoke the session keyring we created earlier */
+ if (my_session_keyring > 0) {
+ debug(pamh, "REVOKE %d", my_session_keyring);
+
+ old_uid = geteuid();
+ old_gid = getegid();
+ debug(pamh, "UID:%d [%d] GID:%d [%d]",
+ revoke_as_uid, old_uid, revoke_as_gid, old_gid);
+
+ /* switch to the real UID and GID so that we have permission to
+ * revoke the key */
+ if (revoke_as_gid != old_gid && setregid(-1, revoke_as_gid) < 0)
+ error(pamh, "Unable to change GID to %d temporarily\n",
+ revoke_as_gid);
+
+ if (revoke_as_uid != old_uid && setreuid(-1, revoke_as_uid) < 0)
+ error(pamh, "Unable to change UID to %d temporarily\n",
+ revoke_as_uid);
+
+ syscall(__NR_keyctl,
+ KEYCTL_REVOKE,
+ my_session_keyring);
+
+ /* return to the orignal UID and GID (probably root) */
+ if (revoke_as_uid != old_uid && setreuid(-1, old_uid) < 0)
+ error(pamh, "Unable to change UID back to %d\n", old_uid);
+
+ if (revoke_as_gid != old_gid && setregid(-1, old_gid) < 0)
+ error(pamh, "Unable to change GID back to %d\n", old_gid);
+
+ my_session_keyring = 0;
+ }
+}
+
+/*
+ * open a PAM session by making sure there's a session keyring
+ */
+PAM_EXTERN
+int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ struct passwd *pw;
+ const char *username;
+ int ret, old_uid, uid, old_gid, gid, loop, force = 0;
+
+ for (loop = 0; loop < argc; loop++) {
+ if (strcmp(argv[loop], "force") == 0)
+ force = 1;
+ else if (strcmp(argv[loop], "debug") == 0)
+ xdebug = 1;
+ else if (strcmp(argv[loop], "revoke") == 0)
+ do_revoke = 1;
+ }
+
+ /* don't do anything if already created a keyring (will be called
+ * multiple times if mentioned more than once in a pam script)
+ */
+ session_counter++;
+
+ debug(pamh, "OPEN %d", session_counter);
+
+ if (my_session_keyring > 0)
+ return PAM_SUCCESS;
+
+ /* look up the target UID */
+ ret = pam_get_user(pamh, &username, "key user");
+ if (ret != PAM_SUCCESS)
+ return ret;
+
+ pw = pam_modutil_getpwnam(pamh, username);
+ if (!pw) {
+ error(pamh, "Unable to look up user \"%s\"\n", username);
+ return PAM_USER_UNKNOWN;
+ }
+
+ revoke_as_uid = uid = pw->pw_uid;
+ old_uid = getuid();
+ revoke_as_gid = gid = pw->pw_gid;
+ old_gid = getgid();
+ debug(pamh, "UID:%d [%d] GID:%d [%d]", uid, old_uid, gid, old_gid);
+
+ /* switch to the real UID and GID so that the keyring ends up owned by
+ * the right user */
+ if (gid != old_gid && setregid(gid, -1) < 0) {
+ error(pamh, "Unable to change GID to %d temporarily\n", gid);
+ return PAM_SESSION_ERR;
+ }
+
+ if (uid != old_uid && setreuid(uid, -1) < 0) {
+ error(pamh, "Unable to change UID to %d temporarily\n", uid);
+ setregid(old_gid, -1);
+ return PAM_SESSION_ERR;
+ }
+
+ ret = init_keyrings(pamh, force);
+
+ /* return to the orignal UID and GID (probably root) */
+ if (uid != old_uid && setreuid(old_uid, -1) < 0)
+ ret = error(pamh, "Unable to change UID back to %d\n", old_uid);
+
+ if (gid != old_gid && setregid(old_gid, -1) < 0)
+ ret = error(pamh, "Unable to change GID back to %d\n", old_gid);
+
+ return ret;
+}
+
+/*
+ * close a PAM session by revoking the session keyring if requested
+ */
+PAM_EXTERN
+int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ debug(pamh, "CLOSE %d,%d,%d",
+ session_counter, my_session_keyring, do_revoke);
+
+ session_counter--;
+
+ if (session_counter == 0 && my_session_keyring > 0 && do_revoke)
+ kill_keyrings(pamh);
+
+ return PAM_SUCCESS;
+}
+
+#ifdef PAM_STATIC
+
+/* static module data */
+
+struct pam_module _pam_keyinit_modstruct = {
+ "pam_keyinit",
+ NULL,
+ NULL,
+ NULL,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ NULL
+};
+#endif
+
diff --git a/Linux-PAM/modules/pam_keyinit/tst-pam_keyinit b/Linux-PAM/modules/pam_keyinit/tst-pam_keyinit
new file mode 100755
index 00000000..f0a7b9bc
--- /dev/null
+++ b/Linux-PAM/modules/pam_keyinit/tst-pam_keyinit
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_keyinit.so
diff --git a/Linux-PAM/modules/pam_lastlog/Makefile b/Linux-PAM/modules/pam_lastlog/Makefile
deleted file mode 100644
index e8062714..00000000
--- a/Linux-PAM/modules/pam_lastlog/Makefile
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# $Id: Makefile,v 1.3 2001/02/10 22:33:10 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-ifeq ($(HAVE_LIBUTIL),yes)
- MODULE_SIMPLE_EXTRALIBS += -lutil
-endif
-
-TITLE=pam_lastlog
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_lastlog/Makefile.am b/Linux-PAM/modules/pam_lastlog/Makefile.am
new file mode 100644
index 00000000..e81e7833
--- /dev/null
+++ b/Linux-PAM/modules/pam_lastlog/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_lastlog
+
+man_MANS = pam_lastlog.8
+XMLS = README.xml pam_lastlog.8.xml
+
+TESTS = tst-pam_lastlog
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam -lutil
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_lastlog.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_lastlog.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_lastlog/Makefile.in b/Linux-PAM/modules/pam_lastlog/Makefile.in
new file mode 100644
index 00000000..6f19ba1f
--- /dev/null
+++ b/Linux-PAM/modules/pam_lastlog/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_lastlog
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_lastlog_la_LIBADD =
+pam_lastlog_la_SOURCES = pam_lastlog.c
+pam_lastlog_la_OBJECTS = pam_lastlog.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_lastlog.c
+DIST_SOURCES = pam_lastlog.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_lastlog
+man_MANS = pam_lastlog.8
+XMLS = README.xml pam_lastlog.8.xml
+TESTS = tst-pam_lastlog
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam -lutil $(am__append_1)
+securelib_LTLIBRARIES = pam_lastlog.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_lastlog/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_lastlog/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_lastlog.la: $(pam_lastlog_la_OBJECTS) $(pam_lastlog_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_lastlog_la_OBJECTS) $(pam_lastlog_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_lastlog.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_lastlog.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_lastlog/README b/Linux-PAM/modules/pam_lastlog/README
new file mode 100644
index 00000000..9f6c5505
--- /dev/null
+++ b/Linux-PAM/modules/pam_lastlog/README
@@ -0,0 +1,57 @@
+pam_lastlog — PAM module to display date of last login
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_lastlog is a PAM module to display a line of information about the last
+login of the user. In addition, the module maintains the /var/log/lastlog file.
+
+Some applications may perform this function themselves. In such cases, this
+module is not necessary.
+
+OPTIONS
+
+debug
+
+ Print debug information.
+
+silent
+
+ Don't inform the user about any previous login, just upate the /var/log/
+ lastlog file.
+
+never
+
+ If the /var/log/lastlog file does not contain any old entries for the user,
+ indicate that the user has never previously logged in with a welcome
+ message.
+
+nodate
+
+ Don't display the date of the last login.
+
+noterm
+
+ Don't display the terminal name on which the last login was attempted.
+
+nohost
+
+ Don't indicate from which host the last login was attempted.
+
+nowtmp
+
+ Don't update the wtmp entry.
+
+EXAMPLES
+
+Add the following line to /etc/pam.d/login to display the last login time of an
+user:
+
+ session required pam_lastlog.so nowtmp
+
+
+AUTHOR
+
+pam_lastlog was written by Andrew G. Morgan <morgan@kernel.org>.
+
diff --git a/Linux-PAM/modules/pam_lastlog/README.xml b/Linux-PAM/modules/pam_lastlog/README.xml
new file mode 100644
index 00000000..7fe70339
--- /dev/null
+++ b/Linux-PAM/modules/pam_lastlog/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_lastlog.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_lastlog.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_lastlog-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_lastlog.8.xml" xpointer='xpointer(//refsect1[@id = "pam_lastlog-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_lastlog.8.xml" xpointer='xpointer(//refsect1[@id = "pam_lastlog-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_lastlog.8.xml" xpointer='xpointer(//refsect1[@id = "pam_lastlog-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_lastlog.8.xml" xpointer='xpointer(//refsect1[@id = "pam_lastlog-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_lastlog/pam_lastlog.8 b/Linux-PAM/modules/pam_lastlog/pam_lastlog.8
new file mode 100644
index 00000000..81b04470
--- /dev/null
+++ b/Linux-PAM/modules/pam_lastlog/pam_lastlog.8
@@ -0,0 +1,91 @@
+.\" Title: pam_lastlog
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/09/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_LASTLOG" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_lastlog \- PAM module to display date of last login
+.SH "SYNOPSIS"
+.HP 15
+\fBpam_lastlog.so\fR [debug] [silent] [never] [nodate] [nohost] [noterm] [nowtmp]
+.SH "DESCRIPTION"
+.PP
+pam_lastlog is a PAM module to display a line of information about the last login of the user. In addition, the module maintains the
+\fI/var/log/lastlog\fR
+file.
+.PP
+Some applications may perform this function themselves. In such cases, this module is not necessary.
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBsilent\fR
+Don't inform the user about any previous login, just upate the
+\fI/var/log/lastlog\fR
+file.
+.TP 3n
+\fBnever\fR
+If the
+\fI/var/log/lastlog\fR
+file does not contain any old entries for the user, indicate that the user has never previously logged in with a welcome message.
+.TP 3n
+\fBnodate\fR
+Don't display the date of the last login.
+.TP 3n
+\fBnoterm\fR
+Don't display the terminal name on which the last login was attempted.
+.TP 3n
+\fBnohost\fR
+Don't indicate from which host the last login was attempted.
+.TP 3n
+\fBnowtmp\fR
+Don't update the wtmp entry.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBsession\fR
+service is supported.
+.SH "RETURN VALUES"
+.PP
+.TP 3n
+PAM_SUCCESS
+Everything was successfull.
+.TP 3n
+PAM_SERVICE_ERR
+Internal service module error.
+.TP 3n
+PAM_USER_UNKNOWN
+User not known.
+.SH "EXAMPLES"
+.PP
+Add the following line to
+\fI/etc/pam.d/login\fR
+to display the last login time of an user:
+.sp
+.RS 3n
+.nf
+ session required pam_lastlog.so nowtmp
+
+.fi
+.RE
+.SH "FILES"
+.TP 3n
+\fI/var/log/lastlog\fR
+Lastlog logging file
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_lastlog was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_lastlog/pam_lastlog.8.xml b/Linux-PAM/modules/pam_lastlog/pam_lastlog.8.xml
new file mode 100644
index 00000000..066eff58
--- /dev/null
+++ b/Linux-PAM/modules/pam_lastlog/pam_lastlog.8.xml
@@ -0,0 +1,231 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_lastlog">
+
+ <refmeta>
+ <refentrytitle>pam_lastlog</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_lastlog-name">
+ <refname>pam_lastlog</refname>
+ <refpurpose>PAM module to display date of last login</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_lastlog-cmdsynopsis">
+ <command>pam_lastlog.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ silent
+ </arg>
+ <arg choice="opt">
+ never
+ </arg>
+ <arg choice="opt">
+ nodate
+ </arg>
+ <arg choice="opt">
+ nohost
+ </arg>
+ <arg choice="opt">
+ noterm
+ </arg>
+ <arg choice="opt">
+ nowtmp
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_lastlog-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_lastlog is a PAM module to display a line of information
+ about the last login of the user. In addition, the module maintains
+ the <filename>/var/log/lastlog</filename> file.
+ </para>
+ <para>
+ Some applications may perform this function themselves. In such
+ cases, this module is not necessary.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_lastlog-options">
+
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>silent</option>
+ </term>
+ <listitem>
+ <para>
+ Don't inform the user about any previous login,
+ just upate the <filename>/var/log/lastlog</filename> file.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>never</option>
+ </term>
+ <listitem>
+ <para>
+ If the <filename>/var/log/lastlog</filename> file does
+ not contain any old entries for the user, indicate that
+ the user has never previously logged in with a welcome
+ message.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>nodate</option>
+ </term>
+ <listitem>
+ <para>
+ Don't display the date of the last login.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>noterm</option>
+ </term>
+ <listitem>
+ <para>
+ Don't display the terminal name on which the
+ last login was attempted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>nohost</option>
+ </term>
+ <listitem>
+ <para>
+ Don't indicate from which host the last login was
+ attempted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>nowtmp</option>
+ </term>
+ <listitem>
+ <para>
+ Don't update the wtmp entry.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_lastlog-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>session</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_lastlog-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Everything was successfull.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ Internal service module error.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_lastlog-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add the following line to <filename>/etc/pam.d/login</filename> to
+ display the last login time of an user:
+ </para>
+ <programlisting>
+ session required pam_lastlog.so nowtmp
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id="pam_lastlog-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/var/log/lastlog</filename></term>
+ <listitem>
+ <para>Lastlog logging file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_lastlog-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_lastlog-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_lastlog was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_lastlog/pam_lastlog.c b/Linux-PAM/modules/pam_lastlog/pam_lastlog.c
index c9c5e24e..a75e1ce7 100644
--- a/Linux-PAM/modules/pam_lastlog/pam_lastlog.c
+++ b/Linux-PAM/modules/pam_lastlog/pam_lastlog.c
@@ -1,8 +1,6 @@
/* pam_lastlog module */
/*
- * $Id: pam_lastlog.c,v 1.8 2004/09/24 13:13:20 kukuk Exp $
- *
* Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11
*
* This module does the necessary work to display the last login
@@ -10,10 +8,11 @@
* present (login) service.
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <fcntl.h>
#include <time.h>
+#include <errno.h>
#ifdef HAVE_UTMP_H
# include <utmp.h>
#else
@@ -28,10 +27,6 @@
#include <syslog.h>
#include <unistd.h>
-#ifdef WANT_PWDB
-#include <pwdb/pwdb_public.h> /* use POSIX front end */
-#endif
-
#if defined(hpux) || defined(sunos) || defined(solaris)
# ifndef _PATH_LASTLOG
# define _PATH_LASTLOG "/usr/adm/lastlog"
@@ -56,17 +51,6 @@ struct lastlog {
#define DEFAULT_HOST "" /* "[no.where]" */
#define DEFAULT_TERM "" /* "tt???" */
-#define LASTLOG_NEVER_WELCOME "Welcome to your new account!"
-#define LASTLOG_INTRO "Last login:"
-#define LASTLOG_TIME " %s"
-#define _LASTLOG_HOST_FORMAT " from %%.%ds"
-#define _LASTLOG_LINE_FORMAT " on %%.%ds"
-#define LASTLOG_TAIL ""
-#define LASTLOG_MAXSIZE (sizeof(LASTLOG_INTRO)+0 \
- +sizeof(LASTLOG_TIME)+strlen(the_time) \
- +sizeof(_LASTLOG_HOST_FORMAT)+UT_HOSTSIZE \
- +sizeof(_LASTLOG_LINE_FORMAT)+UT_LINESIZE \
- +sizeof(LASTLOG_TAIL))
/*
* here, we make a definition for the externally accessible function
@@ -79,20 +63,8 @@ struct lastlog {
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-#include <security/_pam_modutil.h>
-
-/* some syslogging */
-
-static void _log_err(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-lastlog", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/* argument parsing */
@@ -102,10 +74,12 @@ static void _log_err(int err, const char *format, ...)
#define LASTLOG_NEVER 010 /* display a welcome message for first login */
#define LASTLOG_DEBUG 020 /* send info to syslog(3) */
#define LASTLOG_QUIET 040 /* keep quiet about things */
+#define LASTLOG_WTMP 0100 /* log to wtmp as well as lastlog */
-static int _pam_parse(int flags, int argc, const char **argv)
+static int
+_pam_parse(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
- int ctrl=(LASTLOG_DATE|LASTLOG_HOST|LASTLOG_LINE);
+ int ctrl=(LASTLOG_DATE|LASTLOG_HOST|LASTLOG_LINE|LASTLOG_WTMP);
/* does the appliction require quiet? */
if (flags & PAM_SILENT) {
@@ -120,17 +94,19 @@ static int _pam_parse(int flags, int argc, const char **argv)
if (!strcmp(*argv,"debug")) {
ctrl |= LASTLOG_DEBUG;
} else if (!strcmp(*argv,"nodate")) {
- ctrl |= ~LASTLOG_DATE;
+ ctrl &= ~LASTLOG_DATE;
} else if (!strcmp(*argv,"noterm")) {
- ctrl |= ~LASTLOG_LINE;
+ ctrl &= ~LASTLOG_LINE;
} else if (!strcmp(*argv,"nohost")) {
- ctrl |= ~LASTLOG_HOST;
+ ctrl &= ~LASTLOG_HOST;
} else if (!strcmp(*argv,"silent")) {
ctrl |= LASTLOG_QUIET;
} else if (!strcmp(*argv,"never")) {
ctrl |= LASTLOG_NEVER;
+ } else if (!strcmp(*argv,"nowtmp")) {
+ ctrl &= ~LASTLOG_WTMP;
} else {
- _log_err(LOG_ERR,"unknown option; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
@@ -138,273 +114,269 @@ static int _pam_parse(int flags, int argc, const char **argv)
return ctrl;
}
-/* a front end for conversations */
-
-static int converse(pam_handle_t *pamh, int ctrl, int nargs
- , struct pam_message **message
- , struct pam_response **response)
+static const char *
+get_tty(pam_handle_t *pamh)
{
- int retval;
- struct pam_conv *conv;
+ const void *void_terminal_line = NULL;
+ const char *terminal_line;
- D(("begin to converse"));
+ if (pam_get_item(pamh, PAM_TTY, &void_terminal_line) != PAM_SUCCESS
+ || void_terminal_line == NULL) {
+ terminal_line = DEFAULT_TERM;
+ } else {
+ terminal_line = void_terminal_line;
+ }
+ if (!strncmp("/dev/", terminal_line, 5)) {
+ /* strip leading "/dev/" from tty. */
+ terminal_line += 5;
+ }
+ D(("terminal = %s", terminal_line));
+ return terminal_line;
+}
- retval = pam_get_item( pamh, PAM_CONV, (const void **) &conv ) ;
- if ( retval == PAM_SUCCESS && conv) {
+static int
+last_login_read(pam_handle_t *pamh, int announce, int last_fd, uid_t uid)
+{
+ struct flock last_lock;
+ struct lastlog last_login;
+ int retval = PAM_SUCCESS;
+ char the_time[256];
+ char *date = NULL;
+ char *host = NULL;
+ char *line = NULL;
+
+ memset(&last_lock, 0, sizeof(last_lock));
+ last_lock.l_type = F_RDLCK;
+ last_lock.l_whence = SEEK_SET;
+ last_lock.l_start = sizeof(last_login) * (off_t) uid;
+ last_lock.l_len = sizeof(last_login);
+
+ if (fcntl(last_fd, F_SETLK, &last_lock) < 0) {
+ D(("locking %s failed..(waiting a little)", _PATH_LASTLOG));
+ pam_syslog(pamh, LOG_WARNING,
+ "file %s is locked/read", _PATH_LASTLOG);
+ sleep(LASTLOG_IGNORE_LOCK_TIME);
+ }
- retval = conv->conv(nargs, ( const struct pam_message ** ) message
- , response, conv->appdata_ptr);
+ if (pam_modutil_read(last_fd, (char *) &last_login,
+ sizeof(last_login)) != sizeof(last_login)) {
+ memset(&last_login, 0, sizeof(last_login));
+ }
- D(("returned from application's conversation function"));
+ last_lock.l_type = F_UNLCK;
+ (void) fcntl(last_fd, F_SETLK, &last_lock); /* unlock */
- if (retval != PAM_SUCCESS && (ctrl & LASTLOG_DEBUG) ) {
- _log_err(LOG_DEBUG, "conversation failure [%s]"
- , pam_strerror(pamh, retval));
+ if (!last_login.ll_time) {
+ if (announce & LASTLOG_DEBUG) {
+ pam_syslog(pamh, LOG_DEBUG,
+ "first login for user with uid %lu",
+ (unsigned long int)uid);
}
-
- } else {
- _log_err(LOG_ERR, "couldn't obtain coversation function [%s]"
- , pam_strerror(pamh, retval));
- if (retval == PAM_SUCCESS)
- retval = PAM_BAD_ITEM; /* conv was NULL */
}
- D(("ready to return from module conversation"));
+ if (!(announce & LASTLOG_QUIET)) {
- return retval; /* propagate error status */
-}
+ if (last_login.ll_time) {
-static int make_remark(pam_handle_t *pamh, int ctrl, const char *remark)
-{
- int retval;
+ /* we want the date? */
+ if (announce & LASTLOG_DATE) {
+ struct tm *tm, tm_buf;
+ time_t ll_time;
- if (!(ctrl & LASTLOG_QUIET)) {
- struct pam_message msg[1], *mesg[1];
- struct pam_response *resp=NULL;
+ ll_time = last_login.ll_time;
+ tm = localtime_r (&ll_time, &tm_buf);
+ strftime (the_time, sizeof (the_time),
+ /* TRANSLATORS: "strftime options for date of last login" */
+ _(" %a %b %e %H:%M:%S %Z %Y"), tm);
- mesg[0] = &msg[0];
- msg[0].msg_style = PAM_TEXT_INFO;
- msg[0].msg = remark;
+ date = the_time;
+ }
- retval = converse(pamh, ctrl, 1, mesg, &resp);
+ /* we want & have the host? */
+ if ((announce & LASTLOG_HOST)
+ && (last_login.ll_host[0] != '\0')) {
+ /* TRANSLATORS: " from <host>" */
+ if (asprintf(&host, _(" from %.*s"), UT_HOSTSIZE,
+ last_login.ll_host) < 0) {
+ pam_syslog(pamh, LOG_ERR, "out of memory");
+ retval = PAM_BUF_ERR;
+ goto cleanup;
+ }
+ }
+
+ /* we want and have the terminal? */
+ if ((announce & LASTLOG_LINE)
+ && (last_login.ll_line[0] != '\0')) {
+ /* TRANSLATORS: " on <terminal>" */
+ if (asprintf(&line, _(" on %.*s"), UT_LINESIZE,
+ last_login.ll_line) < 0) {
+ pam_syslog(pamh, LOG_ERR, "out of memory");
+ retval = PAM_BUF_ERR;
+ goto cleanup;
+ }
+ }
- msg[0].msg = NULL;
- if (resp) {
- _pam_drop_reply(resp, 1);
+ /* TRANSLATORS: "Last login: <date> from <host> on <terminal>" */
+ retval = pam_info(pamh, _("Last login:%s%s%s"),
+ date ? date : "",
+ host ? host : "",
+ line ? line : "");
+ } else if (announce & LASTLOG_NEVER) {
+ D(("this is the first time this user has logged in"));
+ retval = pam_info(pamh, "%s", _("Welcome to your new account!"));
}
- } else {
- D(("keeping quiet"));
- retval = PAM_SUCCESS;
}
- D(("returning %s", pam_strerror(pamh, retval)));
+ /* cleanup */
+ cleanup:
+ memset(&last_login, 0, sizeof(last_login));
+ _pam_overwrite(date);
+ _pam_overwrite(host);
+ _pam_drop(host);
+ _pam_overwrite(line);
+ _pam_drop(line);
+
return retval;
}
-/*
- * Values for the announce flags..
- */
-
-static int last_login_date(pam_handle_t *pamh, int announce, uid_t uid)
+static int
+last_login_write(pam_handle_t *pamh, int announce, int last_fd,
+ uid_t uid, const char *user)
{
struct flock last_lock;
struct lastlog last_login;
- int retval = PAM_SESSION_ERR;
- int last_fd;
-
- /* obtain the last login date and all the relevant info */
- last_fd = open(_PATH_LASTLOG, O_RDWR);
- if (last_fd < 0) {
- D(("unable to open the %s file", _PATH_LASTLOG));
- if (announce & LASTLOG_DEBUG) {
- _log_err(LOG_DEBUG, "unable to open %s file", _PATH_LASTLOG);
- }
- retval = PAM_PERM_DENIED;
- } else {
- int win;
+ time_t ll_time;
+ const void *void_remote_host = NULL;
+ const char *remote_host;
+ const char *terminal_line;
+ int retval = PAM_SUCCESS;
+
+ /* rewind */
+ if (lseek(last_fd, sizeof(last_login) * (off_t) uid, SEEK_SET) < 0) {
+ pam_syslog(pamh, LOG_ERR, "failed to lseek %s: %m", _PATH_LASTLOG);
+ return PAM_SERVICE_ERR;
+ }
- /* read the lastlogin file - for this uid */
- (void) lseek(last_fd, sizeof(last_login) * (off_t) uid, SEEK_SET);
+ /* set this login date */
+ D(("set the most recent login time"));
+ (void) time(&ll_time); /* set the time */
+ last_login.ll_time = ll_time;
- memset(&last_lock, 0, sizeof(last_lock));
- last_lock.l_type = F_RDLCK;
- last_lock.l_whence = SEEK_SET;
- last_lock.l_start = sizeof(last_login) * (off_t) uid;
- last_lock.l_len = sizeof(last_login);
+ /* set the remote host */
+ if (pam_get_item(pamh, PAM_RHOST, &void_remote_host) != PAM_SUCCESS
+ || void_remote_host == NULL) {
+ remote_host = DEFAULT_HOST;
+ } else {
+ remote_host = void_remote_host;
+ }
- if ( fcntl(last_fd, F_SETLK, &last_lock) < 0 ) {
- D(("locking %s failed..(waiting a little)", _PATH_LASTLOG));
- _log_err(LOG_ALERT, "%s file is locked/read", _PATH_LASTLOG);
- sleep(LASTLOG_IGNORE_LOCK_TIME);
- }
+ /* copy to last_login */
+ last_login.ll_host[0] = '\0';
+ strncat(last_login.ll_host, remote_host, sizeof(last_login.ll_host)-1);
- win = (_pammodutil_read (last_fd, (char *) &last_login,
- sizeof(last_login)) == sizeof(last_login));
+ /* set the terminal line */
+ terminal_line = get_tty(pamh);
- last_lock.l_type = F_UNLCK;
- (void) fcntl(last_fd, F_SETLK, &last_lock); /* unlock */
+ /* copy to last_login */
+ last_login.ll_line[0] = '\0';
+ strncat(last_login.ll_line, terminal_line, sizeof(last_login.ll_line)-1);
+ terminal_line = NULL;
- if (!win) {
- D(("First login for user uid=%d", _PATH_LASTLOG, uid));
- if (announce & LASTLOG_DEBUG) {
- _log_err(LOG_DEBUG, "creating lastlog for uid %d", uid);
- }
- memset(&last_login, 0, sizeof(last_login));
- }
+ D(("locking lastlog file"));
- /* rewind */
- (void) lseek(last_fd, sizeof(last_login) * (off_t) uid, SEEK_SET);
+ /* now we try to lock this file-record exclusively; non-blocking */
+ memset(&last_lock, 0, sizeof(last_lock));
+ last_lock.l_type = F_WRLCK;
+ last_lock.l_whence = SEEK_SET;
+ last_lock.l_start = sizeof(last_login) * (off_t) uid;
+ last_lock.l_len = sizeof(last_login);
- if (!(announce & LASTLOG_QUIET)) {
- if (last_login.ll_time) {
- time_t ll_time;
- char *the_time;
- char *remark;
+ if (fcntl(last_fd, F_SETLK, &last_lock) < 0) {
+ D(("locking %s failed..(waiting a little)", _PATH_LASTLOG));
+ pam_syslog(pamh, LOG_WARNING, "file %s is locked/write", _PATH_LASTLOG);
+ sleep(LASTLOG_IGNORE_LOCK_TIME);
+ }
- ll_time = last_login.ll_time;
- the_time = ctime(&ll_time);
- the_time[-1+strlen(the_time)] = '\0'; /* delete '\n' */
+ D(("writing to the lastlog file"));
+ if (pam_modutil_write (last_fd, (char *) &last_login,
+ sizeof (last_login)) != sizeof(last_login)) {
+ pam_syslog(pamh, LOG_ERR, "failed to write %s: %m", _PATH_LASTLOG);
+ retval = PAM_SERVICE_ERR;
+ }
- remark = malloc(LASTLOG_MAXSIZE);
- if (remark == NULL) {
- D(("no memory for last login remark"));
- retval = PAM_BUF_ERR;
- } else {
- int at;
-
- /* printing prefix */
- at = sprintf(remark, "%s", LASTLOG_INTRO);
-
- /* we want the date? */
- if (announce & LASTLOG_DATE) {
- at += sprintf(remark+at, LASTLOG_TIME, the_time);
- }
-
- /* we want & have the host? */
- if ((announce & LASTLOG_HOST)
- && (last_login.ll_host[0] != '\0')) {
- char format[2*sizeof(_LASTLOG_HOST_FORMAT)];
-
- (void) sprintf(format, _LASTLOG_HOST_FORMAT
- , UT_HOSTSIZE);
- D(("format: %s", format));
- at += sprintf(remark+at, format, last_login.ll_host);
- _pam_overwrite(format);
- }
-
- /* we want and have the terminal? */
- if ((announce & LASTLOG_LINE)
- && (last_login.ll_line[0] != '\0')) {
- char format[2*sizeof(_LASTLOG_LINE_FORMAT)];
-
- (void) sprintf(format, _LASTLOG_LINE_FORMAT
- , UT_LINESIZE);
- D(("format: %s", format));
- at += sprintf(remark+at, format, last_login.ll_line);
- _pam_overwrite(format);
- }
-
- /* display requested combo */
- sprintf(remark+at, "%s", LASTLOG_TAIL);
-
- retval = make_remark(pamh, announce, remark);
-
- /* free all the stuff malloced */
- _pam_overwrite(remark);
- _pam_drop(remark);
- }
- } else if ((!last_login.ll_time) && (announce & LASTLOG_NEVER)) {
- D(("this is the first time this user has logged in"));
- retval = make_remark(pamh, announce, LASTLOG_NEVER_WELCOME);
- }
- } else {
- D(("no text was requested"));
- retval = PAM_SUCCESS;
- }
+ last_lock.l_type = F_UNLCK;
+ (void) fcntl(last_fd, F_SETLK, &last_lock); /* unlock */
+ D(("unlocked"));
- /* write latest value */
- {
- time_t ll_time;
- const char *remote_host=NULL
- , *terminal_line=DEFAULT_TERM;
+ if (announce & LASTLOG_WTMP) {
+ /* write wtmp entry for user */
+ logwtmp(last_login.ll_line, user, remote_host);
+ }
- /* set this login date */
- D(("set the most recent login time"));
+ /* cleanup */
+ memset(&last_login, 0, sizeof(last_login));
- (void) time(&ll_time); /* set the time */
- last_login.ll_time = ll_time;
+ return retval;
+}
- /* set the remote host */
- (void) pam_get_item(pamh, PAM_RHOST, (const void **)&remote_host);
- if (remote_host == NULL) {
- remote_host = DEFAULT_HOST;
- }
+static int
+last_login_date(pam_handle_t *pamh, int announce, uid_t uid, const char *user)
+{
+ int retval;
+ int last_fd;
- /* copy to last_login */
- strncpy(last_login.ll_host, remote_host,
- sizeof(last_login.ll_host));
- last_login.ll_host[sizeof(last_login.ll_host) - 1] = '\0';
- remote_host = NULL;
-
- /* set the terminal line */
- (void) pam_get_item(pamh, PAM_TTY, (const void **)&terminal_line);
- D(("terminal = %s", terminal_line));
- if (terminal_line == NULL) {
- terminal_line = DEFAULT_TERM;
- } else if ( !strncmp("/dev/", terminal_line, 5) ) {
- /* strip leading "/dev/" from tty.. */
- terminal_line += 5;
- }
- D(("terminal = %s", terminal_line));
-
- /* copy to last_login */
- strncpy(last_login.ll_line, terminal_line,
- sizeof(last_login.ll_line));
- last_login.ll_host[sizeof(last_login.ll_host) - 1] = '\0';
- terminal_line = NULL;
-
- D(("locking last_log file"));
-
- /* now we try to lock this file-record exclusively; non-blocking */
- memset(&last_lock, 0, sizeof(last_lock));
- last_lock.l_type = F_WRLCK;
- last_lock.l_whence = SEEK_SET;
- last_lock.l_start = sizeof(last_login) * (off_t) uid;
- last_lock.l_len = sizeof(last_login);
-
- if ( fcntl(last_fd, F_SETLK, &last_lock) < 0 ) {
- D(("locking %s failed..(waiting a little)", _PATH_LASTLOG));
- _log_err(LOG_ALERT, "%s file is locked/write", _PATH_LASTLOG);
- sleep(LASTLOG_IGNORE_LOCK_TIME);
- }
+ /* obtain the last login date and all the relevant info */
+ last_fd = open(_PATH_LASTLOG, O_RDWR);
+ if (last_fd < 0) {
+ if (errno == ENOENT) {
+ last_fd = open(_PATH_LASTLOG, O_RDWR|O_CREAT,
+ S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
+ if (last_fd < 0) {
+ pam_syslog(pamh, LOG_ERR,
+ "unable to create %s: %m", _PATH_LASTLOG);
+ D(("unable to create %s file", _PATH_LASTLOG));
+ return PAM_SERVICE_ERR;
+ }
+ pam_syslog(pamh, LOG_WARNING,
+ "file %s created", _PATH_LASTLOG);
+ D(("file %s created", _PATH_LASTLOG));
+ } else {
+ pam_syslog(pamh, LOG_ERR, "unable to open %s: %m", _PATH_LASTLOG);
+ D(("unable to open %s file", _PATH_LASTLOG));
+ return PAM_SERVICE_ERR;
+ }
+ }
- D(("writing to the last_log file"));
- _pammodutil_write (last_fd, (char *) &last_login,
- sizeof (last_login));
+ if (lseek(last_fd, sizeof(struct lastlog) * (off_t) uid, SEEK_SET) < 0) {
+ pam_syslog(pamh, LOG_ERR, "failed to lseek %s: %m", _PATH_LASTLOG);
+ D(("unable to lseek %s file", _PATH_LASTLOG));
+ return PAM_SERVICE_ERR;
+ }
- last_lock.l_type = F_UNLCK;
- (void) fcntl(last_fd, F_SETLK, &last_lock); /* unlock */
- D(("unlocked"));
+ retval = last_login_read(pamh, announce, last_fd, uid);
+ if (retval != PAM_SUCCESS)
+ {
+ close(last_fd);
+ D(("error while reading lastlog file"));
+ return retval;
+ }
- close(last_fd); /* all done */
- }
- D(("all done with last login"));
- }
+ retval = last_login_write(pamh, announce, last_fd, uid, user);
- /* reset the last login structure */
- memset(&last_login, 0, sizeof(last_login));
+ close(last_fd);
+ D(("all done with last login"));
return retval;
}
/* --- authentication management functions (only) --- */
-PAM_EXTERN
-int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc
- , const char **argv)
+PAM_EXTERN int
+pam_sm_open_session(pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
{
int retval, ctrl;
- const char *user;
+ const void *user;
const struct passwd *pwd;
uid_t uid;
@@ -413,29 +385,29 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc
* last login info and then updates the lastlog for that user.
*/
- ctrl = _pam_parse(flags, argc, argv);
+ ctrl = _pam_parse(pamh, flags, argc, argv);
/* which user? */
- retval = pam_get_item(pamh, PAM_USER, (const void **)&user);
- if (retval != PAM_SUCCESS || user == NULL || *user == '\0') {
- _log_err(LOG_NOTICE, "user unknown");
+ retval = pam_get_item(pamh, PAM_USER, &user);
+ if (retval != PAM_SUCCESS || user == NULL || *(const char *)user == '\0') {
+ pam_syslog(pamh, LOG_NOTICE, "user unknown");
return PAM_USER_UNKNOWN;
}
/* what uid? */
- pwd = _pammodutil_getpwnam (pamh, user);
+ pwd = pam_modutil_getpwnam (pamh, user);
if (pwd == NULL) {
D(("couldn't identify user %s", user));
- return PAM_CRED_INSUFFICIENT;
+ return PAM_USER_UNKNOWN;
}
uid = pwd->pw_uid;
pwd = NULL; /* tidy up */
/* process the current login attempt (indicate last) */
- retval = last_login_date(pamh, ctrl, uid);
+ retval = last_login_date(pamh, ctrl, uid, user);
/* indicate success or failure */
@@ -444,10 +416,20 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc
return retval;
}
-PAM_EXTERN
-int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_close_session (pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
{
+ const char *terminal_line;
+
+ if (!(_pam_parse(pamh, flags, argc, argv) & LASTLOG_WTMP))
+ return PAM_SUCCESS;
+
+ terminal_line = get_tty(pamh);
+
+ /* Wipe out utmp logout entry */
+ logwtmp(terminal_line, "", "");
+
return PAM_SUCCESS;
}
diff --git a/Linux-PAM/modules/pam_lastlog/tst-pam_lastlog b/Linux-PAM/modules/pam_lastlog/tst-pam_lastlog
new file mode 100755
index 00000000..ea9a5eb0
--- /dev/null
+++ b/Linux-PAM/modules/pam_lastlog/tst-pam_lastlog
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_lastlog.so
diff --git a/Linux-PAM/modules/pam_limits/Makefile b/Linux-PAM/modules/pam_limits/Makefile
deleted file mode 100644
index d15fd9f7..00000000
--- a/Linux-PAM/modules/pam_limits/Makefile
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# $Id: Makefile,v 1.4 2004/09/28 13:48:47 kukuk Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-
-include ../../Make.Rules
-
-TITLE=pam_limits
-
-ifeq ($(OS),linux)
-
-LOCAL_CONFILE=./limits.skel
-INSTALLED_CONFILE=$(SCONFIGD)/limits.conf
-
-DEFS=-DDEFAULT_CONF_FILE=\"$(INSTALLED_CONFILE)\"
-CFLAGS += $(DEFS)
-
-MODULE_SIMPLE_INSTALL=bash -f ../install_conf "$(FAKEROOT)" "$(SCONFIGD)" "$(INSTALLED_CONFILE)" "$(TITLE)" "$(LOCAL_CONFILE)"
-MODULE_SIMPLE_REMOVE=rm -f $(FAKEROOT)$(INSTALLED_CONFILE)
-MODULE_SIMPLE_CLEAN=rm -f ./.ignore_age
-ifeq ($(HAVE_LIBCAP),yes)
-MODULE_SIMPLE_EXTRALIBS=-lcap
-endif
-
-include ../Simple.Rules
-
-#else
-#include ../dont_makefile
-#endif
-else
-
-include ../dont_makefile
-
-endif
diff --git a/Linux-PAM/modules/pam_limits/Makefile.am b/Linux-PAM/modules/pam_limits/Makefile.am
new file mode 100644
index 00000000..be2852a9
--- /dev/null
+++ b/Linux-PAM/modules/pam_limits/Makefile.am
@@ -0,0 +1,34 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) limits.conf tst-pam_limits
+
+man_MANS = limits.conf.5 pam_limits.8
+XMLS = README.xml limits.conf.5.xml pam_limits.8.xml
+
+TESTS = tst-pam_limits
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DLIMITS_FILE=\"$(SCONFIGDIR)/limits.conf\"
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_limits.la
+
+secureconf_DATA = limits.conf
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_limits.8.xml limits.conf.5.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_limits/Makefile.in b/Linux-PAM/modules/pam_limits/Makefile.in
new file mode 100644
index 00000000..a50dbff9
--- /dev/null
+++ b/Linux-PAM/modules/pam_limits/Makefile.in
@@ -0,0 +1,736 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_limits
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" \
+ "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_limits_la_LIBADD =
+pam_limits_la_SOURCES = pam_limits.c
+pam_limits_la_OBJECTS = pam_limits.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_limits.c
+DIST_SOURCES = pam_limits.c
+man5dir = $(mandir)/man5
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+secureconfDATA_INSTALL = $(INSTALL_DATA)
+DATA = $(noinst_DATA) $(secureconf_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) limits.conf tst-pam_limits
+man_MANS = limits.conf.5 pam_limits.8
+XMLS = README.xml limits.conf.5.xml pam_limits.8.xml
+TESTS = tst-pam_limits
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DLIMITS_FILE=\"$(SCONFIGDIR)/limits.conf\"
+
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_limits.la
+secureconf_DATA = limits.conf
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_limits/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_limits/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_limits.la: $(pam_limits_la_OBJECTS) $(pam_limits_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_limits_la_OBJECTS) $(pam_limits_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_limits.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man5: $(man5_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)"
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+uninstall-man5:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+install-secureconfDATA: $(secureconf_DATA)
+ @$(NORMAL_INSTALL)
+ test -z "$(secureconfdir)" || $(MKDIR_P) "$(DESTDIR)$(secureconfdir)"
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(secureconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ $(secureconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+uninstall-secureconfDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-secureconfDATA \
+ install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man5 install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-secureconfDATA \
+ uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man5 uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man5 install-man8 \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-secureconfDATA install-securelibLTLIBRARIES \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-man \
+ uninstall-man5 uninstall-man8 uninstall-secureconfDATA \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_limits.8.xml limits.conf.5.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_limits/README b/Linux-PAM/modules/pam_limits/README
index 32afb197..adab19df 100644
--- a/Linux-PAM/modules/pam_limits/README
+++ b/Linux-PAM/modules/pam_limits/README
@@ -1,110 +1,50 @@
+pam_limits — PAM module to limit resources
-pam_limits module:
- Imposing user limits on login.
-
-THEORY OF OPERATION:
-
-First, make a root-only-readable file (/etc/security/limits.conf by
-default or INSTALLED_CONFILE defined Makefile) that describes the
-resource limits you wish to impose. No limits are imposed on UID 0
-accounts.
-
-Each line describes a limit for a user in the form:
-
-<domain> <type> <item> <value>
-
-Where:
-<domain> can be:
- - an user name
- - a group name, with @group syntax
- - the wildcard *, for default entry
-
-<type> can have the three values:
- - "soft" for enforcing the soft limits
- - "hard" for enforcing hard limits
- - "-" for enforcing both soft and hard limits
-
-<item> can be one of the following:
- - core - limits the core file size (KB)
- - data - max data size (KB)
- - fsize - maximum filesize (KB)
- - memlock - max locked-in-memory address space (KB)
- - nofile - max number of open files
- - rss - max resident set size (KB)
- - stack - max stack size (KB)
- - cpu - max CPU time (MIN)
- - nproc - max number of processes
- - as - address space limit
- - maxlogins - max number of logins for this user
- - maxsyslogins - max number of logins on the system
- - priority - lower the priority by given value (value can be -ve)
- - locks - max locked files (Linux 2.4 and higher)
- - sigpending - max number of pending signals (Linux 2.6 and higher)
- - msgqueue - max memory used by POSIX message queues (bytes)
- (Linux 2.6 and higher)
-
-Note, if you specify a type of '-' but neglect to supply the item and
-value fields then the module will never enforce any limits on the
-specified user/group etc. .
-
-Please remember that individual limits have priority over group
-limits, so if you impose no limits for admin group, but one of the
-members in this group has a limits line, the user will have its limits
-set according to this line.
-
-Also, please note that all limit settings are set PER LOGIN. They are
-not global, nor are they permanent (they apply for the session only).
-
-In the LIMITS_FILE, the # character introduces a comment - the rest of the
-line is ignored.
-
-The pam_limits module does its best to report configuration problems found
-in LIMITS_FILE via syslog.
-
-EXAMPLE configuration file:
-===========================
-* soft core 0
-* hard rss 10000
-@student hard nproc 20
-@faculty soft nproc 20
-@faculty hard nproc 50
-ftp hard nproc 0
-@student - maxlogins 4
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_limits PAM module sets limits on the system resources that can be
+obtained in a user-session. Users of uid=0 are affected by this limits, too.
+
+By default limits are taken from the /etc/security/limits.conf config file.
+
+OPTIONS
+change_uid
-ARGUMENTS RECOGNIZED:
- debug verbose logging
+ Change real uid to the user for who the limits are set up. Use this option
+ if you have problems like login not forking a shell for user who has no
+ processes. Be warned that something else may break when you do this.
- conf=/path/to/file the limits configuration file if different from the
- one set at compile time.
+conf=/path/to/limits.conf
- change_uid change real uid to the user for who the limits
- are set up. Use this option if you have problems
- like login not forking a shell for user who has
- no processes. Be warned that something else
- may break when you do this.
+ Indicate an alternative limits.conf style configuration file to override
+ the default.
- utmp_early some broken applications actually allocate a
- utmp entry for the user before the user is
- admitted to the system. If the service you are
- configuring PAM for does this, you can use
- this module argument to compensate for this
- brokenness.
+debug
-MODULE SERVICES PROVIDED:
- session _open_session and _close_session (blank)
+ Print debug information.
-USAGE:
- For the services you need resources limits (login for example) put a
- the following line in /etc/pam.conf as the last line for that
- service (usually after the pam_unix session line:
+utmp_early
- login session required /lib/security/pam_limits.so
+ Some broken applications actually allocate a utmp entry for the user before
+ the user is admitted to the system. If some of the services you are
+ configuring PAM for do this, you can selectively use this module argument
+ to compensate for this behavior and at the same time maintain system-wide
+ consistency with a single limits.conf file.
+
+EXAMPLES
+
+These are some example lines which might be specified in /etc/security/
+limits.conf.
+
+* soft core 0
+* hard rss 10000
+@student hard nproc 20
+@faculty soft nproc 20
+@faculty hard nproc 50
+ftp hard nproc 0
+@student - maxlogins 4
- Replace "login" for each service you are using this module, replace
- "/lib/security" path with your real modules path.
-AUTHOR:
- Cristian Gafton <gafton@redhat.com>
- Thanks to Elliot Lee <sopwith@redhat.com> for his comments on
- improving this module, and Jens Sorensen for Linux 2.4 updates.
diff --git a/Linux-PAM/modules/pam_limits/README.xml b/Linux-PAM/modules/pam_limits/README.xml
new file mode 100644
index 00000000..964a5a21
--- /dev/null
+++ b/Linux-PAM/modules/pam_limits/README.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamlimits SYSTEM "pam_limits.8.xml">
+-->
+<!--
+<!ENTITY limitsconf SYSTEM "limits.conf.5.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_limits.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_limits-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_limits.8.xml" xpointer='xpointer(//refsect1[@id = "pam_limits-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_limits.8.xml" xpointer='xpointer(//refsect1[@id = "pam_limits-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="limits.conf.5.xml" xpointer='xpointer(//refsect1[@id = "limits.conf-examples"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_limits/limits.skel b/Linux-PAM/modules/pam_limits/limits.conf
index 9ba31b19..c52778b1 100644
--- a/Linux-PAM/modules/pam_limits/limits.skel
+++ b/Linux-PAM/modules/pam_limits/limits.conf
@@ -28,10 +28,13 @@
# - nproc - max number of processes
# - as - address space limit
# - maxlogins - max number of logins for this user
+# - maxsyslogins - max number of logins on the system
# - priority - the priority to run user process with
# - locks - max number of file locks the user can hold
# - sigpending - max number of pending signals
# - msgqueue - max memory used by POSIX message queues (bytes)
+# - nice - max nice priority allowed to raise to
+# - rtprio - max realtime priority
#
#<domain> <type> <item> <value>
#
diff --git a/Linux-PAM/modules/pam_limits/limits.conf.5 b/Linux-PAM/modules/pam_limits/limits.conf.5
new file mode 100644
index 00000000..e6ba853f
--- /dev/null
+++ b/Linux-PAM/modules/pam_limits/limits.conf.5
@@ -0,0 +1,172 @@
+.\" Title: limits.conf
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/22/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "LIMITS.CONF" "5" "06/22/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+limits.conf \- configuration file for the pam_limits module
+.SH "DESCRIPTION"
+.PP
+The syntax of the lines is as follows:
+.PP
+
+\fI<domain>\fR
+\fI<type>\fR
+\fI<item>\fR
+\fI<value>\fR
+.PP
+The fields listed above should be filled as follows:
+.TP 3n
+\fB<domain>\fR
+.RS 3n
+.TP 3n
+\(bu
+a username
+.TP 3n
+\(bu
+a groupname, with
+\fB@group\fR
+syntax. This should not be confused with netgroups.
+.TP 3n
+\(bu
+the wildcard
+\fB*\fR, for default entry.
+.TP 3n
+\(bu
+the wildcard
+\fB%\fR, for maxlogins limit only, can also be used with
+\fI%group\fR
+syntax.
+.RE
+.TP 3n
+\fB<type>\fR
+.RS 3n
+.TP 3n
+\fBhard\fR
+for enforcing
+\fBhard\fR
+resource limits. These limits are set by the superuser and enforced by the Kernel. The user cannot raise his requirement of system resources above such values.
+.TP 3n
+\fBsoft\fR
+for enforcing
+\fBsoft\fR
+resource limits. These limits are ones that the user can move up or down within the permitted range by any pre\-exisiting
+\fBhard\fR
+limits. The values specified with this token can be thought of as
+\fIdefault\fR
+values, for normal system usage.
+.TP 3n
+\fB\-\fR
+for enforcing both
+\fBsoft\fR
+and
+\fBhard\fR
+resource limits together.
+.sp
+Note, if you specify a type of '\-' but neglect to supply the item and value fields then the module will never enforce any limits on the specified user/group etc. .
+.RE
+.TP 3n
+\fB<item>\fR
+.RS 3n
+.TP 3n
+\fBcore\fR
+limits the core file size (KB)
+.TP 3n
+\fBdata\fR
+maximum data size (KB)
+.TP 3n
+\fBfsize\fR
+maximum filesize (KB)
+.TP 3n
+\fBmemlock\fR
+maximum locked\-in\-memory address space (KB)
+.TP 3n
+\fBnofile\fR
+maximum number of open files
+.TP 3n
+\fBrss\fR
+maximum resident set size (KB)
+.TP 3n
+\fBstack\fR
+maximum stack size (KB)
+.TP 3n
+\fBcpu\fR
+maximum CPU time (minutes)
+.TP 3n
+\fBnproc\fR
+maximum number of processes
+.TP 3n
+\fBas\fR
+address space limit
+.TP 3n
+\fBmaxlogins\fR
+maximum number of logins for this user
+.TP 3n
+\fBmaxsyslogins\fR
+maximum number of logins on system
+.TP 3n
+\fBpriority\fR
+the priority to run user process with (negative values boost process priority)
+.TP 3n
+\fBlocks\fR
+maximum locked files (Linux 2.4 and higher)
+.TP 3n
+\fBsigpending\fR
+maximum number of pending signals (Linux 2.6 and higher)
+.TP 3n
+\fBmsqqueue\fR
+maximum memory used by POSIX message queues (bytes) (Linux 2.6 and higher)
+.TP 3n
+\fBnice\fR
+maximum nice priority allowed to raise to (Linux 2.6.12 and higher)
+.TP 3n
+\fBrtprio\fR
+maximum realtime priority allowed for non\-privileged processes (Linux 2.6.12 and higher)
+.RE
+.PP
+In general, individual limits have priority over group limits, so if you impose no limits for
+\fIadmin\fR
+group, but one of the members in this group have a limits line, the user will have its limits set according to this line.
+.PP
+Also, please note that all limit settings are set
+\fIper login\fR. They are not global, nor are they permanent; existing only for the duration of the session.
+.PP
+In the
+\fIlimits\fR
+configuration file, the '\fB#\fR' character introduces a comment \- after which the rest of the line is ignored.
+.PP
+The pam_limits module does its best to report configuration problems found in its configuration file via
+\fBsyslog\fR(3).
+.SH "EXAMPLES"
+.PP
+These are some example lines which might be specified in
+\fI/etc/security/limits.conf\fR.
+.sp
+.RS 3n
+.nf
+* soft core 0
+* hard rss 10000
+@student hard nproc 20
+@faculty soft nproc 20
+@faculty hard nproc 50
+ftp hard nproc 0
+@student \- maxlogins 4
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBpam_limits\fR(8),
+\fBpam.d\fR(5),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_limits was initially written by Cristian Gafton <gafton@redhat.com>
diff --git a/Linux-PAM/modules/pam_limits/limits.conf.5.xml b/Linux-PAM/modules/pam_limits/limits.conf.5.xml
new file mode 100644
index 00000000..28df7381
--- /dev/null
+++ b/Linux-PAM/modules/pam_limits/limits.conf.5.xml
@@ -0,0 +1,286 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="limits.conf">
+
+ <refmeta>
+ <refentrytitle>limits.conf</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv>
+ <refname>limits.conf</refname>
+ <refpurpose>configuration file for the pam_limits module</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='limits.conf-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The syntax of the lines is as follows:
+ </para>
+ <para>
+ <replaceable>&lt;domain&gt;</replaceable> <replaceable>&lt;type&gt;</replaceable>
+ <replaceable>&lt;item&gt;</replaceable> <replaceable>&lt;value&gt;</replaceable>
+ </para>
+ <para>
+ The fields listed above should be filled as follows:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>&lt;domain&gt;</option>
+ </term>
+ <listitem>
+ <itemizedlist>
+ <listitem>
+ <para>
+ a username
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ a groupname, with <emphasis remap='B'>@group</emphasis> syntax.
+ This should not be confused with netgroups.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ the wildcard <emphasis remap='B'>*</emphasis>, for default entry.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ the wildcard <emphasis remap='B'>%</emphasis>, for maxlogins limit only,
+ can also be used with <emphasis remap='b'>%group</emphasis> syntax.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>&lt;type&gt;</option>
+ </term>
+ <listitem>
+ <variablelist>
+ <varlistentry>
+ <term><option>hard</option></term>
+ <listitem>
+ <para>
+ for enforcing <emphasis remap='B'>hard</emphasis> resource limits.
+ These limits are set by the superuser and enforced by the Kernel.
+ The user cannot raise his requirement of system resources above such values.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>soft</option></term>
+ <listitem>
+ <para>
+ for enforcing <emphasis remap='B'>soft</emphasis> resource limits.
+ These limits are ones that the user can move up or down within the
+ permitted range by any pre-exisiting <emphasis remap='B'>hard</emphasis>
+ limits. The values specified with this token can be thought of as
+ <emphasis>default</emphasis> values, for normal system usage.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-</option></term>
+ <listitem>
+ <para>
+ for enforcing both <emphasis remap='B'>soft</emphasis> and
+ <emphasis remap='B'>hard</emphasis> resource limits together.
+ </para>
+ <para>
+ Note, if you specify a type of '-' but neglect to supply the
+ item and value fields then the module will never enforce any
+ limits on the specified user/group etc. .
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>&lt;item&gt;</option>
+ </term>
+ <listitem>
+ <variablelist>
+ <varlistentry>
+ <term><option>core</option></term>
+ <listitem>
+ <para>limits the core file size (KB)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>data</option></term>
+ <listitem>
+ <para>maximum data size (KB)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>fsize</option></term>
+ <listitem>
+ <para>maximum filesize (KB)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>memlock</option></term>
+ <listitem>
+ <para>maximum locked-in-memory address space (KB)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>nofile</option></term>
+ <listitem>
+ <para>maximum number of open files</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>rss</option></term>
+ <listitem>
+ <para>maximum resident set size (KB)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>stack</option></term>
+ <listitem>
+ <para>maximum stack size (KB)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>cpu</option></term>
+ <listitem>
+ <para>maximum CPU time (minutes)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>nproc</option></term>
+ <listitem>
+ <para>maximum number of processes</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>as</option></term>
+ <listitem>
+ <para>address space limit</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>maxlogins</option></term>
+ <listitem>
+ <para>maximum number of logins for this user</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>maxsyslogins</option></term>
+ <listitem>
+ <para>maximum number of logins on system</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>priority</option></term>
+ <listitem>
+ <para>the priority to run user process with (negative
+ values boost process priority)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>locks</option></term>
+ <listitem>
+ <para>maximum locked files (Linux 2.4 and higher)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>sigpending</option></term>
+ <listitem>
+ <para>maximum number of pending signals (Linux 2.6 and higher)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>msqqueue</option></term>
+ <listitem>
+ <para>maximum memory used by POSIX message queues (bytes)
+ (Linux 2.6 and higher)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>nice</option></term>
+ <listitem>
+ <para>maximum nice priority allowed to raise to (Linux 2.6.12 and higher)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>rtprio</option></term>
+ <listitem>
+ <para>maximum realtime priority allowed for non-privileged processes
+ (Linux 2.6.12 and higher)</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ <para>
+ In general, individual limits have priority over group limits, so if
+ you impose no limits for <emphasis>admin</emphasis> group, but one of
+ the members in this group have a limits line, the user will have its
+ limits set according to this line.
+ </para>
+ <para>
+ Also, please note that all limit settings are set
+ <emphasis>per login</emphasis>. They are not global, nor are they
+ permanent; existing only for the duration of the session.
+ </para>
+ <para>
+ In the <emphasis>limits</emphasis> configuration file, the
+ '<emphasis remap='B'>#</emphasis>' character introduces a comment
+ - after which the rest of the line is ignored.
+ </para>
+ <para>
+ The pam_limits module does its best to report configuration problems
+ found in its configuration file via <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="limits.conf-examples">
+ <title>EXAMPLES</title>
+ <para>
+ These are some example lines which might be specified in
+ <filename>/etc/security/limits.conf</filename>.
+ </para>
+ <programlisting>
+* soft core 0
+* hard rss 10000
+@student hard nproc 20
+@faculty soft nproc 20
+@faculty hard nproc 50
+ftp hard nproc 0
+@student - maxlogins 4
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id="limits.conf-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry><refentrytitle>pam_limits</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id="limits.conf-author">
+ <title>AUTHOR</title>
+ <para>
+ pam_limits was initially written by Cristian Gafton &lt;gafton@redhat.com&gt;
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_limits/pam_limits.8 b/Linux-PAM/modules/pam_limits/pam_limits.8
new file mode 100644
index 00000000..9083e14d
--- /dev/null
+++ b/Linux-PAM/modules/pam_limits/pam_limits.8
@@ -0,0 +1,97 @@
+.\" Title: pam_limits
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/17/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_LIMITS" "8" "06/17/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_limits \- PAM module to limit resources
+.SH "SYNOPSIS"
+.HP 14
+\fBpam_limits.so\fR [change_uid] [conf=\fI/path/to/limits.conf\fR] [debug] [utmp_early]
+.SH "DESCRIPTION"
+.PP
+The pam_limits PAM module sets limits on the system resources that can be obtained in a user\-session. Users of
+\fIuid=0\fR
+are affected by this limits, too.
+.PP
+By default limits are taken from the
+\fI/etc/security/limits.conf\fR
+config file.
+.SH "OPTIONS"
+.TP 3n
+\fBchange_uid\fR
+Change real uid to the user for who the limits are set up. Use this option if you have problems like login not forking a shell for user who has no processes. Be warned that something else may break when you do this.
+.TP 3n
+\fBconf=\fR\fB\fI/path/to/limits.conf\fR\fR
+Indicate an alternative limits.conf style configuration file to override the default.
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fButmp_early\fR
+Some broken applications actually allocate a utmp entry for the user before the user is admitted to the system. If some of the services you are configuring PAM for do this, you can selectively use this module argument to compensate for this behavior and at the same time maintain system\-wide consistency with a single limits.conf file.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBsession\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_ABORT
+Cannot get current limits.
+.TP 3n
+PAM_IGNORE
+No limits found for this user.
+.TP 3n
+PAM_PERM_DENIED
+New limits could not be set.
+.TP 3n
+PAM_SERVICE_ERR
+Cannot read config file.
+.TP 3n
+PAM_SESSEION_ERR
+Error recovering account name.
+.TP 3n
+PAM_SUCCESS
+Limits were changed.
+.TP 3n
+PAM_USER_UNKNOWN
+The user is not known to the system.
+.SH "FILES"
+.TP 3n
+\fI/etc/security/limits.conf\fR
+Default configuration file
+.SH "EXAMPLES"
+.PP
+For the services you need resources limits (login for example) put a the following line in
+\fI/etc/pam.d/login\fR
+as the last line for that service (usually after the pam_unix session line):
+.sp
+.RS 3n
+.nf
+#%PAM\-1.0
+#
+# Resource limits imposed on login sessions via pam_limits
+#
+session required pam_limits.so
+
+.fi
+.RE
+.PP
+Replace "login" for each service you are using this module.
+.SH "SEE ALSO"
+.PP
+
+\fBlimits.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8).
+.SH "AUTHORS"
+.PP
+pam_limits was initially written by Cristian Gafton <gafton@redhat.com>
diff --git a/Linux-PAM/modules/pam_limits/pam_limits.8.xml b/Linux-PAM/modules/pam_limits/pam_limits.8.xml
new file mode 100644
index 00000000..78060a20
--- /dev/null
+++ b/Linux-PAM/modules/pam_limits/pam_limits.8.xml
@@ -0,0 +1,230 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_limits'>
+
+ <refmeta>
+ <refentrytitle>pam_limits</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_limits-name'>
+ <refname>pam_limits</refname>
+ <refpurpose>
+ PAM module to limit resources
+ </refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_limits-cmdsynopsis">
+ <command>pam_limits.so</command>
+ <arg choice="opt">
+ change_uid
+ </arg>
+ <arg choice="opt">
+ conf=<replaceable>/path/to/limits.conf</replaceable>
+ </arg>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ utmp_early
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_limits-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_limits PAM module sets limits on the system resources that can be
+ obtained in a user-session. Users of <emphasis>uid=0</emphasis> are affected
+ by this limits, too.
+ </para>
+ <para>
+ By default limits are taken from the <filename>/etc/security/limits.conf</filename>
+ config file.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_limits-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>change_uid</option>
+ </term>
+ <listitem>
+ <para>
+ Change real uid to the user for who the limits are set up. Use this
+ option if you have problems like login not forking a shell for user
+ who has no processes. Be warned that something else may break when
+ you do this.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>conf=<replaceable>/path/to/limits.conf</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Indicate an alternative limits.conf style configuration file to
+ override the default.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>utmp_early</option>
+ </term>
+ <listitem>
+ <para>
+ Some broken applications actually allocate a utmp entry for
+ the user before the user is admitted to the system. If some
+ of the services you are configuring PAM for do this, you can
+ selectively use this module argument to compensate for this
+ behavior and at the same time maintain system-wide consistency
+ with a single limits.conf file.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_limits-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>session</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_limits-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ Cannot get current limits.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ No limits found for this user.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ New limits could not be set.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ Cannot read config file.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SESSEION_ERR</term>
+ <listitem>
+ <para>
+ Error recovering account name.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Limits were changed.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ The user is not known to the system.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_limits-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/security/limits.conf</filename></term>
+ <listitem>
+ <para>Default configuration file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_limits-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ For the services you need resources limits (login for example) put a
+ the following line in <filename>/etc/pam.d/login</filename> as the last
+ line for that service (usually after the pam_unix session line):
+ </para>
+ <programlisting>
+#%PAM-1.0
+#
+# Resource limits imposed on login sessions via pam_limits
+#
+session required pam_limits.so
+ </programlisting>
+ <para>
+ Replace "login" for each service you are using this module.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_limits-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>limits.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_limits-authors">
+ <title>AUTHORS</title>
+ <para>
+ pam_limits was initially written by Cristian Gafton &lt;gafton@redhat.com&gt;
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_limits/pam_limits.c b/Linux-PAM/modules/pam_limits/pam_limits.c
index 1482833a..20aa794a 100644
--- a/Linux-PAM/modules/pam_limits/pam_limits.c
+++ b/Linux-PAM/modules/pam_limits/pam_limits.c
@@ -13,11 +13,11 @@
* See end for Copyright information
*/
-#if !(defined(linux))
+#if !defined(linux) && !defined(__linux)
#error THIS CODE IS KNOWN TO WORK ONLY ON LINUX !!!
#endif
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#include <unistd.h>
@@ -30,6 +30,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/resource.h>
+#include <limits.h>
#include <utmp.h>
#ifndef UT_USER /* some systems have ut_name instead of ut_user */
@@ -60,6 +61,7 @@ static const char *limits_def_names[] = {
};
struct user_limits_struct {
+ int supported;
int src_soft;
int src_hard;
struct rlimit limit;
@@ -72,7 +74,6 @@ struct pam_limit_s {
int flag_numsyslogins; /* whether to limit logins only for a
specific user or to count all logins */
int priority; /* the priority to run user process with */
- int supported[RLIM_NLIMITS];
struct user_limits_struct limits[RLIM_NLIMITS];
char conf_file[BUFSIZ];
int utmp_after_pam_call;
@@ -91,19 +92,8 @@ struct pam_limit_s {
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-#include <security/_pam_modutil.h>
-
-/* logging */
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("pam_limits", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/* argument parsing */
@@ -111,7 +101,9 @@ static void _pam_log(int err, const char *format, ...)
#define PAM_DO_SETREUID 0x0002
#define PAM_UTMP_EARLY 0x0004
-static int _pam_parse(int argc, const char **argv, struct pam_limit_s *pl)
+static int
+_pam_parse (const pam_handle_t *pamh, int argc, const char **argv,
+ struct pam_limit_s *pl)
{
int ctrl=0;
@@ -129,7 +121,7 @@ static int _pam_parse(int argc, const char **argv, struct pam_limit_s *pl)
} else if (!strcmp(*argv,"utmp_early")) {
ctrl |= PAM_UTMP_EARLY;
} else {
- _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
pl->conf_file[sizeof(pl->conf_file) - 1] = '\0';
@@ -138,13 +130,6 @@ static int _pam_parse(int argc, const char **argv, struct pam_limit_s *pl)
}
-/* limits stuff */
-#ifdef DEFAULT_CONF_FILE
-# define LIMITS_FILE DEFAULT_CONF_FILE
-#else
-# define LIMITS_FILE "/etc/security/limits.conf"
-#endif
-
#define LIMITED_OK 0 /* limit setting appeared to work */
#define LIMIT_ERR 1 /* error setting a limit */
#define LOGIN_ERR 2 /* too many logins err */
@@ -155,17 +140,17 @@ check_logins (pam_handle_t *pamh, const char *name, int limit, int ctrl,
struct pam_limit_s *pl)
{
struct utmp *ut;
- unsigned int count;
+ int count;
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_DEBUG, "checking logins for '%s' (maximum of %d)\n",
- name, limit);
+ pam_syslog(pamh, LOG_DEBUG,
+ "checking logins for '%s' (maximum of %d)", name, limit);
}
if (limit < 0)
return 0; /* no limits imposed */
if (limit == 0) /* maximum 0 logins ? */ {
- _pam_log(LOG_WARNING, "No logins allowed for '%s'\n", name);
+ pam_syslog(pamh, LOG_WARNING, "No logins allowed for '%s'", name);
return LOGIN_ERR;
}
@@ -204,7 +189,7 @@ check_logins (pam_handle_t *pamh, const char *name, int limit, int ctrl,
continue;
}
if ((pl->login_limit_def == LIMITS_DEF_ALLGROUP)
- && !_pammodutil_user_in_group_nam_nam(pamh, ut->UT_USER, pl->login_group)) {
+ && !pam_modutil_user_in_group_nam_nam(pamh, ut->UT_USER, pl->login_group)) {
continue;
}
}
@@ -215,10 +200,10 @@ check_logins (pam_handle_t *pamh, const char *name, int limit, int ctrl,
endutent();
if (count > limit) {
if (name) {
- _pam_log(LOG_WARNING, "Too many logins (max %d) for %s",
- limit, name);
+ pam_syslog(pamh, LOG_WARNING,
+ "Too many logins (max %d) for %s", limit, name);
} else {
- _pam_log(LOG_WARNING, "Too many system logins (max %d)", limit);
+ pam_syslog(pamh, LOG_WARNING, "Too many system logins (max %d)", limit);
}
return LOGIN_ERR;
}
@@ -235,39 +220,43 @@ static int init_limits(struct pam_limit_s *pl)
for(i = 0; i < RLIM_NLIMITS; i++) {
int r = getrlimit(i, &pl->limits[i].limit);
if (r == -1) {
- if (errno == EINVAL) {
- pl->supported[i] = 0;
- } else {
+ pl->limits[i].supported = 0;
+ if (errno != EINVAL) {
retval = !PAM_SUCCESS;
}
} else {
- pl->supported[i] = 1;
+ pl->limits[i].supported = 1;
pl->limits[i].src_soft = LIMITS_DEF_NONE;
pl->limits[i].src_hard = LIMITS_DEF_NONE;
}
}
- pl->priority = 0;
+ errno = 0;
+ pl->priority = getpriority (PRIO_PROCESS, 0);
+ if (pl->priority == -1 && errno != 0)
+ retval = !PAM_SUCCESS;
pl->login_limit = -2;
pl->login_limit_def = LIMITS_DEF_NONE;
return retval;
}
-static void process_limit(int source, const char *lim_type,
- const char *lim_item, const char *lim_value,
- int ctrl, struct pam_limit_s *pl)
+static void
+process_limit (const pam_handle_t *pamh, int source, const char *lim_type,
+ const char *lim_item, const char *lim_value,
+ int ctrl, struct pam_limit_s *pl)
{
int limit_item;
int limit_type = 0;
- long limit_value;
+ int int_value = 0;
+ rlim_t rlimit_value = 0;
char *endptr;
const char *value_orig = lim_value;
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG, "%s: processing %s %s %s for %s\n",
- __FUNCTION__,lim_type,lim_item,lim_value,
- limits_def_names[source]);
+ pam_syslog(pamh, LOG_DEBUG, "%s: processing %s %s %s for %s",
+ __FUNCTION__, lim_type, lim_item, lim_value,
+ limits_def_names[source]);
if (strcmp(lim_item, "cpu") == 0)
limit_item = RLIMIT_CPU;
@@ -301,6 +290,14 @@ static void process_limit(int source, const char *lim_type,
else if (strcmp(lim_item, "msgqueue") == 0)
limit_item = RLIMIT_MSGQUEUE;
#endif
+#ifdef RLIMIT_NICE
+ else if (strcmp(lim_item, "nice") == 0)
+ limit_item = RLIMIT_NICE;
+#endif
+#ifdef RLIMIT_RTPRIO
+ else if (strcmp(lim_item, "rtprio") == 0)
+ limit_item = RLIMIT_RTPRIO;
+#endif
else if (strcmp(lim_item, "maxlogins") == 0) {
limit_item = LIMIT_LOGIN;
pl->flag_numsyslogins = 0;
@@ -310,7 +307,7 @@ static void process_limit(int source, const char *lim_type,
} else if (strcmp(lim_item, "priority") == 0) {
limit_item = LIMIT_PRI;
} else {
- _pam_log(LOG_DEBUG,"unknown limit item '%s'", lim_item);
+ pam_syslog(pamh, LOG_DEBUG, "unknown limit item '%s'", lim_item);
return;
}
@@ -321,40 +318,61 @@ static void process_limit(int source, const char *lim_type,
else if (strcmp(lim_type,"-")==0)
limit_type=LIMIT_SOFT | LIMIT_HARD;
else if (limit_item != LIMIT_LOGIN && limit_item != LIMIT_NUMSYSLOGINS) {
- _pam_log(LOG_DEBUG,"unknown limit type '%s'", lim_type);
+ pam_syslog(pamh, LOG_DEBUG, "unknown limit type '%s'", lim_type);
return;
}
-
- limit_value = strtol (lim_value, &endptr, 10);
-
- /* special case value when limiting logins */
- if (limit_value == 0 && value_orig == endptr) { /* no chars read */
- if (strcmp(lim_value,"-") != 0) {
- _pam_log(LOG_DEBUG,"wrong limit value '%s'", lim_value);
+ if (limit_item != LIMIT_PRI
+#ifdef RLIMIT_NICE
+ && limit_item != RLIMIT_NICE
+#endif
+ && (strcmp(lim_value, "-1") == 0
+ || strcmp(lim_value, "-") == 0 || strcmp(lim_value, "unlimited") == 0
+ || strcmp(lim_value, "infinity") == 0)) {
+ int_value = -1;
+ rlimit_value = RLIM_INFINITY;
+ } else if (limit_item == LIMIT_PRI || limit_item == LIMIT_LOGIN ||
+#ifdef RLIMIT_NICE
+ limit_item == RLIMIT_NICE ||
+#endif
+ limit_item == LIMIT_NUMSYSLOGINS) {
+ long temp;
+ temp = strtol (lim_value, &endptr, 10);
+ temp = temp < INT_MAX ? temp : INT_MAX;
+ int_value = temp > INT_MIN ? temp : INT_MIN;
+ if (int_value == 0 && value_orig == endptr) {
+ pam_syslog(pamh, LOG_DEBUG,
+ "wrong limit value '%s' for limit type '%s'",
+ lim_value, lim_type);
return;
- } else
- if (limit_item != LIMIT_LOGIN) {
- if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG,
- "'-' limit value valid for maxlogins type only");
- return;
- } else
- limit_value = -1;
- }
+ }
+ } else {
+#ifdef __USE_FILE_OFFSET64
+ rlimit_value = strtoull (lim_value, &endptr, 10);
+#else
+ rlimit_value = strtoul (lim_value, &endptr, 10);
+#endif
+ if (rlimit_value == 0 && value_orig == endptr) {
+ pam_syslog(pamh, LOG_DEBUG,
+ "wrong limit value '%s' for limit type '%s'",
+ lim_value, lim_type);
+ return;
+ }
+ }
/* one more special case when limiting logins */
if ((source == LIMITS_DEF_ALL || source == LIMITS_DEF_ALLGROUP)
&& (limit_item != LIMIT_LOGIN)) {
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG,
- "'%%' domain valid for maxlogins type only");
+ pam_syslog(pamh, LOG_DEBUG,
+ "'%%' domain valid for maxlogins type only");
return;
}
switch(limit_item) {
case RLIMIT_CPU:
- limit_value *= 60;
- break;
+ if (rlimit_value != RLIM_INFINITY)
+ rlimit_value *= 60;
+ break;
case RLIMIT_FSIZE:
case RLIMIT_DATA:
case RLIMIT_STACK:
@@ -362,8 +380,16 @@ static void process_limit(int source, const char *lim_type,
case RLIMIT_RSS:
case RLIMIT_MEMLOCK:
case RLIMIT_AS:
- limit_value *= 1024;
- break;
+ if (rlimit_value != RLIM_INFINITY)
+ rlimit_value *= 1024;
+ break;
+#ifdef RLIMIT_NICE
+ case RLIMIT_NICE:
+ if (int_value > 19)
+ int_value = 19;
+ rlimit_value = 19 - int_value;
+#endif
+ break;
}
if ( (limit_item != LIMIT_LOGIN)
@@ -373,7 +399,7 @@ static void process_limit(int source, const char *lim_type,
if (pl->limits[limit_item].src_soft < source) {
return;
} else {
- pl->limits[limit_item].limit.rlim_cur = limit_value;
+ pl->limits[limit_item].limit.rlim_cur = rlimit_value;
pl->limits[limit_item].src_soft = source;
}
}
@@ -381,7 +407,7 @@ static void process_limit(int source, const char *lim_type,
if (pl->limits[limit_item].src_hard < source) {
return;
} else {
- pl->limits[limit_item].limit.rlim_max = limit_value;
+ pl->limits[limit_item].limit.rlim_max = rlimit_value;
pl->limits[limit_item].src_hard = source;
}
}
@@ -389,12 +415,12 @@ static void process_limit(int source, const char *lim_type,
/* recent kernels support negative priority limits (=raise priority) */
if (limit_item == LIMIT_PRI) {
- pl->priority = limit_value;
+ pl->priority = int_value;
} else {
if (pl->login_limit_def < source) {
return;
} else {
- pl->login_limit = limit_value;
+ pl->login_limit = int_value;
pl->login_limit_def = source;
}
}
@@ -411,10 +437,11 @@ static int parse_config_file(pam_handle_t *pamh, const char *uname, int ctrl,
#define CONF_FILE (pl->conf_file[0])?pl->conf_file:LIMITS_FILE
/* check for the LIMITS_FILE */
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG,"reading settings from '%s'", CONF_FILE);
+ pam_syslog(pamh, LOG_DEBUG, "reading settings from '%s'", CONF_FILE);
fil = fopen(CONF_FILE, "r");
if (fil == NULL) {
- _pam_log (LOG_WARNING, "can not read settings from %s", CONF_FILE);
+ pam_syslog (pamh, LOG_WARNING,
+ "cannot read settings from %s: %m", CONF_FILE);
return PAM_SERVICE_ERR;
}
#undef CONF_FILE
@@ -427,7 +454,8 @@ static int parse_config_file(pam_handle_t *pamh, const char *uname, int ctrl,
char ltype[LINE_LENGTH];
char item[LINE_LENGTH];
char value[LINE_LENGTH];
- int i,j;
+ int i;
+ size_t j;
char *tptr;
tptr = buf;
@@ -460,8 +488,6 @@ static int parse_config_file(pam_handle_t *pamh, const char *uname, int ctrl,
D(("scanned line[%d]: domain[%s], ltype[%s], item[%s], value[%s]",
i, domain, ltype, item, value));
- for(j=0; j < strlen(domain); j++)
- domain[j]=tolower(domain[j]);
for(j=0; j < strlen(ltype); j++)
ltype[j]=tolower(ltype[j]);
for(j=0; j < strlen(item); j++)
@@ -471,48 +497,51 @@ static int parse_config_file(pam_handle_t *pamh, const char *uname, int ctrl,
if (i == 4) { /* a complete line */
if (strcmp(uname, domain) == 0) /* this user have a limit */
- process_limit(LIMITS_DEF_USER, ltype, item, value, ctrl, pl);
+ process_limit(pamh, LIMITS_DEF_USER, ltype, item, value, ctrl, pl);
else if (domain[0]=='@') {
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_DEBUG, "checking if %s is in group %s",
- uname, domain + 1);
+ pam_syslog(pamh, LOG_DEBUG,
+ "checking if %s is in group %s",
+ uname, domain + 1);
}
- if (_pammodutil_user_in_group_nam_nam(pamh, uname, domain+1))
- process_limit(LIMITS_DEF_GROUP, ltype, item, value, ctrl,
+ if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1))
+ process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl,
pl);
} else if (domain[0]=='%') {
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_DEBUG, "checking if %s is in group %s",
- uname, domain + 1);
+ pam_syslog(pamh, LOG_DEBUG,
+ "checking if %s is in group %s",
+ uname, domain + 1);
}
if (strcmp(domain,"%") == 0)
- process_limit(LIMITS_DEF_ALL, ltype, item, value, ctrl,
+ process_limit(pamh, LIMITS_DEF_ALL, ltype, item, value, ctrl,
pl);
- else if (_pammodutil_user_in_group_nam_nam(pamh, uname, domain+1)) {
+ else if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) {
strcpy(pl->login_group, domain+1);
- process_limit(LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl,
+ process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl,
pl);
}
} else if (strcmp(domain, "*") == 0)
- process_limit(LIMITS_DEF_DEFAULT, ltype, item, value, ctrl,
+ process_limit(pamh, LIMITS_DEF_DEFAULT, ltype, item, value, ctrl,
pl);
} else if (i == 2 && ltype[0] == '-') { /* Probably a no-limit line */
if (strcmp(uname, domain) == 0) {
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_DEBUG, "no limits for '%s'", uname);
+ pam_syslog(pamh, LOG_DEBUG, "no limits for '%s'", uname);
}
fclose(fil);
return PAM_IGNORE;
- } else if (domain[0] == '@' && _pammodutil_user_in_group_nam_nam(pamh, uname, domain+1)) {
+ } else if (domain[0] == '@' && pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) {
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_DEBUG, "no limits for '%s' in group '%s'",
- uname, domain+1);
+ pam_syslog(pamh, LOG_DEBUG,
+ "no limits for '%s' in group '%s'",
+ uname, domain+1);
}
fclose(fil);
return PAM_IGNORE;
}
} else {
- _pam_log(LOG_DEBUG,"invalid line '%s' - skipped", buf);
+ pam_syslog(pamh, LOG_WARNING, "invalid line '%s' - skipped", buf);
}
}
fclose(fil);
@@ -527,24 +556,18 @@ static int setup_limits(pam_handle_t *pamh,
int status;
int retval = LIMITED_OK;
- if (uid == 0) {
- /* do not impose limits (+ve limits anyway) on the superuser */
- if (pl->priority > 0) {
- if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_DEBUG, "user '%s' has UID 0 - no limits imposed",
- uname);
- }
- pl->priority = 0;
- }
- }
-
for (i=0, status=LIMITED_OK; i<RLIM_NLIMITS; i++) {
- if (pl->limits[i].limit.rlim_cur > pl->limits[i].limit.rlim_max)
- pl->limits[i].limit.rlim_cur = pl->limits[i].limit.rlim_max;
- if (!pl->supported[i]) {
+ if (!pl->limits[i].supported) {
/* skip it if its not known to the system */
continue;
}
+ if (pl->limits[i].src_soft == LIMITS_DEF_NONE &&
+ pl->limits[i].src_hard == LIMITS_DEF_NONE) {
+ /* skip it if its not initialized */
+ continue;
+ }
+ if (pl->limits[i].limit.rlim_cur > pl->limits[i].limit.rlim_max)
+ pl->limits[i].limit.rlim_cur = pl->limits[i].limit.rlim_max;
status |= setrlimit(i, &pl->limits[i].limit);
}
@@ -571,8 +594,9 @@ static int setup_limits(pam_handle_t *pamh,
}
/* now the session stuff */
-PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
int retval;
char *user_name;
@@ -584,25 +608,25 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
memset(&pl, 0, sizeof(pl));
- ctrl = _pam_parse(argc, argv, &pl);
+ ctrl = _pam_parse(pamh, argc, argv, &pl);
retval = pam_get_item( pamh, PAM_USER, (void*) &user_name );
if ( user_name == NULL || retval != PAM_SUCCESS ) {
- _pam_log(LOG_CRIT, "open_session - error recovering username");
+ pam_syslog(pamh, LOG_CRIT, "open_session - error recovering username");
return PAM_SESSION_ERR;
}
- pwd = getpwnam(user_name);
+ pwd = pam_modutil_getpwnam(pamh, user_name);
if (!pwd) {
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_WARNING, "open_session username '%s' does not exist",
- user_name);
- return PAM_SESSION_ERR;
+ pam_syslog(pamh, LOG_WARNING,
+ "open_session username '%s' does not exist", user_name);
+ return PAM_USER_UNKNOWN;
}
retval = init_limits(&pl);
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_WARNING, "cannot initialize");
- return PAM_IGNORE;
+ pam_syslog(pamh, LOG_WARNING, "cannot initialize");
+ return PAM_ABORT;
}
retval = parse_config_file(pamh, pwd->pw_name, ctrl, &pl);
@@ -611,14 +635,16 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
return PAM_SUCCESS;
}
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_WARNING, "error parsing the configuration file");
- return PAM_IGNORE;
+ pam_syslog(pamh, LOG_WARNING, "error parsing the configuration file");
+ return retval;
}
if (ctrl & PAM_DO_SETREUID) {
setreuid(pwd->pw_uid, -1);
}
retval = setup_limits(pamh, pwd->pw_name, pwd->pw_uid, ctrl, &pl);
+ if (retval & LOGIN_ERR)
+ pam_error(pamh, _("Too many logins for '%s'."), pwd->pw_name);
if (retval != LIMITED_OK) {
return PAM_PERM_DENIED;
}
@@ -626,8 +652,9 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
return PAM_SUCCESS;
}
-PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_close_session (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
/* nothing to do */
return PAM_SUCCESS;
diff --git a/Linux-PAM/modules/pam_limits/tst-pam_limits b/Linux-PAM/modules/pam_limits/tst-pam_limits
new file mode 100755
index 00000000..f563beb7
--- /dev/null
+++ b/Linux-PAM/modules/pam_limits/tst-pam_limits
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_limits.so
diff --git a/Linux-PAM/modules/pam_listfile/Makefile b/Linux-PAM/modules/pam_listfile/Makefile
deleted file mode 100644
index c5447c94..00000000
--- a/Linux-PAM/modules/pam_listfile/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:04 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_listfile
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_listfile/Makefile.am b/Linux-PAM/modules/pam_listfile/Makefile.am
new file mode 100644
index 00000000..5eb5c75c
--- /dev/null
+++ b/Linux-PAM/modules/pam_listfile/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_listfile
+
+man_MANS = pam_listfile.8
+XMLS = README.xml pam_listfile.8.xml
+
+TESTS = tst-pam_listfile
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_listfile.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_listfile.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_listfile/Makefile.in b/Linux-PAM/modules/pam_listfile/Makefile.in
new file mode 100644
index 00000000..bf08192d
--- /dev/null
+++ b/Linux-PAM/modules/pam_listfile/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_listfile
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_listfile_la_LIBADD =
+pam_listfile_la_SOURCES = pam_listfile.c
+pam_listfile_la_OBJECTS = pam_listfile.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_listfile.c
+DIST_SOURCES = pam_listfile.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_listfile
+man_MANS = pam_listfile.8
+XMLS = README.xml pam_listfile.8.xml
+TESTS = tst-pam_listfile
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_listfile.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_listfile/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_listfile/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_listfile.la: $(pam_listfile_la_OBJECTS) $(pam_listfile_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_listfile_la_OBJECTS) $(pam_listfile_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_listfile.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_listfile.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_listfile/README b/Linux-PAM/modules/pam_listfile/README
index b65e7dbb..f0aaaf7f 100644
--- a/Linux-PAM/modules/pam_listfile/README
+++ b/Linux-PAM/modules/pam_listfile/README
@@ -1,25 +1,96 @@
-SUMMARY:
- pam_listfile:
- Checks a specified item against a list in a file.
- Options:
- * item=[tty|user|rhost|ruser|group|shell]
- * sense=[allow|deny] (action to take if found in file,
- if the item is NOT found in the file, then
- the opposite action is requested)
- * file=/the/file/to/get/the/list/from
- * onerr=[succeed|fail] (if something weird happens
- such as unable to open the file, what to do?)
- * apply=[user|@group]
- restrict the user class for which the restriction
- apply. Note that with item=[user|ruser|group] this
- does not make sense, but for item=[tty|rhost|shell]
- it have a meaning. (Cristian Gafton)
-
- Also checks to make sure that the list file is a plain
- file and not world writable.
-
- - Elliot Lee <sopwith@redhat.com>, Red Hat Software.
- v0.9 August 16, 1996.
-
-BUGS:
- Bugs?
+pam_listfile — deny or allow services based on an arbitrary file
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_listfile is a PAM module which provides a way to deny or allow services
+based on an arbitrary file.
+
+The module gets the item of the type specified -- user specifies the username,
+PAM_USER; tty specifies the name of the terminal over which the request has
+been made, PAM_TTY; rhost specifies the name of the remote host (if any) from
+which the request was made, PAM_RHOST; and ruser specifies the name of the
+remote user (if available) who made the request, PAM_RUSER -- and looks for an
+instance of that item in the file=filename. filename contains one line per item
+listed. If the item is found, then if sense=allow, PAM_SUCCESS is returned,
+causing the authorization request to succeed; else if sense=deny, PAM_AUTH_ERR
+is returned, causing the authorization request to fail.
+
+If an error is encountered (for instance, if filename does not exist, or a
+poorly-constructed argument is encountered), then if onerr=succeed, PAM_SUCCESS
+is returned, otherwise if onerr=fail, PAM_AUTH_ERR or PAM_SERVICE_ERR (as
+appropriate) will be returned.
+
+An additional argument, apply=, can be used to restrict the application of the
+above to a specific user (apply=username) or a given group (apply=@groupname).
+This added restriction is only meaningful when used with the tty, rhost and
+shell items.
+
+Besides this last one, all arguments should be specified; do not count on any
+default behavior.
+
+No credentials are awarded by this module.
+
+OPTIONS
+
+item=[tty|user|rhost|ruser|group|shell]
+
+ What is listed in the file and should be checked for.
+
+sense=[allow|deny]
+
+ Action to take if found in file, if the item is NOT found in the file, then
+ the opposite action is requested.
+
+file=/path/filename
+
+ File containing one item per line. The file needs to be a plain file and
+ not world writeable.
+
+onerr=[succeed|fail]
+
+ What to do if something weird happens like being unable to open the file.
+
+apply=[user|@group]
+
+ Restrict the user class for which the restriction apply. Note that with
+ item=[user|ruser|group] this oes not make sense, but for item=[tty|rhost|
+ shell] it have a meaning.
+
+EXAMPLES
+
+Classic 'ftpusers' authentication can be implemented with this entry in /etc/
+pam.d/ftpd:
+
+#
+# deny ftp-access to users listed in the /etc/ftpusers file
+#
+auth required pam_listfile.so \
+ onerr=succeed item=user sense=deny file=/etc/ftpusers
+
+
+Note, users listed in /etc/ftpusers file are (counterintuitively) not allowed
+access to the ftp service.
+
+To allow login access only for certain users, you can use a /etc/pam.d/login
+entry like this:
+
+#
+# permit login to users listed in /etc/loginusers
+#
+auth required pam_listfile.so \
+ onerr=fail item=user sense=allow file=/etc/loginusers
+
+
+For this example to work, all users who are allowed to use the login service
+should be listed in the file /etc/loginusers. Unless you are explicitly trying
+to lock out root, make sure that when you do this, you leave a way for root to
+log in, either by listing root in /etc/loginusers, or by listing a user who is
+able to su to the root account.
+
+AUTHOR
+
+pam_listfile was written by Michael K. Johnson <johnsonm@redhat.com> and Elliot
+Lee <sopwith@cuc.edu>.
+
diff --git a/Linux-PAM/modules/pam_listfile/README.xml b/Linux-PAM/modules/pam_listfile/README.xml
new file mode 100644
index 00000000..d851aef3
--- /dev/null
+++ b/Linux-PAM/modules/pam_listfile/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_listfile.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_listfile.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_listfile-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_listfile/pam_listfile.8 b/Linux-PAM/modules/pam_listfile/pam_listfile.8
new file mode 100644
index 00000000..2ccecd4b
--- /dev/null
+++ b/Linux-PAM/modules/pam_listfile/pam_listfile.8
@@ -0,0 +1,164 @@
+.\" Title: pam_listfile
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/22/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_LISTFILE" "8" "06/22/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_listfile \- deny or allow services based on an arbitrary file
+.SH "SYNOPSIS"
+.HP 16
+\fBpam_listfile.so\fR item=[tty|user|rhost|ruser|group|shell] sense=[allow|deny] file=\fI/path/filename\fR onerr=[succeed|fail] [apply=[\fIuser\fR|\fI@group\fR]]
+.SH "DESCRIPTION"
+.PP
+pam_listfile is a PAM module which provides a way to deny or allow services based on an arbitrary file.
+.PP
+The module gets the
+\fBitem\fR
+of the type specified \-\-
+\fIuser\fR
+specifies the username,
+\fIPAM_USER\fR; tty specifies the name of the terminal over which the request has been made,
+\fIPAM_TTY\fR; rhost specifies the name of the remote host (if any) from which the request was made,
+\fIPAM_RHOST\fR; and ruser specifies the name of the remote user (if available) who made the request,
+\fIPAM_RUSER\fR
+\-\- and looks for an instance of that item in the
+\fBfile=\fR\fB\fIfilename\fR\fR.
+\fIfilename\fR
+contains one line per item listed. If the item is found, then if
+\fBsense=\fR\fB\fIallow\fR\fR,
+\fIPAM_SUCCESS\fR
+is returned, causing the authorization request to succeed; else if
+\fBsense=\fR\fB\fIdeny\fR\fR,
+\fIPAM_AUTH_ERR\fR
+is returned, causing the authorization request to fail.
+.PP
+If an error is encountered (for instance, if
+\fIfilename\fR
+does not exist, or a poorly\-constructed argument is encountered), then if
+\fIonerr=succeed\fR,
+\fIPAM_SUCCESS\fR
+is returned, otherwise if
+\fIonerr=fail\fR,
+\fIPAM_AUTH_ERR\fR
+or
+\fIPAM_SERVICE_ERR\fR
+(as appropriate) will be returned.
+.PP
+An additional argument,
+\fBapply=\fR, can be used to restrict the application of the above to a specific user (\fBapply=\fR\fB\fIusername\fR\fR) or a given group (\fBapply=\fR\fB\fI@groupname\fR\fR). This added restriction is only meaningful when used with the
+\fItty\fR,
+\fIrhost\fR
+and
+\fIshell\fR
+items.
+.PP
+Besides this last one, all arguments should be specified; do not count on any default behavior.
+.PP
+No credentials are awarded by this module.
+.SH "OPTIONS"
+.PP
+.TP 3n
+\fBitem=[tty|user|rhost|ruser|group|shell]\fR
+What is listed in the file and should be checked for.
+.TP 3n
+\fBsense=[allow|deny]\fR
+Action to take if found in file, if the item is NOT found in the file, then the opposite action is requested.
+.TP 3n
+\fBfile=\fR\fB\fI/path/filename\fR\fR
+File containing one item per line. The file needs to be a plain file and not world writeable.
+.TP 3n
+\fBonerr=[succeed|fail]\fR
+What to do if something weird happens like being unable to open the file.
+.TP 3n
+\fBapply=[\fR\fB\fIuser\fR\fR\fB|\fR\fB\fI@group\fR\fR\fB]\fR
+Restrict the user class for which the restriction apply. Note that with
+\fBitem=[user|ruser|group]\fR
+this oes not make sense, but for
+\fBitem=[tty|rhost|shell]\fR
+it have a meaning.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The services
+\fBauth\fR,
+\fBaccount\fR,
+\fBpassword\fR
+and
+\fBsession\fR
+are supported.
+.SH "RETURN VALUES"
+.PP
+.TP 3n
+PAM_AUTH_ERR
+Authentication failure.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_IGNORE
+The rule does not apply to the
+\fBapply\fR
+option.
+.TP 3n
+PAM_SERVICE_ERR
+Error in service module.
+.TP 3n
+PAM_SUCCESS
+Success.
+.SH "EXAMPLES"
+.PP
+Classic 'ftpusers' authentication can be implemented with this entry in
+\fI/etc/pam.d/ftpd\fR:
+.sp
+.RS 3n
+.nf
+#
+# deny ftp\-access to users listed in the /etc/ftpusers file
+#
+auth required pam_listfile.so \\
+ onerr=succeed item=user sense=deny file=/etc/ftpusers
+
+.fi
+.RE
+.sp
+Note, users listed in
+\fI/etc/ftpusers\fR
+file are (counterintuitively)
+\fInot\fR
+allowed access to the ftp service.
+.PP
+To allow login access only for certain users, you can use a
+\fI/etc/pam.d/login\fR
+entry like this:
+.sp
+.RS 3n
+.nf
+#
+# permit login to users listed in /etc/loginusers
+#
+auth required pam_listfile.so \\
+ onerr=fail item=user sense=allow file=/etc/loginusers
+
+.fi
+.RE
+.sp
+For this example to work, all users who are allowed to use the login service should be listed in the file
+\fI/etc/loginusers\fR. Unless you are explicitly trying to lock out root, make sure that when you do this, you leave a way for root to log in, either by listing root in
+\fI/etc/loginusers\fR, or by listing a user who is able to
+\fIsu\fR
+to the root account.
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_listfile was written by Michael K. Johnson <johnsonm@redhat.com> and Elliot Lee <sopwith@cuc.edu>.
diff --git a/Linux-PAM/modules/pam_listfile/pam_listfile.8.xml b/Linux-PAM/modules/pam_listfile/pam_listfile.8.xml
new file mode 100644
index 00000000..0e90414a
--- /dev/null
+++ b/Linux-PAM/modules/pam_listfile/pam_listfile.8.xml
@@ -0,0 +1,282 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_listfile">
+
+ <refmeta>
+ <refentrytitle>pam_listfile</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_listfile-name">
+ <refname>pam_listfile</refname>
+ <refpurpose>deny or allow services based on an arbitrary file</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_listfile-cmdsynopsis">
+ <command>pam_listfile.so</command>
+ <arg choice="plain">
+ item=[tty|user|rhost|ruser|group|shell]
+ </arg>
+ <arg choice="plain">
+ sense=[allow|deny]
+ </arg>
+ <arg choice="plain">
+ file=<replaceable>/path/filename</replaceable>
+ </arg>
+ <arg choice="plain">
+ onerr=[succeed|fail]
+ </arg>
+ <arg choice="opt">
+ apply=[<replaceable>user</replaceable>|<replaceable>@group</replaceable>]
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_listfile-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_listfile is a PAM module which provides a way to deny or
+ allow services based on an arbitrary file.
+ </para>
+ <para>
+ The module gets the <option>item</option> of the type specified --
+ <emphasis>user</emphasis> specifies the username,
+ <emphasis>PAM_USER</emphasis>; tty specifies the name of the terminal
+ over which the request has been made, <emphasis>PAM_TTY</emphasis>;
+ rhost specifies the name of the remote host (if any) from which the
+ request was made, <emphasis>PAM_RHOST</emphasis>; and ruser specifies
+ the name of the remote user (if available) who made the request,
+ <emphasis>PAM_RUSER</emphasis> -- and looks for an instance of that
+ item in the <option>file=<replaceable>filename</replaceable></option>.
+ <filename>filename</filename> contains one line per item listed. If
+ the item is found, then if
+ <option>sense=<replaceable>allow</replaceable></option>,
+ <emphasis>PAM_SUCCESS</emphasis> is returned, causing the authorization
+ request to succeed; else if
+ <option>sense=<replaceable>deny</replaceable></option>,
+ <emphasis>PAM_AUTH_ERR</emphasis> is returned, causing the authorization
+ request to fail.
+ </para>
+ <para>
+ If an error is encountered (for instance, if
+ <filename>filename</filename> does not exist, or a poorly-constructed
+ argument is encountered), then if <emphasis>onerr=succeed</emphasis>,
+ <emphasis>PAM_SUCCESS</emphasis> is returned, otherwise if
+ <emphasis>onerr=fail</emphasis>, <emphasis>PAM_AUTH_ERR</emphasis> or
+ <emphasis>PAM_SERVICE_ERR</emphasis> (as appropriate) will be returned.
+ </para>
+ <para>
+ An additional argument, <option>apply=</option>, can be used
+ to restrict the application of the above to a specific user
+ (<option>apply=<replaceable>username</replaceable></option>)
+ or a given group
+ (<option>apply=<replaceable>@groupname</replaceable></option>).
+ This added restriction is only meaningful when used with the
+ <emphasis>tty</emphasis>, <emphasis>rhost</emphasis> and
+ <emphasis>shell</emphasis> items.
+ </para>
+ <para>
+ Besides this last one, all arguments should be specified; do not
+ count on any default behavior.
+ </para>
+ <para>
+ No credentials are awarded by this module.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_listfile-options">
+
+ <title>OPTIONS</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>item=[tty|user|rhost|ruser|group|shell]</option>
+ </term>
+ <listitem>
+ <para>
+ What is listed in the file and should be checked for.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>sense=[allow|deny]</option>
+ </term>
+ <listitem>
+ <para>
+ Action to take if found in file, if the item is NOT found in
+ the file, then the opposite action is requested.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>file=<replaceable>/path/filename</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ File containing one item per line. The file needs to be a plain
+ file and not world writeable.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>onerr=[succeed|fail]</option>
+ </term>
+ <listitem>
+ <para>
+ What to do if something weird happens like being unable to open
+ the file.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>apply=[<replaceable>user</replaceable>|<replaceable>@group</replaceable>]</option>
+ </term>
+ <listitem>
+ <para>
+ Restrict the user class for which the restriction apply. Note that
+ with <option>item=[user|ruser|group]</option> this oes not make sense,
+ but for <option>item=[tty|rhost|shell]</option> it have a meaning.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_listfile-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The services <option>auth</option>, <option>account</option>,
+ <option>password</option> and <option>session</option> are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_listfile-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>Authentication failure.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ The rule does not apply to the <option>apply</option> option.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ Error in service module.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Success.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_listfile-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Classic 'ftpusers' authentication can be implemented with this entry
+ in <filename>/etc/pam.d/ftpd</filename>:
+ <programlisting>
+#
+# deny ftp-access to users listed in the /etc/ftpusers file
+#
+auth required pam_listfile.so \
+ onerr=succeed item=user sense=deny file=/etc/ftpusers
+ </programlisting>
+ Note, users listed in <filename>/etc/ftpusers</filename> file are
+ (counterintuitively) <emphasis>not</emphasis> allowed access to
+ the ftp service.
+ </para>
+ <para>
+ To allow login access only for certain users, you can use a
+ <filename>/etc/pam.d/login</filename> entry like this:
+ <programlisting>
+#
+# permit login to users listed in /etc/loginusers
+#
+auth required pam_listfile.so \
+ onerr=fail item=user sense=allow file=/etc/loginusers
+ </programlisting>
+ For this example to work, all users who are allowed to use the
+ login service should be listed in the file
+ <filename>/etc/loginusers</filename>. Unless you are explicitly
+ trying to lock out root, make sure that when you do this, you leave
+ a way for root to log in, either by listing root in
+ <filename>/etc/loginusers</filename>, or by listing a user who is
+ able to <emphasis>su</emphasis> to the root account.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_listfile-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_listfile-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_listfile was written by Michael K. Johnson &lt;johnsonm@redhat.com&gt;
+ and Elliot Lee &lt;sopwith@cuc.edu&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_listfile/pam_listfile.c b/Linux-PAM/modules/pam_listfile/pam_listfile.c
index 965c471d..1545fe03 100644
--- a/Linux-PAM/modules/pam_listfile/pam_listfile.c
+++ b/Linux-PAM/modules/pam_listfile/pam_listfile.c
@@ -1,16 +1,11 @@
/*
- * $Id: pam_listfile.c,v 1.6 2004/09/24 13:13:20 kukuk Exp $
- *
- */
-
-/*
* by Elliot Lee <sopwith@redhat.com>, Red Hat Software. July 25, 1996.
* log refused access error christopher mccrory <chrismcc@netus.com> 1998/7/11
*
* This code began life as the pam_rootok module.
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
@@ -36,23 +31,13 @@
#define PAM_SM_AUTH
#define PAM_SM_ACCOUNT
+#define PAM_SM_PASSWORD
+#define PAM_SM_SESSION
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-#include <security/_pam_modutil.h>
-
-/* some syslogging */
-
-#define LOCAL_LOG_PREFIX "PAM-listfile: "
-
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- vsyslog(LOG_AUTH | err, format, args);
- va_end(args);
-}
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/* checks if a user is on a list of members */
static int is_on_list(char * const *list, const char *member)
@@ -79,10 +64,12 @@ static int is_on_list(char * const *list, const char *member)
#define LESSER(a, b) ((a) < (b) ? (a) : (b))
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
int retval, i, citem=0, extitem=0, onerr=PAM_SERVICE_ERR, sense=2;
+ const void *void_citemp;
const char *citemp;
char *ifname=NULL;
char aline[256];
@@ -107,12 +94,13 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
memset(mybuf,'\0',sizeof(mybuf));
memset(myval,'\0',sizeof(mybuf));
junk = strchr(argv[i], '=');
- if((junk == NULL) || (junk - argv[i]) >= sizeof(mybuf)) {
- _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "Bad option: \"%s\"",
+ if((junk == NULL) || (junk - argv[i]) >= (int) sizeof(mybuf)) {
+ pam_syslog(pamh,LOG_ERR, "Bad option: \"%s\"",
argv[i]);
continue;
}
- strncpy(mybuf, argv[i], LESSER(junk - argv[i], sizeof(mybuf) - 1));
+ strncpy(mybuf, argv[i],
+ LESSER(junk - argv[i], (int)sizeof(mybuf) - 1));
strncpy(myval, junk + 1, sizeof(myval) - 1);
}
if(!strcmp(mybuf,"onerr"))
@@ -120,17 +108,24 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
onerr = PAM_SUCCESS;
else if(!strcmp(myval,"fail"))
onerr = PAM_SERVICE_ERR;
- else
+ else {
+ if (ifname) free (ifname);
return PAM_SERVICE_ERR;
+ }
else if(!strcmp(mybuf,"sense"))
if(!strcmp(myval,"allow"))
sense=0;
else if(!strcmp(myval,"deny"))
sense=1;
- else
+ else {
+ if (ifname) free (ifname);
return onerr;
+ }
else if(!strcmp(mybuf,"file")) {
+ if (ifname) free (ifname);
ifname = (char *)malloc(strlen(myval)+1);
+ if (!ifname)
+ return PAM_BUF_ERR;
strcpy(ifname,myval);
} else if(!strcmp(mybuf,"item"))
if(!strcmp(myval,"user"))
@@ -161,86 +156,95 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
strncpy(apply_val,myval,sizeof(apply_val)-1);
}
} else {
- _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "Unknown option: %s",mybuf);
+ free(ifname);
+ pam_syslog(pamh,LOG_ERR, "Unknown option: %s",mybuf);
return onerr;
}
}
if(!citem) {
- _pam_log(LOG_ERR,
- LOCAL_LOG_PREFIX "Unknown item or item not specified");
+ pam_syslog(pamh,LOG_ERR,
+ "Unknown item or item not specified");
+ free(ifname);
return onerr;
} else if(!ifname) {
- _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "List filename not specified");
+ pam_syslog(pamh,LOG_ERR, "List filename not specified");
return onerr;
} else if(sense == 2) {
- _pam_log(LOG_ERR,
- LOCAL_LOG_PREFIX "Unknown sense or sense not specified");
+ pam_syslog(pamh,LOG_ERR,
+ "Unknown sense or sense not specified");
+ free(ifname);
return onerr;
} else if(
- (apply_type==APPLY_TYPE_NONE) ||
+ (apply_type==APPLY_TYPE_NONE) ||
((apply_type!=APPLY_TYPE_NULL) && (*apply_val=='\0'))
) {
- _pam_log(LOG_ERR,
- LOCAL_LOG_PREFIX "Invalid usage for apply= parameter");
+ pam_syslog(pamh,LOG_ERR,
+ "Invalid usage for apply= parameter");
+ free (ifname);
return onerr;
}
-
+
/* Check if it makes sense to use the apply= parameter */
if (apply_type != APPLY_TYPE_NULL) {
if((citem==PAM_USER) || (citem==PAM_RUSER)) {
- _pam_log(LOG_WARNING,
- LOCAL_LOG_PREFIX "Non-sense use for apply= parameter");
+ pam_syslog(pamh,LOG_WARNING,
+ "Non-sense use for apply= parameter");
apply_type=APPLY_TYPE_NULL;
}
if(extitem && (extitem==EI_GROUP)) {
- _pam_log(LOG_WARNING,
- LOCAL_LOG_PREFIX "Non-sense use for apply= parameter");
+ pam_syslog(pamh,LOG_WARNING,
+ "Non-sense use for apply= parameter");
apply_type=APPLY_TYPE_NULL;
}
}
-
+
/* Short-circuit - test if this session apply for this user */
{
const char *user_name;
int rval;
-
+
rval=pam_get_user(pamh,&user_name,NULL);
- if((rval==PAM_SUCCESS) && user_name[0]) {
+ if((rval==PAM_SUCCESS) && user_name && user_name[0]) {
/* Got it ? Valid ? */
if(apply_type==APPLY_TYPE_USER) {
if(strcmp(user_name, apply_val)) {
/* Does not apply to this user */
#ifdef DEBUG
- _pam_log(LOG_DEBUG,
- LOCAL_LOG_PREFIX "don't apply: apply=%s, user=%s",
+ pam_syslog(pamh,LOG_DEBUG,
+ "don't apply: apply=%s, user=%s",
apply_val,user_name);
#endif /* DEBUG */
+ free(ifname);
return PAM_IGNORE;
}
} else if(apply_type==APPLY_TYPE_GROUP) {
- if(!_pammodutil_user_in_group_nam_nam(pamh,user_name,apply_val)) {
+ if(!pam_modutil_user_in_group_nam_nam(pamh,user_name,apply_val)) {
/* Not a member of apply= group */
#ifdef DEBUG
- _pam_log(LOG_DEBUG,
- LOCAL_LOG_PREFIX
+ pam_syslog(pamh,LOG_DEBUG,
+
"don't apply: %s not a member of group %s",
user_name,apply_val);
#endif /* DEBUG */
+ free(ifname);
return PAM_IGNORE;
}
}
}
}
- retval = pam_get_item(pamh,citem,(const void **)&citemp);
+ retval = pam_get_item(pamh,citem,&void_citemp);
+ citemp = void_citemp;
if(retval != PAM_SUCCESS) {
return onerr;
}
if((citem == PAM_USER) && !citemp) {
- pam_get_user(pamh,&citemp,NULL);
- if (retval != PAM_SUCCESS)
+ retval = pam_get_user(pamh,&citemp,NULL);
+ if (retval != PAM_SUCCESS || !citemp) {
+ free(ifname);
return PAM_SERVICE_ERR;
+ }
}
if((citem == PAM_TTY) && citemp) {
/* Normalize the TTY name. */
@@ -250,6 +254,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
}
if(!citemp || (strlen(citemp) == 0)) {
+ free(ifname);
/* The item was NULL - we are sure not to match */
return sense?PAM_SUCCESS:PAM_AUTH_ERR;
}
@@ -257,21 +262,23 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
if(extitem) {
switch(extitem) {
case EI_GROUP:
- userinfo = _pammodutil_getpwnam(pamh, citemp);
+ userinfo = pam_modutil_getpwnam(pamh, citemp);
if (userinfo == NULL) {
- _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "getpwnam(%s) failed",
+ pam_syslog(pamh,LOG_ERR, "getpwnam(%s) failed",
citemp);
+ free(ifname);
return onerr;
}
- grpinfo = _pammodutil_getgrgid(pamh, userinfo->pw_gid);
+ grpinfo = pam_modutil_getgrgid(pamh, userinfo->pw_gid);
if (grpinfo == NULL) {
- _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "getgrgid(%d) failed",
+ pam_syslog(pamh,LOG_ERR, "getgrgid(%d) failed",
(int)userinfo->pw_gid);
+ free(ifname);
return onerr;
}
itemlist[0] = x_strdup(grpinfo->gr_name);
setgrent();
- for (i=1; (i < sizeof(itemlist)/sizeof(itemlist[0])-1) &&
+ for (i=1; (i < (int)(sizeof(itemlist)/sizeof(itemlist[0])-1)) &&
(grpinfo = getgrent()); ) {
if (is_on_list(grpinfo->gr_mem,citemp)) {
itemlist[i++] = x_strdup(grpinfo->gr_name);
@@ -284,30 +291,33 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
/* Assume that we have already gotten PAM_USER in
pam_get_item() - a valid assumption since citem
gets set to PAM_USER in the extitem switch */
- userinfo = _pammodutil_getpwnam(pamh, citemp);
+ userinfo = pam_modutil_getpwnam(pamh, citemp);
if (userinfo == NULL) {
- _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "getpwnam(%s) failed",
+ pam_syslog(pamh,LOG_ERR, "getpwnam(%s) failed",
citemp);
+ free(ifname);
return onerr;
}
citemp = userinfo->pw_shell;
break;
default:
- _pam_log(LOG_ERR,
- LOCAL_LOG_PREFIX
+ pam_syslog(pamh,LOG_ERR,
+
"Internal weirdness, unknown extended item %d",
extitem);
+ free(ifname);
return onerr;
}
}
#ifdef DEBUG
- _pam_log(LOG_INFO,
- LOCAL_LOG_PREFIX
+ pam_syslog(pamh,LOG_INFO,
+
"Got file = %s, item = %d, value = %s, sense = %d",
ifname, citem, citemp, sense);
#endif
if(lstat(ifname,&fileinfo)) {
- _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "Couldn't open %s",ifname);
+ pam_syslog(pamh,LOG_ERR, "Couldn't open %s",ifname);
+ free(ifname);
return onerr;
}
@@ -315,9 +325,10 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
|| !S_ISREG(fileinfo.st_mode)) {
/* If the file is world writable or is not a
normal file, return error */
- _pam_log(LOG_ERR,LOCAL_LOG_PREFIX
+ pam_syslog(pamh,LOG_ERR,
"%s is either world writable or not a normal file",
ifname);
+ free(ifname);
return PAM_AUTH_ERR;
}
@@ -325,8 +336,9 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
if(inf == NULL) { /* Check that we opened it successfully */
if (onerr == PAM_SERVICE_ERR) {
/* Only report if it's an error... */
- _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "Error opening %s", ifname);
+ pam_syslog(pamh,LOG_ERR, "Error opening %s", ifname);
}
+ free(ifname);
return onerr;
}
/* There should be no more errors from here on */
@@ -373,36 +385,59 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
free(ifname);
if ((sense && retval) || (!sense && !retval)) {
#ifdef DEBUG
- _pam_log(LOG_INFO, LOCAL_LOG_PREFIX
+ pam_syslog(pamh,LOG_INFO,
"Returning PAM_SUCCESS, retval = %d", retval);
#endif
return PAM_SUCCESS;
}
else {
- const char *service, *user_name;
+ const void *service;
+ const char *user_name;
#ifdef DEBUG
- _pam_log(LOG_INFO,LOCAL_LOG_PREFIX
+ pam_syslog(pamh,LOG_INFO,
"Returning PAM_AUTH_ERR, retval = %d", retval);
#endif
- (void) pam_get_item(pamh, PAM_SERVICE, (const void **)&service);
+ (void) pam_get_item(pamh, PAM_SERVICE, &service);
(void) pam_get_user(pamh, &user_name, NULL);
- _pam_log(LOG_ALERT,LOCAL_LOG_PREFIX "Refused user %s for service %s",
- user_name, service);
+ pam_syslog (pamh, LOG_ALERT, "Refused user %s for service %s",
+ user_name, (const char *)service);
return PAM_AUTH_ERR;
}
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
-PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_acct_mgmt (pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_open_session (pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
{
- return pam_sm_authenticate(pamh, 0, argc, argv);
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_close_session (pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_chauthtok (pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
}
#ifdef PAM_STATIC
@@ -414,12 +449,11 @@ struct pam_module _pam_listfile_modstruct = {
pam_sm_authenticate,
pam_sm_setcred,
pam_sm_acct_mgmt,
- NULL,
- NULL,
- NULL,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ pam_sm_chauthtok,
};
#endif /* PAM_STATIC */
/* end of module definition */
-
diff --git a/Linux-PAM/modules/pam_listfile/tst-pam_listfile b/Linux-PAM/modules/pam_listfile/tst-pam_listfile
new file mode 100755
index 00000000..f555a9f5
--- /dev/null
+++ b/Linux-PAM/modules/pam_listfile/tst-pam_listfile
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_listfile.so
diff --git a/Linux-PAM/modules/pam_localuser/Makefile b/Linux-PAM/modules/pam_localuser/Makefile
deleted file mode 100644
index 3dc61aa0..00000000
--- a/Linux-PAM/modules/pam_localuser/Makefile
+++ /dev/null
@@ -1,14 +0,0 @@
-# $Id: Makefile,v 1.1 2004/09/24 11:49:37 kukuk Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-#
-
-include ../../Make.Rules
-
-TITLE=pam_localuser
-MAN8=pam_localuser.8
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_localuser/Makefile.am b/Linux-PAM/modules/pam_localuser/Makefile.am
new file mode 100644
index 00000000..ae331755
--- /dev/null
+++ b/Linux-PAM/modules/pam_localuser/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README ${MANS} $(XMLS) tst-pam_localuser
+
+TESTS = tst-pam_localuser
+
+man_MANS = pam_localuser.8
+XMLS = README.xml pam_localuser.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_localuser.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_localuser.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_localuser/Makefile.in b/Linux-PAM/modules/pam_localuser/Makefile.in
new file mode 100644
index 00000000..24daef1f
--- /dev/null
+++ b/Linux-PAM/modules/pam_localuser/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_localuser
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_localuser_la_LIBADD =
+pam_localuser_la_SOURCES = pam_localuser.c
+pam_localuser_la_OBJECTS = pam_localuser.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_localuser.c
+DIST_SOURCES = pam_localuser.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README ${MANS} $(XMLS) tst-pam_localuser
+TESTS = tst-pam_localuser
+man_MANS = pam_localuser.8
+XMLS = README.xml pam_localuser.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_localuser.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_localuser/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_localuser/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_localuser.la: $(pam_localuser_la_OBJECTS) $(pam_localuser_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_localuser_la_OBJECTS) $(pam_localuser_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_localuser.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_localuser.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_localuser/README b/Linux-PAM/modules/pam_localuser/README
index b8cdf524..50663ead 100644
--- a/Linux-PAM/modules/pam_localuser/README
+++ b/Linux-PAM/modules/pam_localuser/README
@@ -1,17 +1,38 @@
-pam_localuser:
- Succeeds iff the PAM_USER is listed in /etc/passwd. This seems to be a
- common policy need (allowing only a subset of network-wide users, and
- any locally-defined users, to access services). Simpler than using
- awk to generate a file for use with pam_listfile (-F: '{print $1}'),
- I guess.
-
-RECOGNIZED ARGUMENTS:
- debug write debugging messages to syslog
- file=FILE scan FILE instead of /etc/passwd
-
-MODULE SERVICES PROVIDED:
- auth,account scan the FILE (/etc/passwd by default) and return
- a success code if an entry is found for the user
-
-AUTHOR:
- Nalin Dahyabhai <nalin@redhat.com>
+pam_localuser — require users to be listed in /etc/passwd
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_localuser is a PAM module to help implementing site-wide login policies,
+where they typically include a subset of the network's users and a few accounts
+that are local to a particular workstation. Using pam_localuser and pam_wheel
+or pam_listfile is an effective way to restrict access to either local users
+and/or a subset of the network's users.
+
+This could also be implemented using pam_listfile.so and a very short awk
+script invoked by cron, but it's common enough to have been separated out.
+
+OPTIONS
+
+debug
+
+ Print debug information.
+
+file=/path/passwd
+
+ Use a file other than /etc/passwd.
+
+EXAMPLES
+
+Add the following line to /etc/pam.d/su to allow only local users in group
+wheel to use su.
+
+account sufficient pam_localuser.so
+account required pam_wheel.so
+
+
+AUTHOR
+
+pam_localuser was written by Nalin Dahyabhai <nalin@redhat.com>.
+
diff --git a/Linux-PAM/modules/pam_localuser/README.xml b/Linux-PAM/modules/pam_localuser/README.xml
new file mode 100644
index 00000000..4ab56d9d
--- /dev/null
+++ b/Linux-PAM/modules/pam_localuser/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_localuser.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_localuser.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_localuser-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_localuser.8.xml" xpointer='xpointer(//refsect1[@id = "pam_localuser-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_localuser.8.xml" xpointer='xpointer(//refsect1[@id = "pam_localuser-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_localuser.8.xml" xpointer='xpointer(//refsect1[@id = "pam_localuser-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_localuser.8.xml" xpointer='xpointer(//refsect1[@id = "pam_localuser-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_localuser/pam_localuser.8 b/Linux-PAM/modules/pam_localuser/pam_localuser.8
index ce0a9465..e88f0b57 100644
--- a/Linux-PAM/modules/pam_localuser/pam_localuser.8
+++ b/Linux-PAM/modules/pam_localuser/pam_localuser.8
@@ -1,36 +1,88 @@
-.\" Copyright 2000 Red Hat, Inc.
-.TH pam_localuser 8 2000/7/21 "Red Hat" "System Administrator's Manual"
-
-.SH NAME
+.\" Title: pam_localuser
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.71.0 <http://docbook.sf.net/>
+.\" Date: 12/13/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_LOCALUSER" "8" "12/13/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
pam_localuser \- require users to be listed in /etc/passwd
+.SH "SYNOPSIS"
+.HP 17
+\fBpam_localuser.so\fR [debug] [file=\fI/path/passwd\fR]
+.SH "DESCRIPTION"
+.PP
+pam_localuser is a PAM module to help implementing site\-wide login policies, where they typically include a subset of the network's users and a few accounts that are local to a particular workstation. Using pam_localuser and pam_wheel or pam_listfile is an effective way to restrict access to either local users and/or a subset of the network's users.
+.PP
+This could also be implemented using pam_listfile.so and a very short awk script invoked by cron, but it's common enough to have been separated out.
+.SH "OPTIONS"
+.PP
+.PP
+\fBdebug\fR
+.RS 3n
+Print debug information.
+.RE
+.PP
+\fBfile=\fR\fB\fI/path/passwd\fR\fR
+.RS 3n
+Use a file other than
+\fI/etc/passwd\fR.
+.RE
+.SH "MODULE SERVICES PROVIDED"
+.PP
+All services (\fBaccount\fR,
+\fBauth\fR,
+\fBpassword\fR
+and
+\fBsession\fR) are supported.
+.SH "RETURN VALUES"
+.PP
+.PP
+PAM_SUCCESS
+.RS 3n
+The new localuser was set successfull.
+.RE
+.PP
+PAM_SERVICE_ERR
+.RS 3n
+No username was given.
+.RE
+.PP
+PAM_USER_UNKNOWN
+.RS 3n
+User not known.
+.RE
+.SH "EXAMPLES"
+.PP
+Add the following line to
+\fI/etc/pam.d/su\fR
+to allow only local users in group wheel to use su.
+.sp
+.RS 3n
+.nf
+account sufficient pam_localuser.so
+account required pam_wheel.so
+
+.fi
+.RE
+.sp
+.SH "FILES"
+.PP
+\fI/etc/passwd\fR
+.RS 3n
+Local user account information.
+.RE
+.SH "SEE ALSO"
+.PP
-.SH SYNOPSIS
-.B account sufficient /lib/security/pam_localuser.so \fIargs\fP
-.br
-.B account required /lib/security/pam_wheel.so group=devel
-
-.SH DESCRIPTION
-pam_localuser.so exists to help implement site-wide login policies, where
-they typically include a subset of the network's users and a few accounts
-that are local to a particular workstation. Using pam_localuser.so and
-pam_wheel.so or pam_listfile.so is an effective way to restrict access to
-either local users and/or a subset of the network's users.
-
-This could also be implemented using pam_listfile.so and a very short awk
-script invoked by cron, but it's common enough to have been separated out.
-
-.SH ARGUMENTS
-.IP debug
-turns on debugging
-.IP file=\fBFILE\fP
-uses a file other than \fB/etc/passwd\fP.
-
-.SH FILES
-/etc/passwd
-
-.SH BUGS
-Let's hope not, but if you find any, please report them via the "Bug Track"
-link at http://bugzilla.redhat.com/bugzilla/
-
-.SH AUTHOR
-Nalin Dahyabhai <nalin@redhat.com>
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_localuser was written by Nalin Dahyabhai <nalin@redhat.com>.
diff --git a/Linux-PAM/modules/pam_localuser/pam_localuser.8.xml b/Linux-PAM/modules/pam_localuser/pam_localuser.8.xml
new file mode 100644
index 00000000..ac00ce99
--- /dev/null
+++ b/Linux-PAM/modules/pam_localuser/pam_localuser.8.xml
@@ -0,0 +1,173 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_localuser">
+
+ <refmeta>
+ <refentrytitle>pam_localuser</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_localuser-name">
+ <refname>pam_localuser</refname>
+ <refpurpose>require users to be listed in /etc/passwd</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_localuser-cmdsynopsis">
+ <command>pam_localuser.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ file=<replaceable>/path/passwd</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_localuser-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_localuser is a PAM module to help implementing site-wide login
+ policies, where they typically include a subset of the network's
+ users and a few accounts that are local to a particular workstation.
+ Using pam_localuser and pam_wheel or pam_listfile is an effective
+ way to restrict access to either local users and/or a subset of the
+ network's users.
+ </para>
+ <para>
+ This could also be implemented using pam_listfile.so and a very
+ short awk script invoked by cron, but it's common enough to have
+ been separated out.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_localuser-options">
+
+ <title>OPTIONS</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>file=<replaceable>/path/passwd</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Use a file other than <filename>/etc/passwd</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_localuser-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ All services (<option>account</option>, <option>auth</option>,
+ <option>password</option> and <option>session</option>) are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_localuser-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The new localuser was set successfull.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ No username was given.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_localuser-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add the following line to <filename>/etc/pam.d/su</filename> to
+ allow only local users in group wheel to use su.
+ <programlisting>
+account sufficient pam_localuser.so
+account required pam_wheel.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_localuser-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>Local user account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_localuser-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_localuser-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_localuser was written by Nalin Dahyabhai &lt;nalin@redhat.com&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_localuser/pam_localuser.c b/Linux-PAM/modules/pam_localuser/pam_localuser.c
index e5496089..aa43bc4c 100644
--- a/Linux-PAM/modules/pam_localuser/pam_localuser.c
+++ b/Linux-PAM/modules/pam_localuser/pam_localuser.c
@@ -33,7 +33,7 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#include "../../_pam_aconf.h"
+#include "config.h"
#include <errno.h>
#include <limits.h>
@@ -49,13 +49,15 @@
#define PAM_SM_AUTH
#define PAM_SM_ACCOUNT
-#include "../../libpam/include/security/pam_modules.h"
-#include "../../libpam/include/security/_pam_macros.h"
+#include <security/pam_modules.h>
+#include <security/_pam_macros.h>
+#include <security/pam_ext.h>
#define MODULE_NAME "pam_localuser"
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
int i, ret = PAM_SUCCESS;
FILE *fp;
@@ -74,10 +76,9 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
if(strncmp("file=", argv[i], 5) == 0) {
filename = argv[i] + 5;
if(debug) {
- openlog(MODULE_NAME, LOG_PID, LOG_AUTHPRIV);
- syslog(LOG_DEBUG, "set filename to \"%s\"",
- filename);
- closelog();
+ pam_syslog (pamh, LOG_DEBUG,
+ "set filename to \"%s\"",
+ filename);
}
}
}
@@ -85,25 +86,19 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
/* open the file */
fp = fopen(filename, "r");
if(fp == NULL) {
- openlog(MODULE_NAME, LOG_PID, LOG_AUTHPRIV);
- syslog(LOG_ERR, "error opening \"%s\": %s", filename,
- strerror(errno));
- closelog();
+ pam_syslog (pamh, LOG_ERR, "error opening \"%s\": %m",
+ filename);
return PAM_SYSTEM_ERR;
}
if(pam_get_user(pamh, &user, NULL) != PAM_SUCCESS) {
- openlog(MODULE_NAME, LOG_PID, LOG_AUTHPRIV);
- syslog(LOG_ERR, "user name not specified yet");
- closelog();
+ pam_syslog (pamh, LOG_ERR, "user name not specified yet");
fclose(fp);
return PAM_SYSTEM_ERR;
}
if ((user == NULL) || (strlen(user) == 0)) {
- openlog(MODULE_NAME, LOG_PID, LOG_AUTHPRIV);
- syslog(LOG_ERR, "user name not valid");
- closelog();
+ pam_syslog (pamh, LOG_ERR, "user name not valid");
fclose(fp);
return PAM_SYSTEM_ERR;
}
@@ -115,9 +110,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
i = strlen(name);
while(fgets(line, sizeof(line), fp) != NULL) {
if(debug) {
- openlog(MODULE_NAME, LOG_PID, LOG_AUTHPRIV);
- syslog(LOG_DEBUG, "checking \"%s\"", line);
- closelog();
+ pam_syslog (pamh, LOG_DEBUG, "checking \"%s\"", line);
}
if(strncmp(name, line, i) == 0) {
ret = PAM_SUCCESS;
@@ -125,19 +118,41 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
}
}
- /* okay, we're done */
+ /* okay, we're done */
fclose(fp);
return ret;
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
-PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_open_session (pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_close_session (pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_chauthtok (pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
{
return pam_sm_authenticate(pamh, flags, argc, argv);
}
@@ -151,9 +166,9 @@ struct pam_module _pam_localuser_modstruct = {
pam_sm_authenticate,
pam_sm_setcred,
pam_sm_acct_mgmt,
- NULL,
- NULL,
- NULL,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ pam_sm_chauthtok
};
#endif
diff --git a/Linux-PAM/modules/pam_localuser/tst-pam_localuser b/Linux-PAM/modules/pam_localuser/tst-pam_localuser
new file mode 100755
index 00000000..2bcdf6b9
--- /dev/null
+++ b/Linux-PAM/modules/pam_localuser/tst-pam_localuser
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_localuser.so
diff --git a/Linux-PAM/modules/pam_loginuid/Makefile.am b/Linux-PAM/modules/pam_loginuid/Makefile.am
new file mode 100644
index 00000000..6f2d84b0
--- /dev/null
+++ b/Linux-PAM/modules/pam_loginuid/Makefile.am
@@ -0,0 +1,34 @@
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_loginuid
+
+man_MANS = pam_loginuid.8
+
+XMLS = README.xml pam_loginuid.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam @LIBAUDIT@
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_loginuid.la
+
+if ENABLE_REGENERATE_MAN
+
+noinst_DATA = README
+
+README: pam_loginuid.8.xml
+
+-include $(top_srcdir)/Make.xml.rules
+endif
+
+TESTS = tst-pam_loginuid
diff --git a/Linux-PAM/modules/pam_loginuid/Makefile.in b/Linux-PAM/modules/pam_loginuid/Makefile.in
new file mode 100644
index 00000000..4a4edd3c
--- /dev/null
+++ b/Linux-PAM/modules/pam_loginuid/Makefile.in
@@ -0,0 +1,667 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_loginuid
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_loginuid_la_LIBADD =
+pam_loginuid_la_SOURCES = pam_loginuid.c
+pam_loginuid_la_OBJECTS = pam_loginuid.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_loginuid.c
+DIST_SOURCES = pam_loginuid.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_loginuid
+man_MANS = pam_loginuid.8
+XMLS = README.xml pam_loginuid.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam @LIBAUDIT@ $(am__append_1)
+securelib_LTLIBRARIES = pam_loginuid.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+TESTS = tst-pam_loginuid
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_loginuid/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_loginuid/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_loginuid.la: $(pam_loginuid_la_OBJECTS) $(pam_loginuid_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_loginuid_la_OBJECTS) $(pam_loginuid_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_loginuid.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_loginuid.8.xml
+
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_loginuid/README b/Linux-PAM/modules/pam_loginuid/README
new file mode 100644
index 00000000..f07cffeb
--- /dev/null
+++ b/Linux-PAM/modules/pam_loginuid/README
@@ -0,0 +1,29 @@
+pam_loginuid — Record user's login uid to the process attribute
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_loginuid module sets the loginuid process attribute for the process
+that was authenticated. This is necessary for applications to be correctly
+audited. This PAM module should only be used for entry point applications like:
+login, sshd, gdm, vsftpd, crond and atd. There are probably other entry point
+applications besides these. You should not use it for applications like sudo or
+su as that defeats the purpose by changing the loginuid to the account they
+just switched to.
+
+EXAMPLES
+
+#%PAM-1.0
+auth required pam_unix.so
+auth required pam_nologin.so
+account required pam_unix.so
+password required pam_unix.so
+session required pam_unix.so
+session required pam_loginuid.so
+
+
+AUTHOR
+
+pam_loginuid was written by Steve Grubb <sgrubb@redhat.com>
+
diff --git a/Linux-PAM/modules/pam_loginuid/README.xml b/Linux-PAM/modules/pam_loginuid/README.xml
new file mode 100644
index 00000000..3bcd38ab
--- /dev/null
+++ b/Linux-PAM/modules/pam_loginuid/README.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_loginuid.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_loginuid.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_loginuid-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_loginuid.8.xml" xpointer='xpointer(//refsect1[@id = "pam_loginuid-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_loginuid.8.xml" xpointer='xpointer(//refsect1[@id = "pam_loginuid-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_loginuid.8.xml" xpointer='xpointer(//refsect1[@id = "pam_loginuid-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_loginuid/pam_loginuid.8 b/Linux-PAM/modules/pam_loginuid/pam_loginuid.8
new file mode 100644
index 00000000..ef0f95f1
--- /dev/null
+++ b/Linux-PAM/modules/pam_loginuid/pam_loginuid.8
@@ -0,0 +1,59 @@
+.\" Title: pam_loginuid
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets vsnapshot_2006\-08\-24_0226 <http://docbook.sf.net/>
+.\" Date: 09/06/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_LOGINUID" "8" "09/06/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_loginuid \- Record user's login uid to the process attribute
+.SH "SYNOPSIS"
+.HP 16
+\fBpam_loginuid.so\fR [require_auditd]
+.SH "DESCRIPTION"
+.PP
+The pam_loginuid module sets the loginuid process attribute for the process that was authenticated. This is necessary for applications to be correctly audited. This PAM module should only be used for entry point applications like: login, sshd, gdm, vsftpd, crond and atd. There are probably other entry point applications besides these. You should not use it for applications like sudo or su as that defeats the purpose by changing the loginuid to the account they just switched to.
+.SH "OPTIONS"
+.TP 3n
+\fBrequire_auditd\fR
+This option, when given, will cause this module to query the audit daemon status and deny logins if it is not running.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The
+\fBsession\fR
+service is supported.
+.SH "RETURN VALUES"
+.PP
+.TP 3n
+PAM_SESSION_ERR
+An error occured during session management.
+.SH "EXAMPLES"
+.sp
+.RS 3n
+.nf
+#%PAM\-1.0
+auth required pam_unix.so
+auth required pam_nologin.so
+account required pam_unix.so
+password required pam_unix.so
+session required pam_unix.so
+session required pam_loginuid.so
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8),
+\fBauditctl\fR(8),
+\fBauditd\fR(8)
+.SH "AUTHOR"
+.PP
+pam_loginuid was written by Steve Grubb <sgrubb@redhat.com>
diff --git a/Linux-PAM/modules/pam_loginuid/pam_loginuid.8.xml b/Linux-PAM/modules/pam_loginuid/pam_loginuid.8.xml
new file mode 100644
index 00000000..f50336d0
--- /dev/null
+++ b/Linux-PAM/modules/pam_loginuid/pam_loginuid.8.xml
@@ -0,0 +1,125 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_loginuid">
+
+ <refmeta>
+ <refentrytitle>pam_loginuid</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_loginuid-name">
+ <refname>pam_loginuid</refname>
+ <refpurpose>Record user's login uid to the process attribute</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_loginuid-cmdsynopsis">
+ <command>pam_loginuid.so</command>
+ <arg choice="opt">
+ require_auditd
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_loginuid-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ The pam_loginuid module sets the loginuid process attribute for the
+ process that was authenticated. This is necessary for applications
+ to be correctly audited. This PAM module should only be used for entry
+ point applications like: login, sshd, gdm, vsftpd, crond and atd.
+ There are probably other entry point applications besides these.
+ You should not use it for applications like sudo or su as that
+ defeats the purpose by changing the loginuid to the account they just
+ switched to.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_loginuid-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>require_auditd</option>
+ </term>
+ <listitem>
+ <para>
+ This option, when given, will cause this module to query
+ the audit daemon status and deny logins if it is not running.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_loginuid-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The <option>session</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_loginuid-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SESSION_ERR</term>
+ <listitem>
+ <para>
+ An error occured during session management.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_loginuid-examples'>
+ <title>EXAMPLES</title>
+ <programlisting>
+#%PAM-1.0
+auth required pam_unix.so
+auth required pam_nologin.so
+account required pam_unix.so
+password required pam_unix.so
+session required pam_unix.so
+session required pam_loginuid.so
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id='pam_loginuid-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>auditctl</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>auditd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_loginuid-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_loginuid was written by Steve Grubb &lt;sgrubb@redhat.com&gt;
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_loginuid/pam_loginuid.c b/Linux-PAM/modules/pam_loginuid/pam_loginuid.c
new file mode 100644
index 00000000..13d915e3
--- /dev/null
+++ b/Linux-PAM/modules/pam_loginuid/pam_loginuid.c
@@ -0,0 +1,240 @@
+/* pam_loginuid.c --
+ * Copyright 2005 Red Hat Inc., Durham, North Carolina.
+ * All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * Authors:
+ * Steve Grubb <sgrubb@redhat.com>
+ *
+ * PAM module that sets the login uid introduced in kernel 2.6.11
+ */
+
+#include "config.h"
+#include <stdio.h>
+#include <stdarg.h>
+#include <syslog.h>
+#include <string.h>
+#include <pwd.h>
+#include <unistd.h>
+#include <limits.h>
+#include <errno.h>
+
+#include <security/pam_modules.h>
+#include <security/pam_ext.h>
+#include <security/pam_modutil.h>
+
+#include <fcntl.h>
+
+#ifdef HAVE_LIBAUDIT
+#include <libaudit.h>
+#include <sys/select.h>
+#include <errno.h>
+#endif
+
+/*
+ * This function writes the loginuid to the /proc system. It returns
+ * 0 on success and 1 on failure.
+ */
+static int set_loginuid(pam_handle_t *pamh, uid_t uid)
+{
+ int fd, count, rc = 0;
+ char loginuid[24];
+
+ count = snprintf(loginuid, sizeof(loginuid), "%d", uid);
+ fd = open("/proc/self/loginuid", O_NOFOLLOW|O_WRONLY|O_TRUNC);
+ if (fd < 0) {
+ int loglevel = LOG_DEBUG;
+ if (errno != ENOENT) {
+ rc = 1;
+ loglevel = LOG_ERR;
+ }
+ pam_syslog(pamh, loglevel, "set_loginuid failed opening loginuid");
+ return rc;
+ }
+ if (pam_modutil_write(fd, loginuid, count) != count)
+ rc = 1;
+ close(fd);
+ return rc;
+}
+
+#ifdef HAVE_LIBAUDIT
+/*
+ * This function is called only if "require_auditd" option is passed. It is
+ * called after loginuid has been set. The purpose is to disallow logins
+ * should the audit daemon not be running or crashed. It returns PAM_SUCCESS
+ * if the audit daemon is running and PAM_SESSION_ERR otherwise.
+ */
+static int check_auditd(void)
+{
+ int fd, retval;
+
+ fd = audit_open();
+ if (fd < 0) {
+ /* This is here to let people that build their own kernel
+ and disable the audit system get in. You get these error
+ codes only when the kernel doesn't have audit
+ compiled in. */
+ if (errno == EINVAL || errno == EPROTONOSUPPORT ||
+ errno == EAFNOSUPPORT)
+ return PAM_SUCCESS;
+ return PAM_SESSION_ERR;
+ }
+ retval = audit_request_status(fd);
+ if (retval > 0) {
+ struct audit_reply rep;
+ int i;
+ int timeout = 30; /* tenths of seconds */
+ fd_set read_mask;
+
+ FD_ZERO(&read_mask);
+ FD_SET(fd, &read_mask);
+
+ for (i = 0; i < timeout; i++) {
+ struct timeval t;
+ int rc;
+
+ t.tv_sec = 0;
+ t.tv_usec = 100000;
+ do {
+ rc = select(fd+1, &read_mask, NULL, NULL, &t);
+ } while (rc < 0 && errno == EINTR);
+
+ rc = audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING,0);
+ if (rc > 0) {
+ /* If we get done or error, break out */
+ if (rep.type == NLMSG_DONE ||
+ rep.type == NLMSG_ERROR)
+ break;
+
+ /* If its not status, keep looping */
+ if (rep.type != AUDIT_GET)
+ continue;
+
+ /* Found it... */
+ close(fd);
+ if (rep.status->pid == 0)
+ return PAM_SESSION_ERR;
+ else
+ return PAM_SUCCESS;
+ }
+ }
+ }
+ close(fd);
+ if (retval == -ECONNREFUSED) {
+ /* This is here to let people that build their own kernel
+ and disable the audit system get in. ECONNREFUSED is
+ issued by the kernel when there is "no on listening". */
+ return PAM_SUCCESS;
+ } else if (retval == -EPERM && getuid() != 0) {
+ /* If we get this, then the kernel supports auditing
+ * but we don't have enough privilege to write to the
+ * socket. Therefore, we have already been authenticated
+ * and we are a common user. Just act as though auditing
+ * is not enabled. Any other error we take seriously. */
+ return PAM_SUCCESS;
+ }
+
+ return PAM_SESSION_ERR;
+}
+#endif
+
+/*
+ * Initialize audit session for user
+ */
+static int
+_pam_loginuid(pam_handle_t *pamh, int flags UNUSED,
+#ifdef HAVE_LIBAUDIT
+ int argc, const char **argv
+#else
+ int argc UNUSED, const char **argv UNUSED
+#endif
+)
+{
+ const char *user = NULL;
+ struct passwd *pwd;
+#ifdef HAVE_LIBAUDIT
+ int require_auditd = 0;
+#endif
+
+ /* get user name */
+ if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS)
+ {
+ pam_syslog(pamh, LOG_ERR, "error recovering login user-name");
+ return PAM_SESSION_ERR;
+ }
+
+ /* get user info */
+ if ((pwd = pam_modutil_getpwnam(pamh, user)) == NULL) {
+ pam_syslog(pamh, LOG_ERR,
+ "error: login user-name '%s' does not exist", user);
+ return PAM_SESSION_ERR;
+ }
+
+ if (set_loginuid(pamh, pwd->pw_uid)) {
+ pam_syslog(pamh, LOG_ERR, "set_loginuid failed\n");
+ return PAM_SESSION_ERR;
+ }
+
+#ifdef HAVE_LIBAUDIT
+ while (argc-- > 0) {
+ if (strcmp(*argv, "require_auditd") == 0)
+ require_auditd = 1;
+ argv++;
+ }
+
+ if (require_auditd)
+ return check_auditd();
+ else
+#endif
+ return PAM_SUCCESS;
+}
+
+/*
+ * PAM routines
+ *
+ * This is here for vsftpd which doesn't seem to run the session stack
+ */
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
+{
+ return _pam_loginuid(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
+{
+ return _pam_loginuid(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_close_session(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_SUCCESS;
+}
+
+/* static module data */
+#ifdef PAM_STATIC
+struct pam_module _pam_loginuid_modstruct = {
+ "pam_loginuid",
+ NULL,
+ NULL,
+ pam_sm_acct_mgmt,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ NULL
+};
+#endif
diff --git a/Linux-PAM/modules/pam_loginuid/tst-pam_loginuid b/Linux-PAM/modules/pam_loginuid/tst-pam_loginuid
new file mode 100755
index 00000000..bd1e83b7
--- /dev/null
+++ b/Linux-PAM/modules/pam_loginuid/tst-pam_loginuid
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_loginuid.so
diff --git a/Linux-PAM/modules/pam_mail/Makefile b/Linux-PAM/modules/pam_mail/Makefile
deleted file mode 100644
index 2d9b8e9a..00000000
--- a/Linux-PAM/modules/pam_mail/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:04 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_mail
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_mail/Makefile.am b/Linux-PAM/modules/pam_mail/Makefile.am
new file mode 100644
index 00000000..95a25a61
--- /dev/null
+++ b/Linux-PAM/modules/pam_mail/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_mail
+
+man_MANS = pam_mail.8
+XMLS = README.xml pam_mail.8.xml
+
+TESTS = tst-pam_mail
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_mail.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_mail.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_mail/Makefile.in b/Linux-PAM/modules/pam_mail/Makefile.in
new file mode 100644
index 00000000..bacd62ca
--- /dev/null
+++ b/Linux-PAM/modules/pam_mail/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_mail
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_mail_la_LIBADD =
+pam_mail_la_SOURCES = pam_mail.c
+pam_mail_la_OBJECTS = pam_mail.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_mail.c
+DIST_SOURCES = pam_mail.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_mail
+man_MANS = pam_mail.8
+XMLS = README.xml pam_mail.8.xml
+TESTS = tst-pam_mail
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_mail.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_mail/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_mail/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_mail.la: $(pam_mail_la_OBJECTS) $(pam_mail_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_mail_la_OBJECTS) $(pam_mail_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_mail.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_mail.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_mail/README b/Linux-PAM/modules/pam_mail/README
index 155bd1db..a0a0b7d9 100644
--- a/Linux-PAM/modules/pam_mail/README
+++ b/Linux-PAM/modules/pam_mail/README
@@ -1,17 +1,71 @@
-This is the README for pam_mail
--------------------------------
-
-This PAM module tells the User that he has new/unread email.
-
-Options for:
-auth: for authentication it provides pam_authenticate() and
- pam_setcred() hooks.
-
- "debug" write more information to syslog
- "dir=maildir" users mailbox is maildir/<login>
- "hash=count" mail directory hash depth
- "close" print message also on logout
- "nopen" print message not on login
- "noenv" don't set the MAIL environment variable
- "empty" also print message if user has no mail
+pam_mail — Inform about available mail
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_mail PAM module provides the "you have new mail" service to the user.
+It can be plugged into any application that has credential or session hooks. It
+gives a single message indicating the newness of any mail it finds in the
+user's mail folder. This module also sets the PAM environment variable, MAIL,
+to the user's mail directory.
+
+If the mail spool file (be it /var/mail/$USER or a pathname given with the dir=
+parameter) is a directory then pam_mail assumes it is in the Maildir format.
+
+OPTIONS
+
+close
+
+ Indicate if the user has any mail also on logout.
+
+debug
+
+ Print debug information.
+
+dir=maildir
+
+ Look for the users' mail in an alternative location defined by maildir/
+ <login>. The default location for mail is /var/mail/<login>. Note, if the
+ supplied maildir is prefixed by a '~', the directory is interpreted as
+ indicating a file in the user's home directory.
+
+empty
+
+ Also print message if user has no mail.
+
+hash=count
+
+ Mail directory hash depth. For example, a hashcount of 2 would make the
+ mail file be /var/spool/mail/u/s/user.
+
+noenv
+
+ Do not set the MAIL environment variable.
+
+nopen
+
+ Don't print any mail information on login. This flag is useful to get the
+ MAIL environment variable set, but to not display any information about it.
+
+quiet
+
+ Only report when there is new mail.
+
+standard
+
+ Old style "You have..." format which doesn't show the mail spool being
+ used. This also implies "empty".
+
+EXAMPLES
+
+Add the following line to /etc/pam.d/login to indicate that the user has new
+mail when they login to the system.
+
+session optional pam_mail.so standard
+
+
+AUTHOR
+
+pam_mail was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_mail/README.xml b/Linux-PAM/modules/pam_mail/README.xml
new file mode 100644
index 00000000..4165d857
--- /dev/null
+++ b/Linux-PAM/modules/pam_mail/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_mail.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mail.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_mail-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mail.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mail-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mail.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mail-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mail.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mail-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mail.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mail-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_mail/pam_mail.8 b/Linux-PAM/modules/pam_mail/pam_mail.8
new file mode 100644
index 00000000..6d8a69a8
--- /dev/null
+++ b/Linux-PAM/modules/pam_mail/pam_mail.8
@@ -0,0 +1,113 @@
+.\" Title: pam_mail
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/09/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_MAIL" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_mail \- Inform about available mail
+.SH "SYNOPSIS"
+.HP 12
+\fBpam_mail.so\fR [close] [debug] [dir=\fImaildir\fR] [empty] [hash=\fIcount\fR] [noenv] [nopen] [quit] [standard]
+.SH "DESCRIPTION"
+.PP
+The pam_mail PAM module provides the "you have new mail" service to the user. It can be plugged into any application that has credential or session hooks. It gives a single message indicating the
+\fInewness\fR
+of any mail it finds in the user's mail folder. This module also sets the PAM environment variable,
+\fBMAIL\fR, to the user's mail directory.
+.PP
+If the mail spool file (be it
+\fI/var/mail/$USER\fR
+or a pathname given with the
+\fBdir=\fR
+parameter) is a directory then pam_mail assumes it is in the
+\fIMaildir\fR
+format.
+.SH "OPTIONS"
+.PP
+.TP 3n
+\fBclose\fR
+Indicate if the user has any mail also on logout.
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBdir=\fR\fB\fImaildir\fR\fR
+Look for the users' mail in an alternative location defined by
+\fImaildir/<login>\fR. The default location for mail is
+\fI/var/mail/<login>\fR. Note, if the supplied
+\fImaildir\fR
+is prefixed by a '~', the directory is interpreted as indicating a file in the user's home directory.
+.TP 3n
+\fBempty\fR
+Also print message if user has no mail.
+.TP 3n
+\fBhash=\fR\fB\fIcount\fR\fR
+Mail directory hash depth. For example, a
+\fIhashcount\fR
+of 2 would make the mail file be
+\fI/var/spool/mail/u/s/user\fR.
+.TP 3n
+\fBnoenv\fR
+Do not set the
+\fBMAIL\fR
+environment variable.
+.TP 3n
+\fBnopen\fR
+Don't print any mail information on login. This flag is useful to get the
+\fBMAIL\fR
+environment variable set, but to not display any information about it.
+.TP 3n
+\fBquiet\fR
+Only report when there is new mail.
+.TP 3n
+\fBstandard\fR
+Old style "You have..." format which doesn't show the mail spool being used. This also implies "empty".
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The
+\fBauth\fR
+and
+\fBaccount\fR
+services are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_SERVICE_ERR
+Badly formed arguments.
+.TP 3n
+PAM_SUCCESS
+Success.
+.TP 3n
+PAM_USER_UNKNOWN
+User not known.
+.SH "EXAMPLES"
+.PP
+Add the following line to
+\fI/etc/pam.d/login\fR
+to indicate that the user has new mail when they login to the system.
+.sp
+.RS 3n
+.nf
+session optional pam_mail.so standard
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_mail was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_mail/pam_mail.8.xml b/Linux-PAM/modules/pam_mail/pam_mail.8.xml
new file mode 100644
index 00000000..d3c481a5
--- /dev/null
+++ b/Linux-PAM/modules/pam_mail/pam_mail.8.xml
@@ -0,0 +1,279 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_mail">
+
+ <refmeta>
+ <refentrytitle>pam_mail</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_mail-name">
+ <refname>pam_mail</refname>
+ <refpurpose>Inform about available mail</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_mail-cmdsynopsis">
+ <command>pam_mail.so</command>
+ <arg choice="opt">
+ close
+ </arg>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ dir=<replaceable>maildir</replaceable>
+ </arg>
+ <arg choice="opt">
+ empty
+ </arg>
+ <arg choice="opt">
+ hash=<replaceable>count</replaceable>
+ </arg>
+ <arg choice="opt">
+ noenv
+ </arg>
+ <arg choice="opt">
+ nopen
+ </arg>
+ <arg choice="opt">
+ quit
+ </arg>
+ <arg choice="opt">
+ standard
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_mail-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ The pam_mail PAM module provides the "you have new mail"
+ service to the user. It can be plugged into any application
+ that has credential or session hooks. It gives a single message
+ indicating the <emphasis>newness</emphasis> of any mail it finds
+ in the user's mail folder. This module also sets the PAM
+ environment variable, <emphasis remap='B'>MAIL</emphasis>, to the
+ user's mail directory.
+ </para>
+ <para>
+ If the mail spool file (be it <filename>/var/mail/$USER</filename>
+ or a pathname given with the <option>dir=</option> parameter) is
+ a directory then pam_mail assumes it is in the
+ <emphasis remap='I'>Maildir</emphasis> format.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_mail-options">
+
+ <title>OPTIONS</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>close</option>
+ </term>
+ <listitem>
+ <para>
+ Indicate if the user has any mail also on logout.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>dir=<replaceable>maildir</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Look for the users' mail in an alternative location defined by
+ <filename>maildir/&lt;login&gt;</filename>. The default
+ location for mail is <filename>/var/mail/&lt;login&gt;</filename>.
+ Note, if the supplied
+ <filename>maildir</filename> is prefixed by a '~', the
+ directory is interpreted as indicating a file in the user's
+ home directory.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>empty</option>
+ </term>
+ <listitem>
+ <para>
+ Also print message if user has no mail.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>hash=<replaceable>count</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Mail directory hash depth. For example, a
+ <emphasis>hashcount</emphasis> of 2 would
+ make the mail file be
+ <filename>/var/spool/mail/u/s/user</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>noenv</option>
+ </term>
+ <listitem>
+ <para>
+ Do not set the <emphasis remap='B'>MAIL</emphasis>
+ environment variable.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>nopen</option>
+ </term>
+ <listitem>
+ <para>
+ Don't print any mail information on login. This flag is
+ useful to get the <emphasis remap='B'>MAIL</emphasis>
+ environment variable set, but to not display any information
+ about it.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>quiet</option>
+ </term>
+ <listitem>
+ <para>
+ Only report when there is new mail.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>standard</option>
+ </term>
+ <listitem>
+ <para>
+ Old style "You have..." format which doesn't show the
+ mail spool being used. This also implies "empty".
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_mail-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The <emphasis remap='B'>auth</emphasis> and
+ <emphasis remap='B'>account</emphasis> services are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_mail-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ Badly formed arguments.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Success.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_mail-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add the following line to <filename>/etc/pam.d/login</filename> to
+ indicate that the user has new mail when they login to the system.
+ <programlisting>
+session optional pam_mail.so standard
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_mail-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_mail-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_mail was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_mail/pam_mail.c b/Linux-PAM/modules/pam_mail/pam_mail.c
index 7987cb28..7d43d5e0 100644
--- a/Linux-PAM/modules/pam_mail/pam_mail.c
+++ b/Linux-PAM/modules/pam_mail/pam_mail.c
@@ -1,14 +1,12 @@
/* pam_mail module */
/*
- * $Id: pam_mail.c,v 1.6 2004/11/16 14:27:41 toady Exp $
- *
* Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11
* $HOME additions by David Kinchlea <kinch@kinch.ark.com> 1997/1/7
* mailhash additions by Chris Adams <cadams@ro.com> 1998/7/11
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <ctype.h>
#include <pwd.h>
@@ -21,18 +19,16 @@
#include <sys/types.h>
#include <unistd.h>
#include <dirent.h>
+#include <errno.h>
-#ifdef WANT_PWDB
-#include <pwdb/pwdb_public.h>
+#ifdef HAVE_PATHS_H
+#include <paths.h>
#endif
#define DEFAULT_MAIL_DIRECTORY PAM_PATH_MAILDIR
#define MAIL_FILE_FORMAT "%s%s/%s"
#define MAIL_ENV_NAME "MAIL"
#define MAIL_ENV_FORMAT MAIL_ENV_NAME "=%s"
-#define YOUR_MAIL_VERBOSE_FORMAT "You have %s mail in %s."
-#define YOUR_MAIL_STANDARD_FORMAT "You have %smail."
-#define NO_MAIL_STANDARD_FORMAT "No mail."
/*
* here, we make a definition for the externally accessible function
@@ -46,20 +42,8 @@
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-#include <security/_pam_modutil.h>
-
-/* some syslogging */
-
-static void _log_err(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-mail", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/* argument parsing */
@@ -74,8 +58,14 @@ static void _log_err(int err, const char *format, ...)
#define PAM_STANDARD_MAIL 0x0400
#define PAM_QUIET_MAIL 0x1000
-static int _pam_parse(int flags, int argc, const char **argv, char **maildir,
- int *hashcount)
+#define HAVE_NEW_MAIL 0x1
+#define HAVE_OLD_MAIL 0x2
+#define HAVE_NO_MAIL 0x3
+#define HAVE_MAIL 0x4
+
+static int
+_pam_parse (const pam_handle_t *pamh, int flags, int argc,
+ const char **argv, const char **maildir, size_t *hashcount)
{
int ctrl=0;
@@ -97,18 +87,18 @@ static int _pam_parse(int flags, int argc, const char **argv, char **maildir,
else if (!strcmp(*argv,"standard"))
ctrl |= PAM_STANDARD_MAIL | PAM_EMPTY_TOO;
else if (!strncmp(*argv,"dir=",4)) {
- *maildir = x_strdup(4+*argv);
- if (*maildir != NULL) {
+ *maildir = 4 + *argv;
+ if (**maildir != '\0') {
D(("new mail directory: %s", *maildir));
ctrl |= PAM_NEW_MAIL_DIR;
} else {
- _log_err(LOG_CRIT,
- "failed to duplicate mail directory - ignored");
+ pam_syslog(pamh, LOG_ERR,
+ "dir= specification missing argument - ignored");
}
} else if (!strncmp(*argv,"hash=",5)) {
char *ep = NULL;
- *hashcount = strtol(*argv+5,&ep,10);
- if (!ep || (*hashcount < 0)) {
+ *hashcount = strtoul(*argv+5,&ep,10);
+ if (!ep) {
*hashcount = 0;
}
} else if (!strcmp(*argv,"close")) {
@@ -120,90 +110,56 @@ static int _pam_parse(int flags, int argc, const char **argv, char **maildir,
} else if (!strcmp(*argv,"empty")) {
ctrl |= PAM_EMPTY_TOO;
} else {
- _log_err(LOG_ERR,"pam_parse: unknown option; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
if ((*hashcount != 0) && !(ctrl & PAM_NEW_MAIL_DIR)) {
- *maildir = x_strdup(DEFAULT_MAIL_DIRECTORY);
+ *maildir = DEFAULT_MAIL_DIRECTORY;
ctrl |= PAM_NEW_MAIL_DIR;
}
return ctrl;
}
-/* a front end for conversations */
-
-static int converse(pam_handle_t *pamh, int ctrl, int nargs
- , struct pam_message **message
- , struct pam_response **response)
-{
- int retval;
- struct pam_conv *conv;
-
- D(("begin to converse"));
-
- retval = pam_get_item( pamh, PAM_CONV, (const void **) &conv ) ;
- if ( retval == PAM_SUCCESS && conv ) {
-
- retval = conv->conv(nargs, ( const struct pam_message ** ) message
- , response, conv->appdata_ptr);
-
- D(("returned from application's conversation function"));
-
- if (retval != PAM_SUCCESS && (PAM_DEBUG_ARG & ctrl) ) {
- _log_err(LOG_DEBUG, "conversation failure [%s]"
- , pam_strerror(pamh, retval));
- }
-
- } else {
- _log_err(LOG_ERR, "couldn't obtain coversation function [%s]"
- , pam_strerror(pamh, retval));
- if (retval == PAM_SUCCESS)
- retval = PAM_BAD_ITEM; /* conv was NULL */
- }
-
- D(("ready to return from module conversation"));
-
- return retval; /* propagate error status */
-}
-
-static int get_folder(pam_handle_t *pamh, int ctrl,
- char **path_mail, char **folder_p, int hashcount)
+static int
+get_folder(pam_handle_t *pamh, int ctrl,
+ const char *path_mail, char **folder_p, size_t hashcount)
{
int retval;
const char *user, *path;
- char *folder;
- const struct passwd *pwd=NULL;
+ char *folder = NULL;
+ const struct passwd *pwd = NULL;
retval = pam_get_user(pamh, &user, NULL);
if (retval != PAM_SUCCESS || user == NULL) {
- _log_err(LOG_ERR, "no user specified");
- return PAM_USER_UNKNOWN;
+ pam_syslog(pamh, LOG_ERR, "cannot determine username");
+ retval = PAM_USER_UNKNOWN;
+ goto get_folder_cleanup;
}
if (ctrl & PAM_NEW_MAIL_DIR) {
- path = *path_mail;
- if (*path == '~') { /* support for $HOME delivery */
- pwd = _pammodutil_getpwnam(pamh, user);
+ path = path_mail;
+ if (*path == '~') { /* support for $HOME delivery */
+ pwd = pam_modutil_getpwnam(pamh, user);
if (pwd == NULL) {
- _log_err(LOG_ERR, "user [%s] unknown", user);
- _pam_overwrite(*path_mail);
- _pam_drop(*path_mail);
- return PAM_USER_UNKNOWN;
+ pam_syslog(pamh, LOG_ERR, "user unknown");
+ retval = PAM_USER_UNKNOWN;
+ goto get_folder_cleanup;
}
/*
* "~/xxx" and "~xxx" are treated as same
*/
if (!*++path || (*path == '/' && !*++path)) {
- _log_err(LOG_ALERT, "badly formed mail path [%s]", *path_mail);
- _pam_overwrite(*path_mail);
- _pam_drop(*path_mail);
- return PAM_ABORT;
+ pam_syslog(pamh, LOG_ERR,
+ "badly formed mail path [%s]", path_mail);
+ retval = PAM_SERVICE_ERR;
+ goto get_folder_cleanup;
}
ctrl |= PAM_HOME_MAIL;
if (hashcount != 0) {
- _log_err(LOG_ALERT, "can't do hash= and home directory mail");
+ pam_syslog(pamh, LOG_ERR,
+ "cannot do hash= and home directory mail");
}
}
} else {
@@ -212,153 +168,188 @@ static int get_folder(pam_handle_t *pamh, int ctrl,
/* put folder together */
+ hashcount = hashcount < strlen(user) ? hashcount : strlen(user);
+
+ retval = PAM_BUF_ERR;
if (ctrl & PAM_HOME_MAIL) {
- folder = malloc(sizeof(MAIL_FILE_FORMAT)
- +strlen(pwd->pw_dir)+strlen(path));
+ if (pwd == NULL) {
+ pwd = pam_modutil_getpwnam(pamh, user);
+ if (pwd == NULL) {
+ pam_syslog(pamh, LOG_ERR, "user unknown");
+ retval = PAM_USER_UNKNOWN;
+ goto get_folder_cleanup;
+ }
+ }
+ if (asprintf(&folder, MAIL_FILE_FORMAT, pwd->pw_dir, "", path) < 0)
+ goto get_folder_cleanup;
} else {
- folder = malloc(sizeof(MAIL_FILE_FORMAT)+strlen(path)+strlen(user)
- +2*hashcount);
- }
+ int rc;
+ size_t i;
+ char *hash;
- if (folder != NULL) {
- if (ctrl & PAM_HOME_MAIL) {
- sprintf(folder, MAIL_FILE_FORMAT, pwd->pw_dir, "", path);
- } else {
- int i;
- char *hash = malloc(2*hashcount+1);
+ if ((hash = malloc(2 * hashcount + 1)) == NULL)
+ goto get_folder_cleanup;
- if (hash) {
- for (i = 0; i < hashcount; i++) {
- hash[2*i] = '/';
- hash[2*i+1] = user[i];
- }
- hash[2*i] = '\0';
- sprintf(folder, MAIL_FILE_FORMAT, path, hash, user);
- _pam_overwrite(hash);
- _pam_drop(hash);
- } else {
- _pam_drop(folder);
- _log_err(LOG_CRIT, "out of memory for mail folder");
- return PAM_BUF_ERR;
- }
+ for (i = 0; i < hashcount; i++) {
+ hash[2 * i] = '/';
+ hash[2 * i + 1] = user[i];
}
- D(("folder =[%s]", folder));
+ hash[2 * i] = '\0';
+
+ rc = asprintf(&folder, MAIL_FILE_FORMAT, path, hash, user);
+ _pam_overwrite(hash);
+ _pam_drop(hash);
+ if (rc < 0)
+ goto get_folder_cleanup;
}
+ D(("folder=[%s]", folder));
+ retval = PAM_SUCCESS;
/* tidy up */
- _pam_overwrite(*path_mail);
- _pam_drop(*path_mail);
+ get_folder_cleanup:
user = NULL;
-
- if (folder == NULL) {
- _log_err(LOG_CRIT, "out of memory for mail folder");
- return PAM_BUF_ERR;
- }
+ path = NULL;
*folder_p = folder;
folder = NULL;
- return PAM_SUCCESS;
+ if (retval == PAM_BUF_ERR)
+ pam_syslog(pamh, LOG_CRIT, "out of memory for mail folder");
+
+ return retval;
}
-static const char *get_mail_status(int ctrl, const char *folder)
+static int
+get_mail_status(pam_handle_t *pamh, int ctrl, const char *folder)
{
- const char *type = NULL;
- static char dir[256];
+ int type = 0;
struct stat mail_st;
- struct dirent **namelist;
- int i;
- if (stat(folder, &mail_st) == 0) {
- if (S_ISDIR(mail_st.st_mode)) { /* Assume Maildir format */
- sprintf(dir, "%.250s/new", folder);
+ if (stat(folder, &mail_st) < 0)
+ return 0;
+
+ if (S_ISDIR(mail_st.st_mode)) { /* Assume Maildir format */
+ int i, save_errno;
+ char *dir;
+ struct dirent **namelist;
+
+ if (asprintf(&dir, "%s/new", folder) < 0) {
+ pam_syslog(pamh, LOG_CRIT, "out of memory");
+ goto get_mail_status_cleanup;
+ }
+ i = scandir(dir, &namelist, 0, alphasort);
+ save_errno = errno;
+ _pam_overwrite(dir);
+ _pam_drop(dir);
+ if (i < 0) {
+ type = 0;
+ namelist = NULL;
+ if (save_errno == ENOMEM) {
+ pam_syslog(pamh, LOG_CRIT, "out of memory");
+ goto get_mail_status_cleanup;
+ }
+ }
+ type = (i > 2) ? HAVE_NEW_MAIL : 0;
+ while (--i >= 0)
+ _pam_drop(namelist[i]);
+ _pam_drop(namelist);
+ if (type == 0) {
+ if (asprintf(&dir, "%s/cur", folder) < 0) {
+ pam_syslog(pamh, LOG_CRIT, "out of memory");
+ goto get_mail_status_cleanup;
+ }
i = scandir(dir, &namelist, 0, alphasort);
- if (i > 2) {
- type = "new";
- while (--i)
- free(namelist[i]);
- } else {
- while (--i >= 0)
- free(namelist[i]);
- sprintf(dir, "%.250s/cur", folder);
- i = scandir(dir, &namelist, 0, alphasort);
- if (i > 2) {
- type = "old";
- while (--i)
- free(namelist[i]);
- } else if (ctrl & PAM_EMPTY_TOO) {
- while (--i >= 0)
- free(namelist[i]);
- type = "no";
- } else {
- type = NULL;
+ save_errno = errno;
+ _pam_overwrite(dir);
+ _pam_drop(dir);
+ if (i < 0) {
+ type = 0;
+ namelist = NULL;
+ if (save_errno == ENOMEM) {
+ pam_syslog(pamh, LOG_CRIT, "out of memory");
+ goto get_mail_status_cleanup;
}
}
+ if (i > 2)
+ type = HAVE_OLD_MAIL;
+ else
+ type = (ctrl & PAM_EMPTY_TOO) ? HAVE_NO_MAIL : 0;
+ while (--i >= 0)
+ _pam_drop(namelist[i]);
+ _pam_drop(namelist);
+ }
+ } else {
+ if (mail_st.st_size > 0) {
+ if (mail_st.st_atime < mail_st.st_mtime) /* new */
+ type = HAVE_NEW_MAIL;
+ else /* old */
+ type = (ctrl & PAM_STANDARD_MAIL) ? HAVE_MAIL : HAVE_OLD_MAIL;
+ } else if (ctrl & PAM_EMPTY_TOO) {
+ type = HAVE_NO_MAIL;
} else {
- if (mail_st.st_size > 0) {
- if (mail_st.st_atime < mail_st.st_mtime) /* new */
- type = (ctrl & PAM_STANDARD_MAIL) ? "new " : "new";
- else /* old */
- type = (ctrl & PAM_STANDARD_MAIL) ? "" : "old";
- } else if (ctrl & PAM_EMPTY_TOO) {
- type = "no";
- } else {
- type = NULL;
- }
+ type = 0;
}
}
- memset(dir, 0, 256);
+ get_mail_status_cleanup:
memset(&mail_st, 0, sizeof(mail_st));
- D(("user has %s mail in %s folder", type, folder));
+ D(("user has %d mail in %s folder", type, folder));
return type;
}
-static int report_mail(pam_handle_t *pamh, int ctrl
- , const char *type, const char *folder)
+static int
+report_mail(pam_handle_t *pamh, int ctrl, int type, const char *folder)
{
int retval;
- if (!(ctrl & PAM_MAIL_SILENT) || ((ctrl & PAM_QUIET_MAIL) && strcmp(type, "new"))) {
- char *remark;
-
+ if (!(ctrl & PAM_MAIL_SILENT) ||
+ ((ctrl & PAM_QUIET_MAIL) && type == HAVE_NEW_MAIL))
+ {
if (ctrl & PAM_STANDARD_MAIL)
- if (!strcmp(type, "no"))
- remark = malloc(strlen(NO_MAIL_STANDARD_FORMAT)+1);
- else
- remark = malloc(strlen(YOUR_MAIL_STANDARD_FORMAT)+strlen(type)+1);
+ switch (type)
+ {
+ case HAVE_NO_MAIL:
+ retval = pam_info (pamh, "%s", _("No mail."));
+ break;
+ case HAVE_NEW_MAIL:
+ retval = pam_info (pamh, "%s", _("You have new mail."));
+ break;
+ case HAVE_OLD_MAIL:
+ retval = pam_info (pamh, "%s", _("You have old mail."));
+ break;
+ case HAVE_MAIL:
+ default:
+ retval = pam_info (pamh, "%s", _("You have mail."));
+ break;
+ }
else
- remark = malloc(strlen(YOUR_MAIL_VERBOSE_FORMAT)+strlen(type)+strlen(folder)+1);
- if (remark == NULL) {
- retval = PAM_BUF_ERR;
- } else {
- struct pam_message msg[1], *mesg[1];
- struct pam_response *resp=NULL;
-
- if (ctrl & PAM_STANDARD_MAIL)
- if (!strcmp(type, "no"))
- sprintf(remark, NO_MAIL_STANDARD_FORMAT);
- else
- sprintf(remark, YOUR_MAIL_STANDARD_FORMAT, type);
- else
- sprintf(remark, YOUR_MAIL_VERBOSE_FORMAT, type, folder);
-
- mesg[0] = &msg[0];
- msg[0].msg_style = PAM_TEXT_INFO;
- msg[0].msg = remark;
-
- retval = converse(pamh, ctrl, 1, mesg, &resp);
-
- _pam_overwrite(remark);
- _pam_drop(remark);
- if (resp)
- _pam_drop_reply(resp, 1);
- }
- } else {
+ switch (type)
+ {
+ case HAVE_NO_MAIL:
+ retval = pam_info (pamh, _("You have no mail in folder %s."),
+ folder);
+ break;
+ case HAVE_NEW_MAIL:
+ retval = pam_info (pamh, _("You have new mail in folder %s."),
+ folder);
+ break;
+ case HAVE_OLD_MAIL:
+ retval = pam_info (pamh, _("You have old mail in folder %s."),
+ folder);
+ break;
+ case HAVE_MAIL:
+ default:
+ retval = pam_info (pamh, _("You have mail in folder %s."),
+ folder);
+ break;
+ }
+ }
+ else
+ {
D(("keeping quiet"));
retval = PAM_SUCCESS;
- }
+ }
D(("returning %s", pam_strerror(pamh, retval)));
return retval;
@@ -368,9 +359,9 @@ static int _do_mail(pam_handle_t *, int, int, const char **, int);
/* --- authentication functions --- */
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_IGNORE;
}
@@ -408,16 +399,17 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc,
static int _do_mail(pam_handle_t *pamh, int flags, int argc,
const char **argv, int est)
{
- int retval, ctrl, hashcount;
- char *path_mail=NULL, *folder;
- const char *type;
+ int retval, ctrl, type;
+ size_t hashcount;
+ char *folder = NULL;
+ const char *path_mail = NULL;
/*
* this module (un)sets the MAIL environment variable, and checks if
* the user has any new mail.
*/
- ctrl = _pam_parse(flags, argc, argv, &path_mail, &hashcount);
+ ctrl = _pam_parse(pamh, flags, argc, argv, &path_mail, &hashcount);
/* Do we have anything to do? */
@@ -426,7 +418,7 @@ static int _do_mail(pam_handle_t *pamh, int flags, int argc,
/* which folder? */
- retval = get_folder(pamh, ctrl, &path_mail, &folder, hashcount);
+ retval = get_folder(pamh, ctrl, path_mail, &folder, hashcount);
if (retval != PAM_SUCCESS) {
D(("failed to find folder"));
return retval;
@@ -437,24 +429,21 @@ static int _do_mail(pam_handle_t *pamh, int flags, int argc,
if (!(ctrl & PAM_NO_ENV) && est) {
char *tmp;
- tmp = malloc(strlen(folder)+sizeof(MAIL_ENV_FORMAT));
- if (tmp != NULL) {
- sprintf(tmp, MAIL_ENV_FORMAT, folder);
- D(("setting env: %s", tmp));
- retval = pam_putenv(pamh, tmp);
- _pam_overwrite(tmp);
- _pam_drop(tmp);
- if (retval != PAM_SUCCESS) {
- _pam_overwrite(folder);
- _pam_drop(folder);
- _log_err(LOG_CRIT, "unable to set " MAIL_ENV_NAME " variable");
- return retval;
- }
- } else {
- _log_err(LOG_CRIT, "no memory for " MAIL_ENV_NAME " variable");
- _pam_overwrite(folder);
- _pam_drop(folder);
- return retval;
+ if (asprintf(&tmp, MAIL_ENV_FORMAT, folder) < 0) {
+ pam_syslog(pamh, LOG_CRIT,
+ "no memory for " MAIL_ENV_NAME " variable");
+ retval = PAM_BUF_ERR;
+ goto do_mail_cleanup;
+ }
+ D(("setting env: %s", tmp));
+ retval = pam_putenv(pamh, tmp);
+ _pam_overwrite(tmp);
+ _pam_drop(tmp);
+ if (retval != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_CRIT,
+ "unable to set " MAIL_ENV_NAME " variable");
+ retval = PAM_BUF_ERR;
+ goto do_mail_cleanup;
}
} else {
D(("not setting " MAIL_ENV_NAME " variable"));
@@ -466,10 +455,10 @@ static int _do_mail(pam_handle_t *pamh, int flags, int argc,
if ((est && !(ctrl & PAM_NO_LOGIN))
|| (!est && (ctrl & PAM_LOGOUT_TOO))) {
- type = get_mail_status(ctrl, folder);
- if (type != NULL) {
+ type = get_mail_status(pamh, ctrl, folder);
+ if (type != 0) {
retval = report_mail(pamh, ctrl, type, folder);
- type = NULL;
+ type = 0;
}
}
@@ -477,7 +466,8 @@ static int _do_mail(pam_handle_t *pamh, int flags, int argc,
if ( ! est && ! (ctrl & PAM_NO_ENV) )
(void) pam_putenv(pamh, MAIL_ENV_NAME);
- _pam_overwrite(folder); /* clean up */
+ do_mail_cleanup:
+ _pam_overwrite(folder);
_pam_drop(folder);
/* indicate success or failure */
diff --git a/Linux-PAM/modules/pam_mail/tst-pam_mail b/Linux-PAM/modules/pam_mail/tst-pam_mail
new file mode 100755
index 00000000..99fb7ed0
--- /dev/null
+++ b/Linux-PAM/modules/pam_mail/tst-pam_mail
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_mail.so
diff --git a/Linux-PAM/modules/pam_mkhomedir/Makefile b/Linux-PAM/modules/pam_mkhomedir/Makefile
deleted file mode 100644
index f017f4a4..00000000
--- a/Linux-PAM/modules/pam_mkhomedir/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.3 2000/11/19 23:54:04 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_mkhomedir
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_mkhomedir/Makefile.am b/Linux-PAM/modules/pam_mkhomedir/Makefile.am
new file mode 100644
index 00000000..1feea688
--- /dev/null
+++ b/Linux-PAM/modules/pam_mkhomedir/Makefile.am
@@ -0,0 +1,33 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_mkhomedir
+
+man_MANS = pam_mkhomedir.8
+
+XMLS = README.xml pam_mkhomedir.8.xml
+
+TESTS = tst-pam_mkhomedir
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_mkhomedir.la
+pam_mkhomedir_la_SOURCES = pam_mkhomedir.c
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_mkhomedir.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_mkhomedir/Makefile.in b/Linux-PAM/modules/pam_mkhomedir/Makefile.in
new file mode 100644
index 00000000..2d4a5fc3
--- /dev/null
+++ b/Linux-PAM/modules/pam_mkhomedir/Makefile.in
@@ -0,0 +1,666 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_mkhomedir
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_mkhomedir_la_LIBADD =
+am_pam_mkhomedir_la_OBJECTS = pam_mkhomedir.lo
+pam_mkhomedir_la_OBJECTS = $(am_pam_mkhomedir_la_OBJECTS)
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = $(pam_mkhomedir_la_SOURCES)
+DIST_SOURCES = $(pam_mkhomedir_la_SOURCES)
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_mkhomedir
+man_MANS = pam_mkhomedir.8
+XMLS = README.xml pam_mkhomedir.8.xml
+TESTS = tst-pam_mkhomedir
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_mkhomedir.la
+pam_mkhomedir_la_SOURCES = pam_mkhomedir.c
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_mkhomedir/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_mkhomedir/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_mkhomedir.la: $(pam_mkhomedir_la_OBJECTS) $(pam_mkhomedir_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_mkhomedir_la_OBJECTS) $(pam_mkhomedir_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_mkhomedir.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_mkhomedir.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_mkhomedir/README b/Linux-PAM/modules/pam_mkhomedir/README
index 2a3e705e..64810060 100644
--- a/Linux-PAM/modules/pam_mkhomedir/README
+++ b/Linux-PAM/modules/pam_mkhomedir/README
@@ -1,25 +1,36 @@
-PAM Make Home Dir module
-
-This module will create a users home directory if it does not exist
-when the session begins. This allows users to be present in central
-database (such as nis, kerb or ldap) without using a distributed
-file system or pre-creating a large number of directories.
-
-Here is a sample /etc/pam.d/login file:
-
- auth requisite pam_securetty.so
- auth sufficient pam_ldap.so
- auth required pam_unix.so
- auth optional pam_group.so
- auth optional pam_mail.so
- account requisite pam_time.so
- account sufficient pam_ldap.so
- account required pam_unix.so
- session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
- session required pam_unix.so
- session optional pam_lastlog.so
- password required pam_unix.so
-
-Released under the GNU LGPL version 2 or later
-Originally written by Jason Gunthorpe <jgg@debian.org> Feb 1999
+pam_mkhomedir — PAM module to create users home directory
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_mkhomedir PAM module will create a users home directory if it does not
+exist when the session begins. This allows users to be present in central
+database (such as NIS, kerberos or LDAP) without using a distributed file
+system or pre-creating a large number of directories. The skeleton directory
+(usually /etc/skel/) is used to copy default files and also set's a umask for
+the creation.
+
+The new users home directory will not be removed after logout of the user.
+
+EXAMPLES
+
+A sample /etc/pam.d/login file:
+
+ auth requisite pam_securetty.so
+ auth sufficient pam_ldap.so
+ auth required pam_unix.so
+ auth required pam_nologin.so
+ account sufficient pam_ldap.so
+ account required pam_unix.so
+ password required pam_unix.so
+ session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
+ session required pam_unix.so
+ session optional pam_lastlog.so
+ session optional pam_mail.so standard
+
+
+AUTHOR
+
+pam_mkhomedir was written by Jason Gunthorpe <jgg@debian.org>.
diff --git a/Linux-PAM/modules/pam_mkhomedir/README.xml b/Linux-PAM/modules/pam_mkhomedir/README.xml
new file mode 100644
index 00000000..978cbe77
--- /dev/null
+++ b/Linux-PAM/modules/pam_mkhomedir/README.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_mkhomedir.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mkhomedir.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_mkhomedir-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mkhomedir.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mkhomedir-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mkhomedir.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mkhomedir-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_mkhomedir.8.xml" xpointer='xpointer(//refsect1[@id = "pam_mkhomedir-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.8 b/Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.8
new file mode 100644
index 00000000..1364e01f
--- /dev/null
+++ b/Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.8
@@ -0,0 +1,91 @@
+.\" Title: pam_mkhomedir
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/02/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_MKHOMEDIR" "8" "06/02/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_mkhomedir \- PAM module to create users home directory
+.SH "SYNOPSIS"
+.HP 17
+\fBpam_mkhomedir.so\fR [silent] [umask=\fImode\fR] [skel=\fIskeldir\fR]
+.SH "DESCRIPTION"
+.PP
+The pam_mkhomedir PAM module will create a users home directory if it does not exist when the session begins. This allows users to be present in central database (such as NIS, kerberos or LDAP) without using a distributed file system or pre\-creating a large number of directories. The skeleton directory (usually
+\fI/etc/skel/\fR) is used to copy default files and also set's a umask for the creation.
+.PP
+The new users home directory will not be removed after logout of the user.
+.SH "OPTIONS"
+.TP 3n
+\fBsilent\fR
+Don't print informative messages.
+.TP 3n
+\fBumask=\fR\fB\fImask\fR\fR
+The user file\-creation mask is set to
+\fImask\fR. The default value of mask is 0022.
+.TP 3n
+\fBskel=\fR\fB\fI/path/to/skel/directory\fR\fR
+Indicate an alternative
+\fIskel\fR
+directory to override the default
+\fI/etc/skel\fR.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBsession\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_CRED_INSUFFICIENT
+Insufficient credentials to access authentication data.
+.TP 3n
+PAM_PERM_DENIED
+Not enough permissions to create the new directory or read the skel directory.
+.TP 3n
+PAM_USER_UNKNOWN
+User not known to the underlying authentication module.
+.TP 3n
+PAM_SUCCESS
+Environment variables were set.
+.SH "FILES"
+.TP 3n
+\fI/etc/skel\fR
+Default skel directory
+.SH "EXAMPLES"
+.PP
+A sample /etc/pam.d/login file:
+.sp
+.RS 3n
+.nf
+ auth requisite pam_securetty.so
+ auth sufficient pam_ldap.so
+ auth required pam_unix.so
+ auth required pam_nologin.so
+ account sufficient pam_ldap.so
+ account required pam_unix.so
+ password required pam_unix.so
+ session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
+ session required pam_unix.so
+ session optional pam_lastlog.so
+ session optional pam_mail.so standard
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.d\fR(8),
+\fBpam\fR(8).
+.SH "AUTHOR"
+.PP
+pam_mkhomedir was written by Jason Gunthorpe <jgg@debian.org>.
diff --git a/Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.8.xml b/Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.8.xml
new file mode 100644
index 00000000..3c40de15
--- /dev/null
+++ b/Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.8.xml
@@ -0,0 +1,203 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_mkhomedir'>
+
+ <refmeta>
+ <refentrytitle>pam_mkhomedir</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_mkhomedir-name'>
+ <refname>pam_mkhomedir</refname>
+ <refpurpose>
+ PAM module to create users home directory
+ </refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_mkhomedir-cmdsynopsis">
+ <command>pam_mkhomedir.so</command>
+ <arg choice="opt">
+ silent
+ </arg>
+ <arg choice="opt">
+ umask=<replaceable>mode</replaceable>
+ </arg>
+ <arg choice="opt">
+ skel=<replaceable>skeldir</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_mkhomedir-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_mkhomedir PAM module will create a users home directory
+ if it does not exist when the session begins. This allows users
+ to be present in central database (such as NIS, kerberos or LDAP)
+ without using a distributed file system or pre-creating a large
+ number of directories. The skeleton directory (usually
+ <filename>/etc/skel/</filename>) is used to copy default files
+ and also set's a umask for the creation.
+ </para>
+ <para>
+ The new users home directory will not be removed after logout
+ of the user.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_mkhomedir-options">
+ <title>OPTIONS</title>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>silent</option>
+ </term>
+ <listitem>
+ <para>
+ Don't print informative messages.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>umask=<replaceable>mask</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The user file-creation mask is set to
+ <replaceable>mask</replaceable>. The default value of mask is
+ 0022.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>skel=<replaceable>/path/to/skel/directory</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Indicate an alternative <filename>skel</filename> directory
+ to override the default <filename>/etc/skel</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_mkhomedir-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>session</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_mkhomedir-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CRED_INSUFFICIENT</term>
+ <listitem>
+ <para>
+ Insufficient credentials to access authentication data.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ Not enough permissions to create the new directory
+ or read the skel directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known to the underlying authentication module.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Environment variables were set.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_mkhomedir-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/skel</filename></term>
+ <listitem>
+ <para>Default skel directory</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_mkhomedir-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ A sample /etc/pam.d/login file:
+ <programlisting>
+ auth requisite pam_securetty.so
+ auth sufficient pam_ldap.so
+ auth required pam_unix.so
+ auth required pam_nologin.so
+ account sufficient pam_ldap.so
+ account required pam_unix.so
+ password required pam_unix.so
+ session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
+ session required pam_unix.so
+ session optional pam_lastlog.so
+ session optional pam_mail.so standard
+ </programlisting>
+ </para>
+ </refsect1>
+
+
+ <refsect1 id="pam_mkhomedir-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_mkhomedir-author">
+ <title>AUTHOR</title>
+ <para>
+ pam_mkhomedir was written by Jason Gunthorpe &lt;jgg@debian.org&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.c b/Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.c
index f63177bf..e5901a8f 100644
--- a/Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.c
+++ b/Linux-PAM/modules/pam_mkhomedir/pam_mkhomedir.c
@@ -10,16 +10,16 @@
auth requisite pam_securetty.so
auth sufficient pam_ldap.so
- auth required pam_pwdb.so
+ auth required pam_unix.so
auth optional pam_group.so
auth optional pam_mail.so
account requisite pam_time.so
account sufficient pam_ldap.so
- account required pam_pwdb.so
+ account required pam_unix.so
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
- session required pam_pwdb.so
+ session required pam_unix.so
session optional pam_lastlog.so
- password required pam_pwdb.so
+ password required pam_unix.so
Released under the GNU LGPL version 2 or later
Originally written by Jason Gunthorpe <jgg@debian.org> Feb 1999
@@ -27,18 +27,20 @@
<morgan@parc.power.net> 1996
*/
-/* I want snprintf dammit */
-#define _GNU_SOURCE 1
+#include "config.h"
+
#include <stdarg.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <pwd.h>
+#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <dirent.h>
+#include <syslog.h>
/*
* here, we make a definition for the externally accessible function
@@ -51,7 +53,8 @@
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-#include <security/_pam_modutil.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/* argument parsing */
@@ -61,19 +64,8 @@
static unsigned int UMask = 0022;
static char SkelDir[BUFSIZ] = "/etc/skel"; /* THIS MODULE IS NOT THREAD SAFE */
-/* some syslogging */
-static void _log_err(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-mkhomedir", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
-static int _pam_parse(int flags, int argc, const char **argv)
+static int
+_pam_parse (const pam_handle_t *pamh, int flags, int argc, const char **argv)
{
int ctrl = 0;
@@ -92,7 +84,7 @@ static int _pam_parse(int flags, int argc, const char **argv)
strncpy(SkelDir,*argv+5,sizeof(SkelDir));
SkelDir[sizeof(SkelDir)-1] = '\0';
} else {
- _log_err(LOG_ERR, "unknown option; %s", *argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
@@ -100,119 +92,75 @@ static int _pam_parse(int flags, int argc, const char **argv)
return ctrl;
}
-/* This common function is used to send a message to the applications
- conversion function. Our only use is to ask the application to print
- an informative message that we are creating a home directory */
-static int converse(pam_handle_t * pamh, int ctrl, int nargs
- ,struct pam_message **message
- ,struct pam_response **response)
+static int
+rec_mkdir (const char *dir, mode_t mode)
{
- int retval;
- struct pam_conv *conv;
-
- D(("begin to converse"));
-
- retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv);
- if (retval == PAM_SUCCESS && conv)
- {
-
- retval = conv->conv(nargs, (const struct pam_message **) message
- ,response, conv->appdata_ptr);
-
- D(("returned from application's conversation function"));
-
- if (retval != PAM_SUCCESS && (ctrl & MKHOMEDIR_DEBUG))
- {
- _log_err(LOG_DEBUG, "conversation failure [%s]"
- ,pam_strerror(pamh, retval));
- }
-
- }
- else
- {
- _log_err(LOG_ERR, "couldn't obtain coversation function [%s]"
- ,pam_strerror(pamh, retval));
- if (retval == PAM_SUCCESS)
- retval = PAM_BAD_ITEM; /* conv was NULL */
- }
+ char *cp;
+ char *parent = strdup (dir);
- D(("ready to return from module conversation"));
+ if (parent == NULL)
+ return 1;
- return retval; /* propagate error status */
-}
+ cp = strrchr (parent, '/');
-/* Ask the application to display a short text string for us. */
-static int make_remark(pam_handle_t * pamh, int ctrl, const char *remark)
-{
- int retval;
+ if (cp != NULL && cp != parent)
+ {
+ struct stat st;
- if ((ctrl & MKHOMEDIR_QUIET) != MKHOMEDIR_QUIET)
- {
- struct pam_message msg[1], *mesg[1];
- struct pam_response *resp = NULL;
+ *cp++ = '\0';
+ if (stat (parent, &st) == -1 && errno == ENOENT)
+ if (rec_mkdir (parent, mode) != 0)
+ {
+ free (parent);
+ return 1;
+ }
+ }
- mesg[0] = &msg[0];
- msg[0].msg_style = PAM_TEXT_INFO;
- msg[0].msg = remark;
+ free (parent);
- retval = converse(pamh, ctrl, 1, mesg, &resp);
+ if (mkdir (dir, mode) != 0 && errno != EEXIST)
+ return 1;
- msg[0].msg = NULL;
- if (resp)
- {
- _pam_drop_reply(resp, 1);
- }
- }
- else
- {
- D(("keeping quiet"));
- retval = PAM_SUCCESS;
- }
-
- D(("returning %s", pam_strerror(pamh, retval)));
- return retval;
+ return 0;
}
/* Do the actual work of creating a home dir */
-static int create_homedir(pam_handle_t * pamh, int ctrl,
- const struct passwd *pwd,
- const char *source, const char *dest)
+static int
+create_homedir (pam_handle_t * pamh, int ctrl,
+ const struct passwd *pwd,
+ const char *source, const char *dest)
{
char remark[BUFSIZ];
DIR *D;
struct dirent *Dir;
+ int retval = PAM_AUTH_ERR;
/* Mention what is happening, if the notification fails that is OK */
- if (snprintf(remark,sizeof(remark),"Creating directory '%s'.", dest) == -1)
- return PAM_PERM_DENIED;
-
- make_remark(pamh, ctrl, remark);
+ if ((ctrl & MKHOMEDIR_QUIET) != MKHOMEDIR_QUIET)
+ pam_info(pamh, _("Creating directory '%s'."), dest);
/* Create the new directory */
- if (mkdir(dest,0700) != 0)
- {
- _log_err(LOG_DEBUG, "unable to create directory %s",dest);
- return PAM_PERM_DENIED;
- }
- if (chmod(dest,0777 & (~UMask)) != 0 ||
- chown(dest,pwd->pw_uid,pwd->pw_gid) != 0)
+ if (rec_mkdir (dest,0755) != 0)
{
- _log_err(LOG_DEBUG, "unable to change perms on directory %s",dest);
+ pam_error(pamh, _("Unable to create directory %s: %m"), dest);
+ pam_syslog(pamh, LOG_ERR, "unable to create directory %s: %m", dest);
return PAM_PERM_DENIED;
}
/* See if we need to copy the skel dir over. */
if ((source == NULL) || (strlen(source) == 0))
{
- return PAM_SUCCESS;
+ retval = PAM_SUCCESS;
+ goto go_out;
}
/* Scan the directory */
- D = opendir(source);
+ D = opendir (source);
if (D == 0)
{
- _log_err(LOG_DEBUG, "unable to read directory %s",source);
- return PAM_PERM_DENIED;
+ pam_syslog(pamh, LOG_DEBUG, "unable to read directory %s: %m", source);
+ retval = PAM_PERM_DENIED;
+ goto go_out;
}
for (Dir = readdir(D); Dir != 0; Dir = readdir(D))
@@ -240,10 +188,16 @@ static int create_homedir(pam_handle_t * pamh, int ctrl,
nslen = slen + strlen(Dir->d_name) + 2;
if (nslen <= 0)
- return PAM_BUF_ERR;
+ {
+ retval = PAM_BUF_ERR;
+ goto go_out;
+ }
- if ( (newsource = malloc(nslen)) == NULL )
- return PAM_BUF_ERR;
+ if ((newsource = malloc (nslen)) == NULL)
+ {
+ retval = PAM_BUF_ERR;
+ goto go_out;
+ }
sprintf(newsource, "%s/%s", source, Dir->d_name);
#else
@@ -253,46 +207,52 @@ static int create_homedir(pam_handle_t * pamh, int ctrl,
if (lstat(newsource,&St) != 0)
#ifndef PATH_MAX
{
- free(newsource);
+ free(newsource);
newsource = NULL;
continue;
}
#else
- continue;
+ continue;
#endif
/* We'll need the new file's name. */
#ifndef PATH_MAX
- ndlen = dlen + strlen(Dir->d_name)+2;
-
- if (ndlen <= 0)
- return PAM_BUF_ERR;
-
- if ( (newdest = malloc(ndlen)) == NULL ) {
- free(newsource);
- return PAM_BUF_ERR;
- }
-
- sprintf(newdest, "%s/%s", dest, Dir->d_name);
+ ndlen = dlen + strlen(Dir->d_name)+2;
+
+ if (ndlen <= 0)
+ {
+ retval = PAM_BUF_ERR;
+ goto go_out;
+ }
+
+ if ((newdest = malloc(ndlen)) == NULL)
+ {
+ free (newsource);
+ retval = PAM_BUF_ERR;
+ goto go_out;
+ }
+
+ sprintf (newdest, "%s/%s", dest, Dir->d_name);
#else
- snprintf(newdest,sizeof(newdest),"%s/%s",dest,Dir->d_name);
+ snprintf (newdest,sizeof (newdest),"%s/%s",dest,Dir->d_name);
#endif
/* If it's a directory, recurse. */
if (S_ISDIR(St.st_mode))
{
- int retval = create_homedir(pamh, ctrl, pwd, newsource, newdest);
+ retval = create_homedir (pamh, ctrl, pwd, newsource, newdest);
#ifndef PATH_MAX
free(newsource); newsource = NULL;
free(newdest); newdest = NULL;
#endif
- if (retval != PAM_SUCCESS) {
- closedir(D);
- return retval;
- }
+ if (retval != PAM_SUCCESS)
+ {
+ closedir(D);
+ goto go_out;
+ }
continue;
}
@@ -335,9 +295,9 @@ static int create_homedir(pam_handle_t * pamh, int ctrl,
{
if (lchown(newdest,pwd->pw_uid,pwd->pw_gid) != 0)
{
+ pam_syslog(pamh, LOG_DEBUG,
+ "unable to change perms on link %s: %m", newdest);
closedir(D);
- _log_err(LOG_DEBUG, "unable to change perms on link %s",
- newdest);
#ifndef PATH_MAX
free(pointed);
free(newsource);
@@ -371,8 +331,9 @@ static int create_homedir(pam_handle_t * pamh, int ctrl,
/* Open the source file */
if ((SrcFd = open(newsource,O_RDONLY)) < 0 || fstat(SrcFd,&St) != 0)
{
+ pam_syslog(pamh, LOG_DEBUG,
+ "unable to open src file %s: %m", newsource);
closedir(D);
- _log_err(LOG_DEBUG, "unable to open src file %s",newsource);
#ifndef PATH_MAX
free(newsource); newsource = NULL;
@@ -381,14 +342,28 @@ static int create_homedir(pam_handle_t * pamh, int ctrl,
return PAM_PERM_DENIED;
}
- stat(newsource,&St);
+ if (stat(newsource,&St) != 0)
+ {
+ pam_syslog(pamh, LOG_DEBUG, "unable to stat src file %s: %m",
+ newsource);
+ close(SrcFd);
+ closedir(D);
+
+#ifndef PATH_MAX
+ free(newsource); newsource = NULL;
+ free(newdest); newdest = NULL;
+#endif
+
+ return PAM_PERM_DENIED;
+ }
/* Open the dest file */
if ((DestFd = open(newdest,O_WRONLY | O_TRUNC | O_CREAT,0600)) < 0)
{
+ pam_syslog(pamh, LOG_DEBUG,
+ "unable to open dest file %s: %m", newdest);
close(SrcFd);
closedir(D);
- _log_err(LOG_DEBUG, "unable to open dest file %s",newdest);
#ifndef PATH_MAX
free(newsource); newsource = NULL;
@@ -403,10 +378,11 @@ static int create_homedir(pam_handle_t * pamh, int ctrl,
if (fchmod(DestFd,(St.st_mode | 0222) & (~UMask)) != 0 ||
fchown(DestFd,pwd->pw_uid,pwd->pw_gid) != 0)
{
+ pam_syslog(pamh, LOG_DEBUG,
+ "unable to change perms on copy %s: %m", newdest);
close(SrcFd);
close(DestFd);
closedir(D);
- _log_err(LOG_DEBUG, "unable to chang perms on copy %s",newdest);
#ifndef PATH_MAX
free(newsource); newsource = NULL;
@@ -419,22 +395,22 @@ static int create_homedir(pam_handle_t * pamh, int ctrl,
/* Copy the file */
do
{
- Res = _pammodutil_read(SrcFd,remark,sizeof(remark));
+ Res = pam_modutil_read(SrcFd,remark,sizeof(remark));
if (Res == 0)
continue;
if (Res > 0) {
- if (_pammodutil_write(DestFd,remark,Res) == Res)
+ if (pam_modutil_write(DestFd,remark,Res) == Res)
continue;
}
- /* If we get here, pammodutil_read returned a -1 or
- _pammodutil_write returned something unexpected. */
+ /* If we get here, pam_modutil_read returned a -1 or
+ pam_modutil_write returned something unexpected. */
+ pam_syslog(pamh, LOG_DEBUG, "unable to perform IO: %m");
close(SrcFd);
close(DestFd);
closedir(D);
- _log_err(LOG_DEBUG, "unable to perform IO");
#ifndef PATH_MAX
free(newsource); newsource = NULL;
@@ -455,33 +431,45 @@ static int create_homedir(pam_handle_t * pamh, int ctrl,
}
closedir(D);
- return PAM_SUCCESS;
+ retval = PAM_SUCCESS;
+
+ go_out:
+
+ if (chmod(dest,0777 & (~UMask)) != 0 ||
+ chown(dest,pwd->pw_uid,pwd->pw_gid) != 0)
+ {
+ pam_syslog(pamh, LOG_DEBUG,
+ "unable to change perms on directory %s: %m", dest);
+ return PAM_PERM_DENIED;
+ }
+
+ return retval;
}
/* --- authentication management functions (only) --- */
-PAM_EXTERN
-int pam_sm_open_session(pam_handle_t * pamh, int flags, int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_open_session (pam_handle_t *pamh, int flags, int argc,
+ const char **argv)
{
int retval, ctrl;
- const char *user;
+ const void *user;
const struct passwd *pwd;
struct stat St;
/* Parse the flag values */
- ctrl = _pam_parse(flags, argc, argv);
+ ctrl = _pam_parse(pamh, flags, argc, argv);
/* Determine the user name so we can get the home directory */
- retval = pam_get_item(pamh, PAM_USER, (const void **) &user);
- if (retval != PAM_SUCCESS || user == NULL || *user == '\0')
+ retval = pam_get_item(pamh, PAM_USER, &user);
+ if (retval != PAM_SUCCESS || user == NULL || *(const char *)user == '\0')
{
- _log_err(LOG_NOTICE, "user unknown");
+ pam_syslog(pamh, LOG_NOTICE, "user unknown");
return PAM_USER_UNKNOWN;
}
/* Get the password entry */
- pwd = _pammodutil_getpwnam (pamh, user);
+ pwd = pam_modutil_getpwnam (pamh, user);
if (pwd == NULL)
{
D(("couldn't identify user %s", user));
@@ -498,8 +486,8 @@ int pam_sm_open_session(pam_handle_t * pamh, int flags, int argc
/* Ignore */
PAM_EXTERN
-int pam_sm_close_session(pam_handle_t * pamh, int flags, int argc
- ,const char **argv)
+int pam_sm_close_session (pam_handle_t * pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
diff --git a/Linux-PAM/modules/pam_mkhomedir/tst-pam_mkhomedir b/Linux-PAM/modules/pam_mkhomedir/tst-pam_mkhomedir
new file mode 100755
index 00000000..5447883f
--- /dev/null
+++ b/Linux-PAM/modules/pam_mkhomedir/tst-pam_mkhomedir
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_mkhomedir.so
diff --git a/Linux-PAM/modules/pam_motd/Makefile b/Linux-PAM/modules/pam_motd/Makefile
deleted file mode 100644
index fb83807a..00000000
--- a/Linux-PAM/modules/pam_motd/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:04 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_motd
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_motd/Makefile.am b/Linux-PAM/modules/pam_motd/Makefile.am
new file mode 100644
index 00000000..d6e1bafa
--- /dev/null
+++ b/Linux-PAM/modules/pam_motd/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_motd
+
+man_MANS = pam_motd.8
+XMLS = README.xml pam_motd.8.xml
+
+TESTS = tst-pam_motd
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_motd.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_motd.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_motd/Makefile.in b/Linux-PAM/modules/pam_motd/Makefile.in
new file mode 100644
index 00000000..24235722
--- /dev/null
+++ b/Linux-PAM/modules/pam_motd/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_motd
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_motd_la_LIBADD =
+pam_motd_la_SOURCES = pam_motd.c
+pam_motd_la_OBJECTS = pam_motd.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_motd.c
+DIST_SOURCES = pam_motd.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_motd
+man_MANS = pam_motd.8
+XMLS = README.xml pam_motd.8.xml
+TESTS = tst-pam_motd
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_motd.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_motd/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_motd/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_motd.la: $(pam_motd_la_OBJECTS) $(pam_motd_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_motd_la_OBJECTS) $(pam_motd_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_motd.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_motd.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_motd/README b/Linux-PAM/modules/pam_motd/README
new file mode 100644
index 00000000..414ad6f6
--- /dev/null
+++ b/Linux-PAM/modules/pam_motd/README
@@ -0,0 +1,27 @@
+pam_motd — Display the motd file
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_motd is a PAM module that can be used to display arbitrary motd (message of
+the day) files after a succesful login. By default the /etc/motd file is shown.
+The message size is limited to 64KB.
+
+OPTIONS
+
+motd=/path/filename
+
+ The /path/filename file is displayed as message of the day.
+
+EXAMPLES
+
+The suggested usage for /etc/pam.d/login is:
+
+session optional pam_motd.so motd=/etc/motd
+
+
+AUTHOR
+
+pam_motd was written by Ben Collins <bcollins@debian.org>.
+
diff --git a/Linux-PAM/modules/pam_motd/README.xml b/Linux-PAM/modules/pam_motd/README.xml
new file mode 100644
index 00000000..779e4d17
--- /dev/null
+++ b/Linux-PAM/modules/pam_motd/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_motd.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_motd.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_motd-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_motd.8.xml" xpointer='xpointer(//refsect1[@id = "pam_motd-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_motd.8.xml" xpointer='xpointer(//refsect1[@id = "pam_motd-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_motd.8.xml" xpointer='xpointer(//refsect1[@id = "pam_motd-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_motd.8.xml" xpointer='xpointer(//refsect1[@id = "pam_motd-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_motd/pam_motd.8 b/Linux-PAM/modules/pam_motd/pam_motd.8
new file mode 100644
index 00000000..74bfb586
--- /dev/null
+++ b/Linux-PAM/modules/pam_motd/pam_motd.8
@@ -0,0 +1,64 @@
+.\" Title: pam_motd
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.71.0 <http://docbook.sf.net/>
+.\" Date: 10/26/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_MOTD" "8" "10/26/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_motd \- Display the motd file
+.SH "SYNOPSIS"
+.HP 12
+\fBpam_motd.so\fR [motd=\fI/path/filename\fR]
+.SH "DESCRIPTION"
+.PP
+pam_motd is a PAM module that can be used to display arbitrary motd (message of the day) files after a succesful login. By default the
+\fI/etc/motd\fR
+file is shown. The message size is limited to 64KB.
+.SH "OPTIONS"
+.PP
+\fBmotd=\fR\fB\fI/path/filename\fR\fR
+.RS 3n
+The
+\fI/path/filename\fR
+file is displayed as message of the day.
+.RE
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBsession\fR
+service is supported.
+.SH "RETURN VALUES"
+.PP
+PAM_IGNORE
+.RS 3n
+This is the only return value of this module.
+.RE
+.SH "EXAMPLES"
+.PP
+The suggested usage for
+\fI/etc/pam.d/login\fR
+is:
+.sp
+.RS 3n
+.nf
+session optional pam_motd.so motd=/etc/motd
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBmotd\fR(5),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_motd was written by Ben Collins <bcollins@debian.org>.
diff --git a/Linux-PAM/modules/pam_motd/pam_motd.8.xml b/Linux-PAM/modules/pam_motd/pam_motd.8.xml
new file mode 100644
index 00000000..7bd6798c
--- /dev/null
+++ b/Linux-PAM/modules/pam_motd/pam_motd.8.xml
@@ -0,0 +1,114 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_motd">
+
+ <refmeta>
+ <refentrytitle>pam_motd</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_motd-name">
+ <refname>pam_motd</refname>
+ <refpurpose>Display the motd file</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_motd-cmdsynopsis">
+ <command>pam_motd.so</command>
+ <arg choice="opt">
+ motd=<replaceable>/path/filename</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_motd-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_motd is a PAM module that can be used to display
+ arbitrary motd (message of the day) files after a succesful
+ login. By default the <filename>/etc/motd</filename> file is
+ shown. The message size is limited to 64KB.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_motd-options">
+
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>motd=<replaceable>/path/filename</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The <filename>/path/filename</filename> file is displayed
+ as message of the day.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_motd-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>session</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_motd-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ This is the only return value of this module.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_motd-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ The suggested usage for <filename>/etc/pam.d/login</filename> is:
+ <programlisting>
+session optional pam_motd.so motd=/etc/motd
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_motd-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>motd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_motd-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_motd was written by Ben Collins &lt;bcollins@debian.org&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_motd/pam_motd.c b/Linux-PAM/modules/pam_motd/pam_motd.c
index ce695f92..abf10a2f 100644
--- a/Linux-PAM/modules/pam_motd/pam_motd.c
+++ b/Linux-PAM/modules/pam_motd/pam_motd.c
@@ -4,13 +4,13 @@
* Modified for pam_motd by Ben Collins <bcollins@debian.org>
*
* Based off of:
- * $Id: pam_motd.c,v 1.3 2004/09/22 09:37:49 kukuk Exp $
- *
+ * $Id: pam_motd.c,v 1.12 2005/10/04 11:35:18 ldv Exp $
+ *
* Written by Michael K. Johnson <johnsonm@redhat.com> 1996/10/24
*
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#include <string.h>
@@ -20,8 +20,10 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <pwd.h>
+#include <syslog.h>
#include <security/_pam_macros.h>
+#include <security/pam_ext.h>
/*
* here, we make a definition for the externally accessible function
* in this file (this definition is required for static a module
@@ -33,82 +35,77 @@
#define DEFAULT_MOTD "/etc/motd"
#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
+#include <security/pam_modutil.h>
/* --- session management functions (only) --- */
-PAM_EXTERN
-int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_close_session (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_IGNORE;
}
+static char default_motd[] = DEFAULT_MOTD;
+
PAM_EXTERN
-int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_open_session(pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
{
- int retval = PAM_IGNORE;
- int fd;
- char *mtmp=NULL;
- const char *motd_path=NULL;
- struct pam_conv *conversation;
- struct pam_message message;
- struct pam_message *pmessage = &message;
- struct pam_response *resp = NULL;
- struct stat st;
-
- if (flags & PAM_SILENT) {
+ int retval = PAM_IGNORE;
+ int fd;
+ const char *motd_path = NULL;
+ char *mtmp = NULL;
+
+ if (flags & PAM_SILENT) {
return retval;
- }
+ }
for (; argc-- > 0; ++argv) {
if (!strncmp(*argv,"motd=",5)) {
- motd_path = (char *) strdup(5+*argv);
- if (motd_path != NULL) {
- D(("set motd path: %s (and a memory leak)", motd_path));
- } else {
- D(("failed to duplicate motd path - ignored"));
- }
+ motd_path = 5 + *argv;
+ if (*motd_path != '\0') {
+ D(("set motd path: %s", motd_path));
+ } else {
+ motd_path = NULL;
+ pam_syslog(pamh, LOG_ERR,
+ "motd= specification missing argument - ignored");
+ }
}
- }
-
- if (motd_path == NULL)
- motd_path = DEFAULT_MOTD;
-
- message.msg_style = PAM_TEXT_INFO;
-
- if ((fd = open(motd_path, O_RDONLY, 0)) >= 0) {
- /* fill in message buffer with contents of motd */
- if ((fstat(fd, &st) < 0) || !st.st_size) {
- close(fd);
- return retval;
- }
- message.msg = mtmp = malloc(st.st_size+1);
- /* if malloc failed... */
- if (!message.msg) {
- close(fd);
- return retval;
- }
- if (_pammodutil_read(fd, mtmp, st.st_size) == st.st_size) {
- if (mtmp[st.st_size-1] == '\n')
- mtmp[st.st_size-1] = '\0';
- else
- mtmp[st.st_size] = '\0';
- close(fd);
-
- /* Use conversation function to give user contents of motd */
- if (pam_get_item(pamh, PAM_CONV, (const void **)&conversation) ==
- PAM_SUCCESS && conversation) {
- conversation->conv(1, (const struct pam_message **)&pmessage,
- &resp, conversation->appdata_ptr);
- if (resp)
- _pam_drop_reply(resp, 1);
- }
- }
- free(mtmp);
- }
+ else
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
+ }
+
+ if (motd_path == NULL)
+ motd_path = default_motd;
+
+ while ((fd = open(motd_path, O_RDONLY, 0)) >= 0) {
+ struct stat st;
+
+ /* fill in message buffer with contents of motd */
+ if ((fstat(fd, &st) < 0) || !st.st_size || st.st_size > 0x10000)
+ break;
+
+ if (!(mtmp = malloc(st.st_size+1)))
+ break;
+
+ if (pam_modutil_read(fd, mtmp, st.st_size) != st.st_size)
+ break;
+
+ if (mtmp[st.st_size-1] == '\n')
+ mtmp[st.st_size-1] = '\0';
+ else
+ mtmp[st.st_size] = '\0';
+
+ pam_info (pamh, "%s", mtmp);
+ break;
+ }
+
+ _pam_drop (mtmp);
+
+ if (fd >= 0)
+ close(fd);
return retval;
}
diff --git a/Linux-PAM/modules/pam_motd/tst-pam_motd b/Linux-PAM/modules/pam_motd/tst-pam_motd
new file mode 100755
index 00000000..155e2304
--- /dev/null
+++ b/Linux-PAM/modules/pam_motd/tst-pam_motd
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_motd.so
diff --git a/Linux-PAM/modules/pam_namespace/Makefile.am b/Linux-PAM/modules/pam_namespace/Makefile.am
new file mode 100644
index 00000000..bbcb2f70
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/Makefile.am
@@ -0,0 +1,39 @@
+#
+# Copyright (c) 2006 Red Hat, Inc.
+#
+
+CLEANFILES = *~
+MAN5 = namespace.conf.5
+MAN8 = pam_namespace.8
+
+XMLS = README.xml namespace.conf.5.xml pam_namespace.8.xml
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+-include $(top_srcdir)/Make.xml.rules
+endif
+
+EXTRA_DIST = README namespace.conf namespace.init $(MAN5) $(MAN8) $(XMLS) tst-pam_namespace
+
+noinst_HEADERS = md5.h
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DPAM_NAMESPACE_CONFIG=\"$(SCONFIGDIR)/namespace.conf\"
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam @LIBSELINUX@
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+if HAVE_UNSHARE
+securelib_LTLIBRARIES = pam_namespace.la
+pam_namespace_la_SOURCES = pam_namespace.c pam_namespace.h md5.c md5.h
+
+secureconf_DATA = namespace.conf
+secureconf_SCRIPTS = namespace.init
+TESTS = tst-pam_namespace
+man_MANS = $(MAN5) $(MAN8)
+endif
diff --git a/Linux-PAM/modules/pam_namespace/Makefile.in b/Linux-PAM/modules/pam_namespace/Makefile.in
new file mode 100644
index 00000000..8beee4ce
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/Makefile.in
@@ -0,0 +1,772 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 Red Hat, Inc.
+#
+
+
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_namespace
+DIST_COMMON = README $(noinst_HEADERS) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" \
+ "$(DESTDIR)$(secureconfdir)" "$(DESTDIR)$(man5dir)" \
+ "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_namespace_la_LIBADD =
+am__pam_namespace_la_SOURCES_DIST = pam_namespace.c pam_namespace.h \
+ md5.c md5.h
+@HAVE_UNSHARE_TRUE@am_pam_namespace_la_OBJECTS = pam_namespace.lo \
+@HAVE_UNSHARE_TRUE@ md5.lo
+pam_namespace_la_OBJECTS = $(am_pam_namespace_la_OBJECTS)
+@HAVE_UNSHARE_TRUE@am_pam_namespace_la_rpath = -rpath $(securelibdir)
+secureconfSCRIPT_INSTALL = $(INSTALL_SCRIPT)
+SCRIPTS = $(secureconf_SCRIPTS)
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = $(pam_namespace_la_SOURCES)
+DIST_SOURCES = $(am__pam_namespace_la_SOURCES_DIST)
+man5dir = $(mandir)/man5
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+secureconfDATA_INSTALL = $(INSTALL_DATA)
+DATA = $(noinst_DATA) $(secureconf_DATA)
+HEADERS = $(noinst_HEADERS)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+MAN5 = namespace.conf.5
+MAN8 = pam_namespace.8
+XMLS = README.xml namespace.conf.5.xml pam_namespace.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+EXTRA_DIST = README namespace.conf namespace.init $(MAN5) $(MAN8) $(XMLS) tst-pam_namespace
+noinst_HEADERS = md5.h
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DPAM_NAMESPACE_CONFIG=\"$(SCONFIGDIR)/namespace.conf\"
+
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam @LIBSELINUX@ $(am__append_1)
+@HAVE_UNSHARE_TRUE@securelib_LTLIBRARIES = pam_namespace.la
+@HAVE_UNSHARE_TRUE@pam_namespace_la_SOURCES = pam_namespace.c pam_namespace.h md5.c md5.h
+@HAVE_UNSHARE_TRUE@secureconf_DATA = namespace.conf
+@HAVE_UNSHARE_TRUE@secureconf_SCRIPTS = namespace.init
+@HAVE_UNSHARE_TRUE@TESTS = tst-pam_namespace
+@HAVE_UNSHARE_TRUE@man_MANS = $(MAN5) $(MAN8)
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_namespace/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_namespace/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_namespace.la: $(pam_namespace_la_OBJECTS) $(pam_namespace_la_DEPENDENCIES)
+ $(LINK) $(am_pam_namespace_la_rpath) $(pam_namespace_la_OBJECTS) $(pam_namespace_la_LIBADD) $(LIBS)
+install-secureconfSCRIPTS: $(secureconf_SCRIPTS)
+ @$(NORMAL_INSTALL)
+ test -z "$(secureconfdir)" || $(MKDIR_P) "$(DESTDIR)$(secureconfdir)"
+ @list='$(secureconf_SCRIPTS)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ if test -f $$d$$p; then \
+ f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
+ echo " $(secureconfSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ $(secureconfSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(secureconfdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-secureconfSCRIPTS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(secureconf_SCRIPTS)'; for p in $$list; do \
+ f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
+ echo " rm -f '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_namespace.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man5: $(man5_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)"
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+uninstall-man5:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+install-secureconfDATA: $(secureconf_DATA)
+ @$(NORMAL_INSTALL)
+ test -z "$(secureconfdir)" || $(MKDIR_P) "$(DESTDIR)$(secureconfdir)"
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(secureconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ $(secureconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+uninstall-secureconfDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(SCRIPTS) $(MANS) $(DATA) $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(secureconfdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-secureconfDATA \
+ install-secureconfSCRIPTS install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man5 install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-secureconfDATA \
+ uninstall-secureconfSCRIPTS uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man5 uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man5 install-man8 \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-secureconfDATA install-secureconfSCRIPTS \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man5 \
+ uninstall-man8 uninstall-secureconfDATA \
+ uninstall-secureconfSCRIPTS uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_namespace/README b/Linux-PAM/modules/pam_namespace/README
new file mode 100644
index 00000000..c47ba232
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/README
@@ -0,0 +1,129 @@
+pam_namespace — PAM module for configuring namespace for a session
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+
+pam_namespace module:
+Setup a private namespace with polyinstantiated directories.
+
+THEORY OF OPERATION:
+The pam namespace module consults /etc/security/namespace.conf
+configuration file and sets up a private namespace with polyinstantiated
+directories for a session managed by PAM. A skeleton namespace.conf
+installed by default provides example for polyinstantiating /tmp, /var/tmp
+and users' home directory.
+
+If an executable script /etc/security/namespace.init exists, it
+is used to initialize the namespace every time a new instance directory
+is setup. The script receives the polyinstantiated directory path
+and the instance directory path as its arguments.
+
+Each line in namespace.conf describes a limit for a user in the form:
+
+<polydir> <instance_prefix> <method> <list_of_uids>
+
+Where:
+<polydir> - is the absolute pathname of the directory to polyinstantiate
+ Special entry $HOME is supported to designate user's home directory.
+ This field cannot be blank.
+
+<instance_prefix> - is the string prefix used to build the pathname for the
+ instantiation of <polydir>. The directory security context, or
+ optionally its md5sum string (32 hex characters), is appended to
+ the prefix to generate the final instance directory path.
+ This directory is created if it did not exist already, and is then
+ bind mounted on the <polydir> to provide an instance of <polydir>
+ based on the <method> column. The special string $HOME is replaced with
+ the user's home directory, and $USER with the username.
+ This field cannot be blank.
+
+<method> - is the method used for polyinstantiation. It can take 3 different
+ values; "user" for polyinstantiation based on user name, "context"
+ for polyinstantiation based on process security context, and "both"
+ for polyinstantiation based on both user name and security context.
+ Methods "context" and "both" are only available with SELinux. This
+ field cannot be blank.
+
+<list_of_uids> - is a comma separated list of user names for whom the
+ polyinstantiation is not performed. If left blank, polyinstantiation
+ will be performed for all users.
+
+EXAMPLE /etc/security/namespace.conf configuration file:
+=======================================================
+# Following three lines will polyinstantiate /tmp, /var/tmp and user's home
+# directories. /tmp and /var/tmp will be polyinstantiated based on both
+# security context as well as user name, whereas home directory will
+# be polyinstantiated based on security context only. Polyinstantiation
+# will not be performed for user root and adm for directories /tmp and
+# /var/tmp, whereas home directories will be polyinstantiated for all
+# users. The user name and/or context is appended to the instance prefix.
+#
+# Note that instance directories do not have to reside inside the
+# polyinstantiated directory. In the examples below, instances of /tmp
+# will be created in /tmp-inst directory, where as instances of /var/tmp
+# and users home directories will reside within the directories that
+# are being polyinstantiated.
+#
+# Instance parent directories must exist for the polyinstantiation
+# mechanism to work. By default, they should be created with the mode
+# of 000. pam_namespace module will enforce this mode unless it
+# is explicitly called with an argument to ignore the mode of the
+# instance parent. System administrators should use this argument with
+# caution, as it will reduce security and isolation achieved by
+# polyinstantiation.
+#
+/tmp /tmp-inst/ both root,adm
+/var/tmp /var/tmp/tmp-inst/ both root,adm
+$HOME $HOME/$USER.inst/inst- context
+
+ARGUMENTS RECOGNIZED:
+ debug
+ Verbose logging by syslog
+
+ unmnt_remnt
+ For programs such as su and newrole, the login session has
+ already setup a polyinstantiated namespace. For these programs,
+ polyinstantiation is performed based on new user id or security
+ context, however the command first needs to undo the
+ polyinstantiation performed by login. This argument instructs
+ the command to first undo previous polyinstantiation before
+ proceeding with new polyinstantiation based on new id/context.
+
+ unmnt_only
+ For trusted programs that want to undo any existing bind mounts
+ and process instance directories on their own, this argument
+ allows them to unmount currently mounted instance directories.
+
+ require_selinux
+ If selinux is not enabled, return failure.
+
+ gen_hash
+ Instead of using the security context string for the instance
+ name, generate and use its md5 hash.
+
+ ignore_config_error
+ If a line in the configuration file corresponding to a
+ polyinstantiated directory contains format error, skip that
+ line process the next line. Without this option, pam will return
+ an error to the calling program resulting in termination
+ of the session.
+
+ ignore_instance_parent_mode
+ Instance parent directories by default are expected to have
+ the restrictive mode of 000. Using this option, an administrator
+ can choose to ignore the mode of the instance parent.
+
+MODULE SERVICES PROVIDED:
+ session open_session and close_session
+
+USAGE:
+ For the <service>s you need polyinstantiation (login for example)
+ put the following line in /etc/pam.d/<service> as the last line for
+ session group:
+
+ session required pam_namespace.so [arguments]
+
+ This module also depends on pam_selinux.so setting the context.
+
+
+
diff --git a/Linux-PAM/modules/pam_namespace/README.xml b/Linux-PAM/modules/pam_namespace/README.xml
new file mode 100644
index 00000000..98ab7532
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/README.xml
@@ -0,0 +1,139 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+"http://www.docbook.org/xml/4.4/docbookx.dtd">
+<article>
+ <articleinfo>
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_namespace.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_namespace-name"]/*)'/>
+ </title>
+ </articleinfo>
+ <section>
+ <programlisting><![CDATA[
+
+pam_namespace module:
+Setup a private namespace with polyinstantiated directories.
+
+THEORY OF OPERATION:
+The pam namespace module consults /etc/security/namespace.conf
+configuration file and sets up a private namespace with polyinstantiated
+directories for a session managed by PAM. A skeleton namespace.conf
+installed by default provides example for polyinstantiating /tmp, /var/tmp
+and users' home directory.
+
+If an executable script /etc/security/namespace.init exists, it
+is used to initialize the namespace every time a new instance directory
+is setup. The script receives the polyinstantiated directory path
+and the instance directory path as its arguments.
+
+Each line in namespace.conf describes a limit for a user in the form:
+
+<polydir> <instance_prefix> <method> <list_of_uids>
+
+Where:
+<polydir> - is the absolute pathname of the directory to polyinstantiate
+ Special entry $HOME is supported to designate user's home directory.
+ This field cannot be blank.
+
+<instance_prefix> - is the string prefix used to build the pathname for the
+ instantiation of <polydir>. The directory security context, or
+ optionally its md5sum string (32 hex characters), is appended to
+ the prefix to generate the final instance directory path.
+ This directory is created if it did not exist already, and is then
+ bind mounted on the <polydir> to provide an instance of <polydir>
+ based on the <method> column. The special string $HOME is replaced with
+ the user's home directory, and $USER with the username.
+ This field cannot be blank.
+
+<method> - is the method used for polyinstantiation. It can take 3 different
+ values; "user" for polyinstantiation based on user name, "context"
+ for polyinstantiation based on process security context, and "both"
+ for polyinstantiation based on both user name and security context.
+ Methods "context" and "both" are only available with SELinux. This
+ field cannot be blank.
+
+<list_of_uids> - is a comma separated list of user names for whom the
+ polyinstantiation is not performed. If left blank, polyinstantiation
+ will be performed for all users.
+
+EXAMPLE /etc/security/namespace.conf configuration file:
+=======================================================
+# Following three lines will polyinstantiate /tmp, /var/tmp and user's home
+# directories. /tmp and /var/tmp will be polyinstantiated based on both
+# security context as well as user name, whereas home directory will
+# be polyinstantiated based on security context only. Polyinstantiation
+# will not be performed for user root and adm for directories /tmp and
+# /var/tmp, whereas home directories will be polyinstantiated for all
+# users. The user name and/or context is appended to the instance prefix.
+#
+# Note that instance directories do not have to reside inside the
+# polyinstantiated directory. In the examples below, instances of /tmp
+# will be created in /tmp-inst directory, where as instances of /var/tmp
+# and users home directories will reside within the directories that
+# are being polyinstantiated.
+#
+# Instance parent directories must exist for the polyinstantiation
+# mechanism to work. By default, they should be created with the mode
+# of 000. pam_namespace module will enforce this mode unless it
+# is explicitly called with an argument to ignore the mode of the
+# instance parent. System administrators should use this argument with
+# caution, as it will reduce security and isolation achieved by
+# polyinstantiation.
+#
+/tmp /tmp-inst/ both root,adm
+/var/tmp /var/tmp/tmp-inst/ both root,adm
+$HOME $HOME/$USER.inst/inst- context
+
+ARGUMENTS RECOGNIZED:
+ debug
+ Verbose logging by syslog
+
+ unmnt_remnt
+ For programs such as su and newrole, the login session has
+ already setup a polyinstantiated namespace. For these programs,
+ polyinstantiation is performed based on new user id or security
+ context, however the command first needs to undo the
+ polyinstantiation performed by login. This argument instructs
+ the command to first undo previous polyinstantiation before
+ proceeding with new polyinstantiation based on new id/context.
+
+ unmnt_only
+ For trusted programs that want to undo any existing bind mounts
+ and process instance directories on their own, this argument
+ allows them to unmount currently mounted instance directories.
+
+ require_selinux
+ If selinux is not enabled, return failure.
+
+ gen_hash
+ Instead of using the security context string for the instance
+ name, generate and use its md5 hash.
+
+ ignore_config_error
+ If a line in the configuration file corresponding to a
+ polyinstantiated directory contains format error, skip that
+ line process the next line. Without this option, pam will return
+ an error to the calling program resulting in termination
+ of the session.
+
+ ignore_instance_parent_mode
+ Instance parent directories by default are expected to have
+ the restrictive mode of 000. Using this option, an administrator
+ can choose to ignore the mode of the instance parent.
+
+MODULE SERVICES PROVIDED:
+ session open_session and close_session
+
+USAGE:
+ For the <service>s you need polyinstantiation (login for example)
+ put the following line in /etc/pam.d/<service> as the last line for
+ session group:
+
+ session required pam_namespace.so [arguments]
+
+ This module also depends on pam_selinux.so setting the context.
+]]>
+ </programlisting>
+ </section>
+</article>
+
diff --git a/Linux-PAM/modules/pam_namespace/md5.c b/Linux-PAM/modules/pam_namespace/md5.c
new file mode 100644
index 00000000..9a060d27
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/md5.c
@@ -0,0 +1,260 @@
+/*
+ * $Id: md5.c,v 1.1 2006/06/27 13:07:43 t8m Exp $
+ *
+ * This code implements the MD5 message-digest algorithm.
+ * The algorithm is due to Ron Rivest. This code was
+ * written by Colin Plumb in 1993, no copyright is claimed.
+ * This code is in the public domain; do with it what you wish.
+ *
+ * Equivalent code is available from RSA Data Security, Inc.
+ * This code has been tested against that, and is equivalent,
+ * except that you don't need to include two pages of legalese
+ * with every copy.
+ *
+ * To compute the message digest of a chunk of bytes, declare an
+ * MD5Context structure, pass it to MD5Init, call MD5Update as
+ * needed on buffers full of bytes, and then call MD5Final, which
+ * will fill a supplied 16-byte array with the digest.
+ *
+ */
+
+#include <string.h>
+#include "md5.h"
+
+#define MD5Name(x) x
+
+#if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#define byteReverse(buf, len) /* Nothing */
+#else
+static void byteReverse(unsigned char *buf, unsigned longs);
+
+/*
+ * Note: this code is harmless on little-endian machines.
+ */
+static void byteReverse(unsigned char *buf, unsigned longs)
+{
+ uint32 t;
+ do {
+ t = (uint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
+ ((unsigned) buf[1] << 8 | buf[0]);
+ *(uint32 *) buf = t;
+ buf += 4;
+ } while (--longs);
+}
+#endif
+
+/*
+ * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
+ * initialization constants.
+ */
+void MD5Name(MD5Init)(struct MD5Context *ctx)
+{
+ ctx->buf[0] = 0x67452301U;
+ ctx->buf[1] = 0xefcdab89U;
+ ctx->buf[2] = 0x98badcfeU;
+ ctx->buf[3] = 0x10325476U;
+
+ ctx->bits[0] = 0;
+ ctx->bits[1] = 0;
+}
+
+/*
+ * Update context to reflect the concatenation of another buffer full
+ * of bytes.
+ */
+void MD5Name(MD5Update)(struct MD5Context *ctx, unsigned const char *buf, unsigned len)
+{
+ uint32 t;
+
+ /* Update bitcount */
+
+ t = ctx->bits[0];
+ if ((ctx->bits[0] = t + ((uint32) len << 3)) < t)
+ ctx->bits[1]++; /* Carry from low to high */
+ ctx->bits[1] += len >> 29;
+
+ t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */
+
+ /* Handle any leading odd-sized chunks */
+
+ if (t) {
+ unsigned char *p = (unsigned char *) ctx->in + t;
+
+ t = 64 - t;
+ if (len < t) {
+ memcpy(p, buf, len);
+ return;
+ }
+ memcpy(p, buf, t);
+ byteReverse(ctx->in, 16);
+ MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
+ buf += t;
+ len -= t;
+ }
+ /* Process data in 64-byte chunks */
+
+ while (len >= 64) {
+ memcpy(ctx->in, buf, 64);
+ byteReverse(ctx->in, 16);
+ MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
+ buf += 64;
+ len -= 64;
+ }
+
+ /* Handle any remaining bytes of data. */
+
+ memcpy(ctx->in, buf, len);
+}
+
+/*
+ * Final wrapup - pad to 64-byte boundary with the bit pattern
+ * 1 0* (64-bit count of bits processed, MSB-first)
+ */
+void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx)
+{
+ unsigned count;
+ unsigned char *p;
+
+ /* Compute number of bytes mod 64 */
+ count = (ctx->bits[0] >> 3) & 0x3F;
+
+ /* Set the first char of padding to 0x80. This is safe since there is
+ always at least one byte free */
+ p = ctx->in + count;
+ *p++ = 0x80;
+
+ /* Bytes of padding needed to make 64 bytes */
+ count = 64 - 1 - count;
+
+ /* Pad out to 56 mod 64 */
+ if (count < 8) {
+ /* Two lots of padding: Pad the first block to 64 bytes */
+ memset(p, 0, count);
+ byteReverse(ctx->in, 16);
+ MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
+
+ /* Now fill the next block with 56 bytes */
+ memset(ctx->in, 0, 56);
+ } else {
+ /* Pad block to 56 bytes */
+ memset(p, 0, count - 8);
+ }
+ byteReverse(ctx->in, 14);
+
+ /* Append length in bits and transform */
+ ((uint32 *) ctx->in)[14] = ctx->bits[0];
+ ((uint32 *) ctx->in)[15] = ctx->bits[1];
+
+ MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
+ byteReverse((unsigned char *) ctx->buf, 4);
+ memcpy(digest, ctx->buf, 16);
+ memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
+}
+
+/* The four core functions - F1 is optimized somewhat */
+
+/* #define F1(x, y, z) (x & y | ~x & z) */
+#define F1(x, y, z) (z ^ (x & (y ^ z)))
+#define F2(x, y, z) F1(z, x, y)
+#define F3(x, y, z) (x ^ y ^ z)
+#define F4(x, y, z) (y ^ (x | ~z))
+
+/* This is the central step in the MD5 algorithm. */
+#define MD5STEP(f, w, x, y, z, data, s) \
+ ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
+
+/*
+ * The core of the MD5 algorithm, this alters an existing MD5 hash to
+ * reflect the addition of 16 longwords of new data. MD5Update blocks
+ * the data and converts bytes into longwords for this routine.
+ */
+void MD5Name(MD5Transform)(uint32 buf[4], uint32 const in[16])
+{
+ register uint32 a, b, c, d;
+
+ a = buf[0];
+ b = buf[1];
+ c = buf[2];
+ d = buf[3];
+
+ MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478U, 7);
+ MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756U, 12);
+ MD5STEP(F1, c, d, a, b, in[2] + 0x242070dbU, 17);
+ MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceeeU, 22);
+ MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0fafU, 7);
+ MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62aU, 12);
+ MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613U, 17);
+ MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501U, 22);
+ MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8U, 7);
+ MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7afU, 12);
+ MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1U, 17);
+ MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7beU, 22);
+ MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122U, 7);
+ MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193U, 12);
+ MD5STEP(F1, c, d, a, b, in[14] + 0xa679438eU, 17);
+ MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821U, 22);
+
+ MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562U, 5);
+ MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340U, 9);
+ MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51U, 14);
+ MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aaU, 20);
+ MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105dU, 5);
+ MD5STEP(F2, d, a, b, c, in[10] + 0x02441453U, 9);
+ MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681U, 14);
+ MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8U, 20);
+ MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6U, 5);
+ MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6U, 9);
+ MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87U, 14);
+ MD5STEP(F2, b, c, d, a, in[8] + 0x455a14edU, 20);
+ MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905U, 5);
+ MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8U, 9);
+ MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9U, 14);
+ MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8aU, 20);
+
+ MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942U, 4);
+ MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681U, 11);
+ MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122U, 16);
+ MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380cU, 23);
+ MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44U, 4);
+ MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9U, 11);
+ MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60U, 16);
+ MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70U, 23);
+ MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6U, 4);
+ MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127faU, 11);
+ MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085U, 16);
+ MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05U, 23);
+ MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039U, 4);
+ MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5U, 11);
+ MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8U, 16);
+ MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665U, 23);
+
+ MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244U, 6);
+ MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97U, 10);
+ MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7U, 15);
+ MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039U, 21);
+ MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3U, 6);
+ MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92U, 10);
+ MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47dU, 15);
+ MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1U, 21);
+ MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4fU, 6);
+ MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0U, 10);
+ MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314U, 15);
+ MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1U, 21);
+ MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82U, 6);
+ MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235U, 10);
+ MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bbU, 15);
+ MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391U, 21);
+
+ buf[0] += a;
+ buf[1] += b;
+ buf[2] += c;
+ buf[3] += d;
+}
+
+void MD5Name(MD5)(unsigned const char *buf, unsigned len, unsigned char digest[16])
+{
+ struct MD5Context ctx;
+ MD5Name(MD5Init)(&ctx);
+ MD5Name(MD5Update)(&ctx, buf, len);
+ MD5Name(MD5Final)(digest, &ctx);
+}
diff --git a/Linux-PAM/modules/pam_namespace/md5.h b/Linux-PAM/modules/pam_namespace/md5.h
new file mode 100644
index 00000000..73f85833
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/md5.h
@@ -0,0 +1,28 @@
+
+#ifndef MD5_H
+#define MD5_H
+
+typedef unsigned int uint32;
+
+struct MD5Context {
+ uint32 buf[4];
+ uint32 bits[2];
+ unsigned char in[64];
+};
+
+#define MD5_DIGEST_LENGTH 16
+
+void MD5Init(struct MD5Context *);
+void MD5Update(struct MD5Context *, unsigned const char *, unsigned);
+void MD5Final(unsigned char digest[MD5_DIGEST_LENGTH], struct MD5Context *);
+void MD5Transform(uint32 buf[4], uint32 const in[MD5_DIGEST_LENGTH]);
+void MD5(unsigned const char *, unsigned, unsigned char digest[MD5_DIGEST_LENGTH]);
+
+
+/*
+ * This is needed to make RSAREF happy on some MS-DOS compilers.
+ */
+
+typedef struct MD5Context MD5_CTX;
+
+#endif /* MD5_H */
diff --git a/Linux-PAM/modules/pam_namespace/namespace.conf b/Linux-PAM/modules/pam_namespace/namespace.conf
new file mode 100644
index 00000000..c7305ffe
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/namespace.conf
@@ -0,0 +1,30 @@
+# /etc/security/namespace.conf
+#
+# See /usr/share/doc/pam-*/txts/README.pam_namespace for more information.
+#
+# Uncommenting the following three lines will polyinstantiate
+# /tmp, /var/tmp and user's home directories. /tmp and /var/tmp will
+# be polyinstantiated based on both security context as well as user
+# name, whereas home directory will be polyinstantiated based on
+# security context only. Polyinstantion will not be performed for
+# user root and adm for directories /tmp and /var/tmp, whereas home
+# directories will be polyinstantiated for all users. The user name
+# and/or context is appended to the instance prefix.
+#
+# Note that instance directories do not have to reside inside the
+# polyinstantiated directory. In the examples below, instances of /tmp
+# will be created in /tmp-inst directory, where as instances of /var/tmp
+# and users home directories will reside within the directories that
+# are being polyinstantiated.
+#
+# Instance parent directories must exist for the polyinstantiation
+# mechanism to work. By default, they should be created with the mode
+# of 000. pam_namespace module will enforce this mode unless it
+# is explicitly called with an argument to ignore the mode of the
+# instance parent. System administrators should use this argument with
+# caution, as it will reduce security and isolation achieved by
+# polyinstantiation.
+#
+#/tmp /tmp-inst/ both root,adm
+#/var/tmp /var/tmp/tmp-inst/ both root,adm
+#$HOME $HOME/$USER.inst/inst- context
diff --git a/Linux-PAM/modules/pam_namespace/namespace.conf.5 b/Linux-PAM/modules/pam_namespace/namespace.conf.5
new file mode 100644
index 00000000..ff325a21
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/namespace.conf.5
@@ -0,0 +1,96 @@
+.\"Generated by db2man.xsl. Don't modify this, modify the source.
+.de Sh \" Subsection
+.br
+.if t .Sp
+.ne 5
+.PP
+\fB\\$1\fR
+.PP
+..
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Ip \" List item
+.br
+.ie \\n(.$>=3 .ne \\$3
+.el .ne 3
+.IP "\\$1" \\$2
+..
+.TH "NAMESPACE.CONF" 5 "" "" ""
+.SH NAME
+namespace.conf \- the namespace configuration file
+.SH "DESCRIPTION"
+
+.PP
+This module allows setup of private namespaces with polyinstantiated directories\&. Directories can be polyinstantiated based on user name or, in the case of SELinux, user name, security context or both\&. If an executable script \fI/etc/security/namespace\&.init\fR exists, it is used to initialize the namespace every time a new instance directory is setup\&. The script receives the polyinstantiated directory path and the instance directory path as its arguments\&.
+
+.PP
+The \fI/etc/security/namespace\&.conf\fR file specifies which directories are polyinstantiated, how they are polyinstantiated, how instance directories would be named, and any users for whom polyinstantiation would not be performed\&.
+
+.PP
+When someone logs in, the file \fInamespace\&.conf\fR is scanned where each non comment line represents one polyinstantiated directory with space separated fields as follows:
+
+.PP
+ \fIpolydir\fR \fI instance_prefix\fR \fI method\fR \fI list_of_uids\fR
+
+.PP
+The first field, \fIpolydir\fR, is the absolute pathname of the directory to polyinstantiate\&. Special entry $HOME is supported to designate user's home directory\&. This field cannot be blank\&.
+
+.PP
+The second field, \fIinstance_prefix\fR is the string prefix used to build the pathname for the instantiation of <polydir>\&. The directory security context, or optionally its md5sum string (32 hex characters), is appended to the prefix to generate the final instance directory path\&. This directory is created if it did not exist already, and is then bind mounted on the <polydir> to provide an instance of <polydir> based on the <method> column\&. The special string $HOME is replaced with the user's home directory, and $USER with the username\&. This field cannot be blank\&. The directory where polyinstantiated instances are to be created, must exist and must have, by default, the mode of 000\&. The requirement that the instance parent be of mode 000 can be overridden with the command line option <ignore_instance_parent_mode>
+
+.PP
+The third field, \fImethod\fR, is the method used for polyinstantiation\&. It can take 3 different values; "user" for polyinstantiation based on user name, "context" for polyinstantiation based on process security context, and "both" for polyinstantiation based on both user name and security context\&. Methods "context" and "both" are only available with SELinux\&. This field cannot be blank\&.
+
+.PP
+The fourth field, \fIlist_of_uids\fR, is a comma separated list of user names for whom the polyinstantiation is not performed\&. If left blank, polyinstantiation will be performed for all users\&.
+
+.SH "EXAMPLES"
+
+.PP
+These are some example lines which might be specified in \fI/etc/security/namespace\&.conf\fR\&.
+
+.nf
+
+ # The following three lines will polyinstantiate /tmp,
+ # /var/tmp and user's home directories\&. /tmp and /var/tmp
+ # will be polyinstantiated based on both security context
+ # as well as user name, whereas home directory will be
+ # polyinstantiated based on security context only\&.
+ # Polyinstantiation will not be performed for user root
+ # and adm for directories /tmp and /var/tmp, whereas home
+ # directories will be polyinstantiated for all users\&.
+ #
+ # Note that instance directories do not have to reside inside
+ # the polyinstantiated directory\&. In the examples below,
+ # instances of /tmp will be created in /tmp\-inst directory,
+ # where as instances of /var/tmp and users home directories
+ # will reside within the directories that are being
+ # polyinstantiated\&.
+ #
+ /tmp /tmp\-inst/ both root,adm
+ /var/tmp /var/tmp/tmp\-inst/ both root,adm
+ $HOME $HOME/$USER\&.inst/inst\- context
+
+.fi
+
+.PP
+For the <service>s you need polyinstantiation (login for example) put the following line in /etc/pam\&.d/<service> as the last line for session group:
+
+.PP
+session required pam_namespace\&.so [arguments]
+
+.PP
+This module also depends on pam_selinux\&.so setting the context\&.
+
+.SH "SEE ALSO"
+
+.PP
+ \fBpam_namespace\fR(8), \fBpam\&.d\fR(5), \fBpam\fR(8)
+
+.SH "AUTHORS"
+
+.PP
+The namespace\&.conf manual page was written by Janak Desai <janak@us\&.ibm\&.com>\&.
+
diff --git a/Linux-PAM/modules/pam_namespace/namespace.conf.5.xml b/Linux-PAM/modules/pam_namespace/namespace.conf.5.xml
new file mode 100644
index 00000000..36a1a085
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/namespace.conf.5.xml
@@ -0,0 +1,151 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="namespace.conf">
+
+ <refmeta>
+ <refentrytitle>namespace.conf</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv>
+ <refname>namespace.conf</refname>
+ <refpurpose>the namespace configuration file</refpurpose>
+ </refnamediv>
+
+
+ <refsect1 id='namespace.conf-description'>
+ <title>DESCRIPTION</title>
+
+ <para>
+ This module allows setup of private namespaces with polyinstantiated
+ directories. Directories can be polyinstantiated based on user name
+ or, in the case of SELinux, user name, security context or both. If an
+ executable script <filename>/etc/security/namespace.init</filename>
+ exists, it is used to initialize the namespace every time a new instance
+ directory is setup. The script receives the polyinstantiated
+ directory path and the instance directory path as its arguments.
+ </para>
+
+ <para>
+ The <filename>/etc/security/namespace.conf</filename> file specifies
+ which directories are polyinstantiated, how they are polyinstantiated,
+ how instance directories would be named, and any users for whom
+ polyinstantiation would not be performed.
+ </para>
+
+ <para>
+ When someone logs in, the file <filename>namespace.conf</filename> is
+ scanned where each non comment line represents one polyinstantiated
+ directory with space separated fields as follows:
+ </para>
+
+ <para>
+ <replaceable>polydir</replaceable> <replaceable> instance_prefix</replaceable> <replaceable> method</replaceable> <replaceable> list_of_uids</replaceable>
+ </para>
+
+ <para>
+ The first field, <replaceable>polydir</replaceable>, is the absolute
+ pathname of the directory to polyinstantiate. Special entry $HOME is
+ supported to designate user's home directory. This field cannot be
+ blank.
+ </para>
+
+ <para>
+ The second field, <replaceable>instance_prefix</replaceable> is
+ the string prefix used to build the pathname for the instantiation
+ of &lt;polydir&gt;. The directory security context, or optionally its
+ md5sum string (32 hex characters), is appended to the prefix to
+ generate the final instance directory path. This directory is
+ created if it did not exist already, and is then bind mounted on the
+ &lt;polydir&gt; to provide an instance of &lt;polydir&gt; based on the
+ &lt;method&gt; column. The special string $HOME is replaced with the
+ user's home directory, and $USER with the username. This field cannot
+ be blank. The directory where polyinstantiated instances are to be
+ created, must exist and must have, by default, the mode of 000. The
+ requirement that the instance parent be of mode 000 can be overridden
+ with the command line option &lt;ignore_instance_parent_mode&gt;
+ </para>
+
+ <para>
+ The third field, <replaceable>method</replaceable>, is the method
+ used for polyinstantiation. It can take 3 different values; "user"
+ for polyinstantiation based on user name, "context" for
+ polyinstantiation based on process security context, and "both"
+ for polyinstantiation based on both user name and security context.
+ Methods "context" and "both" are only available with SELinux. This
+ field cannot be blank.
+ </para>
+
+ <para>
+ The fourth field, <replaceable>list_of_uids</replaceable>, is
+ a comma separated list of user names for whom the polyinstantiation
+ is not performed. If left blank, polyinstantiation will be performed
+ for all users.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="namespace.conf-examples">
+ <title>EXAMPLES</title>
+ <para>
+ These are some example lines which might be specified in
+ <filename>/etc/security/namespace.conf</filename>.
+ </para>
+
+ <literallayout>
+ # The following three lines will polyinstantiate /tmp,
+ # /var/tmp and user's home directories. /tmp and /var/tmp
+ # will be polyinstantiated based on both security context
+ # as well as user name, whereas home directory will be
+ # polyinstantiated based on security context only.
+ # Polyinstantiation will not be performed for user root
+ # and adm for directories /tmp and /var/tmp, whereas home
+ # directories will be polyinstantiated for all users.
+ #
+ # Note that instance directories do not have to reside inside
+ # the polyinstantiated directory. In the examples below,
+ # instances of /tmp will be created in /tmp-inst directory,
+ # where as instances of /var/tmp and users home directories
+ # will reside within the directories that are being
+ # polyinstantiated.
+ #
+ /tmp /tmp-inst/ both root,adm
+ /var/tmp /var/tmp/tmp-inst/ both root,adm
+ $HOME $HOME/$USER.inst/inst- context
+ </literallayout>
+
+ <para>
+ For the &lt;service&gt;s you need polyinstantiation (login for example)
+ put the following line in /etc/pam.d/&lt;service&gt; as the last line for
+ session group:
+ </para>
+
+ <para>
+ session required pam_namespace.so [arguments]
+ </para>
+
+ <para>
+ This module also depends on pam_selinux.so setting the context.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="namespace.conf-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry><refentrytitle>pam_namespace</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id="namespace.conf-author">
+ <title>AUTHORS</title>
+ <para>
+ The namespace.conf manual page was written by Janak Desai &lt;janak@us.ibm.com&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_namespace/namespace.init b/Linux-PAM/modules/pam_namespace/namespace.init
new file mode 100755
index 00000000..62f8e6e4
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/namespace.init
@@ -0,0 +1,24 @@
+#!/bin/sh
+# This is only a boilerplate for the instance initialization script.
+# It receives polydir path as $1 and the instance path as $2.
+#
+# If you intend to polyinstantiate /tmp and you also want to use the X windows
+# environment, you will have to use this script to bind mount the socket that
+# is used by the X server to communicate with its clients. X server places
+# this socket in /tmp/.X11-unix directory, which will get obscured by
+# polyinstantiation. Uncommenting the following lines will bind mount
+# the relevant directory at an alternative location (/.tmp/.X11-unix) such
+# that the X server, window manager and X clients, can still find the
+# socket X0 at the polyinstanted /tmp/.X11-unix.
+#
+#if [ $1 = /tmp ]; then
+# if [ ! -f /.tmp/.X11-unix ]; then
+# mkdir -p /.tmp/.X11-unix
+# fi
+# mount --bind /tmp/.X11-unix /.tmp/.X11-unix
+# cp -fp -- /tmp/.X0-lock "$2/.X0-lock"
+# mkdir -- "$2/.X11-unix"
+# ln -fs -- /.tmp/.X11-unix/X0 "$2/.X11-unix/X0"
+#fi
+
+exit 0
diff --git a/Linux-PAM/modules/pam_namespace/pam_namespace.8 b/Linux-PAM/modules/pam_namespace/pam_namespace.8
new file mode 100644
index 00000000..126cfc88
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/pam_namespace.8
@@ -0,0 +1,110 @@
+.\" Title: pam_namespace
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_NAMESPACE" "8" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_namespace \- PAM module for configuring namespace for a session
+.SH "SYNOPSIS"
+.HP 17
+\fBpam_namespace.so\fR [debug] [unmnt_remnt] [unmnt_only] [require_selinux] [gen_hash] [ignore_config_error] [ignore_instance_parent_mode]
+.SH "DESCRIPTION"
+.PP
+The pam_namespace PAM module sets up a private namespace for a session with polyinstantiated directories. A polyinstantiated directory provides a different instance of itself based on user name, or when using SELinux, user name, security context or both. If an executable script
+\fI/etc/security/namespace.init\fR
+exists, it is used to initialize the namespace every time a new instance directory is setup. The script receives the polyinstantiated directory path and the instance directory path as its arguments.
+.PP
+The pam_namespace module disassociates the session namespace from the parent namespace. Any mounts/unmounts performed in the parent namespace, such as mounting of devices, are not reflected in the session namespace. To propagate selected mount/unmount events from the parent namespace into the disassociated session namespace, an administrator may use the special shared\-subtree feature. For additional information on shared\-subtree feature, please refer to the mount(8) man page and the shared\-subtree description at http://lwn.net/Articles/159077 and http://lwn.net/Articles/159092.
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+A lot of debug information is logged using syslog
+.TP 3n
+\fBunmnt_remnt\fR
+For programs such as su and newrole, the login session has already setup a polyinstantiated namespace. For these programs, polyinstantiation is performed based on new user id or security context, however the command first needs to undo the polyinstantiation performed by login. This argument instructs the command to first undo previous polyinstantiation before proceeding with new polyinstantiation based on new id/context
+.TP 3n
+\fBunmnt_only\fR
+For trusted programs that want to undo any existing bind mounts and process instance directories on their own, this argument allows them to unmount currently mounted instance directories
+.TP 3n
+\fBrequire_selinux\fR
+If selinux is not enabled, return failure
+.TP 3n
+\fBgen_hash\fR
+Instead of using the security context string for the instance name, generate and use its md5 hash.
+.TP 3n
+\fBignore_config_error\fR
+If a line in the configuration file corresponding to a polyinstantiated directory contains format error, skip that line process the next line. Without this option, pam will return an error to the calling program resulting in termination of the session.
+.TP 3n
+\fBignore_instance_parent_mode\fR
+Instance parent directories by default are expected to have the restrictive mode of 000. Using this option, an administrator can choose to ignore the mode of the instance parent. This option should be used with caution as it will reduce security and isolation goals of the polyinstantiation mechanism.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The
+\fBsession\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+Namespace setup was successful.
+.TP 3n
+PAM_SERVICE_ERR
+Unexpected system error occurred while setting up namespace.
+.TP 3n
+PAM_SESSION_ERR
+Unexpected namespace configuration error occurred.
+.SH "FILES"
+.TP 3n
+\fI/etc/security/namespace.conf\fR
+Configuration file
+.SH "EXAMPLES"
+.PP
+For the <service>s you need polyinstantiation (login for example) put the following line in /etc/pam.d/<service> as the last line for session group:
+.PP
+session required pam_namespace.so [arguments]
+.PP
+To use polyinstantiation with graphical display manager gdm, insert the following line, before exit 0, in /etc/gdm/PostSession/Default:
+.PP
+/usr/sbin/gdm\-safe\-restart
+.PP
+This allows gdm to restart after each session and appropriately adjust namespaces of display manager and the X server. If polyinstantiation of /tmp is desired along with the graphical environment, then additional configuration changes are needed to address the interaction of X server and font server namespaces with their use of /tmp to create communication sockets. Please use the initialization script
+\fI/etc/security/namespace.init\fR
+to ensure that the X server and its clients can appropriately access the communication socket X0. Please refer to the sample instructions provided in the comment section of the instance initialization script
+\fI/etc/security/namespace.init\fR. In addition, perform the following changes to use graphical environment with polyinstantiation of /tmp:
+.PP
+
+.sp
+.RS 3n
+.nf
+ 1. Disable the use of font server by commenting out "FontPath"
+ line in /etc/X11/xorg.conf. If you do want to use the font server
+ then you will have to augment the instance initialization
+ script to appropriately provide /tmp/.font\-unix from the
+ polyinstantiated /tmp.
+ 2. Ensure that the gdm service is setup to use pam_namespace,
+ as described above, by modifying /etc/pam.d/gdm.
+ 3. Ensure that the display manager is configured to restart X server
+ with each new session. This default setup can be verified by
+ making sure that /usr/share/gdm/defaults.conf contains
+ "AlwaysRestartServer=true", and it is not overridden by
+ /etc/gdm/custom.conf.
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBnamespace.conf\fR(5),
+\fBpam.d\fR(8),
+\fBmount\fR(8),
+\fBpam\fR(8).
+.SH "AUTHORS"
+.PP
+The namespace setup scheme was designed by Stephen Smalley, Janak Desai and Chad Sellers. The pam_namespace PAM module was developed by Janak Desai <janak@us.ibm.com>, Chad Sellers <csellers@tresys.com> and Steve Grubb <sgrubb@redhat.com>.
diff --git a/Linux-PAM/modules/pam_namespace/pam_namespace.8.xml b/Linux-PAM/modules/pam_namespace/pam_namespace.8.xml
new file mode 100644
index 00000000..4c93ecf0
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/pam_namespace.8.xml
@@ -0,0 +1,317 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_namespace'>
+
+ <refmeta>
+ <refentrytitle>pam_namespace</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_namespace-name'>
+ <refname>pam_namespace</refname>
+ <refpurpose>
+ PAM module for configuring namespace for a session
+ </refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_namespace-cmdsynopsis">
+ <command>pam_namespace.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ unmnt_remnt
+ </arg>
+ <arg choice="opt">
+ unmnt_only
+ </arg>
+ <arg choice="opt">
+ require_selinux
+ </arg>
+ <arg choice="opt">
+ gen_hash
+ </arg>
+ <arg choice="opt">
+ ignore_config_error
+ </arg>
+ <arg choice="opt">
+ ignore_instance_parent_mode
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_namespace-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_namespace PAM module sets up a private namespace for a session
+ with polyinstantiated directories. A polyinstantiated directory
+ provides a different instance of itself based on user name, or when
+ using SELinux, user name, security context or both. If an executable
+ script <filename>/etc/security/namespace.init</filename> exists, it
+ is used to initialize the namespace every time a new instance
+ directory is setup. The script receives the polyinstantiated
+ directory path and the instance directory path as its arguments.
+ </para>
+
+ <para>
+ The pam_namespace module disassociates the session namespace from
+ the parent namespace. Any mounts/unmounts performed in the parent
+ namespace, such as mounting of devices, are not reflected in the
+ session namespace. To propagate selected mount/unmount events from
+ the parent namespace into the disassociated session namespace, an
+ administrator may use the special shared-subtree feature. For
+ additional information on shared-subtree feature, please refer to
+ the mount(8) man page and the shared-subtree description at
+ http://lwn.net/Articles/159077 and http://lwn.net/Articles/159092.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_namespace-options">
+ <title>OPTIONS</title>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ A lot of debug information is logged using syslog
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>unmnt_remnt</option>
+ </term>
+ <listitem>
+ <para>
+ For programs such as su and newrole, the login
+ session has already setup a polyinstantiated
+ namespace. For these programs, polyinstantiation
+ is performed based on new user id or security
+ context, however the command first needs to
+ undo the polyinstantiation performed by login.
+ This argument instructs the command to
+ first undo previous polyinstantiation before
+ proceeding with new polyinstantiation based on
+ new id/context
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>unmnt_only</option>
+ </term>
+ <listitem>
+ <para>
+ For trusted programs that want to undo any
+ existing bind mounts and process instance
+ directories on their own, this argument allows
+ them to unmount currently mounted instance
+ directories
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>require_selinux</option>
+ </term>
+ <listitem>
+ <para>
+ If selinux is not enabled, return failure
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>gen_hash</option>
+ </term>
+ <listitem>
+ <para>
+ Instead of using the security context string
+ for the instance name, generate and use its
+ md5 hash.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>ignore_config_error</option>
+ </term>
+ <listitem>
+ <para>
+ If a line in the configuration file corresponding
+ to a polyinstantiated directory contains format
+ error, skip that line process the next line.
+ Without this option, pam will return an error
+ to the calling program resulting in termination
+ of the session.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>ignore_instance_parent_mode</option>
+ </term>
+ <listitem>
+ <para>
+ Instance parent directories by default are expected to have
+ the restrictive mode of 000. Using this option, an administrator
+ can choose to ignore the mode of the instance parent. This option
+ should be used with caution as it will reduce security and
+ isolation goals of the polyinstantiation mechanism.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_namespace-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The <option>session</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_namespace-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Namespace setup was successful.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ Unexpected system error occurred while setting up namespace.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SESSION_ERR</term>
+ <listitem>
+ <para>
+ Unexpected namespace configuration error occurred.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_namespace-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/security/namespace.conf</filename></term>
+ <listitem>
+ <para>Configuration file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_namespace-examples">
+ <title>EXAMPLES</title>
+
+ <para>
+ For the &lt;service&gt;s you need polyinstantiation (login for example)
+ put the following line in /etc/pam.d/&lt;service&gt; as the last line for
+ session group:
+ </para>
+
+ <para>
+ session required pam_namespace.so [arguments]
+ </para>
+
+ <para>
+ To use polyinstantiation with graphical display manager gdm, insert the
+ following line, before exit 0, in /etc/gdm/PostSession/Default:
+ </para>
+
+ <para>
+ /usr/sbin/gdm-safe-restart
+ </para>
+
+ <para>
+ This allows gdm to restart after each session and appropriately adjust
+ namespaces of display manager and the X server. If polyinstantiation
+ of /tmp is desired along with the graphical environment, then additional
+ configuration changes are needed to address the interaction of X server
+ and font server namespaces with their use of /tmp to create
+ communication sockets. Please use the initialization script
+ <filename>/etc/security/namespace.init</filename> to ensure that
+ the X server and its clients can appropriately access the
+ communication socket X0. Please refer to the sample instructions
+ provided in the comment section of the instance initialization script
+ <filename>/etc/security/namespace.init</filename>. In addition,
+ perform the following changes to use graphical environment with
+ polyinstantiation of /tmp:
+ </para>
+
+ <para>
+ <literallayout>
+ 1. Disable the use of font server by commenting out "FontPath"
+ line in /etc/X11/xorg.conf. If you do want to use the font server
+ then you will have to augment the instance initialization
+ script to appropriately provide /tmp/.font-unix from the
+ polyinstantiated /tmp.
+ 2. Ensure that the gdm service is setup to use pam_namespace,
+ as described above, by modifying /etc/pam.d/gdm.
+ 3. Ensure that the display manager is configured to restart X server
+ with each new session. This default setup can be verified by
+ making sure that /usr/share/gdm/defaults.conf contains
+ "AlwaysRestartServer=true", and it is not overridden by
+ /etc/gdm/custom.conf.
+ </literallayout>
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_namespace-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>namespace.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>mount</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_namespace-authors">
+ <title>AUTHORS</title>
+ <para>
+ The namespace setup scheme was designed by Stephen Smalley, Janak Desai
+ and Chad Sellers.
+ The pam_namespace PAM module was developed by Janak Desai &lt;janak@us.ibm.com&gt;, Chad Sellers &lt;csellers@tresys.com&gt; and Steve Grubb &lt;sgrubb@redhat.com&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_namespace/pam_namespace.c b/Linux-PAM/modules/pam_namespace/pam_namespace.c
new file mode 100644
index 00000000..e4e4a5d8
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/pam_namespace.c
@@ -0,0 +1,1337 @@
+/******************************************************************************
+ * A module for Linux-PAM that will set the default namespace after
+ * establishing a session via PAM.
+ *
+ * (C) Copyright IBM Corporation 2005
+ * (C) Copyright Red Hat 2006
+ * All Rights Reserved.
+ *
+ * Written by: Janak Desai <janak@us.ibm.com>
+ * With Revisions by: Steve Grubb <sgrubb@redhat.com>
+ * Derived from a namespace setup patch by Chad Sellers <cdselle@tycho.nsa.gov>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * on the rights to use, copy, modify, merge, publish, distribute, sub
+ * license, and/or sell copies of the Software, and to permit persons to whom
+ * the Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice (including the next
+ * paragraph) shall be included in all copies or substantial portions of the
+ * Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL
+ * IBM AND/OR THEIR SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ */
+
+#include "pam_namespace.h"
+
+/*
+ * Copies the contents of ent into pent
+ */
+static int copy_ent(const struct polydir_s *ent, struct polydir_s *pent)
+{
+ unsigned int i;
+
+ strcpy(pent->dir, ent->dir);
+ strcpy(pent->instance_prefix, ent->instance_prefix);
+ pent->method = ent->method;
+ pent->num_uids = ent->num_uids;
+ if (ent->num_uids) {
+ uid_t *pptr, *eptr;
+
+ pent->uid = (uid_t *) malloc(ent->num_uids * sizeof(uid_t));
+ if (!(pent->uid)) {
+ return -1;
+ }
+ for (i = 0, pptr = pent->uid, eptr = ent->uid; i < ent->num_uids;
+ i++, eptr++, pptr++)
+ *pptr = *eptr;
+ } else
+ pent->uid = NULL;
+ return 0;
+}
+
+/*
+ * Adds an entry for a polyinstantiated directory to the linked list of
+ * polyinstantiated directories. It is called from process_line() while
+ * parsing the namespace configuration file.
+ */
+static int add_polydir_entry(struct instance_data *idata,
+ const struct polydir_s *ent)
+{
+ struct polydir_s *pent;
+ int rc = 0;
+
+ /*
+ * Allocate an entry to hold information about a directory to
+ * polyinstantiate, populate it with information from 2nd argument
+ * and add the entry to the linked list of polyinstantiated
+ * directories.
+ */
+ pent = (struct polydir_s *) malloc(sizeof(struct polydir_s));
+ if (!pent) {
+ rc = -1;
+ goto out;
+ }
+ /* Make copy */
+ rc = copy_ent(ent,pent);
+ if(rc < 0)
+ goto out_clean;
+
+ /* Now attach to linked list */
+ pent->next = NULL;
+ if (idata->polydirs_ptr == NULL)
+ idata->polydirs_ptr = pent;
+ else {
+ struct polydir_s *tail;
+
+ tail = idata->polydirs_ptr;
+ while (tail->next)
+ tail = tail->next;
+ tail->next = pent;
+ }
+ goto out;
+out_clean:
+ free(pent);
+out:
+ return rc;
+}
+
+
+/*
+ * Deletes all the entries in the linked list.
+ */
+static void del_polydir_list(struct polydir_s *polydirs_ptr)
+{
+ struct polydir_s *dptr = polydirs_ptr;
+
+ while (dptr) {
+ struct polydir_s *tptr = dptr;
+ dptr = dptr->next;
+ free(tptr->uid);
+ free(tptr);
+ }
+}
+
+
+/*
+ * Called from parse_config_file, this function processes a single line
+ * of the namespace configuration file. It skips over comments and incomplete
+ * or malformed lines. It processes a valid line with information on
+ * polyinstantiating a directory by populating appropriate fields of a
+ * polyinstatiated directory structure and then calling add_polydir_entry to
+ * add that entry to the linked list of polyinstantiated directories.
+ */
+static int process_line(char *line, const char *home,
+ struct instance_data *idata)
+{
+ const char *dir, *instance_prefix;
+ const char *method, *uids;
+ char *tptr;
+ struct polydir_s poly;
+ int retval = 0;
+
+ poly.uid = NULL;
+ poly.num_uids = 0;
+
+ /*
+ * skip the leading white space
+ */
+ while (*line && isspace(*line))
+ line++;
+
+ /*
+ * Rip off the comments
+ */
+ tptr = strchr(line,'#');
+ if (tptr)
+ *tptr = '\0';
+
+ /*
+ * Rip off the newline char
+ */
+ tptr = strchr(line,'\n');
+ if (tptr)
+ *tptr = '\0';
+
+ /*
+ * Anything left ?
+ */
+ if (line[0] == 0)
+ return 0;
+
+ /*
+ * Initialize and scan the five strings from the line from the
+ * namespace configuration file.
+ */
+ dir = strtok_r(line, " \t", &tptr);
+ if (dir == NULL) {
+ pam_syslog(idata->pamh, LOG_NOTICE, "Invalid line missing polydir");
+ goto skipping;
+ }
+ instance_prefix = strtok_r(NULL, " \t", &tptr);
+ if (instance_prefix == NULL) {
+ pam_syslog(idata->pamh, LOG_NOTICE, "Invalid line missing instance_prefix");
+ goto skipping;
+ }
+ method = strtok_r(NULL, " \t", &tptr);
+ if (method == NULL) {
+ pam_syslog(idata->pamh, LOG_NOTICE, "Invalid line missing method");
+ goto skipping;
+ }
+
+ /*
+ * Only the uids field is allowed to be blank, to indicate no
+ * override users for polyinstantiation of that directory. If
+ * any of the other fields are blank, the line is incomplete so
+ * skip it.
+ */
+ uids = strtok_r(NULL, " \t", &tptr);
+
+ /*
+ * If the directory being polyinstantiated is the home directory
+ * of the user who is establishing a session, we have to swap
+ * the "$HOME" string with the user's home directory that is
+ * passed in as an argument.
+ */
+ if (strcmp(dir, "$HOME") == 0) {
+ dir = home;
+ }
+
+ /*
+ * Expand $HOME and $USER in instance dir prefix
+ */
+ if ((tptr = strstr(instance_prefix, "$USER")) != 0) {
+ /* FIXME: should only support this if method is USER or BOTH */
+ char *expanded = alloca(strlen(idata->user) + strlen(instance_prefix)-5+1);
+ *tptr = 0;
+ sprintf(expanded, "%s%s%s", instance_prefix, idata->user, tptr+5);
+ instance_prefix = expanded;
+ }
+ if ((tptr = strstr(instance_prefix, "$HOME")) != 0) {
+ char *expanded = alloca(strlen(home)+strlen(instance_prefix)-5+1);
+ *tptr = 0;
+ sprintf(expanded, "%s%s%s", instance_prefix, home, tptr+5);
+ instance_prefix = expanded;
+ }
+
+ /*
+ * Ensure that all pathnames are absolute path names.
+ */
+ if ((dir[0] != '/') || (instance_prefix[0] != '/')) {
+ pam_syslog(idata->pamh, LOG_NOTICE,"Pathnames must start with '/'");
+ goto skipping;
+ }
+ if (strstr(dir, "..") || strstr(instance_prefix, "..")) {
+ pam_syslog(idata->pamh, LOG_NOTICE,"Pathnames must not contain '..'");
+ goto skipping;
+ }
+
+ /*
+ * Populate polyinstantiated directory structure with appropriate
+ * pathnames and the method with which to polyinstantiate.
+ */
+ if (strlen(dir) >= sizeof(poly.dir)
+ || strlen(instance_prefix) >= sizeof(poly.instance_prefix)) {
+ pam_syslog(idata->pamh, LOG_NOTICE, "Pathnames too long");
+ }
+ strcpy(poly.dir, dir);
+ strcpy(poly.instance_prefix, instance_prefix);
+ if (strcmp(method, "user") == 0)
+ poly.method = USER;
+#ifdef WITH_SELINUX
+ else if (strcmp(method, "context") == 0) {
+ if (idata->flags & PAMNS_CTXT_BASED_INST)
+ poly.method = CONTEXT;
+ else
+ poly.method = USER;
+ } else if (strcmp(method, "both") == 0) {
+ if (idata->flags & PAMNS_CTXT_BASED_INST)
+ poly.method = BOTH;
+ else
+ poly.method = USER;
+ }
+
+#endif
+ else {
+ pam_syslog(idata->pamh, LOG_NOTICE, "Illegal method");
+ goto skipping;
+ }
+
+ /*
+ * If the line in namespace.conf for a directory to polyinstantiate
+ * contains a list of override users (users for whom polyinstantiation
+ * is not performed), read the user ids, convert names into uids, and
+ * add to polyinstantiated directory structure.
+ */
+ if (uids) {
+ uid_t *uidptr;
+ const char *ustr, *sstr;
+ int count, i;
+
+ for (count = 0, ustr = sstr = uids; sstr; ustr = sstr + 1, count++)
+ sstr = strchr(ustr, ',');
+
+ poly.num_uids = count;
+ poly.uid = (uid_t *) malloc(count * sizeof (uid_t));
+ uidptr = poly.uid;
+ if (uidptr == NULL) {
+ pam_syslog(idata->pamh, LOG_NOTICE, "out of memory");
+ goto skipping;
+ }
+
+ ustr = uids;
+ for (i = 0; i < count; i++) {
+ struct passwd *pwd;
+
+ tptr = strchr(ustr, ',');
+ if (tptr)
+ *tptr = '\0';
+
+ pwd = pam_modutil_getpwnam(idata->pamh, ustr);
+ *uidptr = pwd->pw_uid;
+ if (i < count - 1) {
+ ustr = tptr + 1;
+ uidptr++;
+ }
+ }
+ }
+
+ /*
+ * Add polyinstantiated directory structure to the linked list
+ * of all polyinstantiated directory structures.
+ */
+ if (add_polydir_entry(idata, &poly) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR, "Allocation Error");
+ retval = PAM_SERVICE_ERR;
+ }
+ free(poly.uid);
+
+ goto out;
+
+skipping:
+ if (idata->flags & PAMNS_IGN_CONFIG_ERR)
+ retval = 0;
+ else
+ retval = PAM_SERVICE_ERR;
+out:
+ return retval;
+}
+
+
+/*
+ * Parses /etc/security/namespace.conf file to build a linked list of
+ * polyinstantiated directory structures of type polydir_s. Each entry
+ * in the linked list contains information needed to polyinstantiate
+ * one directory.
+ */
+static int parse_config_file(struct instance_data *idata)
+{
+ FILE *fil;
+ char *home;
+ struct passwd *cpwd;
+ char *line = NULL;
+ int retval;
+ size_t len = 0;
+
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG, "Parsing config file %s",
+ PAM_NAMESPACE_CONFIG);
+
+ /*
+ * Extract the user's home directory to resolve $HOME entries
+ * in the namespace configuration file.
+ */
+ cpwd = pam_modutil_getpwnam(idata->pamh, idata->user);
+ if (!cpwd) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Error getting home dir for '%s'", idata->user);
+ return PAM_SESSION_ERR;
+ }
+ home = strdupa(cpwd->pw_dir);
+
+ /*
+ * Open configuration file, read one line at a time and call
+ * process_line to process each line.
+ */
+ fil = fopen(PAM_NAMESPACE_CONFIG, "r");
+ if (fil == NULL) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error opening config file");
+ return PAM_SERVICE_ERR;
+ }
+
+ /* Use unlocked IO */
+ __fsetlocking(fil, FSETLOCKING_BYCALLER);
+
+ /* loop reading the file */
+ while (getline(&line, &len, fil) > 0) {
+ retval = process_line(line, home, idata);
+ if (retval) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Error processing conf file line %s", line);
+ fclose(fil);
+ free(line);
+ return PAM_SERVICE_ERR;
+ }
+ }
+ fclose(fil);
+ free(line);
+
+ /* All done...just some debug stuff */
+ if (idata->flags & PAMNS_DEBUG) {
+ struct polydir_s *dptr = idata->polydirs_ptr;
+ uid_t *iptr;
+ uid_t i;
+
+ pam_syslog(idata->pamh, LOG_DEBUG,
+ dptr?"Configured poly dirs:":"No configured poly dirs");
+ while (dptr) {
+ pam_syslog(idata->pamh, LOG_DEBUG, "dir='%s' iprefix='%s' meth=%d",
+ dptr->dir, dptr->instance_prefix, dptr->method);
+ for (i = 0, iptr = dptr->uid; i < dptr->num_uids; i++, iptr++)
+ pam_syslog(idata->pamh, LOG_DEBUG, "override user %d ", *iptr);
+ dptr = dptr->next;
+ }
+ }
+
+ return PAM_SUCCESS;
+}
+
+
+/*
+ * This funtion returns true if a given uid is present in the polyinstantiated
+ * directory's list of override uids. If the uid is one of the override
+ * uids for the polyinstantiated directory, polyinstantiation is not
+ * performed for that user for that directory.
+ */
+static int ns_override(struct polydir_s *polyptr, struct instance_data *idata)
+{
+ unsigned int i;
+
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
+ "Checking for ns override in dir %s for uid %d",
+ polyptr->dir, idata->uid);
+
+ for (i = 0; i < polyptr->num_uids; i++) {
+ if (idata->uid == polyptr->uid[i]) {
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+#ifdef WITH_SELINUX
+static int form_context(const struct polydir_s *polyptr,
+ security_context_t *i_context, security_context_t *origcon,
+ struct instance_data *idata)
+{
+ int rc = PAM_SUCCESS;
+ security_context_t scon = NULL;
+ security_class_t tclass;
+
+ /*
+ * Get the security context of the directory to polyinstantiate.
+ */
+ rc = getfilecon(polyptr->dir, origcon);
+ if (rc < 0 || *origcon == NULL) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Error getting poly dir context, %m");
+ return PAM_SESSION_ERR;
+ }
+
+ /*
+ * If polyinstantiating based on security context, get current
+ * process security context, get security class for directories,
+ * and ask the policy to provide security context of the
+ * polyinstantiated instance directory.
+ */
+ if ((polyptr->method == CONTEXT) || (polyptr->method == BOTH)) {
+ rc = getexeccon(&scon);
+ if (rc < 0 || scon == NULL) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Error getting exec context, %m");
+ return PAM_SESSION_ERR;
+ }
+ tclass = string_to_security_class("dir");
+
+ if (security_compute_member(scon, *origcon, tclass,
+ i_context) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Error computing poly dir member context");
+ freecon(scon);
+ return PAM_SESSION_ERR;
+ } else if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
+ "member context returned by policy %s", *i_context);
+ freecon(scon);
+ }
+ return PAM_SUCCESS;
+}
+#endif
+
+/*
+ * poly_name returns the name of the polyinstantiated instance directory
+ * based on the method used for polyinstantiation (user, context or both)
+ * In addition, the function also returns the security contexts of the
+ * original directory to polyinstantiate and the polyinstantiated instance
+ * directory.
+ */
+#ifdef WITH_SELINUX
+static int poly_name(const struct polydir_s *polyptr, char **i_name,
+ security_context_t *i_context, security_context_t *origcon,
+ struct instance_data *idata)
+#else
+static int poly_name(const struct polydir_s *polyptr, char **i_name,
+ struct instance_data *idata)
+#endif
+{
+ int rc;
+
+# ifdef WITH_SELINUX
+ rc = form_context(polyptr, i_context, origcon, idata);
+#endif
+ rc = PAM_SUCCESS;
+
+ /*
+ * Set the name of the polyinstantiated instance dir based on the
+ * polyinstantiation method.
+ */
+ switch (polyptr->method) {
+ case USER:
+ if (asprintf(i_name, "%s", idata->user) < 0) {
+ *i_name = NULL;
+ rc = PAM_SESSION_ERR;
+ }
+ break;
+
+#ifdef WITH_SELINUX
+ case CONTEXT:
+ if (asprintf(i_name, "%s", *i_context) < 0) {
+ *i_name = NULL;
+ rc = PAM_SESSION_ERR;
+ }
+ break;
+
+ case BOTH:
+ if (asprintf(i_name, "%s_%s", *i_context, idata->user) < 0) {
+ *i_name = NULL;
+ rc = PAM_SESSION_ERR;
+ }
+ break;
+#endif /* WITH_SELINUX */
+
+ default:
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_ERR, "Unknown method");
+ rc = PAM_SESSION_ERR;
+ }
+
+ if ((idata->flags & PAMNS_DEBUG) && rc == PAM_SUCCESS)
+ pam_syslog(idata->pamh, LOG_DEBUG, "poly_name %s", *i_name);
+
+ return rc;
+}
+
+static int check_inst_parent(char *ipath, struct instance_data *idata)
+{
+ struct stat instpbuf;
+ char *inst_parent, *trailing_slash;
+ /*
+ * stat the instance parent path to make sure it exists
+ * and is a directory. Check that its mode is 000 (unless the
+ * admin explicitly instructs to ignore the instance parent
+ * mode by the "ignore_instance_parent_mode" argument).
+ */
+ inst_parent = (char *) malloc(strlen(ipath)+1);
+ if (!inst_parent) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error allocating pathname string");
+ return PAM_SESSION_ERR;
+ }
+
+ strcpy(inst_parent, ipath);
+ trailing_slash = strrchr(inst_parent, '/');
+ if (trailing_slash)
+ *trailing_slash = '\0';
+
+ if (stat(inst_parent, &instpbuf) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error stating %s, %m", inst_parent);
+ free(inst_parent);
+ return PAM_SESSION_ERR;
+ }
+
+ /*
+ * Make sure we are dealing with a directory
+ */
+ if (!S_ISDIR(instpbuf.st_mode)) {
+ pam_syslog(idata->pamh, LOG_ERR, "Instance parent %s is not a dir",
+ inst_parent);
+ free(inst_parent);
+ return PAM_SESSION_ERR;
+ }
+
+ if ((idata->flags & PAMNS_IGN_INST_PARENT_MODE) == 0) {
+ if (instpbuf.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) {
+ pam_syslog(idata->pamh, LOG_ERR, "Mode of inst parent %s not 000",
+ inst_parent);
+ free(inst_parent);
+ return PAM_SESSION_ERR;
+ }
+ }
+ free(inst_parent);
+ return PAM_SUCCESS;
+}
+
+/*
+* Check to see if there is a namespace initialization script in
+* the /etc/security directory. If such a script exists
+* execute it and pass directory to polyinstantiate and instance
+* directory as arguments.
+*/
+static int inst_init(const struct polydir_s *polyptr, char *ipath,
+ struct instance_data *idata)
+{
+ pid_t rc, pid;
+ sighandler_t osighand = NULL;
+ int status;
+
+ osighand = signal(SIGCHLD, SIG_DFL);
+ if (osighand == SIG_ERR) {
+ pam_syslog(idata->pamh, LOG_ERR, "Cannot set signal value");
+ rc = PAM_SESSION_ERR;
+ goto out;
+ }
+
+ if (access(NAMESPACE_INIT_SCRIPT, F_OK) == 0) {
+ if (access(NAMESPACE_INIT_SCRIPT, X_OK) < 0) {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Namespace init script not executable");
+ rc = PAM_SESSION_ERR;
+ goto out;
+ } else {
+ pid = fork();
+ if (pid == 0) {
+#ifdef WITH_SELINUX
+ if (idata->flags & PAMNS_SELINUX_ENABLED) {
+ if (setexeccon(NULL) < 0)
+ exit(1);
+ }
+#endif
+ if (execl(NAMESPACE_INIT_SCRIPT, NAMESPACE_INIT_SCRIPT,
+ polyptr->dir, ipath, (char *)NULL) < 0)
+ exit(1);
+ } else if (pid > 0) {
+ while (((rc = waitpid(pid, &status, 0)) == (pid_t)-1) &&
+ (errno == EINTR));
+ if (rc == (pid_t)-1) {
+ pam_syslog(idata->pamh, LOG_ERR, "waitpid failed- %m");
+ rc = PAM_SESSION_ERR;
+ goto out;
+ }
+ if (!WIFEXITED(status) || WIFSIGNALED(status) > 0) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Error initializing instance");
+ rc = PAM_SESSION_ERR;
+ goto out;
+ }
+ } else if (pid < 0) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Cannot fork to run namespace init script, %m");
+ rc = PAM_SESSION_ERR;
+ goto out;
+ }
+ }
+ }
+ rc = PAM_SUCCESS;
+out:
+ (void) signal(SIGCHLD, osighand);
+
+ return rc;
+}
+
+/*
+ * Create polyinstantiated instance directory (ipath).
+ */
+#ifdef WITH_SELINUX
+static int create_dirs(const struct polydir_s *polyptr, char *ipath,
+ security_context_t icontext, security_context_t ocontext,
+ struct instance_data *idata)
+#else
+static int create_dirs(const struct polydir_s *polyptr, char *ipath,
+ struct instance_data *idata)
+#endif
+{
+ struct stat statbuf, newstatbuf;
+ int rc, fd;
+
+ /*
+ * stat the directory to polyinstantiate, so its owner-group-mode
+ * can be propagated to instance directory
+ */
+ rc = PAM_SUCCESS;
+ if (stat(polyptr->dir, &statbuf) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error stating %s, %m",
+ polyptr->dir);
+ return PAM_SESSION_ERR;
+ }
+
+ /*
+ * Make sure we are dealing with a directory
+ */
+ if (!S_ISDIR(statbuf.st_mode)) {
+ pam_syslog(idata->pamh, LOG_ERR, "poly dir %s is not a dir",
+ polyptr->dir);
+ return PAM_SESSION_ERR;
+ }
+
+ /*
+ * Check to make sure instance parent is valid.
+ */
+ if (check_inst_parent(ipath, idata))
+ return PAM_SESSION_ERR;
+
+ /*
+ * Create instance directory and set its security context to the context
+ * returned by the security policy. Set its mode and ownership
+ * attributes to match that of the original directory that is being
+ * polyinstantiated.
+ */
+ if (mkdir(ipath, S_IRUSR) < 0) {
+ if (errno == EEXIST)
+ goto inst_init;
+ else {
+ pam_syslog(idata->pamh, LOG_ERR, "Error creating %s, %m",
+ ipath);
+ return PAM_SESSION_ERR;
+ }
+ }
+
+ /* Open a descriptor to it to prevent races */
+ fd = open(ipath, O_DIRECTORY | O_RDONLY);
+ if (fd < 0) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error opening %s, %m", ipath);
+ rmdir(ipath);
+ return PAM_SESSION_ERR;
+ }
+#ifdef WITH_SELINUX
+ /* If SE Linux is disabled, no need to label it */
+ if (idata->flags & PAMNS_SELINUX_ENABLED) {
+ /* If method is USER, icontext is NULL */
+ if (icontext) {
+ if (fsetfilecon(fd, icontext) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Error setting context of %s to %s", ipath, icontext);
+ close(fd);
+ rmdir(ipath);
+ return PAM_SESSION_ERR;
+ }
+ } else {
+ if (fsetfilecon(fd, ocontext) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Error setting context of %s to %s", ipath, ocontext);
+ close(fd);
+ rmdir(ipath);
+ return PAM_SESSION_ERR;
+ }
+ }
+ }
+#endif
+ if (fstat(fd, &newstatbuf) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error stating %s, %m",
+ ipath);
+ rmdir(ipath);
+ return PAM_SESSION_ERR;
+ }
+ if (newstatbuf.st_uid != statbuf.st_uid ||
+ newstatbuf.st_gid != statbuf.st_gid) {
+ if (fchown(fd, statbuf.st_uid, statbuf.st_gid) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Error changing owner for %s, %m",
+ ipath);
+ close(fd);
+ rmdir(ipath);
+ return PAM_SESSION_ERR;
+ }
+ }
+ if (fchmod(fd, statbuf.st_mode & 07777) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error changing mode for %s, %m",
+ ipath);
+ close(fd);
+ rmdir(ipath);
+ return PAM_SESSION_ERR;
+ }
+ close(fd);
+
+ /*
+ * Check to see if there is a namespace initialization script in
+ * the /etc/security directory. If such a script exists
+ * execute it and pass directory to polyinstantiate and instance
+ * directory as arguments.
+ */
+
+inst_init:
+ rc = inst_init(polyptr, ipath, idata);
+ return rc;
+}
+
+
+/*
+ * md5hash generates a hash of the passed in instance directory name.
+ */
+static int md5hash(char **instname, struct instance_data *idata)
+{
+ int i;
+ char *md5inst = NULL;
+ char *to;
+ unsigned char inst_digest[MD5_DIGEST_LENGTH];
+
+ /*
+ * Create MD5 hashes for instance pathname.
+ */
+
+ MD5((unsigned char *)*instname, strlen(*instname), inst_digest);
+
+ if ((md5inst = malloc(MD5_DIGEST_LENGTH * 2 + 1)) == NULL) {
+ pam_syslog(idata->pamh, LOG_ERR, "Unable to allocate buffer");
+ return PAM_SESSION_ERR;
+ }
+
+ to = md5inst;
+ for (i = 0; i < MD5_DIGEST_LENGTH; i++) {
+ snprintf(to, 3, "%02x", (unsigned int)inst_digest[i]);
+ to += 3;
+ }
+
+ free(*instname);
+ *instname = md5inst;
+
+ return PAM_SUCCESS;
+}
+
+/*
+ * This function performs the namespace setup for a particular directory
+ * that is being polyinstantiated. It creates an MD5 hash of instance
+ * directory, calls create_dirs to create it with appropriate
+ * security attributes, and performs bind mount to setup the process
+ * namespace.
+ */
+static int ns_setup(const struct polydir_s *polyptr,
+ struct instance_data *idata)
+{
+ int retval = 0;
+ char *inst_dir = NULL;
+ char *instname = NULL;
+ char *dir;
+#ifdef WITH_SELINUX
+ security_context_t instcontext = NULL, origcontext = NULL;
+#endif
+
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
+ "Set namespace for directory %s", polyptr->dir);
+
+ dir = strrchr(polyptr->dir, '/');
+ if (dir && strlen(dir) > 1)
+ dir++;
+
+ /*
+ * Obtain the name of instance pathname based on the
+ * polyinstantiation method and instance context returned by
+ * security policy.
+ */
+#ifdef WITH_SELINUX
+ retval = poly_name(polyptr, &instname, &instcontext,
+ &origcontext, idata);
+#else
+ retval = poly_name(polyptr, &instname, idata);
+#endif
+
+ if (retval) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error getting instance name");
+ goto error_out;
+ } else {
+#ifdef WITH_SELINUX
+ if ((idata->flags & PAMNS_DEBUG) &&
+ (idata->flags & PAMNS_SELINUX_ENABLED))
+ pam_syslog(idata->pamh, LOG_DEBUG, "Inst ctxt %s Orig ctxt %s",
+ instcontext, origcontext);
+#endif
+ }
+
+ if (idata->flags & PAMNS_GEN_HASH) {
+ retval = md5hash(&instname, idata);
+ if (retval < 0) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error generating md5 hash");
+ goto error_out;
+ }
+ }
+
+ if (asprintf(&inst_dir, "%s%s", polyptr->instance_prefix, instname) < 0)
+ goto error_out;
+
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG, "instance_dir %s",
+ inst_dir);
+
+ /*
+ * Create instance directory with appropriate security
+ * contexts, owner, group and mode bits.
+ */
+#ifdef WITH_SELINUX
+ retval = create_dirs(polyptr, inst_dir, instcontext,
+ origcontext, idata);
+#else
+ retval = create_dirs(polyptr, inst_dir, idata);
+#endif
+
+ if (retval < 0) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error creating instance dir");
+ goto error_out;
+ }
+
+ /*
+ * Bind mount instance directory on top of the polyinstantiated
+ * directory to provide an instance of polyinstantiated directory
+ * based on polyinstantiated method.
+ */
+ if (mount(inst_dir, polyptr->dir, NULL, MS_BIND, NULL) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR, "Error mounting %s on %s, %m",
+ inst_dir, polyptr->dir);
+ goto error_out;
+ }
+
+ goto cleanup;
+
+ /*
+ * various error exit points. Free allocated memory and set return
+ * value to indicate a pam session error.
+ */
+error_out:
+ retval = PAM_SESSION_ERR;
+
+cleanup:
+ free(inst_dir);
+ free(instname);
+#ifdef WITH_SELINUX
+ freecon(instcontext);
+ freecon(origcontext);
+#endif
+ return retval;
+}
+
+
+/*
+ * This function checks to see if the current working directory is
+ * inside the directory passed in as the first argument.
+ */
+static int cwd_in(char *dir, struct instance_data *idata)
+{
+ int retval = 0;
+ char cwd[PATH_MAX];
+
+ if (getcwd(cwd, PATH_MAX) == NULL) {
+ pam_syslog(idata->pamh, LOG_ERR, "Can't get current dir, %m");
+ return -1;
+ }
+
+ if (strncmp(cwd, dir, strlen(dir)) == 0) {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG, "cwd is inside %s", dir);
+ retval = 1;
+ } else {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG, "cwd is outside %s", dir);
+ }
+
+ return retval;
+}
+
+
+/*
+ * This function checks to see if polyinstantiation is needed for any
+ * of the directories listed in the configuration file. If needed,
+ * cycles through all polyinstantiated directory entries and calls
+ * ns_setup to setup polyinstantiation for each one of them.
+ */
+static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt)
+{
+ int retval = 0, need_poly = 0, changing_dir = 0;
+ char *cptr, *fptr, poly_parent[PATH_MAX];
+ struct polydir_s *pptr;
+
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG, "Set up namespace for pid %d",
+ getpid());
+
+ /*
+ * Cycle through all polyinstantiated directory entries to see if
+ * polyinstantiation is needed at all.
+ */
+ for (pptr = idata->polydirs_ptr; pptr; pptr = pptr->next) {
+ if (ns_override(pptr, idata)) {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
+ "Overriding poly for user %d for dir %s",
+ idata->uid, pptr->dir);
+ continue;
+ } else {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
+ "Need poly ns for user %d for dir %s",
+ idata->uid, pptr->dir);
+ need_poly = 1;
+ break;
+ }
+ }
+
+ /*
+ * If polyinstnatiation is needed, call the unshare system call to
+ * disassociate from the parent namespace.
+ */
+ if (need_poly) {
+ if (unshare(CLONE_NEWNS) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Unable to unshare from parent namespace, %m");
+ return PAM_SESSION_ERR;
+ }
+ } else
+ return PAM_SUCCESS;
+
+ /*
+ * Again cycle through all polyinstantiated directories, this time,
+ * call ns_setup to setup polyinstantiation for a particular entry.
+ */
+ for (pptr = idata->polydirs_ptr; pptr; pptr = pptr->next) {
+ if (ns_override(pptr, idata))
+ continue;
+ else {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
+ "Setting poly ns for user %d for dir %s",
+ idata->uid, pptr->dir);
+
+ if ((unmnt == UNMNT_REMNT) || (unmnt == UNMNT_ONLY)) {
+ /*
+ * Check to see if process current directory is in the
+ * bind mounted instance_parent directory that we are trying to
+ * umount
+ */
+ if ((changing_dir = cwd_in(pptr->dir, idata)) < 0) {
+ return PAM_SESSION_ERR;
+ } else if (changing_dir) {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG, "changing cwd");
+
+ /*
+ * Change current working directory to the parent of
+ * the mount point, that is parent of the orig
+ * directory where original contents of the polydir
+ * are available from
+ */
+ strcpy(poly_parent, pptr->dir);
+ fptr = strchr(poly_parent, '/');
+ cptr = strrchr(poly_parent, '/');
+ if (fptr && cptr && (fptr == cptr))
+ strcpy(poly_parent, "/");
+ else if (cptr)
+ *cptr = '\0';
+ if (chdir(poly_parent) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR,
+ "Can't chdir to %s, %m", poly_parent);
+ }
+ }
+
+ if (umount(pptr->dir) < 0) {
+ int saved_errno = errno;
+ pam_syslog(idata->pamh, LOG_ERR, "Unmount of %s failed, %m",
+ pptr->dir);
+ if (saved_errno != EINVAL)
+ return PAM_SESSION_ERR;
+ } else if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG, "Umount succeeded %s",
+ pptr->dir);
+ }
+
+ if (unmnt != UNMNT_ONLY) {
+ retval = ns_setup(pptr, idata);
+ if (retval != PAM_SUCCESS)
+ break;
+ }
+ }
+ }
+
+ return retval;
+}
+
+
+/*
+ * Orig namespace. This function is called from when closing a pam
+ * session. If authorized, it unmounts instance directory.
+ */
+static int orig_namespace(struct instance_data *idata)
+{
+ struct polydir_s *pptr;
+
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG, "orig namespace for pid %d",
+ getpid());
+
+ /*
+ * Cycle through all polyinstantiated directories from the namespace
+ * configuration file to see if polyinstantiation was performed for
+ * this user for each of the entry. If it was, try and unmount
+ * appropriate polyinstantiated instance directories.
+ */
+ for (pptr = idata->polydirs_ptr; pptr; pptr = pptr->next) {
+ if (ns_override(pptr, idata))
+ continue;
+ else {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
+ "Unmounting instance dir for user %d & dir %s",
+ idata->uid, pptr->dir);
+
+ if (umount(pptr->dir) < 0) {
+ pam_syslog(idata->pamh, LOG_ERR, "Unmount of %s failed, %m",
+ pptr->dir);
+ return PAM_SESSION_ERR;
+ } else if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG, "Unmount of %s succeeded",
+ pptr->dir);
+ }
+ }
+ return 0;
+}
+
+
+#ifdef WITH_SELINUX
+/*
+ * This function checks if the calling program has requested context
+ * change by calling setexeccon(). If context change is not requested
+ * then it does not make sense to polyinstantiate based on context.
+ * The return value from this function is used when selecting the
+ * polyinstantiation method. If context change is not requested then
+ * the polyinstantiation method is set to USER, even if the configuration
+ * file lists the method as "context" or "both".
+ */
+static int ctxt_based_inst_needed(void)
+{
+ security_context_t scon = NULL;
+ int rc = 0;
+
+ rc = getexeccon(&scon);
+ if (rc < 0 || scon == NULL)
+ return 0;
+ else {
+ freecon(scon);
+ return 1;
+ }
+}
+#endif
+
+
+/*
+ * Entry point from pam_open_session call.
+ */
+PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ int i, retval;
+ struct instance_data idata;
+ char *user_name;
+ struct passwd *pwd;
+ enum unmnt_op unmnt = NO_UNMNT;
+
+ /* init instance data */
+ idata.flags = 0;
+ idata.polydirs_ptr = NULL;
+ idata.pamh = pamh;
+#ifdef WITH_SELINUX
+ if (is_selinux_enabled())
+ idata.flags |= PAMNS_SELINUX_ENABLED;
+ if (ctxt_based_inst_needed())
+ idata.flags |= PAMNS_CTXT_BASED_INST;
+#endif
+
+ /* Parse arguments. */
+ for (i = 0; i < argc; i++) {
+ if (strcmp(argv[i], "debug") == 0)
+ idata.flags |= PAMNS_DEBUG;
+ if (strcmp(argv[i], "gen_hash") == 0)
+ idata.flags |= PAMNS_GEN_HASH;
+ if (strcmp(argv[i], "ignore_config_error") == 0)
+ idata.flags |= PAMNS_IGN_CONFIG_ERR;
+ if (strcmp(argv[i], "ignore_instance_parent_mode") == 0)
+ idata.flags |= PAMNS_IGN_INST_PARENT_MODE;
+ if (strcmp(argv[i], "unmnt_remnt") == 0)
+ unmnt = UNMNT_REMNT;
+ if (strcmp(argv[i], "unmnt_only") == 0)
+ unmnt = UNMNT_ONLY;
+ if (strcmp(argv[i], "require_selinux") == 0) {
+ if (~(idata.flags & PAMNS_SELINUX_ENABLED)) {
+ pam_syslog(idata.pamh, LOG_ERR,
+ "selinux_required option given and selinux is disabled");
+ return PAM_SESSION_ERR;
+ }
+ }
+ }
+ if (idata.flags & PAMNS_DEBUG)
+ pam_syslog(idata.pamh, LOG_DEBUG, "open_session - start");
+
+ /*
+ * Lookup user and fill struct items
+ */
+ retval = pam_get_item(idata.pamh, PAM_USER, (void*) &user_name );
+ if ( user_name == NULL || retval != PAM_SUCCESS ) {
+ pam_syslog(idata.pamh, LOG_ERR, "Error recovering pam user name");
+ return PAM_SESSION_ERR;
+ }
+
+ pwd = pam_modutil_getpwnam(idata.pamh, user_name);
+ if (!pwd) {
+ pam_syslog(idata.pamh, LOG_ERR, "user unknown '%s'", user_name);
+ return PAM_SESSION_ERR;
+ }
+
+ /*
+ * Add the user info to the instance data so we can refer to them later.
+ */
+ idata.user[0] = 0;
+ strncat(idata.user, user_name, sizeof(idata.user) - 1);
+ idata.uid = pwd->pw_uid;
+
+ /*
+ * Parse namespace configuration file which lists directories to
+ * polyinstantiate, directory where instance directories are to
+ * be created and the method used for polyinstantiation.
+ */
+ retval = parse_config_file(&idata);
+ if (retval != PAM_SUCCESS) {
+ del_polydir_list(idata.polydirs_ptr);
+ return PAM_SESSION_ERR;
+ }
+
+ if (idata.polydirs_ptr) {
+ retval = setup_namespace(&idata, unmnt);
+ if (idata.flags & PAMNS_DEBUG) {
+ if (retval)
+ pam_syslog(idata.pamh, LOG_DEBUG,
+ "namespace setup failed for pid %d", getpid());
+ else
+ pam_syslog(idata.pamh, LOG_DEBUG,
+ "namespace setup ok for pid %d", getpid());
+ }
+ } else if (idata.flags & PAMNS_DEBUG)
+ pam_syslog(idata.pamh, LOG_DEBUG, "Nothing to polyinstantiate");
+
+ del_polydir_list(idata.polydirs_ptr);
+ return retval;
+}
+
+
+/*
+ * Entry point from pam_close_session call.
+ */
+PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ int i, retval;
+ struct instance_data idata;
+ char *user_name;
+ struct passwd *pwd;
+
+ /* init instance data */
+ idata.flags = 0;
+ idata.polydirs_ptr = NULL;
+ idata.pamh = pamh;
+#ifdef WITH_SELINUX
+ if (is_selinux_enabled())
+ idata.flags |= PAMNS_SELINUX_ENABLED;
+ if (ctxt_based_inst_needed())
+ idata.flags |= PAMNS_CTXT_BASED_INST;
+#endif
+
+ /* Parse arguments. */
+ for (i = 0; i < argc; i++) {
+ if (strcmp(argv[i], "debug") == 0)
+ idata.flags |= PAMNS_DEBUG;
+ if (strcmp(argv[i], "ignore_config_error") == 0)
+ idata.flags |= PAMNS_IGN_CONFIG_ERR;
+ }
+
+ if (idata.flags & PAMNS_DEBUG)
+ pam_syslog(idata.pamh, LOG_DEBUG, "close_session - start");
+
+ /*
+ * Lookup user and fill struct items
+ */
+ retval = pam_get_item(idata.pamh, PAM_USER, (void*) &user_name );
+ if ( user_name == NULL || retval != PAM_SUCCESS ) {
+ pam_syslog(idata.pamh, LOG_ERR, "Error recovering pam user name");
+ return PAM_SESSION_ERR;
+ }
+
+ pwd = pam_modutil_getpwnam(idata.pamh, user_name);
+ if (!pwd) {
+ pam_syslog(idata.pamh, LOG_ERR, "user unknown '%s'", user_name);
+ return PAM_SESSION_ERR;
+ }
+
+ /*
+ * Add the user info to the instance data so we can refer to them later.
+ */
+ idata.user[0] = 0;
+ strncat(idata.user, user_name, sizeof(idata.user) - 1);
+ idata.uid = pwd->pw_uid;
+
+ /*
+ * Parse namespace configuration file which lists directories that
+ * are polyinstantiated, directories where instance directories are
+ * created and the method used for polyinstantiation.
+ */
+ retval = parse_config_file(&idata);
+ if ((retval != PAM_SUCCESS) || !idata.polydirs_ptr) {
+ del_polydir_list(idata.polydirs_ptr);
+ return PAM_SESSION_ERR;
+ }
+
+ if (idata.flags & PAMNS_DEBUG)
+ pam_syslog(idata.pamh, LOG_DEBUG, "Resetting namespace for pid %d",
+ getpid());
+
+ retval = orig_namespace(&idata);
+ if (idata.flags & PAMNS_DEBUG) {
+ if (retval)
+ pam_syslog(idata.pamh, LOG_DEBUG,
+ "resetting namespace failed for pid %d", getpid());
+ else
+ pam_syslog(idata.pamh, LOG_DEBUG,
+ "resetting namespace ok for pid %d", getpid());
+ }
+ del_polydir_list(idata.polydirs_ptr);
+ return PAM_SUCCESS;
+}
+
+#ifdef PAM_STATIC
+
+/* static module data */
+
+struct pam_module _pam_namespace_modstruct = {
+ "pam_namespace",
+ NULL,
+ NULL,
+ NULL,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ NULL
+};
+#endif
diff --git a/Linux-PAM/modules/pam_namespace/pam_namespace.h b/Linux-PAM/modules/pam_namespace/pam_namespace.h
new file mode 100644
index 00000000..c918cff3
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/pam_namespace.h
@@ -0,0 +1,135 @@
+/******************************************************************************
+ * A module for Linux-PAM that will set the default namespace after
+ * establishing a session via PAM.
+ *
+ * (C) Copyright IBM Corporation 2005
+ * (C) Copyright Red Hat 2006
+ * All Rights Reserved.
+ *
+ * Written by: Janak Desai <janak@us.ibm.com>
+ * With Revisions by: Steve Grubb <sgrubb@redhat.com>
+ * Derived from a namespace setup patch by Chad Sellers <cdselle@tycho.nsa.gov>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * on the rights to use, copy, modify, merge, publish, distribute, sub
+ * license, and/or sell copies of the Software, and to permit persons to whom
+ * the Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice (including the next
+ * paragraph) shall be included in all copies or substantial portions of the
+ * Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL
+ * IBM AND/OR THEIR SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ */
+
+#if !(defined(linux))
+#error THIS CODE IS KNOWN TO WORK ONLY ON LINUX !!!
+#endif
+
+#include "config.h"
+
+#include <stdio.h>
+#include <stdio_ext.h>
+#include <unistd.h>
+#include <string.h>
+#include <ctype.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <syslog.h>
+#include <dlfcn.h>
+#include <stdarg.h>
+#include <pwd.h>
+#include <limits.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/resource.h>
+#include <sys/mount.h>
+#include <sys/wait.h>
+#include <libgen.h>
+#include <fcntl.h>
+#include <sched.h>
+#include "security/pam_modules.h"
+#include "security/pam_modutil.h"
+#include "security/pam_ext.h"
+#include "md5.h"
+
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif
+
+#ifndef CLONE_NEWNS
+#define CLONE_NEWNS 0x00020000 /* Flag to create new namespace */
+#endif
+
+/*
+ * Module defines
+ */
+#ifndef PAM_NAMESPACE_CONFIG
+#define PAM_NAMESPACE_CONFIG "/etc/security/namespace.conf"
+#endif
+
+#ifndef NAMESPACE_INIT_SCRIPT
+#define NAMESPACE_INIT_SCRIPT "/etc/security/namespace.init"
+#endif
+
+#define PAMNS_DEBUG 0x00000100 /* Running in debug mode */
+#define PAMNS_SELINUX_ENABLED 0x00000400 /* SELinux is enabled */
+#define PAMNS_CTXT_BASED_INST 0x00000800 /* Context based instance needed */
+#define PAMNS_GEN_HASH 0x00002000 /* Generate md5 hash for inst names */
+#define PAMNS_IGN_CONFIG_ERR 0x00004000 /* Ignore format error in conf file */
+#define PAMNS_IGN_INST_PARENT_MODE 0x00008000 /* Ignore instance parent mode */
+
+/*
+ * Polyinstantiation method options, based on user, security context
+ * or both
+ */
+enum polymethod {
+ USER,
+ CONTEXT,
+ BOTH,
+};
+
+/*
+ * Depending on the application using this namespace module, we
+ * may need to unmount priviously bind mounted instance directory.
+ * Applications such as login and sshd, that establish a new
+ * session unmount of instance directory is not needed. For applications
+ * such as su and newrole, that switch the identity, this module
+ * has to unmount previous instance directory first and re-mount
+ * based on the new indentity. For other trusted applications that
+ * just want to undo polyinstantiation, only unmount of previous
+ * instance directory is needed.
+ */
+enum unmnt_op {
+ NO_UNMNT,
+ UNMNT_REMNT,
+ UNMNT_ONLY,
+};
+
+/*
+ * Structure that holds information about a directory to polyinstantiate
+ */
+struct polydir_s {
+ char dir[PATH_MAX]; /* directory to polyinstantiate */
+ char instance_prefix[PATH_MAX]; /* prefix for instance dir path name */
+ enum polymethod method; /* method used to polyinstantiate */
+ unsigned int num_uids; /* number of override uids */
+ uid_t *uid; /* list of override uids */
+ struct polydir_s *next; /* pointer to the next polydir entry */
+};
+
+struct instance_data {
+ pam_handle_t *pamh; /* The pam handle for this instance */
+ struct polydir_s *polydirs_ptr; /* The linked list pointer */
+ char user[LOGIN_NAME_MAX]; /* User name */
+ uid_t uid; /* The uid of the user */
+ unsigned long flags; /* Flags for debug, selinux etc */
+};
diff --git a/Linux-PAM/modules/pam_namespace/tst-pam_namespace b/Linux-PAM/modules/pam_namespace/tst-pam_namespace
new file mode 100755
index 00000000..c929dfcf
--- /dev/null
+++ b/Linux-PAM/modules/pam_namespace/tst-pam_namespace
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_namespace.so
diff --git a/Linux-PAM/modules/pam_nologin/Makefile b/Linux-PAM/modules/pam_nologin/Makefile
deleted file mode 100644
index 2ad38ffd..00000000
--- a/Linux-PAM/modules/pam_nologin/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:04 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_nologin
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_nologin/Makefile.am b/Linux-PAM/modules/pam_nologin/Makefile.am
new file mode 100644
index 00000000..dc5fe58f
--- /dev/null
+++ b/Linux-PAM/modules/pam_nologin/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_nologin
+
+TESTS = tst-pam_nologin
+
+man_MANS = pam_nologin.8
+XMLS = README.xml pam_nologin.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_nologin.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_nologin.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_nologin/Makefile.in b/Linux-PAM/modules/pam_nologin/Makefile.in
new file mode 100644
index 00000000..162e0f49
--- /dev/null
+++ b/Linux-PAM/modules/pam_nologin/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_nologin
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_nologin_la_LIBADD =
+pam_nologin_la_SOURCES = pam_nologin.c
+pam_nologin_la_OBJECTS = pam_nologin.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_nologin.c
+DIST_SOURCES = pam_nologin.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_nologin
+TESTS = tst-pam_nologin
+man_MANS = pam_nologin.8
+XMLS = README.xml pam_nologin.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_nologin.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_nologin/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_nologin/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_nologin.la: $(pam_nologin_la_OBJECTS) $(pam_nologin_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_nologin_la_OBJECTS) $(pam_nologin_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_nologin.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_nologin.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_nologin/README b/Linux-PAM/modules/pam_nologin/README
index 5de704c3..3ffa591d 100644
--- a/Linux-PAM/modules/pam_nologin/README
+++ b/Linux-PAM/modules/pam_nologin/README
@@ -1,23 +1,41 @@
-# $Id: README,v 1.2 2002/06/27 05:43:28 agmorgan Exp $
-#
+pam_nologin — Prevent non-root users from login
-This module always lets root in; it lets other users in only if the file
-/etc/nologin doesn't exist. In any case, if /etc/nologin exists, it's
-contents are displayed to the user.
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
-The default return value for this module is PAM_IGNORE, you can
-override this with the successok module argument.
+DESCRIPTION
-module services provided:
+pam_nologin is a PAM module that prevents users from logging into the system
+when /etc/nologin exists. The contents of the /etc/nologin file are displayed
+to the user. The pam_nologin module has no effect on the root user's ability to
+log in.
- auth _authenticate and _setcred
- account _acct_mgmt
+OPTIONS
-optional arguments:
+file=/path/nologin
- file=<alternative-nologin-pathname> - choose a different file
- successok - return PAM_SUCCESS if no file
+ Use this file instead the default /etc/nologin.
-[Original README by Michael K. Johnson]
+successok
+ Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE.
+
+EXAMPLES
+
+The suggested usage for /etc/pam.d/login is:
+
+auth required pam_nologin.so
+
+
+NOTES
+
+In order to make this module effective, all login methods should be secured by
+it. It should be used as a required method listed before any sufficient methods
+in order to get standard Unix nologin semantics. Note, the use of successok
+module argument causes the module to return PAM_SUCCESS and as such would break
+such a configuration - failing sufficient modules would lead to a successful
+login because the nologin module succeeded.
+
+AUTHOR
+
+pam_nologin was written by Michael K. Johnson <johnsonm@redhat.com>.
diff --git a/Linux-PAM/modules/pam_nologin/README.xml b/Linux-PAM/modules/pam_nologin/README.xml
new file mode 100644
index 00000000..bc0808e7
--- /dev/null
+++ b/Linux-PAM/modules/pam_nologin/README.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_nologin.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_nologin.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_nologin-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-note"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_nologin.8.xml" xpointer='xpointer(//refsect1[@id = "pam_nologin-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_nologin/pam_nologin.8 b/Linux-PAM/modules/pam_nologin/pam_nologin.8
new file mode 100644
index 00000000..5e502266
--- /dev/null
+++ b/Linux-PAM/modules/pam_nologin/pam_nologin.8
@@ -0,0 +1,96 @@
+.\" Title: pam_nologin
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/04/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_NOLOGIN" "8" "06/04/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_nologin \- Prevent non\-root users from login
+.SH "SYNOPSIS"
+.HP 15
+\fBpam_nologin.so\fR [file=\fI/path/nologin\fR] [successok]
+.SH "DESCRIPTION"
+.PP
+pam_nologin is a PAM module that prevents users from logging into the system when
+\fI/etc/nologin\fR
+exists. The contents of the
+\fI/etc/nologin\fR
+file are displayed to the user. The pam_nologin module has no effect on the root user's ability to log in.
+.SH "OPTIONS"
+.TP 3n
+\fBfile=\fR\fB\fI/path/nologin\fR\fR
+Use this file instead the default
+\fI/etc/nologin\fR.
+.TP 3n
+\fBsuccessok\fR
+Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The
+\fBauth\fR
+and
+\fBacct\fR
+services are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_AUTH_ERR
+The user is not root and
+\fI/etc/nologin\fR
+exists, so the user is not permitted to log in.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_IGNORE
+This is the default return value.
+.TP 3n
+PAM_SUCCESS
+Success: either the user is root or the
+\fI/etc/nologin\fR
+file does not exist.
+.TP 3n
+PAM_USER_UNKNOWN
+User not known to the underlying authentication module.
+.SH "EXAMPLES"
+.PP
+The suggested usage for
+\fI/etc/pam.d/login\fR
+is:
+.sp
+.RS 3n
+.nf
+auth required pam_nologin.so
+
+.fi
+.RE
+.sp
+.SH "NOTES"
+.PP
+In order to make this module effective, all login methods should be secured by it. It should be used as a
+\fIrequired\fR
+method listed before any
+\fIsufficient\fR
+methods in order to get standard Unix nologin semantics. Note, the use of
+\fBsuccessok\fR
+module argument causes the module to return
+\fIPAM_SUCCESS\fR
+and as such would break such a configuration \- failing
+\fIsufficient\fR
+modules would lead to a successful login because the nologin module
+\fIsucceeded\fR.
+.SH "SEE ALSO"
+.PP
+
+\fBnologin\fR(5),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_nologin was written by Michael K. Johnson <johnsonm@redhat.com>.
diff --git a/Linux-PAM/modules/pam_nologin/pam_nologin.8.xml b/Linux-PAM/modules/pam_nologin/pam_nologin.8.xml
new file mode 100644
index 00000000..9710df9d
--- /dev/null
+++ b/Linux-PAM/modules/pam_nologin/pam_nologin.8.xml
@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_nologin">
+
+ <refmeta>
+ <refentrytitle>pam_nologin</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_nologin-name">
+ <refname>pam_nologin</refname>
+ <refpurpose>Prevent non-root users from login</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_nologin-cmdsynopsis">
+ <command>pam_nologin.so</command>
+ <arg choice="opt">
+ file=<replaceable>/path/nologin</replaceable>
+ </arg>
+ <arg choice="opt">
+ successok
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_nologin-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_nologin is a PAM module that prevents users from logging into
+ the system when <filename>/etc/nologin</filename> exists. The contents
+ of the <filename>/etc/nologin</filename> file are displayed to the
+ user. The pam_nologin module has no effect on the root user's ability
+ to log in.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_nologin-options">
+
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>file=<replaceable>/path/nologin</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Use this file instead the default
+ <filename>/etc/nologin</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>successok</option>
+ </term>
+ <listitem>
+ <para>
+ Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_nologin-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The <option>auth</option> and <option>acct</option> services are
+ supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_nologin-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ The user is not root and <filename>/etc/nologin</filename>
+ exists, so the user is not permitted to log in.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>Memory buffer error.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ This is the default return value.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Success: either the user is root or the
+ <filename>/etc/nologin</filename> file does not exist.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known to the underlying authentication module.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_nologin-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ The suggested usage for <filename>/etc/pam.d/login</filename> is:
+ <programlisting>
+auth required pam_nologin.so
+ </programlisting>
+ </para>
+ </refsect1>
+ <refsect1 id='pam_nologin-note'>
+ <title>NOTES</title>
+ <para>
+ In order to make this module effective, all login methods should be
+ secured by it. It should be used as a <emphasis>required</emphasis>
+ method listed before any <emphasis>sufficient</emphasis> methods in
+ order to get standard Unix nologin semantics. Note, the use of
+ <option>successok</option> module argument causes the module to
+ return <emphasis>PAM_SUCCESS</emphasis> and as such would break
+ such a configuration - failing <emphasis>sufficient</emphasis> modules
+ would lead to a successful login because the nologin module
+ <emphasis>succeeded</emphasis>.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_nologin-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_nologin-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_nologin was written by Michael K. Johnson &lt;johnsonm@redhat.com&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_nologin/pam_nologin.c b/Linux-PAM/modules/pam_nologin/pam_nologin.c
index 8e7e124a..570d9dc3 100644
--- a/Linux-PAM/modules/pam_nologin/pam_nologin.c
+++ b/Linux-PAM/modules/pam_nologin/pam_nologin.c
@@ -1,18 +1,21 @@
/* pam_nologin module */
/*
- * $Id: pam_nologin.c,v 1.6 2005/01/07 15:31:26 t8m Exp $
+ * $Id: pam_nologin.c,v 1.11 2005/09/22 22:16:02 ldv Exp $
*
* Written by Michael K. Johnson <johnsonm@redhat.com> 1996/10/24
*
*/
+#include "config.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
+#include <syslog.h>
#include <pwd.h>
#include <security/_pam_macros.h>
@@ -27,8 +30,8 @@
#define PAM_SM_ACCOUNT
#include <security/pam_modules.h>
-
-#include <security/_pam_modutil.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/*
* parse some command line options
@@ -38,8 +41,8 @@ struct opt_s {
const char *nologin_file;
};
-static void parse_args(pam_handle_t *pamh, int argc, const char **argv,
- struct opt_s *opts)
+static void
+parse_args(pam_handle_t *pamh, int argc, const char **argv, struct opt_s *opts)
{
int i;
@@ -51,11 +54,10 @@ static void parse_args(pam_handle_t *pamh, int argc, const char **argv,
for (i=0; i<argc; ++i) {
if (!strcmp("successok", argv[i])) {
opts->retval_when_nofile = PAM_SUCCESS;
- } else if (!memcmp("file=", argv[i], 5)) {
+ } else if (!strncmp("file=", argv[i], 5)) {
opts->nologin_file = argv[i] + 5;
} else {
- /* XXX - ignore for now. Later, we'll use the logging
- function in pammodutils */
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", argv[i]);
}
}
}
@@ -67,41 +69,28 @@ static void parse_args(pam_handle_t *pamh, int argc, const char **argv,
static int perform_check(pam_handle_t *pamh, struct opt_s *opts)
{
const char *username;
- int retval = PAM_SUCCESS;
+ int retval = opts->retval_when_nofile;
int fd;
- retval = opts->retval_when_nofile;
-
if ((pam_get_user(pamh, &username, NULL) != PAM_SUCCESS) || !username) {
+ pam_syslog(pamh, LOG_WARNING, "cannot determine username");
return PAM_USER_UNKNOWN;
}
if ((fd = open(opts->nologin_file, O_RDONLY, 0)) >= 0) {
char *mtmp=NULL;
+ int msg_style = PAM_TEXT_INFO;
struct passwd *user_pwd;
- struct pam_conv *conversation;
- struct pam_message message;
- struct pam_message *pmessage = &message;
- struct pam_response *resp = NULL;
struct stat st;
- user_pwd = _pammodutil_getpwnam(pamh, username);
+ user_pwd = pam_modutil_getpwnam(pamh, username);
if (user_pwd == NULL) {
-
retval = PAM_USER_UNKNOWN;
- message.msg_style = PAM_ERROR_MSG;
-
+ msg_style = PAM_ERROR_MSG;
} else if (user_pwd->pw_uid) {
-
retval = PAM_AUTH_ERR;
- message.msg_style = PAM_ERROR_MSG;
-
- } else {
-
- /* root can still log in; lusers cannot */
- message.msg_style = PAM_TEXT_INFO;
-
+ msg_style = PAM_ERROR_MSG;
}
/* fill in message buffer with contents of /etc/nologin */
@@ -110,31 +99,16 @@ static int perform_check(pam_handle_t *pamh, struct opt_s *opts)
goto clean_up_fd;
}
- message.msg = mtmp = malloc(st.st_size+1);
- if (!message.msg) {
- /* if malloc failed... */
+ mtmp = malloc(st.st_size+1);
+ if (!mtmp) {
+ pam_syslog(pamh, LOG_ERR, "out of memory");
retval = PAM_BUF_ERR;
goto clean_up_fd;
}
- if (_pammodutil_read(fd, mtmp, st.st_size) == st.st_size) {
- mtmp[st.st_size] = '\000';
-
- /*
- * Use conversation function to give user contents
- * of /etc/nologin
- */
-
- if (pam_get_item(pamh, PAM_CONV, (const void **)&conversation)
- == PAM_SUCCESS && conversation && conversation->conv) {
- (void) conversation->conv(1,
- (const struct pam_message **)&pmessage,
- &resp, conversation->appdata_ptr);
-
- if (resp) {
- _pam_drop_reply(resp, 1);
- }
- }
+ if (pam_modutil_read(fd, mtmp, st.st_size) == st.st_size) {
+ mtmp[st.st_size] = '\0';
+ (void) pam_prompt (pamh, msg_style, NULL, "%s", mtmp);
}
else
retval = PAM_SYSTEM_ERR;
@@ -151,9 +125,9 @@ static int perform_check(pam_handle_t *pamh, struct opt_s *opts)
/* --- authentication management functions --- */
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
struct opt_s opts;
@@ -162,9 +136,9 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
return perform_check(pamh, &opts);
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc, const char **argv)
{
struct opt_s opts;
@@ -175,9 +149,9 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
/* --- account management function --- */
-PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
struct opt_s opts;
diff --git a/Linux-PAM/modules/pam_nologin/tst-pam_nologin b/Linux-PAM/modules/pam_nologin/tst-pam_nologin
new file mode 100755
index 00000000..caa91b67
--- /dev/null
+++ b/Linux-PAM/modules/pam_nologin/tst-pam_nologin
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_nologin.so
diff --git a/Linux-PAM/modules/pam_permit/Makefile b/Linux-PAM/modules/pam_permit/Makefile
deleted file mode 100644
index 49f3b3dd..00000000
--- a/Linux-PAM/modules/pam_permit/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:04 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_permit
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_permit/Makefile.am b/Linux-PAM/modules/pam_permit/Makefile.am
new file mode 100644
index 00000000..76e24472
--- /dev/null
+++ b/Linux-PAM/modules/pam_permit/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_permit
+
+man_MANS = pam_permit.8
+XMLS = README.xml pam_permit.8.xml
+
+TESTS = tst-pam_permit
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_permit.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_permit.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_permit/Makefile.in b/Linux-PAM/modules/pam_permit/Makefile.in
new file mode 100644
index 00000000..43df7fdb
--- /dev/null
+++ b/Linux-PAM/modules/pam_permit/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_permit
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_permit_la_LIBADD =
+pam_permit_la_SOURCES = pam_permit.c
+pam_permit_la_OBJECTS = pam_permit.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_permit.c
+DIST_SOURCES = pam_permit.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_permit
+man_MANS = pam_permit.8
+XMLS = README.xml pam_permit.8.xml
+TESTS = tst-pam_permit
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_permit.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_permit/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_permit/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_permit.la: $(pam_permit_la_OBJECTS) $(pam_permit_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_permit_la_OBJECTS) $(pam_permit_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_permit.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_permit.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_permit/README b/Linux-PAM/modules/pam_permit/README
index 52e7364e..e09ec9cf 100644
--- a/Linux-PAM/modules/pam_permit/README
+++ b/Linux-PAM/modules/pam_permit/README
@@ -1,4 +1,30 @@
-# $Id: README,v 1.1.1.1 2000/06/20 22:11:46 agmorgan Exp $
-#
+pam_permit — The promiscuous module
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_permit is a PAM module that always permit access. It does nothing else.
+
+In the case of authentication, the user's name will be set to nobody if the
+application didn't set one. Many applications and PAM modules become confused
+if this name is unknown.
+
+This module is very dangerous. It should be used with extreme caution.
+
+OPTIONS
+
+This module does not recognice any options.
+
+EXAMPLES
+
+Add this line to your other login entries to disable account management, but
+continue to permit users to log in.
+
+account required pam_permit.so
+
+
+AUTHOR
+
+pam_permit was written by Andrew G. Morgan, <morgan@kernel.org>.
-this module always returns PAM_SUCCESS, it ignores all options.
diff --git a/Linux-PAM/modules/pam_permit/README.xml b/Linux-PAM/modules/pam_permit/README.xml
new file mode 100644
index 00000000..acb38b51
--- /dev/null
+++ b/Linux-PAM/modules/pam_permit/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_permit.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_permit.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_permit-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_permit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_permit-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_permit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_permit-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_permit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_permit-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_permit.8.xml" xpointer='xpointer(//refsect1[@id = "pam_permit-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_permit/pam_permit.8 b/Linux-PAM/modules/pam_permit/pam_permit.8
new file mode 100644
index 00000000..ce3c3290
--- /dev/null
+++ b/Linux-PAM/modules/pam_permit/pam_permit.8
@@ -0,0 +1,62 @@
+.\" Title: pam_permit
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/04/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_PERMIT" "8" "06/04/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_permit \- The promiscuous module
+.SH "SYNOPSIS"
+.HP 14
+\fBpam_permit.so\fR
+.SH "DESCRIPTION"
+.PP
+pam_permit is a PAM module that always permit access. It does nothing else.
+.PP
+In the case of authentication, the user's name will be set to
+\fInobody\fR
+if the application didn't set one. Many applications and PAM modules become confused if this name is unknown.
+.PP
+This module is very dangerous. It should be used with extreme caution.
+.SH "OPTIONS"
+.PP
+This module does not recognice any options.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The services
+\fBauth\fR,
+\fBaccount\fR,
+\fBpassword\fR
+and
+\fBsession\fR
+are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+This module always returns this value.
+.SH "EXAMPLES"
+.PP
+Add this line to your other login entries to disable account management, but continue to permit users to log in.
+.sp
+.RS 3n
+.nf
+account required pam_permit.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_permit was written by Andrew G. Morgan, <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_permit/pam_permit.8.xml b/Linux-PAM/modules/pam_permit/pam_permit.8.xml
new file mode 100644
index 00000000..3992f43f
--- /dev/null
+++ b/Linux-PAM/modules/pam_permit/pam_permit.8.xml
@@ -0,0 +1,105 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_permit">
+
+ <refmeta>
+ <refentrytitle>pam_permit</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_permit-name">
+ <refname>pam_permit</refname>
+ <refpurpose>The promiscuous module</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_permit-cmdsynopsis">
+ <command>pam_permit.so</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_permit-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_permit is a PAM module that always permit access. It does
+ nothing else.
+ </para>
+ <para>
+ In the case of authentication, the user's name will be set to
+ <emphasis>nobody</emphasis> if the application didn't set one.
+ Many applications and PAM modules become confused if this name
+ is unknown.
+ </para>
+ <para>
+ This module is very dangerous. It should be used with extreme
+ caution.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_permit-options">
+
+ <title>OPTIONS</title>
+ <para> This module does not recognice any options.</para>
+ </refsect1>
+
+ <refsect1 id="pam_permit-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The services <option>auth</option>, <option>account</option>,
+ <option>password</option> and <option>session</option> are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_permit-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ This module always returns this value.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_permit-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add this line to your other login entries to disable account
+ management, but continue to permit users to log in.
+ <programlisting>
+account required pam_permit.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_permit-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_permit-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_permit was written by Andrew G. Morgan, &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_permit/pam_permit.c b/Linux-PAM/modules/pam_permit/pam_permit.c
index 08d464b8..d85f8d75 100644
--- a/Linux-PAM/modules/pam_permit/pam_permit.c
+++ b/Linux-PAM/modules/pam_permit/pam_permit.c
@@ -1,12 +1,14 @@
/* pam_permit module */
/*
- * $Id: pam_permit.c,v 1.3 2004/09/22 09:37:49 kukuk Exp $
+ * $Id: pam_permit.c,v 1.4 2005/09/17 08:50:29 t8m Exp $
*
* Written by Andrew Morgan <morgan@parc.power.net> 1996/3/11
*
*/
+#include "config.h"
+
#define DEFAULT_USER "nobody"
#include <stdio.h>
@@ -28,9 +30,9 @@
/* --- authentication management functions --- */
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
int retval;
const char *user=NULL;
@@ -54,43 +56,43 @@ int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
return PAM_SUCCESS;
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
/* --- account management functions --- */
-PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
/* --- password management --- */
-PAM_EXTERN
-int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_chauthtok(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
/* --- session management --- */
-PAM_EXTERN
-int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_open_session(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
-PAM_EXTERN
-int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_close_session(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
diff --git a/Linux-PAM/modules/pam_permit/tst-pam_permit b/Linux-PAM/modules/pam_permit/tst-pam_permit
new file mode 100755
index 00000000..8adb427f
--- /dev/null
+++ b/Linux-PAM/modules/pam_permit/tst-pam_permit
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_permit.so
diff --git a/Linux-PAM/modules/pam_pwdb/BUGS b/Linux-PAM/modules/pam_pwdb/BUGS
deleted file mode 100644
index d51686e5..00000000
--- a/Linux-PAM/modules/pam_pwdb/BUGS
+++ /dev/null
@@ -1,3 +0,0 @@
-$Id: BUGS,v 1.2 2000/12/04 19:02:34 baggins Exp $
-
-As of Linux-PAM-0.52 this is new. No known bugs yet.
diff --git a/Linux-PAM/modules/pam_pwdb/CHANGELOG b/Linux-PAM/modules/pam_pwdb/CHANGELOG
deleted file mode 100644
index a3614031..00000000
--- a/Linux-PAM/modules/pam_pwdb/CHANGELOG
+++ /dev/null
@@ -1,10 +0,0 @@
-$Id: CHANGELOG,v 1.1.1.1 2000/06/20 22:11:46 agmorgan Exp $
-
-Tue Apr 23 12:28:09 EDT 1996 (Alexander O. Yuriev alex@bach.cis.temple.edu)
-
- * PAM_DISALLOW_NULL_AUTHTOK implemented in the authentication module
- * pam_sm_open_session() and pam_sm_close_session() implemented
- A new "trace" flag added to flags of /etc/pam.conf. Using this
- flag system administrator is able to make pam_unix module provide
- very extensive audit trail sent so syslog with LOG_AUTHPRIV level.
- * pam_sm_set_cred() is done
diff --git a/Linux-PAM/modules/pam_pwdb/Makefile b/Linux-PAM/modules/pam_pwdb/Makefile
deleted file mode 100644
index 228c6704..00000000
--- a/Linux-PAM/modules/pam_pwdb/Makefile
+++ /dev/null
@@ -1,127 +0,0 @@
-# $Id: Makefile,v 1.3 2004/09/28 13:48:47 kukuk Exp $
-#
-# This Makefile controls a build process of the pam_unix module
-# for Linux-PAM. You should not modify this Makefile.
-#
-# rewritten to compile new module Andrew Morgan
-# <morgan@parc.power.net> 1996/11/6
-#
-
-include ../../Make.Rules
-
-ifeq ($(HAVE_LIBPWDB),yes)
-
-EXTRALS += -lpwdb
-EXTRAS += -DCHKPWD_HELPER=\"$(SUPLEMENTED)/$(CHKPWD)\"
-
-ifeq ($(HAVE_LIBCRYPT),yes)
- EXTRALS += -lcrypt
-endif
-ifeq ($(HAVE_LIBNSL),yes)
- EXTRALS += -lnsl
-endif
-
-TITLE=pam_pwdb
-CHKPWD=pwdb_chkpwd
-
-LIBSRC = $(TITLE).c
-LIBOBJ = $(TITLE).o
-LIBOBJD = $(addprefix dynamic/,$(LIBOBJ))
-#LIBOBJS = $(addprefix static/,$(LIBOBJ))
-LIBDEPS = pam_unix_acct.-c pam_unix_auth.-c pam_unix_passwd.-c \
- pam_unix_sess.-c pam_unix_pwupd.-c support.-c bigcrypt.-c
-
-PLUS += md5_good.o md5_broken.o md5_crypt_good.o md5_crypt_broken.o
-CFLAGS += $(EXTRAS)
-
-ifdef DYNAMIC
-LIBSHARED = $(TITLE).so
-endif
-#ifdef STATIC
-#LIBSTATIC = lib$(TITLE).o
-#endif
-
-all: info dirs $(PLUS) $(LIBSHARED) $(LIBSTATIC) register $(CHKPWD)
-
-dynamic/$(LIBOBJ) : $(LIBSRC) $(LIBDEPS)
- $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-#static/$(LIBOBJ) : $(LIBSRC) $(LIBDEPS)
-# $(CC) $(CFLAGS) $(STATIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-info:
- @echo
- @echo "*** Building PAM_pwdb module..."
- @echo
-
-$(CHKPWD): pwdb_chkpwd.o md5_good.o md5_broken.o \
- md5_crypt_good.o md5_crypt_broken.o
- $(CC) $(CFLAGS) -o $(CHKPWD) $^ $(LDFLAGS) -lpwdb $(EXTRALS)
-
-pwdb_chkpwd.o: pwdb_chkpwd.c pam_unix_md.-c bigcrypt.-c
-
-md5_good.o: md5.c
- $(CC) $(CFLAGS) $(CPPFLAGS) -DHIGHFIRST -D'MD5Name(x)=Good##x' \
- $(TARGET_ARCH) -c $< -o $@
-
-md5_broken.o: md5.c
- $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' \
- $(TARGET_ARCH) -c $< -o $@
-
-md5_crypt_good.o: md5_crypt.c
- $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Good##x' \
- $(TARGET_ARCH) -c $< -o $@
-
-md5_crypt_broken.o: md5_crypt.c
- $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' \
- $(TARGET_ARCH) -c $< -o $@
-
-dirs:
-ifdef DYNAMIC
- @$(MKDIR) ./dynamic
-endif
-#ifdef STATIC
-# @$(MKDIR) ./static
-#endif
-
-register:
-#ifdef STATIC
-# ( cd .. ; ./register_static $(TITLE) $(TITLE)/$(LIBSTATIC) )
-#endif
-
-ifdef DYNAMIC
-$(LIBOBJD): $(LIBSRC)
-
-$(LIBSHARED): $(LIBOBJD)
- $(LD_D) -o $@ $(LIBOBJD) $(PLUS) $(EXTRALS)
-endif
-
-#ifdef STATIC
-#$(LIBOBJS): $(LIBSRC)
-#
-#$(LIBSTATIC): $(LIBOBJS)
-# $(LD) -r -o $@ $(LIBOBJS) $(PLUS) $(EXTRALS)
-#endif
-
-install: all
- $(MKDIR) $(FAKEROOT)$(SECUREDIR)
-ifdef DYNAMIC
- $(INSTALL) -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR)
-endif
- $(MKDIR) $(FAKEROOT)$(SUPLEMENTED)
- $(INSTALL) -m 4555 $(CHKPWD) $(FAKEROOT)$(SUPLEMENTED)
-
-remove:
- rm -f $(FAKEROOT)$(SECUREDIR)/$(TITLE).so
- rm -f $(FAKEROOT)$(SUPLEMENTED)/$(CHKPWD)
-
-clean:
- rm -f $(CHKPWD) $(LIBOBJD) $(LIBOBJS) $(MOREDELS) core *~ *.o *.so
- rm -f *.a *.o *.so *.bak
- rm -fr dynamic static
-
-else
-
-include ../dont_makefile
-
-endif
diff --git a/Linux-PAM/modules/pam_pwdb/README b/Linux-PAM/modules/pam_pwdb/README
deleted file mode 100644
index 4f420855..00000000
--- a/Linux-PAM/modules/pam_pwdb/README
+++ /dev/null
@@ -1,41 +0,0 @@
-This is the pam_unix module. It has been significantly rewritten since
-.51 was released (due mostly to the efforts of Cristian Gafton), and
-now takes more options and correctly updates vanilla UNIX/shadow/md5
-passwords.
-
-[Please read the source and make a note of all the warnings there, as
-the license suggests -- use at your own risk.]
-
-So far as I am concerned this module is now pretty stable. If you find
-any bugs, PLEASE tell me! <morgan@linux.kernel.org>
-
-Options recognized by this module are as follows:
-
- debug - log more debugging info
- audit - a little more extreme than debug
- use_first_pass - don't prompt the user for passwords
- take them from PAM_ items instead
- try_first_pass - don't prompt the user for the passwords
- unless PAM_(OLD)AUTHTOK is unset
- use_authtok - like try_first_pass, but *fail* if the new
- PAM_AUTHTOK has not been previously set.
- (intended for stacking password modules only)
- not_set_pass - don't set the PAM_ items with the passwords
- used by this module.
- shadow - try to maintian a shadow based system.
- unix - when changing passwords, they are placed
- in the /etc/passwd file
- md5 - when a user changes their password next,
- encrypt it with the md5 algorithm.
- bigcrypt - when a user changes their password next,
- excrypt it with the DEC C2-algorithm(0).
- nodelay - used to prevent failed authentication
- resulting in a delay of about 1 second.
-
-There is some support for building a shadow file on-the-fly from an
-/etc/passwd file. This is VERY alpha. If you want to play with it you
-should read the source to find the appropriate #define that you will
-need.
-
----------------------
-Andrew Morgan <morgan@linux.kernel.org>
diff --git a/Linux-PAM/modules/pam_pwdb/TODO b/Linux-PAM/modules/pam_pwdb/TODO
deleted file mode 100644
index 520a262e..00000000
--- a/Linux-PAM/modules/pam_pwdb/TODO
+++ /dev/null
@@ -1,34 +0,0 @@
-$Id: TODO,v 1.1.1.1 2000/06/20 22:11:47 agmorgan Exp $
-
- * get NIS working
- * .. including "nonis" argument
- * add helper binary
-
-Wed Sep 4 23:40:09 PDT 1996 Andrew G. Morgan
-
- * verify that it works for everyone
- * look more seriously at the issue of generating a shadow
- system on the fly
- * add some more password flavors
-
-Thu Aug 29 06:26:42 PDT 1996 Andrew G. Morgan
-
- * check that complete rewrite works! ;^)
- * complete shadow support to the password changing code.
- Also some code needed here for session managment?
- (both pam.conf argument to turn it on/off, and some
- conditional compilation.)
- * md5 passwords...
- * make the exclusive nature of the arguments work. That is,
- only recognize the flags when appropriate.
-
-Wed May 8 19:08:49 EDT 1996 Alexander O. Yuriev
-
- * support.c should go.
-
-Tue Apr 23 21:43:55 EDT 1996 Alexander O. Yuriev
-
- * pam_sm_chauth_tok() should be written
- * QUICK FIX: pam_sm_setcred() probably returns incorrect error code
-
-
diff --git a/Linux-PAM/modules/pam_pwdb/bigcrypt.-c b/Linux-PAM/modules/pam_pwdb/bigcrypt.-c
deleted file mode 100644
index 321f2491..00000000
--- a/Linux-PAM/modules/pam_pwdb/bigcrypt.-c
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * This function implements the "bigcrypt" algorithm specifically for
- * Linux-PAM.
- *
- * This algorithm is algorithm 0 (default) shipped with the C2 secure
- * implementation of Digital UNIX.
- *
- * Disclaimer: This work is not based on the source code to Digital
- * UNIX, nor am I connected to Digital Equipment Corp, in any way
- * other than as a customer. This code is based on published
- * interfaces and reasonable guesswork.
- *
- * Description: The cleartext is divided into blocks of SEGMENT_SIZE=8
- * characters or less. Each block is encrypted using the standard UNIX
- * libc crypt function. The result of the encryption for one block
- * provides the salt for the suceeding block.
- *
- * Restrictions: The buffer used to hold the encrypted result is
- * statically allocated. (see MAX_PASS_LEN below). This is necessary,
- * as the returned pointer points to "static data that are overwritten
- * by each call", (XPG3: XSI System Interface + Headers pg 109), and
- * this is a drop in replacement for crypt();
- *
- * Andy Phillips <atp@mssl.ucl.ac.uk>
- */
-
-/*
- * Max cleartext password length in segments of 8 characters this
- * function can deal with (16 segments of 8 chars= max 128 character
- * password).
- */
-
-#define MAX_PASS_LEN 16
-#define SEGMENT_SIZE 8
-#define SALT_SIZE 2
-#define KEYBUF_SIZE ((MAX_PASS_LEN*SEGMENT_SIZE)+SALT_SIZE)
-#define ESEGMENT_SIZE 11
-#define CBUF_SIZE ((MAX_PASS_LEN*ESEGMENT_SIZE)+SALT_SIZE+1)
-
-static char *bigcrypt(const char *key, const char *salt)
-{
- static char dec_c2_cryptbuf[CBUF_SIZE]; /* static storage area */
-
- unsigned long int keylen,n_seg,j;
- char *cipher_ptr,*plaintext_ptr,*tmp_ptr,*salt_ptr;
- char keybuf[KEYBUF_SIZE+1];
-
- D(("called with key='%s', salt='%s'.", key, salt));
-
- /* reset arrays */
- memset(keybuf, 0, KEYBUF_SIZE+1);
- memset(dec_c2_cryptbuf, 0, CBUF_SIZE);
-
- /* fill KEYBUF_SIZE with key */
- strncpy(keybuf, key, KEYBUF_SIZE);
-
- /* deal with case that we are doing a password check for a
- conventially encrypted password: the salt will be
- SALT_SIZE+ESEGMENT_SIZE long. */
- if (strlen(salt) == (SALT_SIZE+ESEGMENT_SIZE))
- keybuf[SEGMENT_SIZE] = '\0'; /* terminate password early(?) */
-
- keylen = strlen(keybuf);
-
- if (!keylen) {
- n_seg = 1;
- } else {
- /* work out how many segments */
- n_seg = 1 + ((keylen-1)/SEGMENT_SIZE);
- }
-
- if (n_seg > MAX_PASS_LEN)
- n_seg = MAX_PASS_LEN; /* truncate at max length */
-
- /* set up some pointers */
- cipher_ptr = dec_c2_cryptbuf;
- plaintext_ptr = keybuf;
-
- /* do the first block with supplied salt */
- tmp_ptr = crypt(plaintext_ptr,salt); /* libc crypt() */
-
- /* and place in the static area */
- strncpy(cipher_ptr, tmp_ptr, 13);
- cipher_ptr += ESEGMENT_SIZE + SALT_SIZE;
- plaintext_ptr += SEGMENT_SIZE; /* first block of SEGMENT_SIZE */
-
- /* change the salt (1st 2 chars of previous block) - this was found
- by dowsing */
-
- salt_ptr = cipher_ptr - ESEGMENT_SIZE;
-
- /* so far this is identical to "return crypt(key, salt);", if
- there is more than one block encrypt them... */
-
- if (n_seg > 1) {
- for (j=2; j <= n_seg; j++) {
-
- tmp_ptr = crypt(plaintext_ptr, salt_ptr);
-
- /* skip the salt for seg!=0 */
- strncpy(cipher_ptr, (tmp_ptr+SALT_SIZE), ESEGMENT_SIZE);
-
- cipher_ptr += ESEGMENT_SIZE;
- plaintext_ptr += SEGMENT_SIZE;
- salt_ptr = cipher_ptr - ESEGMENT_SIZE;
- }
- }
-
- D(("key=|%s|, salt=|%s|\nbuf=|%s|\n", key, salt, dec_c2_cryptbuf));
-
- /* this is the <NUL> terminated encrypted password */
-
- return dec_c2_cryptbuf;
-}
diff --git a/Linux-PAM/modules/pam_pwdb/md5.c b/Linux-PAM/modules/pam_pwdb/md5.c
deleted file mode 100644
index 44282941..00000000
--- a/Linux-PAM/modules/pam_pwdb/md5.c
+++ /dev/null
@@ -1,255 +0,0 @@
-/* $Id: md5.c,v 1.2 2000/12/04 19:02:34 baggins Exp $
- *
- * This code implements the MD5 message-digest algorithm.
- * The algorithm is due to Ron Rivest. This code was
- * written by Colin Plumb in 1993, no copyright is claimed.
- * This code is in the public domain; do with it what you wish.
- *
- * Equivalent code is available from RSA Data Security, Inc.
- * This code has been tested against that, and is equivalent,
- * except that you don't need to include two pages of legalese
- * with every copy.
- *
- * To compute the message digest of a chunk of bytes, declare an
- * MD5Context structure, pass it to MD5Init, call MD5Update as
- * needed on buffers full of bytes, and then call MD5Final, which
- * will fill a supplied 16-byte array with the digest.
- *
- */
-
-#include <string.h>
-#include "md5.h"
-
-#ifndef HIGHFIRST
-#define byteReverse(buf, len) /* Nothing */
-#else
-static void byteReverse(unsigned char *buf, unsigned longs);
-
-#ifndef ASM_MD5
-/*
- * Note: this code is harmless on little-endian machines.
- */
-static void byteReverse(unsigned char *buf, unsigned longs)
-{
- uint32 t;
- do {
- t = (uint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
- ((unsigned) buf[1] << 8 | buf[0]);
- *(uint32 *) buf = t;
- buf += 4;
- } while (--longs);
-}
-#endif
-#endif
-
-/*
- * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
- * initialization constants.
- */
-void MD5Name(MD5Init)(struct MD5Context *ctx)
-{
- ctx->buf[0] = 0x67452301U;
- ctx->buf[1] = 0xefcdab89U;
- ctx->buf[2] = 0x98badcfeU;
- ctx->buf[3] = 0x10325476U;
-
- ctx->bits[0] = 0;
- ctx->bits[1] = 0;
-}
-
-/*
- * Update context to reflect the concatenation of another buffer full
- * of bytes.
- */
-void MD5Name(MD5Update)(struct MD5Context *ctx, unsigned const char *buf, unsigned len)
-{
- uint32 t;
-
- /* Update bitcount */
-
- t = ctx->bits[0];
- if ((ctx->bits[0] = t + ((uint32) len << 3)) < t)
- ctx->bits[1]++; /* Carry from low to high */
- ctx->bits[1] += len >> 29;
-
- t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */
-
- /* Handle any leading odd-sized chunks */
-
- if (t) {
- unsigned char *p = (unsigned char *) ctx->in + t;
-
- t = 64 - t;
- if (len < t) {
- memcpy(p, buf, len);
- return;
- }
- memcpy(p, buf, t);
- byteReverse(ctx->in, 16);
- MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
- buf += t;
- len -= t;
- }
- /* Process data in 64-byte chunks */
-
- while (len >= 64) {
- memcpy(ctx->in, buf, 64);
- byteReverse(ctx->in, 16);
- MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
- buf += 64;
- len -= 64;
- }
-
- /* Handle any remaining bytes of data. */
-
- memcpy(ctx->in, buf, len);
-}
-
-/*
- * Final wrapup - pad to 64-byte boundary with the bit pattern
- * 1 0* (64-bit count of bits processed, MSB-first)
- */
-void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx)
-{
- unsigned count;
- unsigned char *p;
-
- /* Compute number of bytes mod 64 */
- count = (ctx->bits[0] >> 3) & 0x3F;
-
- /* Set the first char of padding to 0x80. This is safe since there is
- always at least one byte free */
- p = ctx->in + count;
- *p++ = 0x80;
-
- /* Bytes of padding needed to make 64 bytes */
- count = 64 - 1 - count;
-
- /* Pad out to 56 mod 64 */
- if (count < 8) {
- /* Two lots of padding: Pad the first block to 64 bytes */
- memset(p, 0, count);
- byteReverse(ctx->in, 16);
- MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
-
- /* Now fill the next block with 56 bytes */
- memset(ctx->in, 0, 56);
- } else {
- /* Pad block to 56 bytes */
- memset(p, 0, count - 8);
- }
- byteReverse(ctx->in, 14);
-
- /* Append length in bits and transform */
- ((uint32 *) ctx->in)[14] = ctx->bits[0];
- ((uint32 *) ctx->in)[15] = ctx->bits[1];
-
- MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
- byteReverse((unsigned char *) ctx->buf, 4);
- memcpy(digest, ctx->buf, 16);
- memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
-}
-
-#ifndef ASM_MD5
-
-/* The four core functions - F1 is optimized somewhat */
-
-/* #define F1(x, y, z) (x & y | ~x & z) */
-#define F1(x, y, z) (z ^ (x & (y ^ z)))
-#define F2(x, y, z) F1(z, x, y)
-#define F3(x, y, z) (x ^ y ^ z)
-#define F4(x, y, z) (y ^ (x | ~z))
-
-/* This is the central step in the MD5 algorithm. */
-#define MD5STEP(f, w, x, y, z, data, s) \
- ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
-
-/*
- * The core of the MD5 algorithm, this alters an existing MD5 hash to
- * reflect the addition of 16 longwords of new data. MD5Update blocks
- * the data and converts bytes into longwords for this routine.
- */
-void MD5Name(MD5Transform)(uint32 buf[4], uint32 const in[16])
-{
- register uint32 a, b, c, d;
-
- a = buf[0];
- b = buf[1];
- c = buf[2];
- d = buf[3];
-
- MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478U, 7);
- MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756U, 12);
- MD5STEP(F1, c, d, a, b, in[2] + 0x242070dbU, 17);
- MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceeeU, 22);
- MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0fafU, 7);
- MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62aU, 12);
- MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613U, 17);
- MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501U, 22);
- MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8U, 7);
- MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7afU, 12);
- MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1U, 17);
- MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7beU, 22);
- MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122U, 7);
- MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193U, 12);
- MD5STEP(F1, c, d, a, b, in[14] + 0xa679438eU, 17);
- MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821U, 22);
-
- MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562U, 5);
- MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340U, 9);
- MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51U, 14);
- MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aaU, 20);
- MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105dU, 5);
- MD5STEP(F2, d, a, b, c, in[10] + 0x02441453U, 9);
- MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681U, 14);
- MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8U, 20);
- MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6U, 5);
- MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6U, 9);
- MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87U, 14);
- MD5STEP(F2, b, c, d, a, in[8] + 0x455a14edU, 20);
- MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905U, 5);
- MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8U, 9);
- MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9U, 14);
- MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8aU, 20);
-
- MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942U, 4);
- MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681U, 11);
- MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122U, 16);
- MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380cU, 23);
- MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44U, 4);
- MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9U, 11);
- MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60U, 16);
- MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70U, 23);
- MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6U, 4);
- MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127faU, 11);
- MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085U, 16);
- MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05U, 23);
- MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039U, 4);
- MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5U, 11);
- MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8U, 16);
- MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665U, 23);
-
- MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244U, 6);
- MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97U, 10);
- MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7U, 15);
- MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039U, 21);
- MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3U, 6);
- MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92U, 10);
- MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47dU, 15);
- MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1U, 21);
- MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4fU, 6);
- MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0U, 10);
- MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314U, 15);
- MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1U, 21);
- MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82U, 6);
- MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235U, 10);
- MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bbU, 15);
- MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391U, 21);
-
- buf[0] += a;
- buf[1] += b;
- buf[2] += c;
- buf[3] += d;
-}
-
-#endif
diff --git a/Linux-PAM/modules/pam_pwdb/md5.h b/Linux-PAM/modules/pam_pwdb/md5.h
deleted file mode 100644
index 75c4dbac..00000000
--- a/Linux-PAM/modules/pam_pwdb/md5.h
+++ /dev/null
@@ -1,30 +0,0 @@
-#ifndef MD5_H
-#define MD5_H
-
-typedef unsigned int uint32;
-
-struct MD5Context {
- uint32 buf[4];
- uint32 bits[2];
- unsigned char in[64];
-};
-
-void GoodMD5Init(struct MD5Context *);
-void GoodMD5Update(struct MD5Context *, unsigned const char *, unsigned);
-void GoodMD5Final(unsigned char digest[16], struct MD5Context *);
-void GoodMD5Transform(uint32 buf[4], uint32 const in[16]);
-void BrokenMD5Init(struct MD5Context *);
-void BrokenMD5Update(struct MD5Context *, unsigned const char *, unsigned);
-void BrokenMD5Final(unsigned char digest[16], struct MD5Context *);
-void BrokenMD5Transform(uint32 buf[4], uint32 const in[16]);
-
-char *Goodcrypt_md5(const char *pw, const char *salt);
-char *Brokencrypt_md5(const char *pw, const char *salt);
-
-/*
-* This is needed to make RSAREF happy on some MS-DOS compilers.
-*/
-
-typedef struct MD5Context MD5_CTX;
-
-#endif /* MD5_H */
diff --git a/Linux-PAM/modules/pam_pwdb/md5_crypt.c b/Linux-PAM/modules/pam_pwdb/md5_crypt.c
deleted file mode 100644
index 826087f2..00000000
--- a/Linux-PAM/modules/pam_pwdb/md5_crypt.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* $Id: md5_crypt.c,v 1.2 2000/12/04 19:02:34 baggins Exp $
- *
- * ----------------------------------------------------------------------------
- * "THE BEER-WARE LICENSE" (Revision 42):
- * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
- * can do whatever you want with this stuff. If we meet some day, and you think
- * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
- * ----------------------------------------------------------------------------
- *
- * Origin: Id: crypt.c,v 1.3 1995/05/30 05:42:22 rgrimes Exp
- *
- */
-
-#include <string.h>
-#include "md5.h"
-
-static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
- "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
-static void
-to64(char *s, unsigned long v, int n)
-{
- while (--n >= 0) {
- *s++ = itoa64[v&0x3f];
- v >>= 6;
- }
-}
-
-/*
- * UNIX password
- *
- * Use MD5 for what it is best at...
- */
-
-char * MD5Name(crypt_md5)(const char *pw, const char *salt)
-{
- const char *magic = "$1$";
- /* This string is magic for this algorithm. Having
- * it this way, we can get get better later on */
- static char passwd[120], *p;
- static const char *sp,*ep;
- unsigned char final[16];
- int sl,pl,i,j;
- MD5_CTX ctx,ctx1;
- unsigned long l;
-
- /* Refine the Salt first */
- sp = salt;
-
- /* If it starts with the magic string, then skip that */
- if(!strncmp(sp,magic,strlen(magic)))
- sp += strlen(magic);
-
- /* It stops at the first '$', max 8 chars */
- for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++)
- continue;
-
- /* get the length of the true salt */
- sl = ep - sp;
-
- MD5Name(MD5Init)(&ctx);
-
- /* The password first, since that is what is most unknown */
- MD5Name(MD5Update)(&ctx,(unsigned const char *)pw,strlen(pw));
-
- /* Then our magic string */
- MD5Name(MD5Update)(&ctx,(unsigned const char *)magic,strlen(magic));
-
- /* Then the raw salt */
- MD5Name(MD5Update)(&ctx,(unsigned const char *)sp,sl);
-
- /* Then just as many characters of the MD5(pw,salt,pw) */
- MD5Name(MD5Init)(&ctx1);
- MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
- MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl);
- MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
- MD5Name(MD5Final)(final,&ctx1);
- for(pl = strlen(pw); pl > 0; pl -= 16)
- MD5Name(MD5Update)(&ctx,(unsigned const char *)final,pl>16 ? 16 : pl);
-
- /* Don't leave anything around in vm they could use. */
- memset(final,0,sizeof final);
-
- /* Then something really weird... */
- for (j=0,i = strlen(pw); i ; i >>= 1)
- if(i&1)
- MD5Name(MD5Update)(&ctx, (unsigned const char *)final+j, 1);
- else
- MD5Name(MD5Update)(&ctx, (unsigned const char *)pw+j, 1);
-
- /* Now make the output string */
- strcpy(passwd,magic);
- strncat(passwd,sp,sl);
- strcat(passwd,"$");
-
- MD5Name(MD5Final)(final,&ctx);
-
- /*
- * and now, just to make sure things don't run too fast
- * On a 60 Mhz Pentium this takes 34 msec, so you would
- * need 30 seconds to build a 1000 entry dictionary...
- */
- for(i=0;i<1000;i++) {
- MD5Name(MD5Init)(&ctx1);
- if(i & 1)
- MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
- else
- MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16);
-
- if(i % 3)
- MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl);
-
- if(i % 7)
- MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
-
- if(i & 1)
- MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16);
- else
- MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
- MD5Name(MD5Final)(final,&ctx1);
- }
-
- p = passwd + strlen(passwd);
-
- l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p += 4;
- l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p += 4;
- l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p += 4;
- l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p += 4;
- l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p += 4;
- l = final[11] ; to64(p,l,2); p += 2;
- *p = '\0';
-
- /* Don't leave anything around in vm they could use. */
- memset(final,0,sizeof final);
-
- return passwd;
-}
-
diff --git a/Linux-PAM/modules/pam_pwdb/pam_pwdb.c b/Linux-PAM/modules/pam_pwdb/pam_pwdb.c
deleted file mode 100644
index 8c75ac23..00000000
--- a/Linux-PAM/modules/pam_pwdb/pam_pwdb.c
+++ /dev/null
@@ -1,248 +0,0 @@
-/*
- * $Id: pam_pwdb.c,v 1.3 2000/11/19 23:54:04 agmorgan Exp $
- *
- * This is the single file that will be compiled for pam_unix.
- * it includes each of the modules that have beed defined in the .-c
- * files in this directory.
- *
- * It is a little ugly to do it this way, but it is a simple way of
- * defining static functions only once, and yet keeping the separate
- * files modular. If you can think of something better, please email
- * Andrew Morgan <morgan@linux.kernel.org>
- *
- * See the end of this file for Copyright information.
- */
-
-static const char rcsid[] =
-"$Id: pam_pwdb.c,v 1.3 2000/11/19 23:54:04 agmorgan Exp $\n"
-" - PWDB Pluggable Authentication module. <morgan@linux.kernel.org>"
-;
-
-/* #define DEBUG */
-
-#include <security/_pam_aconf.h>
-
-#include <sys/types.h>
-#include <stdarg.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <errno.h>
-#include <string.h>
-#include <syslog.h>
-#include <time.h> /* for time() */
-#include <fcntl.h>
-#include <ctype.h>
-
-#include <sys/time.h>
-#include <unistd.h>
-
-#include <pwdb/pwdb_public.h>
-
-/* indicate the following groups are defined */
-
-#define PAM_SM_AUTH
-#define PAM_SM_ACCOUNT
-#define PAM_SM_SESSION
-#define PAM_SM_PASSWORD
-
-#include <security/_pam_macros.h>
-#include <security/pam_modules.h>
-
-#ifndef LINUX_PAM
-#include <security/pam_appl.h>
-#endif /* LINUX_PAM */
-
-#include "./support.-c"
-
-/*
- * PAM framework looks for these entry-points to pass control to the
- * authentication module.
- */
-
-#include "./pam_unix_auth.-c"
-
-PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags
- , int argc, const char **argv)
-{
- unsigned int ctrl;
- int retval;
-
- D(("called."));
-
- pwdb_start();
- ctrl = set_ctrl(flags, argc, argv);
- retval = _unix_auth( pamh, ctrl );
- pwdb_end();
-
- if ( on(UNIX_LIKE_AUTH, ctrl) ) {
- D(("recording return code for next time [%d]", retval));
- pam_set_data(pamh, "pwdb_setcred_return", (void *) retval, NULL);
- }
-
- D(("done. [%s]", pam_strerror(pamh, retval)));
-
- return retval;
-}
-
-PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags
- , int argc, const char **argv)
-{
- unsigned int ctrl;
- int retval;
-
- D(("called."));
-
- pwdb_start();
- ctrl = set_ctrl(flags, argc, argv);
- retval = _unix_set_credentials(pamh, ctrl);
- pwdb_end();
-
- if ( on(UNIX_LIKE_AUTH, ctrl) ) {
- int *pretval = &retval;
-
- D(("recovering return code from auth call"));
- pam_get_data(pamh, "pwdb_setcred_return", (const void **) pretval);
- D(("recovered data indicates that old retval was %d", retval));
- }
-
- return retval;
-}
-
-/*
- * PAM framework looks for these entry-points to pass control to the
- * account management module.
- */
-
-#include "./pam_unix_acct.-c"
-
-PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
-{
- unsigned int ctrl;
- int retval;
-
- D(("called."));
-
- pwdb_start();
- ctrl = set_ctrl(flags, argc, argv);
- retval = _unix_acct_mgmt(pamh, ctrl);
- pwdb_end();
-
- D(("done."));
-
- return retval;
-}
-
-/*
- * PAM framework looks for these entry-points to pass control to the
- * session module.
- */
-
-#include "./pam_unix_sess.-c"
-
-PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
-{
- unsigned int ctrl;
- int retval;
-
- D(("called."));
-
- pwdb_start();
- ctrl = set_ctrl(flags, argc, argv);
- retval = _unix_open_session(pamh, ctrl);
- pwdb_end();
-
- return retval;
-}
-
-PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
-{
- unsigned int ctrl;
- int retval;
-
- D(("called."));
-
- pwdb_start();
- ctrl = set_ctrl(flags, argc, argv);
- retval = _unix_close_session(pamh, ctrl);
- pwdb_end();
-
- return retval;
-}
-
-/*
- * PAM framework looks for these entry-points to pass control to the
- * password changing module.
- */
-
-#include "./pam_unix_passwd.-c"
-
-PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
-{
- unsigned int ctrl;
- int retval;
-
- D(("called."));
-
- pwdb_start();
- ctrl = set_ctrl(flags, argc, argv);
- retval = _unix_chauthtok(pamh, ctrl);
- pwdb_end();
-
- D(("done."));
-
- return retval;
-}
-
-/* static module data */
-
-#ifdef PAM_STATIC
-struct pam_module _pam_pwdb_modstruct = {
- "pam_pwdb",
- pam_sm_authenticate,
- pam_sm_setcred,
- pam_sm_acct_mgmt,
- pam_sm_open_session,
- pam_sm_close_session,
- pam_sm_chauthtok
-};
-
-#endif
-
-/*
- * Copyright (c) Andrew G. Morgan, 1996. All rights reserved
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, and the entire permission notice in its entirety,
- * including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior
- * written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_acct.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_acct.-c
deleted file mode 100644
index adcb6538..00000000
--- a/Linux-PAM/modules/pam_pwdb/pam_unix_acct.-c
+++ /dev/null
@@ -1,272 +0,0 @@
-/*
- * $Id: pam_unix_acct.-c,v 1.2 2000/12/04 19:02:34 baggins Exp $
- *
- * See end of file for copyright information
- */
-
-static const char rcsid_acct[] =
-"$Id: pam_unix_acct.-c,v 1.2 2000/12/04 19:02:34 baggins Exp $\n"
-" - PAM_PWDB account management <gafton@redhat.com>";
-
-/* the shadow suite has accout managment.. */
-
-static int _shadow_acct_mgmt_exp(pam_handle_t *pamh, unsigned int ctrl,
- const struct pwdb *pw, const char *uname)
-{
- const struct pwdb_entry *pwe = NULL;
- time_t curdays;
- int last_change, max_change;
- int retval;
-
- D(("called."));
-
- /* Now start the checks */
-
- curdays = time(NULL)/(60*60*24); /* today */
-
- /* First: has account expired ? (CG)
- * - expire < curdays
- * - or (last_change + max_change + defer_change) < curdays
- * - in both cases, deny access
- */
-
- D(("pwdb_get_entry"));
- retval = pwdb_get_entry(pw, "expire", &pwe);
- if (retval == PWDB_SUCCESS) {
- int expire;
-
- expire = *( (const int *) pwe->value );
- (void) pwdb_entry_delete(&pwe); /* no longer needed */
-
- if ((curdays > expire) && (expire > 0)) {
-
- _log_err(LOG_NOTICE
- , "acct: account %s has expired (account expired)"
- , uname);
- make_remark(pamh, ctrl, PAM_ERROR_MSG
- , "Your account has expired; "
- "please contact your system administrator");
-
- D(("account expired"));
- return PAM_ACCT_EXPIRED;
- }
- }
-
- D(("pwdb_get_entry"));
- retval = pwdb_get_entry(pw, "last_change", &pwe);
- if ( retval == PWDB_SUCCESS ) {
- last_change = *( (const int *) pwe->value );
- } else {
- last_change = curdays;
- }
- (void) pwdb_entry_delete(&pwe);
-
- D(("pwdb_get_entry"));
- retval = pwdb_get_entry(pw, "max_change", &pwe);
- if ( retval == PWDB_SUCCESS ) {
- max_change = *( (const int *) pwe->value );
- } else {
- max_change = -1;
- }
- (void) pwdb_entry_delete(&pwe);
-
- D(("pwdb_get_entry"));
- retval = pwdb_get_entry(pw, "defer_change", &pwe);
- if (retval == PWDB_SUCCESS) {
- int defer_change;
-
- defer_change = *( (const int *) pwe->value );
- (void) pwdb_entry_delete(&pwe);
-
- if ((curdays > (last_change + max_change + defer_change))
- && (max_change != -1) && (defer_change != -1)
- && (last_change > 0)) {
-
- if ( on(UNIX_DEBUG, ctrl) ) {
- _log_err(LOG_NOTICE, "acct: account %s has expired "
- "(failed to change password)", uname);
- }
- make_remark(pamh, ctrl, PAM_ERROR_MSG
- , "Your password has expired; "
- "please see your system administrator");
-
- D(("account expired2"));
- return PAM_ACCT_EXPIRED;
- }
- }
-
- /* Now test if the password is expired, but the user still can
- * change their password. (CG)
- * - last_change = 0
- * - last_change + max_change < curdays
- */
-
- D(("when was the last change"));
- if (last_change == 0) {
-
- if ( on(UNIX_DEBUG, ctrl) ) {
- _log_err(LOG_NOTICE
- , "acct: expired password for user %s (root enforced)"
- , uname);
- }
- make_remark(pamh, ctrl, PAM_ERROR_MSG
- , "You are required to change your password immediately"
- );
-
- D(("need a new password"));
- return PAM_NEW_AUTHTOK_REQD;
- }
-
- if (((last_change + max_change) < curdays) &&
- (max_change < 99999) && (max_change > 0)) {
-
- if ( on(UNIX_DEBUG, ctrl) ) {
- _log_err(LOG_DEBUG
- , "acct: expired password for user %s (password aged)"
- , uname);
- }
- make_remark(pamh, ctrl, PAM_ERROR_MSG
- , "Your password has expired; please change it!");
-
- D(("need a new password 2"));
- return PAM_NEW_AUTHTOK_REQD;
- }
-
- /*
- * Now test if the password is about to expire (CG)
- * - last_change + max_change - curdays <= warn_change
- */
-
- retval = pwdb_get_entry(pw, "warn_change", &pwe);
- if ( retval == PWDB_SUCCESS ) {
- int warn_days, daysleft;
-
- daysleft = last_change + max_change - curdays;
- warn_days = *((const int *) pwe->value);
- (void) pwdb_entry_delete(&pwe);
-
- if ((daysleft <= warn_days) && (warn_days > 0)) {
- char *s;
-
- if ( on(UNIX_DEBUG, ctrl) ) {
- _log_err(LOG_DEBUG
- , "acct: password for user %s will expire in %d days"
- , uname, daysleft);
- }
-
-#define LocalComment "Warning: your password will expire in %d day%s"
- if ((s = (char *) malloc(30+sizeof(LocalComment))) == NULL) {
- _log_err(LOG_CRIT, "malloc failure in " __FILE__);
- retval = PAM_BUF_ERR;
- } else {
-
- sprintf(s, LocalComment, daysleft, daysleft == 1 ? "":"s");
-
- make_remark(pamh, ctrl, PAM_TEXT_INFO, s);
- free(s);
- }
-#undef LocalComment
- }
- } else {
- retval = PAM_SUCCESS;
- }
-
- D(("all done"));
- return retval;
-}
-
-
-/*
- * this function checks for the account details. The user may not be
- * permitted to log in at this time etc.. Within the context of
- * vanilla Unix, this function simply does nothing. The shadow suite
- * added password/account expiry, but PWDB takes care of this
- * transparently.
- */
-
-static int _unix_acct_mgmt(pam_handle_t *pamh, unsigned int ctrl)
-{
- const struct pwdb *pw = NULL;
-
- char *uname=NULL;
- int retval;
-
- D(("called."));
-
- /* identify user */
-
- retval = pam_get_item(pamh,PAM_USER,(const void **)&uname);
- D(("user = `%s'", uname));
- if (retval != PAM_SUCCESS || uname == NULL) {
- _log_err(LOG_ALERT
- , "acct; could not identify user (from uid=%d)"
- , getuid());
- return PAM_USER_UNKNOWN;
- }
-
- /* get database information for user */
-
- retval = pwdb_locate("user", PWDB_DEFAULT, uname, PWDB_ID_UNKNOWN, &pw);
- if (retval != PWDB_SUCCESS || pw == NULL) {
-
- _log_err(LOG_ALERT, "acct; %s (%s from uid=%d)"
- , pwdb_strerror(retval), uname, getuid());
- if ( pw ) {
- (void) pwdb_delete(&pw);
- }
- return PAM_USER_UNKNOWN;
- }
-
- /* now check the user's times etc.. */
-
- retval = _shadow_acct_mgmt_exp(pamh, ctrl, pw, uname);
- if (retval != PAM_SUCCESS) {
- _log_err(LOG_NOTICE, "expiry check failed for '%s'", uname);
- }
-
- /* Done with pw */
-
- (void) pwdb_delete(&pw);
-
- /* all done */
-
- D(("done."));
- return retval;
-}
-
-/*
- * Copyright (c) Elliot Lee, 1996.
- * Copyright (c) Andrew Morgan <morgan@parc.power.net> 1996.
- * Copyright (c) Cristian Gafton <gafton@redhat.com> 1996.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, and the entire permission notice in its entirety,
- * including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior
- * written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c
deleted file mode 100644
index 31230394..00000000
--- a/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c
+++ /dev/null
@@ -1,131 +0,0 @@
-/*
- * $Id: pam_unix_auth.-c,v 1.1.1.1 2000/06/20 22:11:49 agmorgan Exp $
- *
- * See end of file for Copyright information.
- */
-
-static const char rcsid_auth[] =
-"$Id: pam_unix_auth.-c,v 1.1.1.1 2000/06/20 22:11:49 agmorgan Exp $: pam_unix_auth.-c,v 1.2 1996/09/05 06:46:53 morgan Exp morgan $\n"
-" - PAM_PWDB authentication functions. <morgan@parc.power.net>";
-
-/*
- * _unix_auth() is a front-end for UNIX/shadow authentication
- *
- * First, obtain the password from the user. Then use a
- * routine in 'support.-c' to authenticate the user.
- */
-
-#define _UNIX_AUTHTOK "-UN*X-PASS"
-
-static int _unix_auth(pam_handle_t *pamh, unsigned int ctrl)
-{
- int retval;
- const char *name, *p;
-
- D(("called."));
-
- /* get the user'name' */
-
- retval = _unix_get_user(pamh, ctrl, NULL, &name);
- if (retval != PAM_SUCCESS ) {
- if (retval != PAM_CONV_AGAIN) {
- if ( on(UNIX_DEBUG,ctrl) ) {
- _log_err(LOG_DEBUG, "auth could not identify user");
- }
- } else {
- D(("pam_get_user/conv() function is not ready yet"));
- /* it is safe to resume this function so we translate this
- retval to the value that indicates we're happy to resume. */
- retval = PAM_INCOMPLETE;
- }
- return retval;
- }
-
- /* if this user does not have a password... */
-
- if ( _unix_blankpasswd(ctrl, name) ) {
- D(("user '%s' has blank passwd", name));
- name = NULL;
- return PAM_SUCCESS;
- }
-
- /* get this user's authentication token */
-
- retval = _unix_read_password(pamh, ctrl, NULL, "Password: ", NULL
- , _UNIX_AUTHTOK, &p);
- if (retval != PAM_SUCCESS) {
- if (retval != PAM_CONV_AGAIN) {
- _log_err(LOG_CRIT, "auth could not identify password for [%s]"
- , name);
- } else {
- D(("conversation function is not ready yet"));
- /* it is safe to resume this function so we translate this
- retval to the value that indicates we're happy to resume. */
- retval = PAM_INCOMPLETE;
- }
- name = NULL;
- return retval;
- }
- D(("user=%s, password=[%s]", name, p));
-
- /* verify the password of this user */
- retval = _unix_verify_password(pamh, name, p, ctrl);
- name = p = NULL;
-
- D(("done [%d]", retval));
-
- return retval;
-}
-
-/*
- * This function is for setting unix credentials. Sun has indicated
- * that there are *NO* authentication credentials for unix. The
- * obvious credentials would be the group membership of the user as
- * listed in the /etc/group file. However, Sun indicates that it is
- * the responsibility of the application to set these.
- */
-
-static int _unix_set_credentials(pam_handle_t *pamh, unsigned int ctrl)
-{
- D(("called <empty function> returning."));
-
- return PAM_SUCCESS;
-}
-
-/********************************************************************
- * Copyright (c) Alexander O. Yuriev, 1996.
- * Copyright (c) Andrew G. Morgan <morgan@parc.power.net> 1996
- * Copyright (c) Cristian Gafton <gafton@redhat.com> 1996, 1997
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, and the entire permission notice in its entirety,
- * including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior
- * written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_md.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_md.-c
deleted file mode 100644
index 65476732..00000000
--- a/Linux-PAM/modules/pam_pwdb/pam_unix_md.-c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * This function is a front-end for the message digest algorithms used
- * to compute the user's encrypted passwords. No reversible encryption
- * is used here and I intend to keep it that way.
- *
- * While there are many sources of encryption outside the United
- * States, it *may* be illegal to re-export reversible encryption
- * computer code. Until such time as it is legal to export encryption
- * software freely from the US, please do not send me any. (AGM)
- */
-
-/* this should have been defined in a header file.. Why wasn't it? AGM */
-extern char *crypt(const char *key, const char *salt);
-
-#include "md5.h"
-#include "bigcrypt.-c"
-
-struct cfns {
- const char *salt;
- int len;
- char * (* mdfn)(const char *key, const char *salt);
-};
-
-/* array of non-standard digest algorithms available */
-
-#define N_MDS 1
-const static struct cfns cfn_list[N_MDS] = {
- { "$1$", 3, Goodcrypt_md5 },
-};
-
-static char *_pam_md(const char *key, const char *salt)
-{
- char *x,*e=NULL;
- int i;
-
- D(("called with key='%s', salt='%s'", key, salt));
-
- /* check for non-standard salts */
-
- for (i=0; i<N_MDS; ++i) {
- if ( !strncmp(cfn_list[i].salt, salt, cfn_list[i].len) ) {
- e = cfn_list[i].mdfn(key, salt);
- break;
- }
- }
-
- if ( i >= N_MDS ) {
- e = bigcrypt(key, salt); /* (defaults to standard algorithm) */
- }
-
- x = x_strdup(e); /* put e in malloc()ed memory */
- _pam_overwrite(e); /* clean up */
- return x; /* this must be deleted elsewhere */
-}
-
-#ifndef PWDB_NO_MD_COMPAT
-static char *_pam_md_compat(const char *key, const char *salt)
-{
- char *x,*e=NULL;
-
- D(("called with key='%s', salt='%s'", key, salt));
-
- if ( !strncmp("$1$", salt, 3) ) {
- e = Brokencrypt_md5(key, salt);
- x = x_strdup(e); /* put e in malloc()ed memory */
- _pam_overwrite(e); /* clean up */
- } else {
- x = x_strdup(""); /* called from only one place so this is safe */
- }
-
- return x; /* this must be deleted elsewhere */
-}
-#endif /* PWDB_NO_MD_COMPAT */
diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_passwd.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_passwd.-c
deleted file mode 100644
index 7ed65000..00000000
--- a/Linux-PAM/modules/pam_pwdb/pam_unix_passwd.-c
+++ /dev/null
@@ -1,373 +0,0 @@
-/* $Id: pam_unix_passwd.-c,v 1.3 2001/11/12 06:57:38 agmorgan Exp $ */
-
-static const char rcsid_pass[] =
-"$Id: pam_unix_passwd.-c,v 1.3 2001/11/12 06:57:38 agmorgan Exp $\n"
-" - PAM_PWDB password module <morgan@parc.power.net>"
-;
-
-#include "pam_unix_pwupd.-c"
-
-/* passwd/salt conversion macros */
-
-#define ascii_to_bin(c) ((c)>='a'?(c-59):(c)>='A'?((c)-53):(c)-'.')
-#define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.')
-
-/* data tokens */
-
-#define _UNIX_OLD_AUTHTOK "-UN*X-OLD-PASS"
-#define _UNIX_NEW_AUTHTOK "-UN*X-NEW-PASS"
-
-/* Implementation */
-
-/*
- * i64c - convert an integer to a radix 64 character
- */
-static int i64c(int i)
-{
- if (i < 0)
- return ('.');
- else if (i > 63)
- return ('z');
- if (i == 0)
- return ('.');
- if (i == 1)
- return ('/');
- if (i >= 2 && i <= 11)
- return ('0' - 2 + i);
- if (i >= 12 && i <= 37)
- return ('A' - 12 + i);
- if (i >= 38 && i <= 63)
- return ('a' - 38 + i);
- return ('\0');
-}
-
-/*
- * FUNCTION: _pam_unix_chauthtok()
- *
- * this function works in two passes. The first, when UNIX__PRELIM is
- * set, obtains the previous password. It sets the PAM_OLDAUTHTOK item
- * or stores it as a data item. The second function obtains a new
- * password (verifying if necessary, that the user types it the same a
- * second time.) depending on the 'ctrl' flags this new password may
- * be stored in the PAM_AUTHTOK item or a private data item.
- *
- * Having obtained a new password. The function updates the
- * /etc/passwd (and optionally the /etc/shadow) file(s).
- *
- * Provision is made for the creation of a blank shadow file if none
- * is available, but one is required to update the shadow file -- the
- * intention being for shadow passwords to be seamlessly implemented
- * from the generic UNIX scheme. -- THIS BIT IS PRE-ALPHA.. and included
- * in this release (.52) mostly for the purpose of discussion.
- */
-
-static int _unix_chauthtok(pam_handle_t *pamh, unsigned int ctrl)
-{
- int retval;
- unsigned int lctrl;
-
- /* <DO NOT free() THESE> */
- const char *user;
- const char *pass_old, *pass_new;
- /* </DO NOT free() THESE> */
-
- D(("called"));
-
- /*
- * First get the name of a user
- */
-
- retval = _unix_get_user( pamh, ctrl, "Username: ", &user );
- if ( retval != PAM_SUCCESS ) {
- if ( on(UNIX_DEBUG,ctrl) ) {
- _log_err(LOG_DEBUG, "password - could not identify user");
- }
- return retval;
- }
-
- if ( on(UNIX__PRELIM, ctrl) ) {
- /*
- * obtain and verify the current password (OLDAUTHTOK) for
- * the user.
- */
-
- char *Announce;
-
- D(("prelim check"));
-
- if ( _unix_blankpasswd(ctrl, user) ) {
-
- return PAM_SUCCESS;
-
- } else if ( off(UNIX__IAMROOT, ctrl) ) {
-
- /* instruct user what is happening */
-#define greeting "Changing password for "
- Announce = (char *) malloc(sizeof(greeting)+strlen(user));
- if (Announce == NULL) {
- _log_err(LOG_CRIT, "password - out of memory");
- return PAM_BUF_ERR;
- }
- (void) strcpy(Announce, greeting);
- (void) strcpy(Announce+sizeof(greeting)-1, user);
-#undef greeting
-
- lctrl = ctrl;
- set(UNIX__OLD_PASSWD, lctrl);
- retval = _unix_read_password( pamh, lctrl
- , Announce
- , "(current) UNIX password: "
- , NULL
- , _UNIX_OLD_AUTHTOK
- , &pass_old );
- free(Announce);
-
- if ( retval != PAM_SUCCESS ) {
- _log_err(LOG_NOTICE
- , "password - (old) token not obtained");
- return retval;
- }
-
- /* verify that this is the password for this user */
-
- retval = _unix_verify_password(pamh, user, pass_old, ctrl);
- } else {
- D(("process run by root so do nothing this time around"));
- pass_old = NULL;
- retval = PAM_SUCCESS; /* root doesn't have too */
- }
-
- if ( retval != PAM_SUCCESS ) {
- D(("Authentication failed"));
- pass_old = NULL;
- return retval;
- }
-
- retval = pam_set_item(pamh, PAM_OLDAUTHTOK, (const void *) pass_old);
- pass_old = NULL;
- if ( retval != PAM_SUCCESS ) {
- _log_err(LOG_CRIT, "failed to set PAM_OLDAUTHTOK");
- }
-
- } else if ( on( UNIX__UPDATE, ctrl ) ) {
- /* tpass is used below to store the _pam_md() return; it
- * should be _pam_delete()'d. */
-
- char *tpass=NULL;
-
- /*
- * obtain the proposed password
- */
-
- D(("do update"));
-
- /*
- * get the old token back. NULL was ok only if root [at this
- * point we assume that this has already been enforced on a
- * previous call to this function].
- */
-
- if ( off(UNIX_NOT_SET_PASS, ctrl) ) {
- retval = pam_get_item(pamh, PAM_OLDAUTHTOK
- , (const void **)&pass_old);
- } else {
- retval = pam_get_data(pamh, _UNIX_OLD_AUTHTOK
- , (const void **)&pass_old);
- if (retval == PAM_NO_MODULE_DATA) {
- retval = PAM_SUCCESS;
- pass_old = NULL;
- }
- }
-
- if (retval != PAM_SUCCESS) {
- _log_err(LOG_NOTICE, "user not authenticated");
- return retval;
- }
-
- D(("get new password now"));
-
- lctrl = ctrl;
-
- /*
- * use_authtok is to force the use of a previously entered
- * password -- needed for pluggable password strength checking
- */
-
- if ( on(UNIX_USE_AUTHTOK, lctrl) ) {
- set(UNIX_USE_FIRST_PASS, lctrl);
- }
-
- retval = _unix_read_password( pamh, lctrl
- , NULL
- , "Enter new UNIX password: "
- , "Retype new UNIX password: "
- , _UNIX_NEW_AUTHTOK
- , &pass_new );
-
- if ( retval != PAM_SUCCESS ) {
- if ( on(UNIX_DEBUG,ctrl) ) {
- _log_err(LOG_ALERT
- , "password - new password not obtained");
- }
- pass_old = NULL; /* tidy up */
- return retval;
- }
-
- D(("returned to _unix_chauthtok"));
-
- /*
- * At this point we know who the user is and what they
- * propose as their new password. Verify that the new
- * password is acceptable.
- */
-
- if (pass_new[0] == '\0') { /* "\0" password = NULL */
- pass_new = NULL;
- }
-
- retval = _pam_unix_approve_pass(pamh, ctrl, pass_old, pass_new);
-
- if (retval != PAM_SUCCESS) {
- _log_err(LOG_NOTICE, "new password not acceptable");
- pass_new = pass_old = NULL; /* tidy up */
- return retval;
- }
-
- /*
- * By reaching here we have approved the passwords and must now
- * rebuild the password database file.
- *
- * This includes the fact that the password is _not_ NULL.
- */
-
- /*
- * First we encrypt the new password.
- *
- * XXX - this is where we might need some code for RADIUS types
- * of password handling... no encryption needed..
- */
-
- if ( on(UNIX_MD5_PASS, ctrl) ) {
-
- /*
- * Code lifted from Marek Michalkiewicz's shadow suite. (CG)
- * removed use of static variables (AGM)
- */
-
- struct timeval tv;
- MD5_CTX ctx;
- unsigned char result[16];
- char *cp = (char *)result;
- unsigned char tmp[16];
- int i;
-
- GoodMD5Init(&ctx);
- gettimeofday(&tv, (struct timezone *) 0);
- GoodMD5Update(&ctx, (void *) &tv, sizeof tv);
- i = getpid();
- GoodMD5Update(&ctx, (void *) &i, sizeof i);
- i = clock();
- GoodMD5Update(&ctx, (void *) &i, sizeof i);
- GoodMD5Update(&ctx, result, sizeof result);
- GoodMD5Final(tmp, &ctx);
- strcpy(cp, "$1$"); /* magic for the MD5 */
- cp += strlen(cp);
- for (i = 0; i < 8; i++)
- *cp++ = i64c(tmp[i] & 077);
- *cp = '\0';
-
- /* no longer need cleartext */
- pass_new = tpass = _pam_md(pass_new, (const char *)result);
-
- } else {
- /*
- * Salt manipulation is stolen from Rick Faith's passwd
- * program. Sorry Rick :) -- alex
- */
-
- time_t tm;
- char salt[3];
-
- time(&tm);
- salt[0] = bin_to_ascii(tm & 0x3f);
- salt[1] = bin_to_ascii((tm >> 6) & 0x3f);
- salt[2] = '\0';
-
- if ( off(UNIX_BIGCRYPT, ctrl) && strlen(pass_new) > 8 ) {
- /* to avoid using the _extensions_ of the bigcrypt()
- function we truncate the newly entered password */
- char *temp = malloc(9);
-
- if (temp == NULL) {
- _log_err(LOG_CRIT, "out of memory for password");
- pass_new = pass_old = NULL; /* tidy up */
- return PAM_BUF_ERR;
- }
-
- /* copy first 8 bytes of password */
- strncpy(temp, pass_new, 8);
- temp[8] = '\0';
-
- /* no longer need cleartext */
- pass_new = tpass = _pam_md( temp, salt );
-
- _pam_delete(temp); /* tidy up */
- } else {
- /* no longer need cleartext */
- pass_new = tpass = _pam_md( pass_new, salt );
- }
- }
-
- D(("password processed"));
-
- /* update the password database(s) -- race conditions..? */
-
- retval = unix_update_db(pamh, ctrl, user, pass_old, pass_new);
- pass_old = pass_new = NULL;
-
- } else { /* something has broken with the module */
-
- _log_err(LOG_ALERT, "password received unknown request");
- retval = PAM_ABORT;
-
- }
-
- return retval;
-}
-
-/* ******************************************************************
- * Copyright (c) Alexander O. Yuriev (alex@bach.cis.temple.edu), 1996.
- * Copyright (c) Andrew Morgan <morgan@parc.power.net> 1996, 1997.
- * Copyright (c) Cristian Gafton, <gafton@redhat.com> 1996, 1997.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, and the entire permission notice in its entirety,
- * including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior
- * written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_pwupd.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_pwupd.-c
deleted file mode 100644
index a1fc65ff..00000000
--- a/Linux-PAM/modules/pam_pwdb/pam_unix_pwupd.-c
+++ /dev/null
@@ -1,260 +0,0 @@
-/*
- * $Id: pam_unix_pwupd.-c,v 1.1.1.1 2000/06/20 22:11:51 agmorgan Exp $
- *
- * This file contains the routines to update the passwd databases.
- */
-
-/* Implementation */
-
-static int unix_update_db(pam_handle_t *pamh, int ctrl, const char *user,
- const char *pass_old, const char *pass_new)
-{
- const struct pwdb *pw=NULL;
- const struct pwdb_entry *pwe=NULL;
- pwdb_flag flag;
- int retval, i;
-
- D(("called."));
-
- /* obtain default user record */
-
- retval = pwdb_locate("user", PWDB_DEFAULT, user, PWDB_ID_UNKNOWN, &pw);
- if (retval == PWDB_PASS_PHRASE_REQD) {
- retval = pwdb_set_entry(pw, "pass_phrase"
- , pass_old, 1+strlen(pass_old)
- , NULL, NULL, 0);
- if (retval == PWDB_SUCCESS)
- retval = pwdb_locate("user", pw->source, user
- , PWDB_ID_UNKNOWN, &pw);
- }
- pass_old = NULL;
-
- if ( retval != PWDB_SUCCESS ) {
- _log_err(LOG_ALERT, "cannot identify user %s (uid=%d)"
- , user, getuid() );
- pass_new = NULL;
- if (pw)
- (void) pwdb_delete(&pw);
- return PAM_USER_UNKNOWN;
- }
-
- /* check that we can update all of the default databases */
-
- retval = pwdb_flags("user", pw->source, &flag);
-
- if ( retval != PWDB_SUCCESS || ( pwdb_on(flag,PWDB_F_NOUPDATE) ) ) {
- _log_err(LOG_ERR, "cannot update default database for user %s"
- , user );
- pass_new = NULL;
- if (pw)
- (void) pwdb_delete(&pw);
- return PAM_PERM_DENIED;
- }
-
- /* If there was one, we delete the "last_change" entry */
- retval = pwdb_get_entry(pw, "last_change", &pwe);
- if (retval == PWDB_SUCCESS) {
- (void) pwdb_entry_delete(&pwe);
- pwdb_set_entry(pw, "last_change", NULL, -1, NULL, NULL, 0);
- }
-
- /*
- * next check for pam.conf specified databases: shadow etc... [In
- * other words, pam.conf indicates which database the password is
- * to be subsequently placed in: this is password migration].
- */
-
- if ( on(UNIX__SET_DB, ctrl) ) {
- const char *db_token;
- pwdb_type pt = _PWDB_MAX_TYPES;
-
- if ( on(UNIX_UNIX, ctrl) ) {
- db_token = "U"; /* XXX - should be macro */
- pt = PWDB_UNIX;
- } else if ( on(UNIX_SHADOW, ctrl) ) {
- db_token = "x"; /* XXX - should be macro */
- pt = PWDB_SHADOW;
- } else if ( on(UNIX_RADIUS, ctrl) ) {
- db_token = "R"; /* XXX - is this ok? */
- pt = PWDB_RADIUS;
- } else {
- _log_err(LOG_ALERT
- , "cannot determine database to use for authtok");
- pass_new = NULL;
- if (pw)
- (void) pwdb_delete(&pw);
- return PAM_ABORT; /* we're in trouble */
- }
-
- /*
- * Attempt to update the indicated database (only)
- */
-
- {
- pwdb_type tpt[2];
- tpt[0] = pt;
- tpt[1] = _PWDB_MAX_TYPES;
-
- /* Can we set entry in database? */
- retval = pwdb_flags("user", tpt, &flag);
- if (retval == PWDB_SUCCESS && !pwdb_on(flag,PWDB_F_NOUPDATE)) {
- /* YES. This database is available.. */
-
- /* Only update if it is not already in the default list */
- for (i=0; pw->source[i] != _PWDB_MAX_TYPES
- && pw->source[i] != pt ; ++i);
- if (pw->source[i] == _PWDB_MAX_TYPES) {
- const struct pwdb *tpw=NULL;
-
- /* copy database entry */
- if ((retval = pwdb_new(&tpw, 10)) != PWDB_SUCCESS
- || (retval = pwdb_merge(tpw, pw, PWDB_TRUE))
- != PWDB_SUCCESS) {
- _log_err(LOG_CRIT, "failed to obtain new pwdb: %s"
- , pwdb_strerror(retval));
- retval = PAM_ABORT;
- } else
- retval = PAM_SUCCESS;
-
- /* set db_token */
- if (retval == PAM_SUCCESS) {
- retval = pwdb_set_entry(tpw, "defer_pass", db_token
- , 1+strlen(db_token)
- , NULL, NULL, 0);
- if (retval != PWDB_SUCCESS) {
- _log_err(LOG_ALERT, "set defer_pass -> %s"
- , pwdb_strerror(retval));
- retval = PAM_PERM_DENIED;
- } else
- retval = PAM_SUCCESS;
- }
-
- /* update specific database */
- if (retval == PAM_SUCCESS) {
- retval = pwdb_replace("user", tpt
- , user, PWDB_ID_UNKNOWN, &tpw);
- if (retval != PWDB_SUCCESS) {
- const char *service=NULL;
- (void) pam_get_item(pamh, PAM_SERVICE
- , (const void **)&service);
- _log_err(LOG_ALERT
- , "(%s) specified database failed: %s"
- , service
- , pwdb_strerror(retval));
- retval = PAM_PERM_DENIED;
- } else {
- retval = PAM_SUCCESS;
- }
- }
-
- /* clean up temporary pwdb */
- if (tpw)
- (void) pwdb_delete(&tpw);
- }
-
- /* we can properly adopt new defer_pass */
- if (retval == PAM_SUCCESS) {
- /* failing here will mean we go back to former
- password location */
- (void) pwdb_set_entry(pw, "defer_pass", db_token
- , 1+strlen(db_token), NULL, NULL, 0);
- }
- }
- }
- }
-
- /*
- * the password will now be placed in appropriate (perhaps original) db
- */
-
- retval = pwdb_get_entry(pw, "uid", &pwe);
- if (retval != PWDB_SUCCESS) {
- _log_err(LOG_ALERT, "no uid!? (%s); %s", user, pwdb_strerror(retval));
- pass_new = NULL;
- if (pw)
- (void) pwdb_delete(&pw);
- return PAM_USER_UNKNOWN;
- }
-
- /* insert the passwd into the 'pw' structure */
-
- retval = pwdb_set_entry(pw, "passwd", pass_new, 1+strlen(pass_new)
- , NULL, NULL, 0);
- pass_new = NULL;
- if (retval != PWDB_SUCCESS) {
- _log_err(LOG_ALERT, "set2 failed; %s", pwdb_strerror(retval));
- if (pw)
- (void) pwdb_delete(&pw);
- return PAM_AUTHTOK_LOCK_BUSY;
- }
-
- retval = pwdb_replace("user", pw->source, user
- , *((uid_t *)pwe->value), &pw);
- if (retval != PWDB_SUCCESS) {
- _log_err(LOG_ALERT, "user (%s/%d) update failed; %s"
- , user, *((uid_t *)pwe->value), pwdb_strerror(retval));
- if (pw)
- (void) pwdb_delete(&pw);
- (void) pwdb_entry_delete(&pwe);
- return PAM_ABORT;
- }
-
- if (retval != PWDB_SUCCESS) {
-
- _log_err(LOG_ALERT, "user (%s/%d) update failed; %s"
- , user, *((uid_t *)pwe->value), pwdb_strerror(retval));
- retval = PAM_ABORT;
-
- } else {
- /* password updated */
-
- _log_err(LOG_INFO, "password for (%s/%d) changed by (%s/%d)"
- , user, *((uid_t *)pwe->value), getlogin(), getuid());
- retval = PAM_SUCCESS;
- }
-
- /* tidy up */
-
- (void) pwdb_entry_delete(&pwe);
- if (pw)
- (void) pwdb_delete(&pw);
-
- return retval;
-}
-
-/* ******************************************************************
- * Copyright (c) Andrew Morgan <morgan@parc.power.net> 1996,1997.
- * Copyright (c) Cristian Gafton, <gafton@redhat.com> 1996, 1997.
- * All rights reserved
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, and the entire permission notice in its entirety,
- * including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior
- * written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_sess.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_sess.-c
deleted file mode 100644
index 395bd9bb..00000000
--- a/Linux-PAM/modules/pam_pwdb/pam_unix_sess.-c
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * $Id: pam_unix_sess.-c,v 1.2 2000/12/04 19:02:34 baggins Exp $
- *
- * See end for Copyright information
- */
-
-static const char rcsid_sess[] =
-"$Id: pam_unix_sess.-c,v 1.2 2000/12/04 19:02:34 baggins Exp $\n"
-" - PAM_PWDB session management. morgan@parc.power.net";
-
-/* Define internal functions */
-
-static int _unix_open_session(pam_handle_t *pamh, unsigned int ctrl)
-{
- int retval;
- char *user_name, *service;
-
- D(("called."));
-
- retval = pam_get_item( pamh, PAM_USER, (void *) &user_name );
- if ( user_name == NULL || retval != PAM_SUCCESS ) {
- _log_err(LOG_CRIT, "open_session - error recovering username");
- return PAM_SESSION_ERR;
- }
-
- retval = pam_get_item( pamh, PAM_SERVICE, (void*) &service );
- if ( service == NULL || retval != PAM_SUCCESS ) {
- _log_err(LOG_CRIT, "open_session - error recovering service");
- return PAM_SESSION_ERR;
- }
-
- _log_err(LOG_INFO, "(%s) session opened for user %s by %s(uid=%d)"
- , service, user_name
- , getlogin() == NULL ? "":getlogin(), getuid() );
-
- return PAM_SUCCESS;
-}
-
-static int _unix_close_session(pam_handle_t *pamh, unsigned int ctrl)
-{
- int retval;
- char *user_name, *service;
-
- D(("called."));
-
- retval = pam_get_item( pamh, PAM_USER, (void*) &user_name );
- if ( user_name == NULL || retval != PAM_SUCCESS ) {
- _log_err(LOG_CRIT, "close_session - error recovering username");
- return PAM_SESSION_ERR;
- }
-
- retval = pam_get_item( pamh, PAM_SERVICE, (void*) &service );
- if ( service == NULL || retval != PAM_SUCCESS ) {
- _log_err(LOG_CRIT, "close_session - error recovering service");
- return PAM_SESSION_ERR;
- }
-
- _log_err(LOG_INFO, "(%s) session closed for user %s"
- , service, user_name );
-
- return PAM_SUCCESS;
-}
-
-/*
- * Copyright (c) Alexander O. Yuriev, 1996. All rights reserved.
- * Copyright (c) Andrew G. Morgan, 1996, <morgan@parc.power.net>
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, and the entire permission notice in its entirety,
- * including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior
- * written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
diff --git a/Linux-PAM/modules/pam_pwdb/pwdb_chkpwd.c b/Linux-PAM/modules/pam_pwdb/pwdb_chkpwd.c
deleted file mode 100644
index 36c248ef..00000000
--- a/Linux-PAM/modules/pam_pwdb/pwdb_chkpwd.c
+++ /dev/null
@@ -1,221 +0,0 @@
-/*
- * $Id: pwdb_chkpwd.c,v 1.4 2001/12/09 21:44:58 agmorgan Exp $
- *
- * This program is designed to run setuid(root) or with sufficient
- * privilege to read all of the unix password databases. It is designed
- * to provide a mechanism for the current user (defined by this
- * process' real uid) to verify their own password.
- *
- * The password is read from the standard input. The exit status of
- * this program indicates whether the user is authenticated or not.
- *
- * Copyright information is located at the end of the file.
- *
- */
-
-#include <security/_pam_aconf.h>
-
-#ifdef MEMORY_DEBUG
-# undef exit
-# undef strdup
-# undef free
-#endif /* MEMORY_DEBUG */
-
-#include <stdarg.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <syslog.h>
-#include <unistd.h>
-
-#include <security/_pam_macros.h>
-
-#define MAXPASS 200 /* the maximum length of a password */
-
-#define UNIX_PASSED (PWDB_SUCCESS)
-#define UNIX_FAILED (PWDB_SUCCESS+1)
-
-#include <pwdb/pwdb_public.h>
-
-/* syslogging function for errors and other information */
-
-static void _log_err(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("pwdb_chkpwd", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
-#define PWDB_NO_MD_COMPAT
-#include "pam_unix_md.-c"
-
-static int _unix_verify_passwd(const char *salt, const char *p)
-{
- char *pp=NULL;
- int retval;
-
- if (p == NULL) {
- if (*salt == '\0') {
- retval = UNIX_PASSED;
- } else {
- retval = UNIX_FAILED;
- }
- } else {
- pp = _pam_md(p, salt);
- p = NULL; /* no longer needed here */
-
- if ( strcmp( pp, salt ) == 0 ) {
- retval = UNIX_PASSED;
- } else {
- retval = UNIX_FAILED;
- }
- }
-
- /* clean up */
- {
- char *tp = pp;
- if (pp != NULL) {
- while(tp && *tp)
- *tp++ = '\0';
- free(pp);
- pp = tp = NULL;
- }
- }
-
- return retval;
-}
-
-int main(int argc, char **argv)
-{
- const struct pwdb *pw=NULL;
- const struct pwdb_entry *pwe=NULL;
- char pass[MAXPASS+1];
- int npass, force_failure=0;
- int retval=UNIX_FAILED;
-
- /*
- * we establish that this program is running with non-tty stdin.
- * this is to discourage casual use. It does *NOT* prevent an
- * intruder from repeatadly running this program to determine the
- * password of the current user (brute force attack, but one for
- * which the attacker must already have gained access to the user's
- * account).
- */
-
- if ( isatty(STDIN_FILENO) ) {
- _log_err(LOG_NOTICE
- , "inappropriate use of PWDB helper binary [UID=%d]"
- , getuid() );
- fprintf(stderr,
- "This program is not designed for running in this way\n"
- "-- the system administrator has been informed\n");
- exit(UNIX_FAILED);
- }
-
- /*
- * determine the current user's name:
- */
-
- retval = pwdb_start();
- if (retval != PWDB_SUCCESS) {
- _log_err(LOG_ALERT, "failed to open pwdb");
- retval = UNIX_FAILED;
- }
- if (retval != UNIX_FAILED) {
- retval = pwdb_locate("user", PWDB_DEFAULT, PWDB_NAME_UNKNOWN,
- getuid(), &pw);
- }
- if (retval != PWDB_SUCCESS) {
- _log_err(LOG_ALERT, "could not identify user");
- while (pwdb_end() != PWDB_SUCCESS);
- exit(UNIX_FAILED);
- }
- if (argc == 2) {
- if (pwdb_get_entry(pw, "user", &pwe) == PWDB_SUCCESS) {
- if (pwe == NULL) {
- force_failure = 1;
- } else {
- if (strcmp((const char *) pwe->value, argv[1])) {
- force_failure = 1;
- }
- pwdb_entry_delete(&pwe);
- }
- }
- }
-
- /* read the password from stdin (a pipe from the pam_pwdb module) */
-
- npass = read(STDIN_FILENO, pass, MAXPASS);
-
- if (npass < 0) { /* is it a valid password? */
- _log_err(LOG_DEBUG, "no password supplied");
- retval = UNIX_FAILED;
- } else if (npass >= MAXPASS-1) {
- _log_err(LOG_DEBUG, "password too long");
- retval = UNIX_FAILED;
- } else if (pwdb_get_entry(pw, "passwd", &pwe) != PWDB_SUCCESS) {
- _log_err(LOG_WARNING, "password not found");
- retval = UNIX_FAILED;
- } else {
- if (npass <= 0) {
- /* the password is NULL */
-
- retval = _unix_verify_passwd((const char *)(pwe->value), NULL);
- } else {
- /* does pass agree with the official one? */
-
- pass[npass] = '\0'; /* NUL terminate */
- retval = _unix_verify_passwd((const char *)(pwe->value), pass);
- }
- }
-
- memset(pass, '\0', MAXPASS); /* clear memory of the password */
- while (pwdb_end() != PWDB_SUCCESS);
-
- if ((retval != UNIX_FAILED) && force_failure) {
- retval = UNIX_FAILED;
- }
-
- /* return pass or fail */
-
- exit(retval);
-}
-
-/*
- * Copyright (c) Andrew G. Morgan, 1997. All rights reserved
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, and the entire permission notice in its entirety,
- * including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior
- * written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
diff --git a/Linux-PAM/modules/pam_pwdb/support.-c b/Linux-PAM/modules/pam_pwdb/support.-c
deleted file mode 100644
index bfa4e8a1..00000000
--- a/Linux-PAM/modules/pam_pwdb/support.-c
+++ /dev/null
@@ -1,963 +0,0 @@
-/*
- * $Id: support.-c,v 1.6 2004/09/15 12:06:17 kukuk Exp $
- *
- * Copyright information at end of file.
- */
-
-/*
- * here is the string to inform the user that the new passwords they
- * typed were not the same.
- */
-
-#define MISTYPED_PASS "Sorry, passwords do not match"
-
-/* type definition for the control options */
-
-typedef struct {
- const char *token;
- unsigned int mask; /* shall assume 32 bits of flags */
- unsigned int flag;
-} UNIX_Ctrls;
-
-/*
- * macro to determine if a given flag is on
- */
-
-#define on(x,ctrl) (unix_args[x].flag & ctrl)
-
-/*
- * macro to determine that a given flag is NOT on
- */
-
-#define off(x,ctrl) (!on(x,ctrl))
-
-/*
- * macro to turn on/off a ctrl flag manually
- */
-
-#define set(x,ctrl) (ctrl = ((ctrl)&unix_args[x].mask)|unix_args[x].flag)
-#define unset(x,ctrl) (ctrl &= ~(unix_args[x].flag))
-
-/* the generic mask */
-
-#define _ALL_ON_ (~0U)
-
-/* end of macro definitions definitions for the control flags */
-
-/* ****************************************************************** *
- * ctrl flags proper..
- */
-
-/*
- * here are the various options recognized by the unix module. They
- * are enumerated here and then defined below. Internal arguments are
- * given NULL tokens.
- */
-
-#define UNIX__OLD_PASSWD 0 /* internal */
-#define UNIX__VERIFY_PASSWD 1 /* internal */
-#define UNIX__IAMROOT 2 /* internal */
-
-#define UNIX_AUDIT 3 /* print more things than debug..
- some information may be sensitive */
-#define UNIX_USE_FIRST_PASS 4
-#define UNIX_TRY_FIRST_PASS 5
-#define UNIX_NOT_SET_PASS 6 /* don't set the AUTHTOK items */
-
-#define UNIX__PRELIM 7 /* internal */
-#define UNIX__UPDATE 8 /* internal */
-#define UNIX__NONULL 9 /* internal */
-#define UNIX__QUIET 10 /* internal */
-#define UNIX_USE_AUTHTOK 11 /* insist on reading PAM_AUTHTOK */
-#define UNIX_SHADOW 12 /* signal shadow on */
-#define UNIX_MD5_PASS 13 /* force the use of MD5 passwords */
-#define UNIX__NULLOK 14 /* Null token ok */
-#define UNIX_RADIUS 15 /* wish to use RADIUS for password */
-#define UNIX__SET_DB 16 /* internal - signals redirect to db */
-#define UNIX_DEBUG 17 /* send more info to syslog(3) */
-#define UNIX_NODELAY 18 /* admin does not want a fail-delay */
-#define UNIX_UNIX 19 /* wish to use /etc/passwd for pwd */
-#define UNIX_BIGCRYPT 20 /* use DEC-C2 crypt()^x function */
-#define UNIX_LIKE_AUTH 21 /* need to auth for setcred to work */
-#define UNIX_NOREAP 22 /* don't reap child process */
-/* -------------- */
-#define UNIX_CTRLS_ 23 /* number of ctrl arguments defined */
-
-
-static const UNIX_Ctrls unix_args[UNIX_CTRLS_] = {
-/* symbol token name ctrl mask ctrl *
- * ------------------ ------------------ -------------- ---------- */
-
-/* UNIX__OLD_PASSWD */ { NULL, _ALL_ON_, 01 },
-/* UNIX__VERIFY_PASSWD */ { NULL, _ALL_ON_, 02 },
-/* UNIX__IAMROOT */ { NULL, _ALL_ON_, 04 },
-/* UNIX_AUDIT */ { "audit", _ALL_ON_, 010 },
-/* UNIX_USE_FIRST_PASS */ { "use_first_pass", _ALL_ON_^(060), 020 },
-/* UNIX_TRY_FIRST_PASS */ { "try_first_pass", _ALL_ON_^(060), 040 },
-/* UNIX_NOT_SET_PASS */ { "not_set_pass", _ALL_ON_, 0100 },
-/* UNIX__PRELIM */ { NULL, _ALL_ON_^(0600), 0200 },
-/* UNIX__UPDATE */ { NULL, _ALL_ON_^(0600), 0400 },
-/* UNIX__NONULL */ { NULL, _ALL_ON_, 01000 },
-/* UNIX__QUIET */ { NULL, _ALL_ON_, 02000 },
-/* UNIX_USE_AUTHTOK */ { "use_authtok", _ALL_ON_, 04000 },
-/* UNIX_SHADOW */ { "shadow", _ALL_ON_^(0140000), 010000 },
-/* UNIX_MD5_PASS */ { "md5", _ALL_ON_^(02000000), 020000 },
-/* UNIX__NULLOK */ { "nullok", _ALL_ON_^(01000), 0 },
-/* UNIX_RADIUS */ { "radius", _ALL_ON_^(0110000), 040000 },
-/* UNIX__SET_DB */ { NULL, _ALL_ON_, 0100000 },
-/* UNIX_DEBUG */ { "debug", _ALL_ON_, 0200000 },
-/* UNIX_NODELAY */ { "nodelay", _ALL_ON_, 0400000 },
-/* UNIX_UNIX */ { "unix", _ALL_ON_^(050000), 01000000 },
-/* UNIX_BIGCRYPT */ { "bigcrypt", _ALL_ON_^(020000), 02000000 },
-/* UNIX_LIKE_AUTH */ { "likeauth", _ALL_ON_, 04000000 },
-/* UNIX_NOREAP */ {"noreap", _ALL_ON_, 010000000 },
-};
-
-#define UNIX_DEFAULTS (unix_args[UNIX__NONULL].flag)
-
-/* syslogging function for errors and other information */
-
-static void _log_err(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM_pwdb", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
-/* this is a front-end for module-application conversations */
-
-static int converse(pam_handle_t *pamh, int ctrl, int nargs
- , struct pam_message **message
- , struct pam_response **response)
-{
- int retval;
- struct pam_conv *conv;
-
- D(("begin to converse"));
-
- retval = pam_get_item( pamh, PAM_CONV, (const void **) &conv ) ;
- if ( retval == PAM_SUCCESS ) {
-
- retval = conv->conv(nargs, ( const struct pam_message ** ) message
- , response, conv->appdata_ptr);
-
- D(("returned from application's conversation function"));
-
- if (retval != PAM_SUCCESS && on(UNIX_DEBUG,ctrl) ) {
- _log_err(LOG_DEBUG, "conversation failure [%s]"
- , pam_strerror(pamh, retval));
- }
-
- } else if (retval != PAM_CONV_AGAIN) {
- _log_err(LOG_ERR, "couldn't obtain coversation function [%s]"
- , pam_strerror(pamh, retval));
- }
-
- D(("ready to return from module conversation"));
-
- return retval; /* propagate error status */
-}
-
-static int make_remark(pam_handle_t *pamh, unsigned int ctrl
- , int type, const char *text)
-{
- int retval=PAM_SUCCESS;
-
- if ( off(UNIX__QUIET, ctrl) ) {
- struct pam_message *pmsg[1], msg[1];
- struct pam_response *resp;
-
- pmsg[0] = &msg[0];
- msg[0].msg = text;
- msg[0].msg_style = type;
-
- resp = NULL;
- retval = converse(pamh, ctrl, 1, pmsg, &resp);
-
- if (resp) {
- _pam_drop_reply(resp, 1);
- }
- }
- return retval;
-}
-
-/*
- * set the control flags for the UNIX module.
- */
-
-static int set_ctrl(int flags, int argc, const char **argv)
-{
- unsigned int ctrl;
-
- D(("called."));
-
- ctrl = UNIX_DEFAULTS; /* the default selection of options */
-
- /* set some flags manually */
-
- if ( getuid() == 0 && !(flags & PAM_CHANGE_EXPIRED_AUTHTOK) ) {
- set(UNIX__IAMROOT, ctrl);
- }
- if ( flags & PAM_UPDATE_AUTHTOK ) {
- set(UNIX__UPDATE, ctrl);
- }
- if ( flags & PAM_PRELIM_CHECK ) {
- set(UNIX__PRELIM, ctrl);
- }
- if ( flags & PAM_DISALLOW_NULL_AUTHTOK ) {
- set(UNIX__NONULL, ctrl);
- }
- if ( flags & PAM_SILENT ) {
- set(UNIX__QUIET, ctrl);
- }
-
- /* now parse the arguments to this module */
-
- while (argc-- > 0) {
- int j;
-
- D(("pam_pwdb arg: %s",*argv));
-
- for (j=0; j<UNIX_CTRLS_; ++j) {
- if (unix_args[j].token
- && ! strcmp(*argv, unix_args[j].token) ) {
- break;
- }
- }
-
- if ( j >= UNIX_CTRLS_ ) {
- _log_err(LOG_ERR, "unrecognized option [%s]",*argv);
- } else {
- ctrl &= unix_args[j].mask; /* for turning things off */
- ctrl |= unix_args[j].flag; /* for turning things on */
- }
-
- ++argv; /* step to next argument */
- }
-
- /* these are used for updating passwords in specific places */
-
- if (on(UNIX_SHADOW,ctrl) || on(UNIX_RADIUS,ctrl) || on(UNIX_UNIX,ctrl)) {
- set(UNIX__SET_DB, ctrl);
- }
-
- /* auditing is a more sensitive version of debug */
-
- if ( on(UNIX_AUDIT,ctrl) ) {
- set(UNIX_DEBUG, ctrl);
- }
-
- /* return the set of flags */
-
- D(("done."));
- return ctrl;
-}
-
-/* use this to free strings. ESPECIALLY password strings */
-
-static char *_pam_delete(register char *xx)
-{
- _pam_overwrite(xx);
- _pam_drop(xx);
- return NULL;
-}
-
-static void _cleanup(pam_handle_t *pamh, void *x, int error_status)
-{
- x = _pam_delete( (char *) x );
-}
-
-/* ************************************************************** *
- * Useful non-trivial functions *
- * ************************************************************** */
-
-#include "pam_unix_md.-c"
-
-/*
- * the following is used to keep track of the number of times a user fails
- * to authenticate themself.
- */
-
-#define FAIL_PREFIX "-UN*X-FAIL-"
-#define UNIX_MAX_RETRIES 3
-
-struct _pam_failed_auth {
- char *user; /* user that's failed to be authenticated */
- char *name; /* attempt from user with name */
- int id; /* uid of name'd user */
- int count; /* number of failures so far */
-};
-
-#ifndef PAM_DATA_REPLACE
-#error "Need to get an updated libpam 0.52 or better"
-#endif
-
-static void _cleanup_failures(pam_handle_t *pamh, void *fl, int err)
-{
- int quiet;
- const char *service=NULL;
- struct _pam_failed_auth *failure;
-
- D(("called"));
-
- quiet = err & PAM_DATA_SILENT; /* should we log something? */
- err &= PAM_DATA_REPLACE; /* are we just replacing data? */
- failure = (struct _pam_failed_auth *) fl;
-
- if ( failure != NULL ) {
-
- if ( !quiet && !err ) { /* under advisement from Sun,may go away */
-
- /* log the number of authentication failures */
- if ( failure->count > 1 ) {
- (void) pam_get_item(pamh, PAM_SERVICE
- , (const void **)&service);
- _log_err(LOG_NOTICE
- , "%d more authentication failure%s; %s(uid=%d) -> "
- "%s for %s service"
- , failure->count-1, failure->count==2 ? "":"s"
- , failure->name
- , failure->id
- , failure->user
- , service == NULL ? "**unknown**":service
- );
- if ( failure->count > UNIX_MAX_RETRIES ) {
- _log_err(LOG_ALERT
- , "service(%s) ignoring max retries; %d > %d"
- , service == NULL ? "**unknown**":service
- , failure->count
- , UNIX_MAX_RETRIES );
- }
- }
- }
- failure->user = _pam_delete(failure->user); /* tidy up */
- failure->name = _pam_delete(failure->name); /* tidy up */
- free(failure);
- }
-}
-
-/*
- * verify the password of a user
- */
-
-#include <signal.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-
-static int pwdb_run_helper_binary(pam_handle_t *pamh, const char *passwd,
- unsigned int ctrl, const char *user)
-{
- int retval, child, fds[2];
- void (*sighandler)(int) = NULL;
-
- D(("called."));
- /* create a pipe for the password */
- if (pipe(fds) != 0) {
- D(("could not make pipe"));
- return PAM_AUTH_ERR;
- }
-
- if (off(UNIX_NOREAP, ctrl)) {
- /*
- * This code arranges that the demise of the child does not cause
- * the application to receive a signal it is not expecting - which
- * may kill the application or worse.
- *
- * The "noreap" module argument is provided so that the admin can
- * override this behavior.
- */
- sighandler = signal(SIGCHLD, SIG_DFL);
- }
-
- /* fork */
- child = fork();
- if (child == 0) {
- static char *args[] = { NULL, NULL, NULL };
- static char *envp[] = { NULL };
-
- /* XXX - should really tidy up PAM here too */
- while (pwdb_end() == PWDB_SUCCESS);
-
- /* reopen stdin as pipe */
- close(fds[1]);
- dup2(fds[0], STDIN_FILENO);
-
- /* exec binary helper */
- args[0] = x_strdup(CHKPWD_HELPER);
- args[1] = x_strdup(user);
-
- execve(CHKPWD_HELPER, args, envp);
-
- /* should not get here: exit with error */
- D(("helper binary is not available"));
- exit(PWDB_SUCCESS+1);
- } else if (child > 0) {
- /* wait for child */
- if (passwd != NULL) { /* send the password to the child */
- write(fds[1], passwd, strlen(passwd)+1);
- passwd = NULL;
- } else {
- write(fds[1], "", 1); /* blank password */
- }
- close(fds[0]); /* we close this after the write because we want
- to avoid a possible SIGPIPE. */
- close(fds[1]);
- (void) waitpid(child, &retval, 0); /* wait for helper to complete */
- retval = (retval == PWDB_SUCCESS) ? PAM_SUCCESS:PAM_AUTH_ERR;
- } else {
- D(("fork failed"));
- retval = PAM_AUTH_ERR;
- }
-
- if (sighandler != NULL) {
- (void) signal(SIGCHLD, sighandler); /* restore old signal handler */
- }
-
- D(("returning %d", retval));
- return retval;
-}
-
-static int _unix_verify_password(pam_handle_t *pamh, const char *name,
- const char *p, unsigned int ctrl)
-{
- const struct pwdb *pw=NULL;
- const struct pwdb_entry *pwe=NULL;
-
- const char *salt;
- char *pp;
- char *data_name;
- int retval;
- int verify_result;
-
- D(("called"));
-
-#ifdef HAVE_PAM_FAIL_DELAY
- if ( off(UNIX_NODELAY, ctrl) ) {
- D(("setting delay"));
- (void) pam_fail_delay(pamh, 1000000); /* 1 sec delay for on failure */
- }
-#endif
-
- /* locate the entry for this user */
-
- D(("locating user's record"));
- retval = pwdb_locate("user", PWDB_DEFAULT, name, PWDB_ID_UNKNOWN, &pw);
- if (retval == PWDB_PASS_PHRASE_REQD) {
- /*
- * give the password to the pwdb library. It may be needed to
- * access the database
- */
-
- retval = pwdb_set_entry( pw, "pass_phrase", p, 1+strlen(p)
- , NULL, NULL, 0);
- if (retval != PWDB_SUCCESS) {
- _log_err(LOG_ALERT, "find pass; %s", pwdb_strerror(retval));
- (void) pwdb_delete(&pw);
- p = NULL;
- return PAM_CRED_INSUFFICIENT;
- }
-
- retval = pwdb_locate("user", pw->source, name, PWDB_ID_UNKNOWN, &pw);
- }
-
- if (retval != PWDB_SUCCESS) {
- D(("user's record unavailable"));
- if ( on(UNIX_AUDIT, ctrl) ) {
- /* this might be a typo and the user has given a password
- instead of a username. Careful with this. */
- _log_err(LOG_ALERT, "check pass; user (%s) unknown", name);
- } else {
- _log_err(LOG_ALERT, "check pass; user unknown");
- }
- (void) pwdb_delete(&pw);
- p = NULL;
- return PAM_USER_UNKNOWN;
- }
-
- /*
- * courtesy of PWDB the password for the user is stored in
- * encrypted form in the "passwd" entry of pw.
- */
-
- retval = pwdb_get_entry(pw, "passwd", &pwe);
- if (retval != PWDB_SUCCESS) {
- if (geteuid()) {
- /* we are not root perhaps this is the reason? Run helper */
- D(("running helper binary"));
- retval = pwdb_run_helper_binary(pamh, p, ctrl, name);
- } else {
- retval = PAM_AUTHINFO_UNAVAIL;
- _log_err(LOG_ALERT, "get passwd; %s", pwdb_strerror(retval));
- }
- (void) pwdb_delete(&pw);
- p = NULL;
- return retval;
- }
- salt = (const char *) pwe->value;
-
- /*
- * XXX: Cristian, the above is not the case for RADIUS(?) Some
- * lines should be added for RADIUS to verify the password in
- * clear text...
- */
-
- data_name = (char *) malloc(sizeof(FAIL_PREFIX)+strlen(name));
- if ( data_name == NULL ) {
- _log_err(LOG_CRIT, "no memory for data-name");
- }
- strcpy(data_name, FAIL_PREFIX);
- strcpy(data_name + sizeof(FAIL_PREFIX)-1, name);
-
- if ( !( (salt && *salt) || (p && *p) ) ) {
-
- D(("two null passwords to compare"));
-
- /* the stored password is NULL */
- pp = NULL;
- if ( off(UNIX__NONULL, ctrl ) ) { /* this means we've succeeded */
- verify_result = PAM_SUCCESS;
- } else {
- verify_result = PAM_AUTH_ERR;
- }
-
- } else if ( !( salt && p ) ) {
-
- D(("one of the two to compare are NULL"));
-
- pp = NULL;
- verify_result = PAM_AUTH_ERR;
-
- } else {
-
- /* there is no way that p can be NULL (one can be "") */
- pp = _pam_md(p, salt);
-
- /* the moment of truth -- do we agree with the password? */
- D(("comparing state of pp[%s] and salt[%s]", pp, salt));
-
- if ( strcmp( pp, salt ) == 0 ) {
- verify_result = PAM_SUCCESS;
- } else {
- _pam_delete(pp);
- pp = _pam_md_compat(p, salt);
- if ( strcmp( pp, salt ) == 0 ) {
- verify_result = PAM_SUCCESS;
- } else {
- verify_result = PAM_AUTH_ERR;
- }
- }
-
- p = NULL; /* no longer needed here */
-
- }
-
- if ( verify_result == PAM_SUCCESS ) {
-
- retval = PAM_SUCCESS;
- if (data_name) { /* reset failures */
- pam_set_data(pamh, data_name, NULL, _cleanup_failures);
- }
-
- } else {
-
- retval = PAM_AUTH_ERR;
- if (data_name != NULL) {
- struct _pam_failed_auth *new=NULL;
- const struct _pam_failed_auth *old=NULL;
-
- /* get a failure recorder */
-
- new = (struct _pam_failed_auth *)
- malloc(sizeof(struct _pam_failed_auth));
-
- if (new != NULL) {
-
- new->user = x_strdup(name);
- new->id = getuid();
- new->name = x_strdup(getlogin() ? getlogin():"" );
-
- /* any previous failures for this user ? */
- pam_get_data(pamh, data_name, (const void **)&old );
-
- if (old != NULL) {
- new->count = old->count +1;
- if (new->count >= UNIX_MAX_RETRIES) {
- retval = PAM_MAXTRIES;
- }
- } else {
- const char *service=NULL;
- (void) pam_get_item(pamh, PAM_SERVICE
- , (const void **)&service);
- _log_err(LOG_NOTICE
- , "authentication failure; %s(uid=%d) -> "
- "%s for %s service"
- , new->name
- , new->id
- , new->user
- , service == NULL ? "**unknown**":service
- );
- new->count = 1;
- }
-
- pam_set_data(pamh, data_name, new, _cleanup_failures);
-
- } else {
- _log_err(LOG_CRIT, "no memory for failure recorder");
- }
- }
-
- }
-
- (void) pwdb_entry_delete(&pwe);
- (void) pwdb_delete(&pw);
- salt = NULL;
- _pam_delete(data_name);
- _pam_delete(pp);
-
- D(("done [%d].", retval));
-
- return retval;
-}
-
-/*
- * this function obtains the name of the current user and ensures
- * that the PAM_USER item is set to this value
- */
-
-static int _unix_get_user(pam_handle_t *pamh, unsigned int ctrl
- , const char *prompt, const char **user)
-{
- int retval;
-
- D(("called"));
-
- retval = pam_get_user(pamh, user, prompt);
- if (retval != PAM_SUCCESS) {
- D(("trouble reading username"));
- return retval;
- }
-
- /*
- * Various libraries at various times have had bugs related to
- * '+' or '-' as the first character of a user name. Don't take
- * any chances here. Require that the username starts with an
- * alphanumeric character.
- */
-
- if (*user == NULL || !isalnum(**user)) {
- D(("bad username"));
- if (on(UNIX_DEBUG,ctrl)) {
- _log_err(LOG_ERR, "bad username [%s]", *user);
- }
- return PAM_USER_UNKNOWN;
- }
-
- if (retval == PAM_SUCCESS && on(UNIX_DEBUG,ctrl)) {
- _log_err(LOG_DEBUG, "username [%s] obtained", *user);
- }
-
- return retval;
-}
-
-/*
- * _unix_blankpasswd() is a quick check for a blank password
- *
- * returns TRUE if user does not have a password
- * - to avoid prompting for one in such cases (CG)
- */
-
-static int _unix_blankpasswd(unsigned int ctrl, const char *name)
-{
- const struct pwdb *pw=NULL;
- const struct pwdb_entry *pwe=NULL;
- int retval;
-
- D(("called"));
-
- /*
- * This function does not have to be too smart if something goes
- * wrong, return FALSE and let this case to be treated somewhere
- * else (CG)
- */
-
- if ( on(UNIX__NONULL, ctrl) )
- return 0; /* will fail but don't let on yet */
-
- /* find the user's database entry */
-
- retval = pwdb_locate("user", PWDB_DEFAULT, name, PWDB_ID_UNKNOWN, &pw);
- if (retval != PWDB_SUCCESS || pw == NULL ) {
-
- retval = 0;
-
- } else {
-
- /* Does this user have a password? */
-
- retval = pwdb_get_entry(pw, "passwd", &pwe);
- if ( retval != PWDB_SUCCESS || pwe == NULL )
- retval = 0;
- else if ( pwe->value == NULL || ((char *)pwe->value)[0] == '\0' )
- retval = 1;
- else
- retval = 0;
-
- }
-
- /* tidy up */
-
- if ( pw ) {
- (void) pwdb_delete(&pw);
- if ( pwe )
- (void) pwdb_entry_delete(&pwe);
- }
-
- return retval;
-}
-
-/*
- * obtain a password from the user
- */
-
-static int _unix_read_password( pam_handle_t *pamh
- , unsigned int ctrl
- , const char *comment
- , const char *prompt1
- , const char *prompt2
- , const char *data_name
- , const char **pass )
-{
- int authtok_flag;
- int retval;
- const char *item;
- char *token;
-
- D(("called"));
-
- /*
- * make sure nothing inappropriate gets returned
- */
-
- *pass = token = NULL;
-
- /*
- * which authentication token are we getting?
- */
-
- authtok_flag = on(UNIX__OLD_PASSWD,ctrl) ? PAM_OLDAUTHTOK:PAM_AUTHTOK ;
-
- /*
- * should we obtain the password from a PAM item ?
- */
-
- if ( on(UNIX_TRY_FIRST_PASS,ctrl) || on(UNIX_USE_FIRST_PASS,ctrl) ) {
- retval = pam_get_item(pamh, authtok_flag, (const void **) &item);
- if (retval != PAM_SUCCESS ) {
- /* very strange. */
- _log_err(LOG_ALERT
- , "pam_get_item returned error to unix-read-password"
- );
- return retval;
- } else if (item != NULL) { /* we have a password! */
- *pass = item;
- item = NULL;
- return PAM_SUCCESS;
- } else if (on(UNIX_USE_FIRST_PASS,ctrl)) {
- return PAM_AUTHTOK_RECOVER_ERR; /* didn't work */
- } else if (on(UNIX_USE_AUTHTOK, ctrl)
- && off(UNIX__OLD_PASSWD, ctrl)) {
- return PAM_AUTHTOK_RECOVER_ERR;
- }
- }
-
- /*
- * getting here implies we will have to get the password from the
- * user directly.
- */
-
- {
- struct pam_message msg[3],*pmsg[3];
- struct pam_response *resp;
- int i, replies;
-
- /* prepare to converse */
-
- if ( comment != NULL && off(UNIX__QUIET, ctrl) ) {
- pmsg[0] = &msg[0];
- msg[0].msg_style = PAM_TEXT_INFO;
- msg[0].msg = comment;
- i = 1;
- } else {
- i = 0;
- }
-
- pmsg[i] = &msg[i];
- msg[i].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[i++].msg = prompt1;
- replies = 1;
-
- if ( prompt2 != NULL ) {
- pmsg[i] = &msg[i];
- msg[i].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[i++].msg = prompt2;
- ++replies;
- }
-
- /* so call the conversation expecting i responses */
- resp = NULL;
- retval = converse(pamh, ctrl, i, pmsg, &resp);
-
- if (resp != NULL) {
-
- /* interpret the response */
-
- if (retval == PAM_SUCCESS) { /* a good conversation */
-
- token = x_strdup(resp[i-replies].resp);
- if (token != NULL) {
- if (replies == 2) {
-
- /* verify that password entered correctly */
- if (!resp[i-1].resp
- || strcmp(token,resp[i-1].resp)) {
- token = _pam_delete(token); /* mistyped */
- retval = PAM_AUTHTOK_RECOVER_ERR;
- make_remark(pamh, ctrl
- , PAM_ERROR_MSG, MISTYPED_PASS);
- }
- }
-
- } else {
- _log_err(LOG_NOTICE
- , "could not recover authentication token");
- }
-
- }
-
- /*
- * tidy up the conversation (resp_retcode) is ignored
- * -- what is it for anyway? AGM
- */
-
- _pam_drop_reply(resp, i);
-
- } else {
- retval = (retval == PAM_SUCCESS)
- ? PAM_AUTHTOK_RECOVER_ERR:retval ;
- }
- }
-
- if (retval != PAM_SUCCESS) {
- if ( on(UNIX_DEBUG,ctrl) )
- _log_err(LOG_DEBUG,"unable to obtain a password");
- return retval;
- }
-
- /* 'token' is the entered password */
-
- if ( off(UNIX_NOT_SET_PASS, ctrl) ) {
-
- /* we store this password as an item */
-
- retval = pam_set_item(pamh, authtok_flag, token);
- token = _pam_delete(token); /* clean it up */
- if ( retval != PAM_SUCCESS
- || (retval = pam_get_item(pamh, authtok_flag
- , (const void **)&item))
- != PAM_SUCCESS ) {
-
- _log_err(LOG_CRIT, "error manipulating password");
- return retval;
-
- }
-
- } else {
- /*
- * then store it as data specific to this module. pam_end()
- * will arrange to clean it up.
- */
-
- retval = pam_set_data(pamh, data_name, (void *) token, _cleanup);
- if (retval != PAM_SUCCESS) {
- _log_err(LOG_CRIT, "error manipulating password data [%s]"
- , pam_strerror(pamh, retval) );
- token = _pam_delete(token);
- return retval;
- }
- item = token;
- token = NULL; /* break link to password */
- }
-
- *pass = item;
- item = NULL; /* break link to password */
-
- return PAM_SUCCESS;
-}
-
-static int _pam_unix_approve_pass(pam_handle_t *pamh
- , unsigned int ctrl
- , const char *pass_old
- , const char *pass_new)
-{
- D(("&new=%p, &old=%p",pass_old,pass_new));
- D(("new=[%s]",pass_new));
- D(("old=[%s]",pass_old));
-
- if (pass_new == NULL || (pass_old && !strcmp(pass_old,pass_new))) {
- if ( on(UNIX_DEBUG, ctrl) ) {
- _log_err(LOG_DEBUG, "bad authentication token");
- }
- make_remark(pamh, ctrl, PAM_ERROR_MSG, pass_new == NULL ?
- "No password supplied":"Password unchanged" );
- return PAM_AUTHTOK_ERR;
- }
-
- /*
- * if one wanted to hardwire authentication token strength
- * checking this would be the place - AGM
- */
-
- return PAM_SUCCESS;
-}
-
-/* ****************************************************************** *
- * Copyright (c) Andrew G. Morgan 1996-8.
- * Copyright (c) Alex O. Yuriev, 1996.
- * Copyright (c) Cristian Gafton 1996.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, and the entire permission notice in its entirety,
- * including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior
- * written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
diff --git a/Linux-PAM/modules/pam_radius/Makefile b/Linux-PAM/modules/pam_radius/Makefile
deleted file mode 100644
index aa149d3e..00000000
--- a/Linux-PAM/modules/pam_radius/Makefile
+++ /dev/null
@@ -1,95 +0,0 @@
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Cristian Gafton <gafton@redhat.com> 1996/09/10
-#
-# STATIC modules are not supported
-#
-
-include ../../Make.Rules
-
-TITLE=pam_radius
-CONFD=$(CONFIGED)/security
-export CONFD
-CONFILE=$(CONFD)/radius.conf
-export CONFILE
-
-ifeq ($(HAVE_LIBPWDB),yes)
-
-#
-
-LIBSRC = $(TITLE).c
-LIBOBJ = $(TITLE).o
-
-LIBOBJD = $(addprefix dynamic/,$(LIBOBJ))
-#LIBOBJS = $(addprefix static/,$(LIBOBJ))
-
-dynamic/%.o : %.c
- $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-#static/%.o : %.c
-# $(CC) $(CFLAGS) $(STATIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-
-ifdef DYNAMIC
-LIBSHARED = $(TITLE).so
-endif
-
-#ifdef STATIC
-#LIBSTATIC = lib$(TITLE).o
-#endif
-
-####################### don't edit below #######################
-
-all: dirs $(LIBSHARED) $(LIBSTATIC) register
-
-dirs:
-ifdef DYNAMIC
- $(MKDIR) ./dynamic
-endif
-#ifdef STATIC
-# $(MKDIR) ./static
-#endif
-
-register:
-#ifdef STATIC
-# ( cd .. ; ./register_static $(TITLE) $(TITLE)/$(LIBSTATIC) )
-#endif
-
-ifdef DYNAMIC
-$(LIBOBJD): $(LIBSRC)
-
-$(LIBSHARED): $(LIBOBJD)
- $(LD_D) -o $@ $(LIBOBJD) -lpwdb
-endif
-
-#ifdef STATIC
-#$(LIBOBJS): $(LIBSRC)
-#
-#$(LIBSTATIC): $(LIBOBJS)
-# $(LD) -r -o $@ $(LIBOBJS) -lpwdb
-#endif
-
-install: all
-ifdef DYNAMIC
- $(INSTALL) -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR)
-endif
-
-remove:
- rm -f $(FAKEROOT)$(SECUREDIR)/$(TITLE).so
-
-clean:
- rm -f $(LIBOBJD) $(LIBOBJS) core *~
- rm -f *.a *.o *.so *.bak dynamic/* static/*
- rm -rf dynamic static
-
-.c.o:
- $(CC) $(CFLAGS) -c $<
-
-else
-
-include ../dont_makefile
-
-endif
diff --git a/Linux-PAM/modules/pam_radius/README b/Linux-PAM/modules/pam_radius/README
deleted file mode 100644
index 253308fd..00000000
--- a/Linux-PAM/modules/pam_radius/README
+++ /dev/null
@@ -1,58 +0,0 @@
-
-pam_radius module:
- RADIUS session module.
-
-WHAT IT DOES:
- This module is intended to provide the session service for users
-autheticated with a RADIUS server. At the present stage, the only option
-supported is the use of the RADIUS server as an accounting server. There are
-few things which needs to be cleared out first in the PAM project until one
-will be able to use this module and expect it to magically start pppd in
-response to a RADIUS server command to use PPP for this user, or to initiate
-a telnet connection to another host, or to hang and call back the user using
-parameters provided in the RADIUS server response. Most of these things are
-better suited for the radius login application. I hope to make available
-Real Soon (tm) patches for the login apps to make it work this way.
-
-
-ARGUMENTS RECOGNIZED:
- debug verbose logging
-
-MODULE SERVICES PROVIDED:
- session _open_session and _close_session
-
- When opening a session, this module sends an Accounting-Start
-message to the RADIUS server, which will log/update/whatever a database for
-this user. On close, an Accounting-Stop message is sent to the RADIUS
-server.
-
-This module have no other pre-requisites for making it work. One can install
-a RADIUS server just for fun and use it as a centralized accounting server and
-forget about wtmp/last/sac&comp :-)
-
-USAGE:
- For the services you need this module (login for example) put
- the following line in /etc/pam.conf as the last line for that
- service (usually after the pam_unix session line):
-
- login session required /lib/security/pam_radius.so
-
- Replace "login" for each service you are using this module.
-
- This module make extensive use of the API provided in libpwdb
- 0.54preB or later. By default, it will read the radius server
- configuration (hostname and secret) from /etc/raddb/server. This is
- a default compiled into libpwdb, and curently there is no way to
- modify this default without recompiling libpwdb. I am working on
- extending the radius support from libpwdb to provide a possibility
- to make this runtime-configurable.
-
- Also please note that libpwdb will require also the RADIUS
- dictionary to be present (/etc/raddb/dictionary).
-
-TODO:
- The work is far from complete. Deal with "real" session things.
-
-AUTHOR:
- Cristian Gafton <gafton@redhat.com>
-
diff --git a/Linux-PAM/modules/pam_radius/pam_radius.c b/Linux-PAM/modules/pam_radius/pam_radius.c
deleted file mode 100644
index b412edf9..00000000
--- a/Linux-PAM/modules/pam_radius/pam_radius.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/*
- * pam_radius
- * Process an user session according to a RADIUS server response
- *
- * 1.0 - initial release - Linux ONLY
- * 1.1 - revised and reorganized for libpwdb 0.54preB or higher
- * - removed the conf= parameter, since we use libpwdb exclusively now
- *
- * See end for Copyright information
- */
-
-#if !(defined(linux))
-#error THIS CODE IS KNOWN TO WORK ONLY ON LINUX !!!
-#endif
-
-/* Module defines */
-#define BUFFER_SIZE 1024
-#define LONG_VAL_PTR(ptr) ((*(ptr)<<24)+(*((ptr)+1)<<16)+(*((ptr)+2)<<8)+(*((ptr)+3)))
-
-#define PAM_SM_SESSION
-
-#include "pam_radius.h"
-
-#include <security/pam_modules.h>
-#include <security/_pam_macros.h>
-
-static time_t session_time;
-
-/* we need to save these from open_session to close_session, since
- * when close_session will be called we won't be root anymore and
- * won't be able to access again the radius server configuration file
- * -- cristiang */
-
-static RADIUS_SERVER rad_server;
-static char hostname[BUFFER_SIZE];
-static char secret[BUFFER_SIZE];
-
-/* logging */
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("pam_radius", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
-/* argument parsing */
-
-#define PAM_DEBUG_ARG 0x0001
-
-static int _pam_parse(int argc, const char **argv)
-{
- int ctrl=0;
-
- /* step through arguments */
- for (ctrl=0; argc-- > 0; ++argv) {
-
- /* generic options */
-
- if (!strcmp(*argv,"debug"))
- ctrl |= PAM_DEBUG_ARG;
- else {
- _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv);
- }
- }
-
- return ctrl;
-}
-
-/* now the session stuff */
-PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
-{
- int retval;
- char *user_name;
- int ctrl;
-
- ctrl = _pam_parse(argc, argv);
- retval = pam_get_item( pamh, PAM_USER, (void*) &user_name );
- if ( user_name == NULL || retval != PAM_SUCCESS ) {
- _pam_log(LOG_CRIT, "open_session - error recovering username");
- return PAM_SESSION_ERR;
- }
-
- if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG, "starting RADIUS user session for '%s'",
- user_name);
-
- retval = get_server_entries(hostname, secret);
- if ((retval != PWDB_RADIUS_SUCCESS) ||
- !strlen(hostname) || !strlen(secret)) {
- _pam_log(LOG_CRIT, "Could not determine the radius server to talk to");
- return PAM_IGNORE;
- }
- session_time = time(NULL);
- rad_server.hostname = hostname;
- rad_server.secret = secret;
- retval = radius_acct_start(rad_server, user_name);
- if (retval != PWDB_RADIUS_SUCCESS) {
- if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG, "ERROR communicating with the RADIUS server");
- return PAM_IGNORE;
- }
-
- return PAM_SUCCESS;
-}
-
-PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
-{
- int ctrl;
- char *user_name;
- int retval;
-
- ctrl = _pam_parse(argc, argv);
- retval = pam_get_item( pamh, PAM_USER, (void*) &user_name );
- if ( user_name == NULL || retval != PAM_SUCCESS ) {
- _pam_log(LOG_CRIT, "open_session - error recovering username");
- return PAM_SESSION_ERR;
- }
-
- if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG, "closing RADIUS user session for '%s'",
- user_name);
-
- if (!strlen(hostname) || !strlen(secret)) {
- _pam_log(LOG_CRIT, "Could not determine the radius server to talk to");
- return PAM_IGNORE;
- }
- retval = radius_acct_stop(rad_server, user_name,
- time(NULL) - session_time);
- if (retval != PWDB_RADIUS_SUCCESS) {
- if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG, "ERROR communicating with the RADIUS server");
- return PAM_IGNORE;
- }
-
- return PAM_SUCCESS;
-}
-
-#ifdef PAM_STATIC
-
-/* static module data */
-
-struct pam_module _pam_radius_modstruct = {
- "pam_radius",
- NULL,
- NULL,
- NULL,
- pam_sm_open_session,
- pam_sm_close_session,
- NULL
-};
-#endif
-
-/*
- * Copyright (c) Cristian Gafton, 1996, <gafton@redhat.com>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, and the entire permission notice in its entirety,
- * including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior
- * written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
diff --git a/Linux-PAM/modules/pam_radius/pam_radius.h b/Linux-PAM/modules/pam_radius/pam_radius.h
deleted file mode 100644
index 67230243..00000000
--- a/Linux-PAM/modules/pam_radius/pam_radius.h
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * $Id: pam_radius.h,v 1.2 2000/11/19 23:54:05 agmorgan Exp $
- */
-
-#ifndef PAM_RADIUS_H
-#define PAM_RADIUS_H
-
-#include <security/_pam_aconf.h>
-
-#include <stdio.h>
-
-#ifndef __USE_POSIX2
-#define __USE_POSIX2
-#endif /* __USE_POSIX2 */
-
-#include <stdlib.h>
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/resource.h>
-
-#include <unistd.h>
-#include <string.h>
-#include <ctype.h>
-#include <syslog.h>
-#include <stdarg.h>
-#include <utmp.h>
-#include <time.h>
-#include <netdb.h>
-
-#include <netinet/in.h>
-#include <rpcsvc/ypclnt.h>
-#include <rpc/rpc.h>
-
-#include <pwdb/radius.h>
-#include <pwdb/pwdb_radius.h>
-
-/******************************************************************/
-
-#endif /* PAM_RADIUS_H */
diff --git a/Linux-PAM/modules/pam_rhosts/Makefile b/Linux-PAM/modules/pam_rhosts/Makefile
deleted file mode 100644
index d12e00c0..00000000
--- a/Linux-PAM/modules/pam_rhosts/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:05 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_rhosts_auth
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_rhosts/Makefile.am b/Linux-PAM/modules/pam_rhosts/Makefile.am
new file mode 100644
index 00000000..d4ca7578
--- /dev/null
+++ b/Linux-PAM/modules/pam_rhosts/Makefile.am
@@ -0,0 +1,32 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_rhosts_auth tst-pam_rhosts
+
+TESTS = tst-pam_rhosts_auth tst-pam_rhosts
+
+man_MANS = pam_rhosts.8
+
+XMLS = README.xml pam_rhosts.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_rhosts_auth.la pam_rhosts.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_rhosts.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_rhosts/Makefile.in b/Linux-PAM/modules/pam_rhosts/Makefile.in
new file mode 100644
index 00000000..138a1195
--- /dev/null
+++ b/Linux-PAM/modules/pam_rhosts/Makefile.in
@@ -0,0 +1,671 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_rhosts
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_rhosts_la_LIBADD =
+pam_rhosts_la_SOURCES = pam_rhosts.c
+pam_rhosts_la_OBJECTS = pam_rhosts.lo
+pam_rhosts_auth_la_LIBADD =
+pam_rhosts_auth_la_SOURCES = pam_rhosts_auth.c
+pam_rhosts_auth_la_OBJECTS = pam_rhosts_auth.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_rhosts.c pam_rhosts_auth.c
+DIST_SOURCES = pam_rhosts.c pam_rhosts_auth.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_rhosts_auth tst-pam_rhosts
+TESTS = tst-pam_rhosts_auth tst-pam_rhosts
+man_MANS = pam_rhosts.8
+XMLS = README.xml pam_rhosts.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_rhosts_auth.la pam_rhosts.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_rhosts/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_rhosts/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_rhosts.la: $(pam_rhosts_la_OBJECTS) $(pam_rhosts_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_rhosts_la_OBJECTS) $(pam_rhosts_la_LIBADD) $(LIBS)
+pam_rhosts_auth.la: $(pam_rhosts_auth_la_OBJECTS) $(pam_rhosts_auth_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_rhosts_auth_la_OBJECTS) $(pam_rhosts_auth_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_rhosts.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_rhosts_auth.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_rhosts.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_rhosts/README b/Linux-PAM/modules/pam_rhosts/README
index d2e93d1d..b1911785 100644
--- a/Linux-PAM/modules/pam_rhosts/README
+++ b/Linux-PAM/modules/pam_rhosts/README
@@ -1,57 +1,56 @@
-arguments recognized:
+pam_rhosts — The rhosts PAM module
-"no_hosts_equiv"
-"no_rhosts"
-"debug"
-"nowarn"
-"suppress"
-"promiscuous"
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
-.rhosts/hosts.equiv format:
+DESCRIPTION
-There are positive entries, when one is matched authentication
-succeeds and terminates. There are negative entries, when one is
-matched authentication fails and terminates. Thus order is
-significant.
+This module performs the standard network authentication for services, as used
+by traditional implementations of rlogin and rsh etc.
-Entry hosts.equiv .rhosts
-<host> All users on <host> are ok Same username from <host> is ok
-<host> <user> <user> from <host> is ok ditto
--<host> No users from <host> are ok ditto
-<host> -<user> <user> from <host> is not ok ditto
+The authentication mechanism of this module is based on the contents of two
+files; /etc/hosts.equiv (or and ~/.rhosts. Firstly, hosts listed in the former
+file are treated as equivalent to the localhost. Secondly, entries in the
+user's own copy of the latter file is used to map "remote-host remote-user"
+pairs to that user's account on the current host. Access is granted to the user
+if their host is present in /etc/hosts.equiv and their remote account is
+identical to their local one, or if their remote account has an entry in their
+personal configuration file.
-<host> can be ip (IPv4) numbers.
+The module authenticates a remote user (internally specified by the item
+PAM_RUSER connecting from the remote host (internally specified by the item
+PAM_RHOST). Accordingly, for applications to be compatible this authentication
+module they must set these items prior to calling pam_authenticate(). The
+module is not capable of independently probing the network connection for such
+information.
-Netgroups may be used in either host or user fields, and then applies
-to all hosts, or users, in the netgroup. The syntax is
+OPTIONS
- +@<ng>
+debug
-The entries
+ Print debug information.
- <host> +@<ng>
- +@<ng> +@<ng>
- +@<ng> <user>
+silent
-means exactly what you think it does. Negative entries are of the
-form
+ Don't print informative messages.
- -@<ng>
+superuser=account
-When the "promiscuous" option is given the special character + may be
-used as a wildcard in any field.
+ Handle account as root.
- + Allow anyone from any host to connect. DANGEROUS.
- + + Ditto.
- + <user> Allow the user to connect from anywhere. DANGEROUS.
- <host> + Allow any user from the host. Dangerous.
-
-These, perhaps more useful, forms of the + form is also disallowed
-unless "promiscuous" is specified:
+EXAMPLES
- + -<user> Disallow the user from any host
- + -@<ng> Disallow all members of the netgroup from any host
+To grant a remote user access by /etc/hosts.equiv or .rhosts for rsh add the
+following lines to /etc/pam.d/rsh:
-When "promiscuous" is not specified a '+' is handled as a negative
-match.
+#%PAM-1.0
+#
+auth required pam_rhosts.so
+auth required pam_nologin.so
+auth required pam_env.so
+auth required pam_unix.so
+
+
+AUTHOR
+
+pam_rhosts was written by Thorsten Kukuk <kukuk@thkukuk.de>
diff --git a/Linux-PAM/modules/pam_rhosts/README.xml b/Linux-PAM/modules/pam_rhosts/README.xml
new file mode 100644
index 00000000..5d3307e7
--- /dev/null
+++ b/Linux-PAM/modules/pam_rhosts/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_rhosts.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_rhosts-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_rhosts/pam_rhosts.8 b/Linux-PAM/modules/pam_rhosts/pam_rhosts.8
new file mode 100644
index 00000000..0d7f4a16
--- /dev/null
+++ b/Linux-PAM/modules/pam_rhosts/pam_rhosts.8
@@ -0,0 +1,98 @@
+.\" Title: pam_rhosts
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/28/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_RHOSTS" "8" "06/28/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_rhosts \- The rhosts PAM module
+.SH "SYNOPSIS"
+.HP 14
+\fBpam_rhosts.so\fR
+.SH "DESCRIPTION"
+.PP
+This module performs the standard network authentication for services, as used by traditional implementations of
+\fBrlogin\fR
+and
+\fBrsh\fR
+etc.
+.PP
+The authentication mechanism of this module is based on the contents of two files;
+\fI/etc/hosts.equiv\fR
+(or and
+\fI~/.rhosts\fR. Firstly, hosts listed in the former file are treated as equivalent to the localhost. Secondly, entries in the user's own copy of the latter file is used to map "\fIremote\-host remote\-user\fR" pairs to that user's account on the current host. Access is granted to the user if their host is present in
+\fI/etc/hosts.equiv\fR
+and their remote account is identical to their local one, or if their remote account has an entry in their personal configuration file.
+.PP
+The module authenticates a remote user (internally specified by the item
+\fIPAM_RUSER\fR
+connecting from the remote host (internally specified by the item
+\fBPAM_RHOST\fR). Accordingly, for applications to be compatible this authentication module they must set these items prior to calling
+\fBpam_authenticate()\fR. The module is not capable of independently probing the network connection for such information.
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBsilent\fR
+Don't print informative messages.
+.TP 3n
+\fBsuperuser=\fR\fB\fIaccount\fR\fR
+Handle
+\fIaccount\fR
+as root.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_AUTH_ERR
+The remote host, remote user name or the local user name couldn't be determined or access was denied by
+\fI.rhosts\fR
+file.
+.TP 3n
+PAM_USER_UNKNOWN
+User is not known to system.
+.SH "EXAMPLES"
+.PP
+To grant a remote user access by
+\fI/etc/hosts.equiv\fR
+or
+\fI.rhosts\fR
+for
+\fBrsh\fR
+add the following lines to
+\fI/etc/pam.d/rsh\fR:
+.sp
+.RS 3n
+.nf
+#%PAM\-1.0
+#
+auth required pam_rhosts.so
+auth required pam_nologin.so
+auth required pam_env.so
+auth required pam_unix.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBrootok\fR(3),
+\fBhosts.equiv\fR(5),
+\fBrhosts\fR(5),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_rhosts was written by Thorsten Kukuk <kukuk@thkukuk.de>
diff --git a/Linux-PAM/modules/pam_rhosts/pam_rhosts.8.xml b/Linux-PAM/modules/pam_rhosts/pam_rhosts.8.xml
new file mode 100644
index 00000000..e559f315
--- /dev/null
+++ b/Linux-PAM/modules/pam_rhosts/pam_rhosts.8.xml
@@ -0,0 +1,171 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_rhosts">
+
+ <refmeta>
+ <refentrytitle>pam_rhosts</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_rhosts-name">
+ <refname>pam_rhosts</refname>
+ <refpurpose>The rhosts PAM module</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_rhosts-cmdsynopsis">
+ <command>pam_rhosts.so</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_rhosts-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ This module performs the standard network authentication for services,
+ as used by traditional implementations of <command>rlogin</command>
+ and <command>rsh</command> etc.
+ </para>
+ <para>
+ The authentication mechanism of this module is based on the contents
+ of two files; <filename>/etc/hosts.equiv</filename> (or
+ and <filename>~/.rhosts</filename>. Firstly, hosts listed in the
+ former file are treated as equivalent to the localhost. Secondly,
+ entries in the user's own copy of the latter file is used to map
+ "<emphasis>remote-host remote-user</emphasis>" pairs to that user's
+ account on the current host. Access is granted to the user if their
+ host is present in <filename>/etc/hosts.equiv</filename> and their
+ remote account is identical to their local one, or if their remote
+ account has an entry in their personal configuration file.
+ </para>
+ <para>
+ The module authenticates a remote user (internally specified by the
+ item <parameter>PAM_RUSER</parameter> connecting from the remote
+ host (internally specified by the item <command>PAM_RHOST</command>).
+ Accordingly, for applications to be compatible this authentication
+ module they must set these items prior to calling
+ <function>pam_authenticate()</function>. The module is not capable
+ of independently probing the network connection for such information.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_rhosts-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>silent</option>
+ </term>
+ <listitem>
+ <para>
+ Don't print informative messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>superuser=<replaceable>account</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Handle <replaceable>account</replaceable> as root.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_rhosts-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>auth</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_rhosts-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ The remote host, remote user name or the local user name
+ couldn't be determined or access was denied by
+ <filename>.rhosts</filename> file.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User is not known to system.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_rhosts-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ To grant a remote user access by <filename>/etc/hosts.equiv</filename>
+ or <filename>.rhosts</filename> for <command>rsh</command> add the
+ following lines to <filename>/etc/pam.d/rsh</filename>:
+ <programlisting>
+#%PAM-1.0
+#
+auth required pam_rhosts.so
+auth required pam_nologin.so
+auth required pam_env.so
+auth required pam_unix.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_rhosts-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>rootok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>hosts.equiv</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>rhosts</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_rhosts-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_rhosts was written by Thorsten Kukuk &lt;kukuk@thkukuk.de&gt;
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_rhosts/pam_rhosts.c b/Linux-PAM/modules/pam_rhosts/pam_rhosts.c
new file mode 100644
index 00000000..8e120614
--- /dev/null
+++ b/Linux-PAM/modules/pam_rhosts/pam_rhosts.c
@@ -0,0 +1,155 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#include "config.h"
+
+#include <pwd.h>
+#include <netdb.h>
+#include <string.h>
+#include <syslog.h>
+
+#define PAM_SM_AUTH /* only defines this management group */
+
+#include <security/pam_modules.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
+
+PAM_EXTERN
+int pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc,
+ const char **argv)
+{
+ const char *luser = NULL;
+ const char *ruser = NULL, *rhost = NULL;
+ const char *opt_superuser = NULL;
+ const void *c_void;
+ int opt_debug = 0;
+ int opt_silent;
+ int as_root;
+ int retval;
+
+ opt_silent = flags & PAM_SILENT;
+
+ while (argc-- > 0) {
+ if (strcmp(*argv, "debug") == 0)
+ opt_debug = 1;
+ else if (strcmp (*argv, "silent") == 0 || strcmp(*argv, "suppress") == 0)
+ opt_silent = 1;
+ else if (strncmp(*argv, "superuser=", sizeof("superuser=")-1) == 0)
+ opt_superuser = *argv+sizeof("superuser=")-1;
+ else
+ pam_syslog(pamh, LOG_WARNING, "unrecognized option '%s'", *argv);
+
+ ++argv;
+ }
+
+ retval = pam_get_item (pamh, PAM_RHOST, &c_void);
+ if (retval != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_ERR, "could not get the remote host name");
+ return retval;
+ }
+ rhost = c_void;
+
+ retval = pam_get_item(pamh, PAM_RUSER, &c_void);
+ ruser = c_void;
+ if (retval != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_ERR, "could not get the remote username");
+ return retval;
+ }
+
+ retval = pam_get_user(pamh, &luser, NULL);
+ if (retval != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_ERR, "could not determine name of local user");
+ return retval;
+ }
+
+ if (rhost == NULL || ruser == NULL || luser == NULL)
+ return PAM_AUTH_ERR;
+
+ if (opt_superuser && strcmp(opt_superuser, luser) == 0)
+ as_root = 1;
+ else {
+ struct passwd *lpwd;
+
+ lpwd = pam_modutil_getpwnam(pamh, luser);
+ if (lpwd == NULL) {
+ if (opt_debug)
+ /* don't print by default, could be the users password */
+ pam_syslog(pamh, LOG_DEBUG,
+ "user '%s' unknown to this system", luser);
+ return PAM_USER_UNKNOWN;
+
+ }
+ as_root = (lpwd->pw_uid == 0);
+ }
+
+#ifdef HAVE_RUSEROK_AF
+ retval = ruserok_af (rhost, as_root, ruser, luser, PF_UNSPEC);
+#else
+ retval = ruserok (rhost, as_root, ruser, luser);
+#endif
+ if (retval != 0) {
+ if (!opt_silent || opt_debug)
+ pam_syslog(pamh, LOG_WARNING, "denied access to %s@%s as %s",
+ ruser, rhost, luser);
+ return PAM_AUTH_ERR;
+ } else {
+ if (!opt_silent || opt_debug)
+ pam_syslog(pamh, LOG_NOTICE, "allowed access to %s@%s as %s",
+ ruser, rhost, luser);
+ return PAM_SUCCESS;
+ }
+}
+
+
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_SUCCESS;
+}
+
+
+#ifdef PAM_STATIC
+
+/* static module data */
+
+struct pam_module _pam_rhosts_modstruct = {
+ "pam_rhosts",
+ pam_sm_authenticate,
+ pam_sm_setcred,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+};
+
+#endif
diff --git a/Linux-PAM/modules/pam_rhosts/pam_rhosts_auth.c b/Linux-PAM/modules/pam_rhosts/pam_rhosts_auth.c
index 979580ec..b2248ccb 100644
--- a/Linux-PAM/modules/pam_rhosts/pam_rhosts_auth.c
+++ b/Linux-PAM/modules/pam_rhosts/pam_rhosts_auth.c
@@ -38,76 +38,55 @@
* SUCH DAMAGE.
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
-#define USER_RHOSTS_FILE "/.rhosts" /* prefixed by user's home dir */
-
-#ifdef __linux__
+#include <pwd.h>
+#include <grp.h>
+#include <ctype.h>
+#include <stdarg.h>
+#include <stdint.h>
+#include <syslog.h>
+#include <netdb.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
#include <endian.h>
-#endif
-
+#include <sys/file.h>
+#include <sys/time.h>
+#include <arpa/inet.h>
+#include <sys/param.h>
+#include <sys/socket.h>
+#include <sys/signal.h>
+#include <sys/stat.h>
#ifdef HAVE_SYS_FSUID_H
#include <sys/fsuid.h>
#endif /* HAVE_SYS_FSUID_H */
-
#ifdef HAVE_NET_IF_H
#include <sys/if.h>
#endif
-
#include <sys/types.h>
#include <sys/uio.h>
-#include <string.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <sys/param.h>
-#include <sys/socket.h>
+#include <net/if.h>
#include <netinet/in.h>
-#include <netdb.h> /* This is supposed(?) to contain the following */
-int innetgr(const char *, const char *, const char *,const char *);
-
-#include <stdio.h>
-#include <errno.h>
-#include <sys/time.h>
-#include <arpa/inet.h>
#ifndef MAXDNAME
#define MAXDNAME 256
#endif
-#include <stdarg.h>
-#include <ctype.h>
-
-#include <net/if.h>
-
-#include <pwd.h>
-#include <grp.h>
-#include <sys/file.h>
-#include <sys/signal.h>
-#include <sys/stat.h>
-#include <stdint.h>
-#include <syslog.h>
#ifndef _PATH_HEQUIV
#define _PATH_HEQUIV "/etc/hosts.equiv"
#endif /* _PATH_HEQUIV */
+#define USER_RHOSTS_FILE "/.rhosts" /* prefixed by user's home dir */
+
#define PAM_SM_AUTH /* only defines this management group */
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-#include <security/_pam_modutil.h>
-
-#ifdef _ISOC9X_SOURCE
-#include <inttypes.h>
-#define U32 uint32_t
-#else
-/* to the best of my knowledge, all modern UNIX boxes have 32 bits integers */
-#define U32 unsigned int
-#endif /* _ISOC9X_SOURCE */
-
-/* Use the C99 type; older platforms will need this to be typedef'ed
- elsewhere */
-#define U32 uint32_t
-
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/*
* Options for this module
@@ -129,19 +108,8 @@ struct _options {
const char *last_error;
};
-/* logging */
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("pam_rhosts_auth", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
-static void set_option (struct _options *opts, const char *arg)
+static void
+set_option (const pam_handle_t *pamh, struct _options *opts, const char *arg)
{
if (strcmp(arg, "no_hosts_equiv") == 0) {
opts->opt_no_hosts_equiv = 1;
@@ -197,18 +165,19 @@ static void set_option (struct _options *opts, const char *arg)
/*
* All other options are ignored at the present time.
*/
- _pam_log(LOG_WARNING, "unrecognized option '%s'", arg);
+ pam_syslog(pamh, LOG_WARNING, "unrecognized option '%s'", arg);
}
-static void set_parameters (struct _options *opts, int flags,
- int argc, const char **argv)
+static void
+set_parameters (const pam_handle_t *pamh, struct _options *opts,
+ int flags, int argc, const char **argv)
{
opts->opt_silent = flags & PAM_SILENT;
opts->opt_disallow_null_authtok = flags & PAM_DISALLOW_NULL_AUTHTOK;
while (argc-- > 0) {
- set_option (opts, *argv);
- ++argv;
+ set_option (pamh, opts, *argv);
+ ++argv;
}
}
@@ -217,13 +186,13 @@ static void set_parameters (struct _options *opts, int flags,
* requesting the contents of the PAM_RHOST item.
*/
-static int pam_get_rhost(pam_handle_t *pamh, const char **rhost
- , const char *prompt)
+static int
+pam_get_rhost (pam_handle_t *pamh, const char **rhost)
{
int retval;
- const char *current;
+ const void *current;
- retval = pam_get_item (pamh, PAM_RHOST, (const void **)&current);
+ retval = pam_get_item (pamh, PAM_RHOST, &current);
if (retval != PAM_SUCCESS)
return retval;
@@ -240,13 +209,13 @@ static int pam_get_rhost(pam_handle_t *pamh, const char **rhost
* requesting the contents of the PAM_RUSER item.
*/
-static int pam_get_ruser(pam_handle_t *pamh, const char **ruser,
- const char *prompt)
+static int
+pam_get_ruser(pam_handle_t *pamh, const char **ruser)
{
int retval;
- const char *current;
+ const void *current;
- retval = pam_get_item (pamh, PAM_RUSER, (const void **)&current);
+ retval = pam_get_item (pamh, PAM_RUSER, &current);
if (retval != PAM_SUCCESS) {
return retval;
}
@@ -264,13 +233,14 @@ static int pam_get_ruser(pam_handle_t *pamh, const char **ruser,
*/
static int
-__icheckhost (pam_handle_t *pamh, struct _options *opts, U32 raddr
+__icheckhost (pam_handle_t *pamh, struct _options *opts, u_int32_t raddr
, register char *lhost, const char *rhost)
{
struct hostent *hp;
- U32 laddr;
+ u_int32_t laddr;
int negate=1; /* Multiply return with this to get -1 instead of 1 */
- char **pp, *user;
+ char **pp;
+ const void *user;
/* Check nis netgroup. We assume that pam has done all needed
paranoia checking before we are handed the rhost */
@@ -285,7 +255,7 @@ __icheckhost (pam_handle_t *pamh, struct _options *opts, U32 raddr
negate=-1;
lhost++;
} else if (strcmp("+",lhost) == 0) {
- (void) pam_get_item(pamh, PAM_USER, (const void **)&user);
+ (void) pam_get_item(pamh, PAM_USER, &user);
D(("user %s has a `+' host entry", user));
if (opts->opt_promiscuous)
return (1); /* asking for trouble, but ok.. */
@@ -308,7 +278,7 @@ __icheckhost (pam_handle_t *pamh, struct _options *opts, U32 raddr
/* Spin through ip addresses. */
for (pp = hp->h_addr_list; *pp; ++pp)
- if (!memcmp (&raddr, *pp, sizeof (U32)))
+ if (!memcmp (&raddr, *pp, sizeof (u_int32_t)))
return (negate);
/* No match. */
@@ -317,16 +287,16 @@ __icheckhost (pam_handle_t *pamh, struct _options *opts, U32 raddr
/* Returns 1 on positive match, 0 on no match, -1 on negative match */
-static int __icheckuser(pam_handle_t *pamh, struct _options *opts
- , const char *luser, const char *ruser
- , const char *rhost)
+static int
+__icheckuser (pam_handle_t *pamh, struct _options *opts,
+ const char *luser, const char *ruser)
{
/*
luser is user entry from .rhosts/hosts.equiv file
ruser is user id on remote host
rhost is the remote host name
*/
- char *user;
+ const void *user;
/* [-+]@netgroup */
if (strncmp("+@",luser,2) == 0)
@@ -341,8 +311,9 @@ static int __icheckuser(pam_handle_t *pamh, struct _options *opts
/* + */
if (strcmp("+",luser) == 0) {
- (void) pam_get_item(pamh, PAM_USER, (const void **)&user);
- _pam_log(LOG_WARNING, "user %s has a `+' user entry", user);
+ (void) pam_get_item(pamh, PAM_USER, &user);
+ pam_syslog(pamh, LOG_WARNING, "user %s has a `+' user entry",
+ (const char *) user);
if (opts->opt_promiscuous)
return(1);
/* If not promiscuous we handle it as a negative match */
@@ -372,7 +343,7 @@ static int __isempty(char *p)
static int
__ivaliduser (pam_handle_t *pamh, struct _options *opts,
- FILE *hostf, U32 raddr,
+ FILE *hostf, u_int32_t raddr,
const char *luser, const char *ruser, const char *rhost)
{
register const char *user;
@@ -438,7 +409,7 @@ __ivaliduser (pam_handle_t *pamh, struct _options *opts,
if (! (*user))
user = luser;
- ucheck=__icheckuser(pamh, opts, user, ruser, rhost);
+ ucheck=__icheckuser(pamh, opts, user, ruser);
/* Positive 'host user' match? */
if (ucheck>0)
@@ -467,7 +438,7 @@ __ivaliduser (pam_handle_t *pamh, struct _options *opts,
static int
pam_iruserok(pam_handle_t *pamh,
- struct _options *opts, U32 raddr, int superuser,
+ struct _options *opts, u_int32_t raddr, int superuser,
const char *ruser, const char *luser, const char *rhost)
{
const char *cp;
@@ -476,7 +447,7 @@ pam_iruserok(pam_handle_t *pamh,
FILE *hostf;
uid_t uid;
int answer;
- char pbuf[MAXPATHLEN]; /* potential buffer overrun */
+ char *fpath;
if ((!superuser||opts->opt_hosts_equiv_rootok) && !opts->opt_no_hosts_equiv ) {
@@ -500,7 +471,7 @@ pam_iruserok(pam_handle_t *pamh,
* Identify user's local .rhosts file
*/
- pwd = _pammodutil_getpwnam(pamh, luser);
+ pwd = pam_modutil_getpwnam(pamh, luser);
if (pwd == NULL) {
/*
* luser is assumed to be valid because of an earlier check for uid = 0
@@ -510,16 +481,11 @@ pam_iruserok(pam_handle_t *pamh,
return(1);
}
- /* check for buffer overrun */
- if (strlen(pwd->pw_dir) + sizeof(USER_RHOSTS_FILE) + 2 >= MAXPATHLEN) {
- if (opts->opt_debug)
- _pam_log(LOG_DEBUG,"home directory for `%s' is too long", luser);
- return 1; /* to dangerous to try */
+ if (asprintf (&fpath, "%s%s", pwd->pw_dir, USER_RHOSTS_FILE) < 0) {
+ pam_syslog (pamh, LOG_ALERT, "Running out of memory");
+ return 1;
}
- (void) strcpy(pbuf, pwd->pw_dir);
- (void) strcat(pbuf, USER_RHOSTS_FILE);
-
/*
* Change effective uid while _reading_ .rhosts. (not just
* opening). If root and reading an NFS mounted file system,
@@ -530,16 +496,16 @@ pam_iruserok(pam_handle_t *pamh,
#ifdef __linux__
/* If we are on linux the better way is setfsuid */
uid = setfsuid(pwd->pw_uid);
- hostf = fopen(pbuf, "r");
+ hostf = fopen(fpath, "r");
#else
uid = geteuid();
(void) seteuid(pwd->pw_uid);
- hostf = fopen(pbuf, "r");
+ hostf = fopen(fpath, "r");
#endif
if (hostf == NULL) {
if (opts->opt_debug)
- _pam_log(LOG_DEBUG,"Could not open %s file",pbuf);
+ pam_syslog(pamh, LOG_DEBUG, "Could not open %s: %m", fpath);
answer = 1;
goto exit_function;
}
@@ -550,7 +516,7 @@ pam_iruserok(pam_handle_t *pamh,
*/
cp = NULL;
- if (lstat(pbuf, &sbuf) < 0 || !S_ISREG(sbuf.st_mode))
+ if (lstat(fpath, &sbuf) < 0 || !S_ISREG(sbuf.st_mode))
cp = ".rhosts not regular file";
else if (fstat(fileno(hostf), &sbuf) < 0)
cp = ".rhosts fstat failed";
@@ -562,7 +528,7 @@ pam_iruserok(pam_handle_t *pamh,
/* private group caveat */
if (opts->opt_private_group) {
- struct group *grp = _pammodutil_getgrgid(pamh, sbuf.st_gid);
+ struct group *grp = pam_modutil_getgrgid(pamh, sbuf.st_gid);
if (NULL == grp || NULL == grp->gr_name
|| strcmp(luser,grp->gr_name)) {
@@ -609,6 +575,8 @@ exit_function:
(void)seteuid(uid);
#endif
+ free (fpath);
+
if (hostf != NULL)
(void) fclose(hostf);
@@ -622,7 +590,7 @@ pam_ruserok (pam_handle_t *pamh,
{
struct hostent *hp;
int answer = 1; /* default to failure */
- U32 *addrs;
+ u_int32_t *addrs;
int n, i;
opts->last_error = (char *) 0;
@@ -631,8 +599,8 @@ pam_ruserok (pam_handle_t *pamh,
if (hp != NULL) {
/* First of all check the address length */
if (hp->h_length != 4) {
- _pam_log(LOG_ALERT, "pam_rhosts module can't work with not IPv4 "
- "addresses");
+ pam_syslog(pamh, LOG_ALERT,
+ "pam_rhosts module can't work with non-IPv4 addresses");
return 1; /* not allowed */
}
@@ -678,7 +646,7 @@ static int _pam_auth_rhosts (pam_handle_t *pamh,
* Look at the options and set the flags accordingly.
*/
memset (&opts, 0, sizeof (opts));
- set_parameters (&opts, flags, argc, argv);
+ set_parameters (pamh, &opts, flags, argc, argv);
/*
* Obtain the parameters for the various items
*/
@@ -686,22 +654,24 @@ static int _pam_auth_rhosts (pam_handle_t *pamh,
/* get the remotehost */
D(("getting rhost"));
- retval = pam_get_rhost(pamh, &rhost, NULL);
+ retval = pam_get_rhost(pamh, &rhost);
(void) pam_set_item(pamh, PAM_RHOST, rhost);
if (retval != PAM_SUCCESS) {
if (opts.opt_debug) {
- _pam_log(LOG_DEBUG, "could not get the remote host name");
+ pam_syslog(pamh, LOG_DEBUG,
+ "could not get the remote host name");
}
break;
}
/* get the remote user */
D(("getting ruser"));
- retval = pam_get_ruser(pamh, &ruser, NULL);
+ retval = pam_get_ruser(pamh, &ruser);
(void) pam_set_item(pamh, PAM_RUSER, ruser);
if (retval != PAM_SUCCESS) {
if (opts.opt_debug)
- _pam_log(LOG_DEBUG, "could not get the remote username");
+ pam_syslog(pamh, LOG_DEBUG,
+ "could not get the remote username");
break;
}
@@ -710,7 +680,8 @@ static int _pam_auth_rhosts (pam_handle_t *pamh,
retval = pam_get_user(pamh, &luser, NULL);
if (retval != PAM_SUCCESS) {
if (opts.opt_debug)
- _pam_log(LOG_DEBUG, "could not determine name of local user");
+ pam_syslog(pamh, LOG_DEBUG,
+ "could not determine name of local user");
break;
}
@@ -722,11 +693,11 @@ static int _pam_auth_rhosts (pam_handle_t *pamh,
if (! opts.opt_no_uid_check) {
struct passwd *luser_pwd;
- luser_pwd = _pammodutil_getpwnam(pamh, luser);
+ luser_pwd = pam_modutil_getpwnam(pamh, luser);
if (luser_pwd == NULL) {
if (opts.opt_debug)
- _pam_log(LOG_DEBUG, "user '%s' unknown to this system",
- luser);
+ pam_syslog(pamh, LOG_DEBUG,
+ "user '%s' unknown to this system", luser);
retval = PAM_AUTH_ERR;
break;
}
@@ -739,13 +710,13 @@ static int _pam_auth_rhosts (pam_handle_t *pamh,
*/
if (pam_ruserok (pamh, &opts, rhost, as_root, ruser, luser) != 0) {
if ( !opts.opt_suppress ) {
- _pam_log(LOG_WARNING, "denied to %s@%s as %s: %s",
+ pam_syslog(pamh, LOG_WARNING, "denied to %s@%s as %s: %s",
ruser, rhost, luser, (opts.last_error==NULL) ?
"access not allowed":opts.last_error);
}
retval = PAM_AUTH_ERR;
} else {
- _pam_log(LOG_NOTICE, "allowed to %s@%s as %s",
+ pam_syslog(pamh, LOG_NOTICE, "allowed to %s@%s as %s",
ruser, rhost, luser);
}
break;
@@ -764,9 +735,9 @@ int pam_sm_authenticate (pam_handle_t *pamh,
{
int retval;
- if (sizeof(U32) != 4) {
- _pam_log (LOG_ALERT, "pam_rhosts module can\'t work on this hardware "
- "(yet)");
+ if (sizeof(u_int32_t) != 4) {
+ pam_syslog (pamh, LOG_ALERT,
+ "pam_rhosts module can\'t work on this hardware (yet)");
return PAM_AUTH_ERR;
}
sethostent(1);
@@ -775,9 +746,9 @@ int pam_sm_authenticate (pam_handle_t *pamh,
return retval;
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
diff --git a/Linux-PAM/modules/pam_rhosts/tst-pam_rhosts b/Linux-PAM/modules/pam_rhosts/tst-pam_rhosts
new file mode 100755
index 00000000..65e85a98
--- /dev/null
+++ b/Linux-PAM/modules/pam_rhosts/tst-pam_rhosts
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_rhosts.so
diff --git a/Linux-PAM/modules/pam_rhosts/tst-pam_rhosts_auth b/Linux-PAM/modules/pam_rhosts/tst-pam_rhosts_auth
new file mode 100755
index 00000000..6b14ec51
--- /dev/null
+++ b/Linux-PAM/modules/pam_rhosts/tst-pam_rhosts_auth
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_rhosts_auth.so
diff --git a/Linux-PAM/modules/pam_rootok/Makefile b/Linux-PAM/modules/pam_rootok/Makefile
deleted file mode 100644
index b908b115..00000000
--- a/Linux-PAM/modules/pam_rootok/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:05 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_rootok
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_rootok/Makefile.am b/Linux-PAM/modules/pam_rootok/Makefile.am
new file mode 100644
index 00000000..7a97f20f
--- /dev/null
+++ b/Linux-PAM/modules/pam_rootok/Makefile.am
@@ -0,0 +1,33 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_rootok
+
+man_MANS = pam_rootok.8
+XMLS = README.xml pam_rootok.8.xml
+
+TESTS = tst-pam_rootok
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+if HAVE_LIBSELINUX
+AM_CFLAGS += -DWITH_SELINUX
+endif
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam @LIBSELINUX@
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_rootok.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_rootok.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
diff --git a/Linux-PAM/modules/pam_rootok/Makefile.in b/Linux-PAM/modules/pam_rootok/Makefile.in
new file mode 100644
index 00000000..03128f8d
--- /dev/null
+++ b/Linux-PAM/modules/pam_rootok/Makefile.in
@@ -0,0 +1,667 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_LIBSELINUX_TRUE@am__append_1 = -DWITH_SELINUX
+@HAVE_VERSIONING_TRUE@am__append_2 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_rootok
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_rootok_la_LIBADD =
+pam_rootok_la_SOURCES = pam_rootok.c
+pam_rootok_la_OBJECTS = pam_rootok.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_rootok.c
+DIST_SOURCES = pam_rootok.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_rootok
+man_MANS = pam_rootok.8
+XMLS = README.xml pam_rootok.8.xml
+TESTS = tst-pam_rootok
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include \
+ -I$(top_srcdir)/libpamc/include $(am__append_1)
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam @LIBSELINUX@ $(am__append_2)
+securelib_LTLIBRARIES = pam_rootok.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_rootok/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_rootok/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_rootok.la: $(pam_rootok_la_OBJECTS) $(pam_rootok_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_rootok_la_OBJECTS) $(pam_rootok_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_rootok.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_rootok.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_rootok/README b/Linux-PAM/modules/pam_rootok/README
index 43b92e6c..55a44756 100644
--- a/Linux-PAM/modules/pam_rootok/README
+++ b/Linux-PAM/modules/pam_rootok/README
@@ -1,18 +1,33 @@
-# $Id: README,v 1.2 2001/11/27 05:37:30 agmorgan Exp $
-#
+pam_rootok — Gain only root access
-this module is an authentication module that performs one task: if the
-id of the user is '0' then it returns 'PAM_SUCCESS' with the
-'sufficient' /etc/pam.conf control flag it can be used to allow
-password free access to some service for 'root'
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
-Recognized arguments:
+DESCRIPTION
- debug write a message to syslog indicating success or
- failure.
+pam_rootok is a PAM module that authenticates the user if their UID is 0.
+Applications that are created setuid-root generally retain the UID of the user
+but run with the authority of an enhanced effective-UID. It is the real UID
+that is checked.
-module services provided:
+OPTIONS
- auth _authentication and _setcred (blank)
+debug
+
+ Print debug information.
+
+EXAMPLES
+
+In the case of the su(1) application the historical usage is to permit the
+superuser to adopt the identity of a lesser user without the use of a password.
+To obtain this behavior with PAM the following pair of lines are needed for the
+corresponding entry in the /etc/pam.d/su configuration file:
+
+# su authentication. Root is granted access by default.
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+
+
+AUTHOR
+
+pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>.
-Andrew Morgan
diff --git a/Linux-PAM/modules/pam_rootok/README.xml b/Linux-PAM/modules/pam_rootok/README.xml
new file mode 100644
index 00000000..6fb58cd0
--- /dev/null
+++ b/Linux-PAM/modules/pam_rootok/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_rootok.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rootok.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_rootok-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rootok.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rootok-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rootok.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rootok-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rootok.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rootok-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rootok.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rootok-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_rootok/pam_rootok.8 b/Linux-PAM/modules/pam_rootok/pam_rootok.8
new file mode 100644
index 00000000..79618050
--- /dev/null
+++ b/Linux-PAM/modules/pam_rootok/pam_rootok.8
@@ -0,0 +1,77 @@
+.\" Title: pam_rootok
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/23/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_ROOTOK" "8" "06/23/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_rootok \- Gain only root access
+.SH "SYNOPSIS"
+.HP 14
+\fBpam_rootok.so\fR [debug]
+.SH "DESCRIPTION"
+.PP
+pam_rootok is a PAM module that authenticates the user if their
+\fIUID\fR
+is
+\fI0\fR. Applications that are created setuid\-root generally retain the
+\fIUID\fR
+of the user but run with the authority of an enhanced effective\-UID. It is the real
+\fIUID\fR
+that is checked.
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+The
+\fIUID\fR
+is
+\fI0\fR.
+.TP 3n
+PAM_AUTH_ERR
+The
+\fIUID\fR
+is
+\fBnot\fR
+\fI0\fR.
+.SH "EXAMPLES"
+.PP
+In the case of the
+\fBsu\fR(1)
+application the historical usage is to permit the superuser to adopt the identity of a lesser user without the use of a password. To obtain this behavior with PAM the following pair of lines are needed for the corresponding entry in the
+\fI/etc/pam.d/su\fR
+configuration file:
+.sp
+.RS 3n
+.nf
+# su authentication. Root is granted access by default.
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBsu\fR(1),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_rootok/pam_rootok.8.xml b/Linux-PAM/modules/pam_rootok/pam_rootok.8.xml
new file mode 100644
index 00000000..ec8dee43
--- /dev/null
+++ b/Linux-PAM/modules/pam_rootok/pam_rootok.8.xml
@@ -0,0 +1,130 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_rootok">
+
+ <refmeta>
+ <refentrytitle>pam_rootok</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_rootok-name">
+ <refname>pam_rootok</refname>
+ <refpurpose>Gain only root access</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_rootok-cmdsynopsis">
+ <command>pam_rootok.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_rootok-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_rootok is a PAM module that authenticates the user if their
+ <emphasis>UID</emphasis> is <emphasis>0</emphasis>.
+ Applications that are created setuid-root generally retain the
+ <emphasis>UID</emphasis> of the user but run with the authority
+ of an enhanced effective-UID. It is the real <emphasis>UID</emphasis>
+ that is checked.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_rootok-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_rootok-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>auth</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_rootok-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The <emphasis>UID</emphasis> is <emphasis>0</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ The <emphasis>UID</emphasis> is <emphasis remap='B'>not</emphasis>
+ <emphasis>0</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_rootok-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ In the case of the <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> application the historical usage is to
+ permit the superuser to adopt the identity of a lesser user
+ without the use of a password. To obtain this behavior with PAM
+ the following pair of lines are needed for the corresponding entry
+ in the <filename>/etc/pam.d/su</filename> configuration file:
+ <programlisting>
+# su authentication. Root is granted access by default.
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_rootok-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_rootok-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_rootok was written by Andrew G. Morgan, &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_rootok/pam_rootok.c b/Linux-PAM/modules/pam_rootok/pam_rootok.c
index e1e09b6e..4eb34412 100644
--- a/Linux-PAM/modules/pam_rootok/pam_rootok.c
+++ b/Linux-PAM/modules/pam_rootok/pam_rootok.c
@@ -1,12 +1,12 @@
/* pam_rootok module */
/*
- * $Id: pam_rootok.c,v 1.3 2002/05/26 23:00:28 agmorgan Exp $
+ * $Id: pam_rootok.c,v 1.7 2005/12/12 14:45:02 ldv Exp $
*
* Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11
*/
-#define _GNU_SOURCE
+#include "config.h"
#include <stdio.h>
#include <unistd.h>
@@ -24,26 +24,19 @@
#define PAM_SM_AUTH
#include <security/pam_modules.h>
+#include <security/pam_ext.h>
-/* some syslogging */
-
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-rootok", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/av_permissions.h>
+#endif
/* argument parsing */
#define PAM_DEBUG_ARG 01
-static int _pam_parse(int argc, const char **argv)
+static int
+_pam_parse (const pam_handle_t *pamh, int argc, const char **argv)
{
int ctrl=0;
@@ -55,7 +48,7 @@ static int _pam_parse(int argc, const char **argv)
if (!strcmp(*argv,"debug"))
ctrl |= PAM_DEBUG_ARG;
else {
- _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
@@ -64,28 +57,31 @@ static int _pam_parse(int argc, const char **argv)
/* --- authentication management functions (only) --- */
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
int ctrl;
int retval = PAM_AUTH_ERR;
- ctrl = _pam_parse(argc, argv);
+ ctrl = _pam_parse(pamh, argc, argv);
if (getuid() == 0)
+#ifdef WITH_SELINUX
+ if (is_selinux_enabled()<1 || checkPasswdAccess(PASSWD__ROOTOK)==0)
+#endif
retval = PAM_SUCCESS;
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_DEBUG, "authentication %s"
- , retval==PAM_SUCCESS ? "succeeded":"failed" );
+ pam_syslog(pamh, LOG_DEBUG, "authentication %s",
+ (retval==PAM_SUCCESS) ? "succeeded" : "failed");
}
return retval;
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
diff --git a/Linux-PAM/modules/pam_rootok/tst-pam_rootok b/Linux-PAM/modules/pam_rootok/tst-pam_rootok
new file mode 100755
index 00000000..385ef760
--- /dev/null
+++ b/Linux-PAM/modules/pam_rootok/tst-pam_rootok
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_rootok.so
diff --git a/Linux-PAM/modules/pam_securetty/Makefile b/Linux-PAM/modules/pam_securetty/Makefile
deleted file mode 100644
index 8ac853c5..00000000
--- a/Linux-PAM/modules/pam_securetty/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:05 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_securetty
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_securetty/Makefile.am b/Linux-PAM/modules/pam_securetty/Makefile.am
new file mode 100644
index 00000000..ca97ef4d
--- /dev/null
+++ b/Linux-PAM/modules/pam_securetty/Makefile.am
@@ -0,0 +1,30 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_securetty
+
+TESTS = tst-pam_securetty
+
+man_MANS = pam_securetty.8
+XMLS = README.xml pam_securetty.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_securetty.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_securetty.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
diff --git a/Linux-PAM/modules/pam_securetty/Makefile.in b/Linux-PAM/modules/pam_securetty/Makefile.in
new file mode 100644
index 00000000..763404f5
--- /dev/null
+++ b/Linux-PAM/modules/pam_securetty/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_securetty
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_securetty_la_LIBADD =
+pam_securetty_la_SOURCES = pam_securetty.c
+pam_securetty_la_OBJECTS = pam_securetty.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_securetty.c
+DIST_SOURCES = pam_securetty.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_securetty
+TESTS = tst-pam_securetty
+man_MANS = pam_securetty.8
+XMLS = README.xml pam_securetty.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_securetty.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_securetty/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_securetty/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_securetty.la: $(pam_securetty_la_OBJECTS) $(pam_securetty_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_securetty_la_OBJECTS) $(pam_securetty_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_securetty.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_securetty.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_securetty/README b/Linux-PAM/modules/pam_securetty/README
index 1df095c9..d4ee5f97 100644
--- a/Linux-PAM/modules/pam_securetty/README
+++ b/Linux-PAM/modules/pam_securetty/README
@@ -1,9 +1,33 @@
-pam_securetty:
- Allows root logins only if the user is logging in on a
- "secure" tty, as defined by the listing in /etc/securetty
+pam_securetty — Limit root login to special devices
- Also checks to make sure that /etc/securetty is a plain
- file and not world writable.
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_securetty is a PAM module that allows root logins only if the user is
+logging in on a "secure" tty, as defined by the listing in /etc/securetty.
+pam_securetty also checks to make sure that /etc/securetty is a plain file and
+not world writable.
+
+This module has no effect on non-root users and requires that the application
+fills in the PAM_TTY item correctly.
+
+For canonical usage, should be listed as a required authentication method
+before any sufficient authentication methods.
+
+OPTIONS
+
+debug
+
+ Print debug information.
+
+EXAMPLES
+
+auth required pam_securetty.so
+auth required pam_unix.so
+
+
+AUTHOR
+
+pam_securetty was written by Elliot Lee <sopwith@cuc.edu>.
- - Elliot Lee <sopwith@redhat.com>, Red Hat Software.
- July 25, 1996.
diff --git a/Linux-PAM/modules/pam_securetty/README.xml b/Linux-PAM/modules/pam_securetty/README.xml
new file mode 100644
index 00000000..a8c098a0
--- /dev/null
+++ b/Linux-PAM/modules/pam_securetty/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_securetty.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_securetty.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_securetty-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_securetty/pam_securetty.8 b/Linux-PAM/modules/pam_securetty/pam_securetty.8
new file mode 100644
index 00000000..f72e611f
--- /dev/null
+++ b/Linux-PAM/modules/pam_securetty/pam_securetty.8
@@ -0,0 +1,85 @@
+.\" Title: pam_securetty
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/04/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SECURETTY" "8" "06/04/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_securetty \- Limit root login to special devices
+.SH "SYNOPSIS"
+.HP 17
+\fBpam_securetty.so\fR [debug]
+.SH "DESCRIPTION"
+.PP
+pam_securetty is a PAM module that allows root logins only if the user is logging in on a "secure" tty, as defined by the listing in
+\fI/etc/securetty\fR. pam_securetty also checks to make sure that
+\fI/etc/securetty\fR
+is a plain file and not world writable.
+.PP
+This module has no effect on non\-root users and requires that the application fills in the
+\fBPAM_TTY\fR
+item correctly.
+.PP
+For canonical usage, should be listed as a
+\fBrequired\fR
+authentication method before any
+\fBsufficient\fR
+authentication methods.
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+The user is allowed to continue authentication. Either the user is not root, or the root user is trying to log in on an acceptable device.
+.TP 3n
+PAM_AUTH_ERR
+Authentication is rejected. Either root is attempting to log in via an unacceptable device, or the
+\fI/etc/securetty\fR
+file is world writable or not a normal file.
+.TP 3n
+PAM_INCOMPLETE
+An application error occurred. pam_securetty was not able to get information it required from the application that called it.
+.TP 3n
+PAM_SERVICE_ERR
+An error occurred while the module was determining the user's name or tty, or the module could not open
+\fI/etc/securetty\fR.
+.TP 3n
+PAM_IGNORE
+The module could not find the user name in the
+\fI/etc/passwd\fR
+file to verify whether the user had a UID of 0. Therefore, the results of running this module are ignored.
+.SH "EXAMPLES"
+.PP
+
+.sp
+.RS 3n
+.nf
+auth required pam_securetty.so
+auth required pam_unix.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBsecuretty\fR(5),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_securetty was written by Elliot Lee <sopwith@cuc.edu>.
diff --git a/Linux-PAM/modules/pam_securetty/pam_securetty.8.xml b/Linux-PAM/modules/pam_securetty/pam_securetty.8.xml
new file mode 100644
index 00000000..56348d78
--- /dev/null
+++ b/Linux-PAM/modules/pam_securetty/pam_securetty.8.xml
@@ -0,0 +1,167 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_securetty">
+
+ <refmeta>
+ <refentrytitle>pam_securetty</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_securetty-name">
+ <refname>pam_securetty</refname>
+ <refpurpose>Limit root login to special devices</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_securetty-cmdsynopsis">
+ <command>pam_securetty.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_securetty-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_securetty is a PAM module that allows root logins only if the
+ user is logging in on a "secure" tty, as defined by the listing
+ in <filename>/etc/securetty</filename>. pam_securetty also checks
+ to make sure that <filename>/etc/securetty</filename> is a plain
+ file and not world writable.
+ </para>
+ <para>
+ This module has no effect on non-root users and requires that the
+ application fills in the <emphasis remap='B'>PAM_TTY</emphasis>
+ item correctly.
+ </para>
+ <para>
+ For canonical usage, should be listed as a
+ <emphasis remap='B'>required</emphasis> authentication method
+ before any <emphasis remap='B'>sufficient</emphasis>
+ authentication methods.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_securetty-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_securetty-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>auth</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_securetty-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The user is allowed to continue authentication.
+ Either the user is not root, or the root user is
+ trying to log in on an acceptable device.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ Authentication is rejected. Either root is attempting to
+ log in via an unacceptable device, or the
+ <filename>/etc/securetty</filename> file is world writable or
+ not a normal file.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_INCOMPLETE</term>
+ <listitem>
+ <para>
+ An application error occurred. pam_securetty was not able
+ to get information it required from the application that
+ called it.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ An error occurred while the module was determining the
+ user's name or tty, or the module could not open
+ <filename>/etc/securetty</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ The module could not find the user name in the
+ <filename>/etc/passwd</filename> file to verify whether
+ the user had a UID of 0. Therefore, the results of running
+ this module are ignored.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_securetty-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ <programlisting>
+auth required pam_securetty.so
+auth required pam_unix.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_securetty-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>securetty</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_securetty-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_securetty was written by Elliot Lee &lt;sopwith@cuc.edu&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_securetty/pam_securetty.c b/Linux-PAM/modules/pam_securetty/pam_securetty.c
index 3a9ae421..9dbe9bc4 100644
--- a/Linux-PAM/modules/pam_securetty/pam_securetty.c
+++ b/Linux-PAM/modules/pam_securetty/pam_securetty.c
@@ -10,7 +10,7 @@
* Slight modifications AGM. 1996/12/3
*/
-#define _GNU_SOURCE
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
@@ -34,26 +34,13 @@
#define PAM_SM_ACCOUNT
#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
-
-/* some syslogging */
-
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-securetty", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
-/* argument parsing */
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
#define PAM_DEBUG_ARG 0x0001
-static int _pam_parse(int argc, const char **argv)
+static int
+_pam_parse (const pam_handle_t *pamh, int argc, const char **argv)
{
int ctrl=0;
@@ -65,19 +52,21 @@ static int _pam_parse(int argc, const char **argv)
if (!strcmp(*argv,"debug"))
ctrl |= PAM_DEBUG_ARG;
else {
- _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
return ctrl;
}
-static int securetty_perform_check(pam_handle_t *pamh, int flags, int ctrl,
- const char *function_name)
+static int
+securetty_perform_check (pam_handle_t *pamh, int ctrl,
+ const char *function_name)
{
int retval = PAM_AUTH_ERR;
const char *username;
- char *uttyname;
+ const char *uttyname;
+ const void *void_uttyname;
char ttyfileline[256];
char ptname[256];
struct stat ttyfileinfo;
@@ -86,32 +75,29 @@ static int securetty_perform_check(pam_handle_t *pamh, int flags, int ctrl,
/* log a trail for debugging */
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_DEBUG, "pam_securetty called via %s function",
- function_name);
+ pam_syslog(pamh, LOG_DEBUG, "pam_securetty called via %s function",
+ function_name);
}
retval = pam_get_user(pamh, &username, NULL);
if (retval != PAM_SUCCESS || username == NULL) {
- if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_WARNING, "cannot determine username");
- }
+ pam_syslog(pamh, LOG_WARNING, "cannot determine username");
return (retval == PAM_CONV_AGAIN ? PAM_INCOMPLETE:PAM_SERVICE_ERR);
}
- user_pwd = _pammodutil_getpwnam(pamh, username);
+ user_pwd = pam_modutil_getpwnam(pamh, username);
if (user_pwd == NULL) {
- return PAM_IGNORE;
+ return PAM_USER_UNKNOWN;
} else if (user_pwd->pw_uid != 0) { /* If the user is not root,
securetty's does not apply
to them */
return PAM_SUCCESS;
}
- retval = pam_get_item(pamh, PAM_TTY, (const void **)&uttyname);
+ retval = pam_get_item(pamh, PAM_TTY, &void_uttyname);
+ uttyname = void_uttyname;
if (retval != PAM_SUCCESS || uttyname == NULL) {
- if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_WARNING, "cannot determine user's tty");
- }
+ pam_syslog (pamh, LOG_WARNING, "cannot determine user's tty");
return PAM_SERVICE_ERR;
}
@@ -121,7 +107,7 @@ static int securetty_perform_check(pam_handle_t *pamh, int flags, int ctrl,
}
if (stat(SECURETTY_FILE, &ttyfileinfo)) {
- _pam_log(LOG_NOTICE, "Couldn't open " SECURETTY_FILE);
+ pam_syslog(pamh, LOG_NOTICE, "Couldn't open %s: %m", SECURETTY_FILE);
return PAM_SUCCESS; /* for compatibility with old securetty handling,
this needs to succeed. But we still log the
error. */
@@ -130,15 +116,15 @@ static int securetty_perform_check(pam_handle_t *pamh, int flags, int ctrl,
if ((ttyfileinfo.st_mode & S_IWOTH) || !S_ISREG(ttyfileinfo.st_mode)) {
/* If the file is world writable or is not a
normal file, return error */
- _pam_log(LOG_ERR, SECURETTY_FILE
- " is either world writable or not a normal file");
+ pam_syslog(pamh, LOG_ERR,
+ "%s is either world writable or not a normal file",
+ SECURETTY_FILE);
return PAM_AUTH_ERR;
}
ttyfile = fopen(SECURETTY_FILE,"r");
if (ttyfile == NULL) { /* Check that we opened it successfully */
- _pam_log(LOG_ERR,
- "Error opening " SECURETTY_FILE);
+ pam_syslog(pamh, LOG_ERR, "Error opening %s: %m", SECURETTY_FILE);
return PAM_SERVICE_ERR;
}
@@ -161,13 +147,13 @@ static int securetty_perform_check(pam_handle_t *pamh, int flags, int ctrl,
fclose(ttyfile);
if (retval) {
- _pam_log(LOG_WARNING, "access denied: tty '%s' is not secure !",
+ pam_syslog(pamh, LOG_WARNING, "access denied: tty '%s' is not secure !",
uttyname);
retval = PAM_AUTH_ERR;
} else {
if ((retval == PAM_SUCCESS) && (ctrl & PAM_DEBUG_ARG)) {
- _pam_log(LOG_DEBUG, "access allowed for '%s' on '%s'",
+ pam_syslog(pamh, LOG_DEBUG, "access allowed for '%s' on '%s'",
username, uttyname);
}
retval = PAM_SUCCESS;
@@ -180,36 +166,37 @@ static int securetty_perform_check(pam_handle_t *pamh, int flags, int ctrl,
/* --- authentication management functions --- */
PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
+int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED, int argc,
const char **argv)
{
int ctrl;
/* parse the arguments */
- ctrl = _pam_parse(argc, argv);
+ ctrl = _pam_parse (pamh, argc, argv);
- return securetty_perform_check(pamh, flags, ctrl, __FUNCTION__);
+ return securetty_perform_check(pamh, ctrl, __FUNCTION__);
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
/* --- account management functions --- */
-PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_acct_mgmt (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
int ctrl;
/* parse the arguments */
- ctrl = _pam_parse(argc, argv);
+ ctrl = _pam_parse (pamh, argc, argv);
/* take the easy route */
- return securetty_perform_check(pamh, flags, ctrl, __FUNCTION__);
+ return securetty_perform_check(pamh, ctrl, __FUNCTION__);
}
diff --git a/Linux-PAM/modules/pam_securetty/tst-pam_securetty b/Linux-PAM/modules/pam_securetty/tst-pam_securetty
new file mode 100755
index 00000000..1252f798
--- /dev/null
+++ b/Linux-PAM/modules/pam_securetty/tst-pam_securetty
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_securetty.so
diff --git a/Linux-PAM/modules/pam_selinux/Makefile.am b/Linux-PAM/modules/pam_selinux/Makefile.am
new file mode 100644
index 00000000..ee2773e9
--- /dev/null
+++ b/Linux-PAM/modules/pam_selinux/Makefile.am
@@ -0,0 +1,42 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(XMLS) pam_selinux.8 pam_selinux_check.8 \
+ tst-pam_selinux
+
+if HAVE_LIBSELINUX
+ TESTS = tst-pam_selinux
+ man_MANS = pam_selinux.8
+endif
+
+XMLS = README.xml pam_selinux.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -I$(top_srcdir)/libpam_misc/include
+AM_LDFLAGS = -no-undefined \
+ -L$(top_builddir)/libpam -lpam @LIBSELINUX@
+
+pam_selinux_check_LDFLAGS = $(AM_LDFLAGS) -L$(top_builddir)/libpam_misc -lpam_misc
+
+pam_selinux_la_LDFLAGS = $(AM_LDFLAGS)
+if HAVE_VERSIONING
+ pam_selinux_la_LDFLAGS += -avoid-version -module \
+ -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+if HAVE_LIBSELINUX
+ securelib_LTLIBRARIES = pam_selinux.la
+ noinst_PROGRAMS = pam_selinux_check
+endif
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README pam_selinux.8
+README: pam_selinux.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_selinux/Makefile.in b/Linux-PAM/modules/pam_selinux/Makefile.in
new file mode 100644
index 00000000..05321ab8
--- /dev/null
+++ b/Linux-PAM/modules/pam_selinux/Makefile.in
@@ -0,0 +1,698 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+#
+
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -avoid-version -module \
+@HAVE_VERSIONING_TRUE@ -Wl,--version-script=$(srcdir)/../modules.map
+
+@HAVE_LIBSELINUX_TRUE@noinst_PROGRAMS = pam_selinux_check$(EXEEXT)
+subdir = modules/pam_selinux
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_selinux_la_LIBADD =
+pam_selinux_la_SOURCES = pam_selinux.c
+pam_selinux_la_OBJECTS = pam_selinux.lo
+pam_selinux_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(pam_selinux_la_LDFLAGS) $(LDFLAGS) -o $@
+@HAVE_LIBSELINUX_TRUE@am_pam_selinux_la_rpath = -rpath $(securelibdir)
+PROGRAMS = $(noinst_PROGRAMS)
+pam_selinux_check_SOURCES = pam_selinux_check.c
+pam_selinux_check_OBJECTS = pam_selinux_check.$(OBJEXT)
+pam_selinux_check_LDADD = $(LDADD)
+pam_selinux_check_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(pam_selinux_check_LDFLAGS) $(LDFLAGS) -o $@
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_selinux.c pam_selinux_check.c
+DIST_SOURCES = pam_selinux.c pam_selinux_check.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(XMLS) pam_selinux.8 pam_selinux_check.8 \
+ tst-pam_selinux
+
+@HAVE_LIBSELINUX_TRUE@TESTS = tst-pam_selinux
+@HAVE_LIBSELINUX_TRUE@man_MANS = pam_selinux.8
+XMLS = README.xml pam_selinux.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -I$(top_srcdir)/libpam_misc/include
+
+AM_LDFLAGS = -no-undefined \
+ -L$(top_builddir)/libpam -lpam @LIBSELINUX@
+
+pam_selinux_check_LDFLAGS = $(AM_LDFLAGS) -L$(top_builddir)/libpam_misc -lpam_misc
+pam_selinux_la_LDFLAGS = $(AM_LDFLAGS) $(am__append_1)
+@HAVE_LIBSELINUX_TRUE@securelib_LTLIBRARIES = pam_selinux.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README pam_selinux.8
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_selinux/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_selinux/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_selinux.la: $(pam_selinux_la_OBJECTS) $(pam_selinux_la_DEPENDENCIES)
+ $(pam_selinux_la_LINK) $(am_pam_selinux_la_rpath) $(pam_selinux_la_OBJECTS) $(pam_selinux_la_LIBADD) $(LIBS)
+
+clean-noinstPROGRAMS:
+ @list='$(noinst_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+pam_selinux_check$(EXEEXT): $(pam_selinux_check_OBJECTS) $(pam_selinux_check_DEPENDENCIES)
+ @rm -f pam_selinux_check$(EXEEXT)
+ $(pam_selinux_check_LINK) $(pam_selinux_check_OBJECTS) $(pam_selinux_check_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_selinux.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_selinux_check.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \
+ clean-securelibLTLIBRARIES mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-noinstPROGRAMS \
+ clean-securelibLTLIBRARIES ctags distclean distclean-compile \
+ distclean-generic distclean-libtool distclean-tags distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-html install-html-am \
+ install-info install-info-am install-man install-man8 \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_selinux.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_selinux/README b/Linux-PAM/modules/pam_selinux/README
new file mode 100644
index 00000000..4268d3fb
--- /dev/null
+++ b/Linux-PAM/modules/pam_selinux/README
@@ -0,0 +1,61 @@
+pam_selinux — PAM module to set the default security context
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+In a nutshell, pam_selinux sets up the default security context for the next
+execed shell.
+
+When an application opens a session using pam_selinux, the shell that gets
+executed will be run in the default security context, or if the user chooses
+and the pam file allows the selected security context. Also the controlling tty
+will have it's security context modified to match the users.
+
+Adding pam_selinux into a pam file could cause other pam modules to change
+their behavior if the exec another application. The close and open option help
+mitigate this problem. close option will only cause the close portion of the
+pam_selinux to execute, and open will only cause the open portion to run. You
+can add pam_selinux to the config file twice. Add the pam_selinux close as the
+executes the open pass through the modules, pam_selinux open_session will
+happen last. When PAM executes the close pass through the modules pam_selinux
+close_session will happen first.
+
+OPTIONS
+
+close
+
+ Only execute the close_session portion of the module.
+
+debug
+
+ Turns on debugging via syslog(3).
+
+multiple
+
+ Tells pam_selinux.so to allow the user to select the security context they
+ will login with, if the user has more than one role.
+
+open
+
+ Only execute the open_session portion of the module.
+
+nottys
+
+ Do not try to setup the ttys security context.
+
+verbose
+
+ attempt to inform the user when security context is set.
+
+EXAMPLES
+
+auth required pam_unix.so
+session required pam_permit.so
+session optional pam_selinux.so
+
+
+AUTHOR
+
+pam_selinux was written by Dan Walsh <dwalsh@redhat.com>.
+
diff --git a/Linux-PAM/modules/pam_selinux/README.xml b/Linux-PAM/modules/pam_selinux/README.xml
new file mode 100644
index 00000000..7e1baf55
--- /dev/null
+++ b/Linux-PAM/modules/pam_selinux/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_selinux.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_selinux.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_selinux-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_selinux.8.xml" xpointer='xpointer(//refsect1[@id = "pam_selinux-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_selinux.8.xml" xpointer='xpointer(//refsect1[@id = "pam_selinux-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_selinux.8.xml" xpointer='xpointer(//refsect1[@id = "pam_selinux-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_selinux.8.xml" xpointer='xpointer(//refsect1[@id = "pam_selinux-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_selinux/pam_selinux.8 b/Linux-PAM/modules/pam_selinux/pam_selinux.8
new file mode 100644
index 00000000..f44fc684
--- /dev/null
+++ b/Linux-PAM/modules/pam_selinux/pam_selinux.8
@@ -0,0 +1,78 @@
+.\" Title: pam_selinux
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/18/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SELINUX" "8" "06/18/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_selinux \- PAM module to set the default security context
+.SH "SYNOPSIS"
+.HP 15
+\fBpam_selinux.so\fR [close] [debug] [multiple] [open] [nottys] [verbose]
+.SH "DESCRIPTION"
+.PP
+In a nutshell, pam_selinux sets up the default security context for the next execed shell.
+.PP
+When an application opens a session using pam_selinux, the shell that gets executed will be run in the default security context, or if the user chooses and the pam file allows the selected security context. Also the controlling tty will have it's security context modified to match the users.
+.PP
+Adding pam_selinux into a pam file could cause other pam modules to change their behavior if the exec another application. The close and open option help mitigate this problem. close option will only cause the close portion of the pam_selinux to execute, and open will only cause the open portion to run. You can add pam_selinux to the config file twice. Add the pam_selinux close as the executes the open pass through the modules, pam_selinux open_session will happen last. When PAM executes the close pass through the modules pam_selinux close_session will happen first.
+.SH "OPTIONS"
+.TP 3n
+\fBclose\fR
+Only execute the close_session portion of the module.
+.TP 3n
+\fBdebug\fR
+Turns on debugging via
+\fBsyslog\fR(3).
+.TP 3n
+\fBmultiple\fR
+Tells pam_selinux.so to allow the user to select the security context they will login with, if the user has more than one role.
+.TP 3n
+\fBopen\fR
+Only execute the open_session portion of the module.
+.TP 3n
+\fBnottys\fR
+Do not try to setup the ttys security context.
+.TP 3n
+\fBverbose\fR
+attempt to inform the user when security context is set.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBsession\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_AUTH_ERR
+Unable to get or set a valid context.
+.TP 3n
+PAM_SUCCESS
+The security context was set successfull.
+.TP 3n
+PAM_USER_UNKNOWN
+The user is not known to the system.
+.SH "EXAMPLES"
+.sp
+.RS 3n
+.nf
+auth required pam_unix.so
+session required pam_permit.so
+session optional pam_selinux.so
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_selinux was written by Dan Walsh <dwalsh@redhat.com>.
diff --git a/Linux-PAM/modules/pam_selinux/pam_selinux.8.xml b/Linux-PAM/modules/pam_selinux/pam_selinux.8.xml
new file mode 100644
index 00000000..1f00f082
--- /dev/null
+++ b/Linux-PAM/modules/pam_selinux/pam_selinux.8.xml
@@ -0,0 +1,207 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_selinux">
+
+ <refmeta>
+ <refentrytitle>pam_selinux</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_selinux-name">
+ <refname>pam_selinux</refname>
+ <refpurpose>PAM module to set the default security context</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_selinux-cmdsynopsis">
+ <command>pam_selinux.so</command>
+ <arg choice="opt">
+ close
+ </arg>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ multiple
+ </arg>
+ <arg choice="opt">
+ open
+ </arg>
+ <arg choice="opt">
+ nottys
+ </arg>
+ <arg choice="opt">
+ verbose
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_selinux-description">
+ <title>DESCRIPTION</title>
+ <para>
+ In a nutshell, pam_selinux sets up the default security context for the
+ next execed shell.
+ </para>
+ <para>
+ When an application opens a session using pam_selinux, the shell that
+ gets executed will be run in the default security context, or if the
+ user chooses and the pam file allows the selected security context.
+ Also the controlling tty will have it's security context modified to
+ match the users.
+ </para>
+ <para>
+ Adding pam_selinux into a pam file could cause other pam modules to
+ change their behavior if the exec another application. The close and
+ open option help mitigate this problem. close option will only cause
+ the close portion of the pam_selinux to execute, and open will only
+ cause the open portion to run. You can add pam_selinux to the config
+ file twice. Add the pam_selinux close as the executes the open pass
+ through the modules, pam_selinux open_session will happen last.
+ When PAM executes the close pass through the modules pam_selinux
+ close_session will happen first.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_selinux-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>close</option>
+ </term>
+ <listitem>
+ <para>
+ Only execute the close_session portion of the module.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Turns on debugging via
+ <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>multiple</option>
+ </term>
+ <listitem>
+ <para>
+ Tells pam_selinux.so to allow the user to select the
+ security context they will login with, if the user has
+ more than one role.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>open</option>
+ </term>
+ <listitem>
+ <para>
+ Only execute the open_session portion of the module.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>nottys</option>
+ </term>
+ <listitem>
+ <para>
+ Do not try to setup the ttys security context.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>verbose</option>
+ </term>
+ <listitem>
+ <para>
+ attempt to inform the user when security context is set.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_selinux-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>session</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_selinux-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ Unable to get or set a valid context.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The security context was set successfull.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ The user is not known to the system.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_selinux-examples'>
+ <title>EXAMPLES</title>
+ <programlisting>
+auth required pam_unix.so
+session required pam_permit.so
+session optional pam_selinux.so
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id='pam_selinux-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_selinux-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_selinux was written by Dan Walsh &lt;dwalsh@redhat.com&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_selinux/pam_selinux.c b/Linux-PAM/modules/pam_selinux/pam_selinux.c
new file mode 100644
index 00000000..5aaec2e7
--- /dev/null
+++ b/Linux-PAM/modules/pam_selinux/pam_selinux.c
@@ -0,0 +1,482 @@
+/******************************************************************************
+ * A module for Linux-PAM that will set the default security context after login
+ * via PAM.
+ *
+ * Copyright (c) 2003 Red Hat, Inc.
+ * Written by Dan Walsh <dwalsh@redhat.com>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "config.h"
+
+#include <errno.h>
+#include <limits.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <syslog.h>
+
+#define PAM_SM_AUTH
+#define PAM_SM_SESSION
+
+#include <security/pam_modules.h>
+#include <security/_pam_macros.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
+
+#include <selinux/selinux.h>
+#include <selinux/get_context_list.h>
+#include <selinux/flask.h>
+#include <selinux/selinux.h>
+#include <selinux/context.h>
+
+static int
+send_text (pam_handle_t *pamh, const char *text, int debug)
+{
+ if (debug)
+ pam_syslog(pamh, LOG_NOTICE, "%s", text);
+ return pam_info (pamh, "%s", text);
+}
+
+/*
+ * This function sends a message to the user and gets the response. The caller
+ * is responsible for freeing the responses.
+ */
+static int
+query_response (pam_handle_t *pamh, const char *text,
+ char **responses, int debug)
+{
+ if (debug)
+ pam_syslog(pamh, LOG_NOTICE, "%s", text);
+
+ return pam_prompt (pamh, PAM_PROMPT_ECHO_ON, responses, "%s", text);
+}
+
+static security_context_t
+select_context (pam_handle_t *pamh, security_context_t* contextlist,
+ int debug)
+{
+ char *responses;
+ char *text=calloc(PATH_MAX,1);
+
+ if (text == NULL)
+ return (security_context_t) strdup(contextlist[0]);
+
+ snprintf(text, PATH_MAX,
+ _("Your default context is %s. \n"), contextlist[0]);
+ send_text(pamh,text,debug);
+ free(text);
+ query_response(pamh,_("Do you want to choose a different one? [n]"),
+ &responses,debug);
+ if (responses && ((responses[0] == 'y') ||
+ (responses[0] == 'Y')))
+ {
+ int choice=0;
+ int i;
+ const char *prompt=_("Enter number of choice: ");
+ int len=strlen(prompt);
+ char buf[PATH_MAX];
+
+ _pam_drop(responses);
+ for (i = 0; contextlist[i]; i++) {
+ len+=strlen(contextlist[i]) + 10;
+ }
+ text=calloc(len,1);
+ for (i = 0; contextlist[i]; i++) {
+ snprintf(buf, PATH_MAX,
+ "[%d] %s\n", i+1, contextlist[i]);
+ strncat(text,buf,len);
+ }
+ strcat(text,prompt);
+ while ((choice < 1) || (choice > i)) {
+ query_response(pamh,text,&responses,debug);
+ choice = strtol (responses, NULL, 10);
+ _pam_drop(responses);
+ }
+ free(text);
+ return (security_context_t) strdup(contextlist[choice-1]);
+ }
+ else if (responses)
+ _pam_drop(responses);
+
+ return (security_context_t) strdup(contextlist[0]);
+}
+
+static security_context_t
+manual_context (pam_handle_t *pamh, const char *user, int debug)
+{
+ security_context_t newcon;
+ context_t new_context;
+ int mls_enabled = is_selinux_mls_enabled();
+
+ char *responses;
+
+ while (1) {
+ query_response(pamh,
+ _("Would you like to enter a security context? [y] "),
+ &responses,debug);
+ if ((responses[0] == 'y') || (responses[0] == 'Y') ||
+ (responses[0] == '\0') )
+ {
+ if (mls_enabled)
+ new_context = context_new ("user:role:type:level");
+ else
+ new_context = context_new ("user:role:type");
+ _pam_drop(responses);
+
+ /* Allow the user to enter each field of the context individually */
+ if (context_user_set (new_context, user))
+ {
+ context_free (new_context);
+ return NULL;
+ }
+ query_response(pamh,_("role: "),&responses,debug);
+ if (context_role_set (new_context, responses))
+ {
+ _pam_drop(responses);
+ context_free (new_context);
+ return NULL;
+ }
+ _pam_drop(responses);
+ query_response(pamh,_("type: "),&responses,debug);
+ if (context_type_set (new_context, responses))
+ {
+ _pam_drop(responses);
+ context_free (new_context);
+ return NULL;
+ }
+ _pam_drop(responses);
+ if (mls_enabled)
+ {
+ query_response(pamh,_("level: "),&responses,debug);
+ if (context_range_set (new_context, responses))
+ {
+ _pam_drop(responses);
+ context_free (new_context);
+ return NULL;
+ }
+ _pam_drop(responses);
+ }
+ /* Get the string value of the context and see if it is valid. */
+ if (!security_check_context(context_str(new_context))) {
+ newcon = strdup(context_str(new_context));
+ context_free (new_context);
+ return newcon;
+ }
+ else
+ send_text(pamh,_("Not a valid security context"),debug);
+ }
+ else {
+ _pam_drop(responses);
+ return NULL;
+ }
+ } /* end while */
+
+ return NULL;
+}
+
+static void
+security_restorelabel_tty(const pam_handle_t *pamh,
+ const char *tty, security_context_t context)
+{
+ char ttybuf[PATH_MAX];
+ const char *ptr;
+
+ if (context==NULL)
+ return;
+
+ if(strncmp("/dev/", tty, 5)) {
+ snprintf(ttybuf,sizeof(ttybuf),"/dev/%s",tty);
+ ptr = ttybuf;
+ }
+ else
+ ptr = tty;
+
+ if (setfilecon(ptr, context) && errno != ENOENT)
+ {
+ pam_syslog(pamh, LOG_NOTICE,
+ "Warning! Could not relabel %s with %s, not relabeling: %m",
+ ptr, context);
+ }
+}
+
+static security_context_t
+security_label_tty(pam_handle_t *pamh, char *tty,
+ security_context_t usercon)
+{
+ char ttybuf[PATH_MAX];
+ int status=0;
+ security_context_t newdev_context=NULL; /* The new context of a device */
+ security_context_t prev_context=NULL; /* The new context of a device */
+ const char *ptr;
+
+ if(strncmp("/dev/", tty, 5))
+ {
+ snprintf(ttybuf,sizeof(ttybuf),"/dev/%s",tty);
+ ptr = ttybuf;
+ }
+ else
+ ptr = tty;
+
+ if (getfilecon(ptr, &prev_context) < 0)
+ {
+ if(errno != ENOENT)
+ pam_syslog(pamh, LOG_NOTICE,
+ "Warning! Could not get current context for %s, not relabeling: %m",
+ ptr);
+ return NULL;
+ }
+ if( security_compute_relabel(usercon,prev_context,SECCLASS_CHR_FILE,
+ &newdev_context)!=0)
+ {
+ pam_syslog(pamh, LOG_NOTICE,
+ "Warning! Could not get new context for %s, not relabeling: %m",
+ ptr);
+ pam_syslog(pamh, LOG_NOTICE,
+ "usercon=%s, prev_context=%s", usercon, prev_context);
+ freecon(prev_context);
+ return NULL;
+ }
+ status=setfilecon(ptr,newdev_context);
+ if (status)
+ {
+ pam_syslog(pamh, LOG_NOTICE,
+ "Warning! Could not relabel %s with %s, not relabeling: %m",
+ ptr,newdev_context);
+ freecon(prev_context);
+ prev_context=NULL;
+ }
+ freecon(newdev_context);
+ return prev_context;
+}
+
+static security_context_t user_context=NULL;
+static security_context_t prev_user_context=NULL;
+static security_context_t ttyn_context=NULL; /* The current context of ttyn device */
+static int selinux_enabled=0;
+static char *ttyn=NULL;
+
+/* Tell the user that access has been granted. */
+static void
+verbose_message(pam_handle_t *pamh, char *msg, int debug)
+{
+ if (debug)
+ pam_syslog(pamh, LOG_NOTICE, msg);
+
+ pam_info (pamh, "%s", msg);
+}
+
+PAM_EXTERN int
+pam_sm_authenticate(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ /* Fail by default. */
+ return PAM_AUTH_ERR;
+}
+
+PAM_EXTERN int
+pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_SUCCESS;
+}
+
+PAM_EXTERN int
+pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ int i, debug = 0, ttys=1, has_tty=isatty(0);
+ int verbose=0, multiple=0, close_session=0;
+ int ret = 0;
+ security_context_t* contextlist = NULL;
+ int num_contexts = 0;
+ const void *username = NULL;
+ const void *tty = NULL;
+
+ /* Parse arguments. */
+ for (i = 0; i < argc; i++) {
+ if (strcmp(argv[i], "debug") == 0) {
+ debug = 1;
+ }
+ if (strcmp(argv[i], "nottys") == 0) {
+ ttys = 0;
+ }
+ if (strcmp(argv[i], "verbose") == 0) {
+ verbose = 1;
+ }
+ if (strcmp(argv[i], "multiple") == 0) {
+ multiple = 1;
+ }
+ if (strcmp(argv[i], "close") == 0) {
+ close_session = 1;
+ }
+ }
+
+ if (debug)
+ pam_syslog(pamh, LOG_NOTICE, "Open Session");
+
+ /* this module is only supposed to execute close_session */
+ if (close_session)
+ return PAM_SUCCESS;
+
+ if (!(selinux_enabled = is_selinux_enabled()>0) )
+ return PAM_SUCCESS;
+
+ if (pam_get_item(pamh, PAM_USER, &username) != PAM_SUCCESS ||
+ username == NULL) {
+ return PAM_USER_UNKNOWN;
+ }
+ num_contexts = get_ordered_context_list(username, 0, &contextlist);
+ if (num_contexts > 0) {
+ if (multiple && (num_contexts > 1) && has_tty) {
+ user_context = select_context(pamh,contextlist, debug);
+ freeconary(contextlist);
+ } else {
+ user_context = (security_context_t) strdup(contextlist[0]);
+ freeconary(contextlist);
+ }
+ } else {
+ if (has_tty) {
+ user_context = manual_context(pamh,username,debug);
+ if (user_context == NULL) {
+ pam_syslog (pamh, LOG_ERR, "Unable to get valid context for %s",
+ (const char *)username);
+ return PAM_AUTH_ERR;
+ }
+ } else {
+ pam_syslog (pamh, LOG_ERR,
+ "Unable to get valid context for %s, No valid tty",
+ (const char *)username);
+ return PAM_AUTH_ERR;
+ }
+ }
+ if (getexeccon(&prev_user_context)<0) {
+ prev_user_context=NULL;
+ }
+ if (ttys) {
+ /* Get the name of the terminal. */
+ if (pam_get_item(pamh, PAM_TTY, &tty) != PAM_SUCCESS) {
+ tty = NULL;
+ }
+
+ if ((tty == NULL) || (strlen(tty) == 0) ||
+ strcmp(tty, "ssh") == 0 || strncmp(tty, "NODEV", 5) == 0) {
+ tty = ttyname(STDIN_FILENO);
+ if ((tty == NULL) || (strlen(tty) == 0)) {
+ tty = ttyname(STDOUT_FILENO);
+ }
+ if ((tty == NULL) || (strlen(tty) == 0)) {
+ tty = ttyname(STDERR_FILENO);
+ }
+ }
+ }
+ if(ttys && tty ) {
+ ttyn=strdup(tty);
+ ttyn_context=security_label_tty(pamh,ttyn,user_context);
+ }
+ ret = setexeccon(user_context);
+ if (ret==0 && verbose) {
+ char msg[PATH_MAX];
+ snprintf(msg, sizeof(msg),
+ _("Security Context %s Assigned"), user_context);
+ verbose_message(pamh, msg, debug);
+ }
+ if (ret) {
+ pam_syslog(pamh, LOG_ERR,
+ "Error! Unable to set %s executable context %s.",
+ (const char *)username, user_context);
+ freecon(user_context);
+ return PAM_AUTH_ERR;
+ } else {
+ if (debug)
+ pam_syslog(pamh, LOG_NOTICE, "set %s security context to %s",
+ (const char *)username, user_context);
+ }
+ freecon(user_context);
+
+ return PAM_SUCCESS;
+}
+
+PAM_EXTERN int
+pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ int i, debug = 0,status=0, open_session=0;
+ if (! (selinux_enabled ))
+ return PAM_SUCCESS;
+
+ /* Parse arguments. */
+ for (i = 0; i < argc; i++) {
+ if (strcmp(argv[i], "debug") == 0) {
+ debug = 1;
+ }
+ if (strcmp(argv[i], "open") == 0) {
+ open_session = 1;
+ }
+ }
+
+ if (debug)
+ pam_syslog(pamh, LOG_NOTICE, "Close Session");
+
+ if (open_session)
+ return PAM_SUCCESS;
+
+ if (ttyn) {
+ if (debug)
+ pam_syslog(pamh, LOG_NOTICE, "Restore tty %s -> %s",
+ ttyn,ttyn_context);
+
+ security_restorelabel_tty(pamh,ttyn,ttyn_context);
+ freecon(ttyn_context);
+ free(ttyn);
+ ttyn=NULL;
+ }
+ status=setexeccon(prev_user_context);
+ freecon(prev_user_context);
+ if (status) {
+ pam_syslog(pamh, LOG_ERR, "Error! Unable to set executable context %s.",
+ prev_user_context);
+ return PAM_AUTH_ERR;
+ }
+
+ if (debug)
+ pam_syslog(pamh, LOG_NOTICE, "setcontext back to orginal");
+
+ return PAM_SUCCESS;
+}
diff --git a/Linux-PAM/modules/pam_selinux/pam_selinux_check.8 b/Linux-PAM/modules/pam_selinux/pam_selinux_check.8
new file mode 100644
index 00000000..d6fcdff1
--- /dev/null
+++ b/Linux-PAM/modules/pam_selinux/pam_selinux_check.8
@@ -0,0 +1,35 @@
+.TH pam_selinux_check 8 2002/05/23 "Red Hat Linux" "System Administrator's Manual"
+.SH NAME
+pam_selinux_check \- login program to test pam_selinux.so
+.SH SYNOPSIS
+.B pam_selinux_check [user]
+.br
+
+.SH DESCRIPTION
+With no arguments,
+.B pam_selinux_check
+will prompt for user
+
+.SH OPTIONS
+.IP target_user
+The user to login as.
+
+.SH DIAGNOSTICS
+You must setup a /etc/pam.d/pam_selinux_check file, in order for the check to work.
+
+When checking if a selinux is valid,
+.B pam_selinux_check
+returns an exit code of 0 for success and > 0 on error:
+
+.nf
+1: Authentication failure
+.fi
+
+.SH SEE ALSO
+pam_selinux(8)
+
+.SH BUGS
+Let's hope not, but if you find any, please email the author.
+
+.SH AUTHOR
+Dan Walsh <dwalsh@redhat.com>
diff --git a/Linux-PAM/modules/pam_selinux/pam_selinux_check.c b/Linux-PAM/modules/pam_selinux/pam_selinux_check.c
new file mode 100644
index 00000000..30526d37
--- /dev/null
+++ b/Linux-PAM/modules/pam_selinux/pam_selinux_check.c
@@ -0,0 +1,161 @@
+/******************************************************************************
+ * A module for Linux-PAM that will set the default security context after login
+ * via PAM.
+ *
+ * Copyright (c) 2003 Red Hat, Inc.
+ * Written by Dan Walsh <dwalsh@redhat.com>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+/************************************************************************
+ *
+ * All PAM code goes in this section.
+ *
+ ************************************************************************/
+
+#include "config.h"
+
+#include <errno.h>
+#include <syslog.h>
+#include <unistd.h> /* for getuid(), exit(), getopt() */
+#include <signal.h>
+#include <sys/wait.h> /* for wait() */
+
+#include <security/pam_appl.h> /* for PAM functions */
+#include <security/pam_misc.h> /* for misc_conv PAM utility function */
+
+#define SERVICE_NAME "pam_selinux_check" /* the name of this program for PAM */
+ /* The file containing the context to run
+ * the scripts under. */
+int authenticate_via_pam( const char *user , pam_handle_t **pamh);
+
+/* authenticate_via_pam()
+ *
+ * in: user
+ * out: nothing
+ * return: value condition
+ * ----- ---------
+ * 1 pam thinks that the user authenticated themselves properly
+ * 0 otherwise
+ *
+ * this function uses pam to authenticate the user running this
+ * program. this is the only function in this program that makes pam
+ * calls.
+ *
+ */
+
+int authenticate_via_pam( const char *user , pam_handle_t **pamh) {
+
+ struct pam_conv *conv;
+ int result = 0; /* our result, set to 0 (not authenticated) by default */
+
+ /* this is a jump table of functions for pam to use when it wants to *
+ * communicate with the user. we'll be using misc_conv(), which is *
+ * provided for us via pam_misc.h. */
+ struct pam_conv pam_conversation = {
+ misc_conv,
+ NULL
+ };
+ conv = &pam_conversation;
+
+
+ /* make `p_pam_handle' a valid pam handle so we can use it when *
+ * calling pam functions. */
+ if( PAM_SUCCESS != pam_start( SERVICE_NAME,
+ user,
+ conv,
+ pamh ) ) {
+ fprintf( stderr, _("failed to initialize PAM\n") );
+ exit( -1 );
+ }
+
+ if( PAM_SUCCESS != pam_set_item(*pamh, PAM_RUSER, user))
+ {
+ fprintf( stderr, _("failed to pam_set_item()\n") );
+ exit( -1 );
+ }
+
+ /* Ask PAM to authenticate the user running this program */
+ if( PAM_SUCCESS == pam_authenticate(*pamh,0) ) {
+ if ( PAM_SUCCESS == pam_open_session(*pamh, 0) )
+ result = 1; /* user authenticated OK! */
+ }
+ return( result );
+
+} /* authenticate_via_pam() */
+
+int
+main (int argc, char **argv)
+{
+ pam_handle_t *pamh;
+ int childPid;
+
+ if (argc < 1)
+ exit (-1);
+
+ if (!authenticate_via_pam(argv[1],&pamh))
+ exit(-1);
+
+ childPid = fork();
+ if (childPid < 0) {
+ /* error in fork() */
+ fprintf(stderr, _("login: failure forking: %m"));
+ pam_close_session(pamh, 0);
+ /* We're done with PAM. Free `pam_handle'. */
+ pam_end( pamh, PAM_SUCCESS );
+ exit(0);
+ }
+ if (childPid) {
+ close(0); close(1); close(2);
+ struct sigaction sa;
+ memset(&sa,0,sizeof(sa));
+ sa.sa_handler = SIG_IGN;
+ sigaction(SIGQUIT, &sa, NULL);
+ sigaction(SIGINT, &sa, NULL);
+ while(wait(NULL) == -1 && errno == EINTR) /**/ ;
+ openlog("login", LOG_ODELAY, LOG_AUTHPRIV);
+ pam_close_session(pamh, 0);
+ /* We're done with PAM. Free `pam_handle'. */
+ pam_end( pamh, PAM_SUCCESS );
+ exit(0);
+ }
+ argv[0]=strdup ("/bin/sh");
+ argv[1]=NULL;
+
+ /* NOTE: The environment has not been sanitized. LD_PRELOAD and other fun
+ * things could be set. */
+ execv("/bin/sh",argv);
+ fprintf(stderr,"Failure\n");
+ return 0;
+}
diff --git a/Linux-PAM/modules/pam_selinux/tst-pam_selinux b/Linux-PAM/modules/pam_selinux/tst-pam_selinux
new file mode 100755
index 00000000..14c3d82f
--- /dev/null
+++ b/Linux-PAM/modules/pam_selinux/tst-pam_selinux
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_selinux.so
diff --git a/Linux-PAM/modules/pam_shells/Makefile b/Linux-PAM/modules/pam_shells/Makefile
deleted file mode 100644
index f1d7ff51..00000000
--- a/Linux-PAM/modules/pam_shells/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:05 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_shells
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_shells/Makefile.am b/Linux-PAM/modules/pam_shells/Makefile.am
new file mode 100644
index 00000000..03ac8b15
--- /dev/null
+++ b/Linux-PAM/modules/pam_shells/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_shells
+
+man_MANS = pam_shells.8
+XMLS = README.xml pam_shells.8.xml
+
+TESTS = tst-pam_shells
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_shells.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_shells.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_shells/Makefile.in b/Linux-PAM/modules/pam_shells/Makefile.in
new file mode 100644
index 00000000..f8779d1a
--- /dev/null
+++ b/Linux-PAM/modules/pam_shells/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_shells
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_shells_la_LIBADD =
+pam_shells_la_SOURCES = pam_shells.c
+pam_shells_la_OBJECTS = pam_shells.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_shells.c
+DIST_SOURCES = pam_shells.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_shells
+man_MANS = pam_shells.8
+XMLS = README.xml pam_shells.8.xml
+TESTS = tst-pam_shells
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_shells.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_shells/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_shells/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_shells.la: $(pam_shells_la_OBJECTS) $(pam_shells_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_shells_la_OBJECTS) $(pam_shells_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_shells.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_shells.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_shells/README b/Linux-PAM/modules/pam_shells/README
index aa63a827..38e6484c 100644
--- a/Linux-PAM/modules/pam_shells/README
+++ b/Linux-PAM/modules/pam_shells/README
@@ -1,9 +1,24 @@
-pam_shells:
- Authentication is granted if the users shell is listed in
- /etc/shells.
+pam_shells — PAM module to check for valid login shell
- Also checks to make sure that /etc/shells is a plain
- file and not world writable.
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_shells is a PAM module that only allows access to the system if the users
+shell is listed in /etc/shells.
+
+It also checks if /etc/shells is a plain file and not world writable.
+
+OPTIONS
+
+This module does not recognice any options.
+
+EXAMPLES
+
+auth required pam_shells.so
+
+
+AUTHOR
+
+pam_shells was written by Erik Troan <ewt@redhat.com>.
- - Erik Troan <ewt@redhat.com>, Red Hat Software.
- August 5, 1996.
diff --git a/Linux-PAM/modules/pam_shells/README.xml b/Linux-PAM/modules/pam_shells/README.xml
new file mode 100644
index 00000000..154b97b5
--- /dev/null
+++ b/Linux-PAM/modules/pam_shells/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_shells.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_shells.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_shells-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_shells.8.xml" xpointer='xpointer(//refsect1[@id = "pam_shells-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_shells.8.xml" xpointer='xpointer(//refsect1[@id = "pam_shells-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_shells.8.xml" xpointer='xpointer(//refsect1[@id = "pam_shells-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_shells.8.xml" xpointer='xpointer(//refsect1[@id = "pam_shells-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_shells/pam_shells.8 b/Linux-PAM/modules/pam_shells/pam_shells.8
new file mode 100644
index 00000000..f41a1ed4
--- /dev/null
+++ b/Linux-PAM/modules/pam_shells/pam_shells.8
@@ -0,0 +1,59 @@
+.\" ** You probably do not want to edit this file directly **
+.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
+.\" Instead of manually editing it, you probably should edit the DocBook XML
+.\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
+.TH "PAM_SHELLS" "8" "06/06/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_shells \- PAM module to check for valid login shell
+.SH "SYNOPSIS"
+.HP 14
+\fBpam_shells.so\fR
+.SH "DESCRIPTION"
+.PP
+pam_shells is a PAM module that only allows access to the system if the users shell is listed in
+\fI/etc/shells\fR.
+.PP
+It also checks if
+\fI/etc/shells\fR
+is a plain file and not world writable.
+.SH "OPTIONS"
+.PP
+This module does not recognice any options.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The services
+\fBauth\fR
+and
+\fBaccount\fR
+are supported.
+.SH "RETURN VALUES"
+.TP
+PAM_AUTH_ERR
+Access to the system was denied.
+.TP
+PAM_SUCCESS
+The users login shell was listed as valid shell in
+\fI/etc/shells\fR.
+.TP
+PAM_SERVICE_ERR
+The module was not able to get the name of the user.
+.SH "EXAMPLES"
+.PP
+.nf
+auth required pam_shells.so
+
+.fi
+.sp
+.SH "SEE ALSO"
+.PP
+\fBshells\fR(5),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_shells was written by Erik Troan <ewt@redhat.com>.
diff --git a/Linux-PAM/modules/pam_shells/pam_shells.8.xml b/Linux-PAM/modules/pam_shells/pam_shells.8.xml
new file mode 100644
index 00000000..604e3572
--- /dev/null
+++ b/Linux-PAM/modules/pam_shells/pam_shells.8.xml
@@ -0,0 +1,117 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_shells">
+
+ <refmeta>
+ <refentrytitle>pam_shells</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_shells-name">
+ <refname>pam_shells</refname>
+ <refpurpose>PAM module to check for valid login shell</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_shells-cmdsynopsis">
+ <command>pam_shells.so</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_shells-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_shells is a PAM module that only allows access to the
+ system if the users shell is listed in <filename>/etc/shells</filename>.
+ </para>
+ <para>
+ It also checks if <filename>/etc/shells</filename> is a plain
+ file and not world writable.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_shells-options">
+
+ <title>OPTIONS</title>
+ <para> This module does not recognice any options.</para>
+ </refsect1>
+
+ <refsect1 id="pam_shells-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The services <option>auth</option> and <option>account</option>
+ are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_shells-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ Access to the system was denied.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The users login shell was listed as valid shell in
+ <filename>/etc/shells</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ The module was not able to get the name of the user.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_shells-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ <programlisting>
+auth required pam_shells.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_shells-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>shells</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_shells-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_shells was written by Erik Troan &lt;ewt@redhat.com&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_shells/pam_shells.c b/Linux-PAM/modules/pam_shells/pam_shells.c
index 64359eac..89fc297e 100644
--- a/Linux-PAM/modules/pam_shells/pam_shells.c
+++ b/Linux-PAM/modules/pam_shells/pam_shells.c
@@ -8,7 +8,7 @@
* This code shamelessly ripped from the pam_securetty module.
*/
-#define _BSD_SOURCE
+#include "config.h"
#include <pwd.h>
#include <stdarg.h>
@@ -31,22 +31,10 @@
#define PAM_SM_ACCOUNT
#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
-/* some syslogging */
-
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-shells", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
-static int perform_check(pam_handle_t *pamh, int flags)
+static int perform_check(pam_handle_t *pamh)
{
int retval = PAM_AUTH_ERR;
const char *userName;
@@ -73,28 +61,27 @@ static int perform_check(pam_handle_t *pamh, int flags)
return PAM_SERVICE_ERR;
}
- pw = _pammodutil_getpwnam(pamh, userName);
+ pw = pam_modutil_getpwnam(pamh, userName);
if (!pw) {
return PAM_AUTH_ERR; /* user doesn't exist */
}
userShell = pw->pw_shell;
if (stat(SHELL_FILE,&sb)) {
- _pam_log(LOG_ERR, "%s cannot be stat'd (it probably does not exist)",
- SHELL_FILE);
+ pam_syslog(pamh, LOG_ERR, "Cannot stat %s: %m", SHELL_FILE);
return PAM_AUTH_ERR; /* must have /etc/shells */
}
if ((sb.st_mode & S_IWOTH) || !S_ISREG(sb.st_mode)) {
- _pam_log(LOG_ERR, "%s is either world writable or not a normal file",
- SHELL_FILE);
+ pam_syslog(pamh, LOG_ERR,
+ "%s is either world writable or not a normal file",
+ SHELL_FILE);
return PAM_AUTH_ERR;
}
shellFile = fopen(SHELL_FILE,"r");
if (shellFile == NULL) { /* Check that we opened it successfully */
- _pam_log(LOG_ERR,
- "Error opening %s", SHELL_FILE);
+ pam_syslog(pamh, LOG_ERR, "Error opening %s: %m", SHELL_FILE);
return PAM_SERVICE_ERR;
}
@@ -118,14 +105,15 @@ static int perform_check(pam_handle_t *pamh, int flags)
/* --- authentication management functions (only) --- */
PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
- return perform_check(pamh, flags);
+ return perform_check(pamh);
}
PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,const char **argv)
+int pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
@@ -133,10 +121,10 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,const char **argv)
/* --- account management functions (only) --- */
PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
- return perform_check(pamh, flags);
+ return perform_check(pamh);
}
#ifdef PAM_STATIC
diff --git a/Linux-PAM/modules/pam_shells/tst-pam_shells b/Linux-PAM/modules/pam_shells/tst-pam_shells
new file mode 100755
index 00000000..dccc33d0
--- /dev/null
+++ b/Linux-PAM/modules/pam_shells/tst-pam_shells
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_shells.so
diff --git a/Linux-PAM/modules/pam_stress/Makefile b/Linux-PAM/modules/pam_stress/Makefile
deleted file mode 100644
index 3512c853..00000000
--- a/Linux-PAM/modules/pam_stress/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:05 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_stress
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_stress/Makefile.am b/Linux-PAM/modules/pam_stress/Makefile.am
new file mode 100644
index 00000000..64fe516f
--- /dev/null
+++ b/Linux-PAM/modules/pam_stress/Makefile.am
@@ -0,0 +1,20 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README tst-pam_stress
+
+TESTS = tst-pam_stress
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+securelib_LTLIBRARIES = pam_stress.la
diff --git a/Linux-PAM/modules/pam_stress/Makefile.in b/Linux-PAM/modules/pam_stress/Makefile.in
new file mode 100644
index 00000000..d1dca7bc
--- /dev/null
+++ b/Linux-PAM/modules/pam_stress/Makefile.in
@@ -0,0 +1,607 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_stress
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_stress_la_LIBADD =
+pam_stress_la_SOURCES = pam_stress.c
+pam_stress_la_OBJECTS = pam_stress.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_stress.c
+DIST_SOURCES = pam_stress.c
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README tst-pam_stress
+TESTS = tst-pam_stress
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_stress.la
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_stress/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_stress/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_stress.la: $(pam_stress_la_OBJECTS) $(pam_stress_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_stress_la_OBJECTS) $(pam_stress_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_stress.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-securelibLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-ps install-ps-am install-securelibLTLIBRARIES \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-securelibLTLIBRARIES
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_stress/pam_stress.c b/Linux-PAM/modules/pam_stress/pam_stress.c
index 2d361c3e..c254868f 100644
--- a/Linux-PAM/modules/pam_stress/pam_stress.c
+++ b/Linux-PAM/modules/pam_stress/pam_stress.c
@@ -1,11 +1,10 @@
-/* pam_stress module */
-
-/* $Id: pam_stress.c,v 1.4 2004/09/22 09:37:50 kukuk Exp $
+/*
+ * pam_stress module
*
* created by Andrew Morgan <morgan@linux.kernel.org> 1996/3/12
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdlib.h>
#include <stdio.h>
@@ -30,20 +29,7 @@
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-
-
-/* log errors */
-
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-stress", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
+#include <security/pam_ext.h>
/* ---------- */
@@ -68,22 +54,24 @@ static void _pam_log(int err, const char *format, ...)
/* some syslogging */
-static void _pam_report(int ctrl, const char *name, int flags,
- int argc, const char **argv)
+static void
+_pam_report (const pam_handle_t *pamh, int ctrl, const char *name,
+ int flags, int argc, const char **argv)
{
if (ctrl & PAM_ST_DEBUG) {
- _pam_log(LOG_DEBUG, "CALLED: %s", name);
- _pam_log(LOG_DEBUG, "FLAGS : 0%o%s", flags,
- (flags & PAM_SILENT) ? " (silent)":"");
- _pam_log(LOG_DEBUG, "CTRL = 0%o",ctrl);
- _pam_log(LOG_DEBUG, "ARGV :");
+ pam_syslog(pamh, LOG_DEBUG, "CALLED: %s", name);
+ pam_syslog(pamh, LOG_DEBUG, "FLAGS : 0%o%s",
+ flags, (flags & PAM_SILENT) ? " (silent)":"");
+ pam_syslog(pamh, LOG_DEBUG, "CTRL = 0%o", ctrl);
+ pam_syslog(pamh, LOG_DEBUG, "ARGV :");
while (argc--) {
- _pam_log(LOG_DEBUG, " \"%s\"", *argv++);
+ pam_syslog(pamh, LOG_DEBUG, " \"%s\"", *argv++);
}
}
}
-static int _pam_parse(int argc, const char **argv)
+static int
+_pam_parse (const pam_handle_t *pamh, int argc, const char **argv)
{
int ctrl=0;
@@ -120,7 +108,7 @@ static int _pam_parse(int argc, const char **argv)
ctrl |= PAM_ST_REQUIRE_PWD;
else {
- _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
@@ -132,18 +120,20 @@ static int converse(pam_handle_t *pamh, int nargs
, struct pam_response **response)
{
int retval;
- struct pam_conv *conv;
+ const void *void_conv;
+ const struct pam_conv *conv;
- retval = pam_get_item(pamh,PAM_CONV,(const void **)&conv);
+ retval = pam_get_item(pamh,PAM_CONV,&void_conv);
+ conv = void_conv;
if (retval == PAM_SUCCESS && conv) {
retval = conv->conv(nargs, (const struct pam_message **) message
, response, conv->appdata_ptr);
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_ERR,"(pam_stress) converse returned %d",retval);
- _pam_log(LOG_ERR,"that is: %s",pam_strerror(pamh, retval));
+ pam_syslog(pamh, LOG_ERR, "converse returned %d: %s",
+ retval, pam_strerror(pamh, retval));
}
} else {
- _pam_log(LOG_ERR,"(pam_stress) converse failed to get pam_conv");
+ pam_syslog(pamh, LOG_ERR, "converse failed to get pam_conv");
if (retval == PAM_SUCCESS)
retval = PAM_BAD_ITEM; /* conv was null */
}
@@ -156,16 +146,17 @@ static int converse(pam_handle_t *pamh, int nargs
static int stress_get_password(pam_handle_t *pamh, int flags
, int ctrl, char **password)
{
+ const void *pam_pass;
char *pass;
if ( (ctrl & (PAM_ST_TRY_PASS1|PAM_ST_USE_PASS1))
- && (pam_get_item(pamh,PAM_AUTHTOK,(const void **)&pass)
+ && (pam_get_item(pamh,PAM_AUTHTOK,&pam_pass)
== PAM_SUCCESS)
- && (pass != NULL) ) {
- if ((pass = strdup(pass)) == NULL)
+ && (pam_pass != NULL) ) {
+ if ((pass = strdup(pam_pass)) == NULL)
return PAM_BUF_ERR;
} else if ((ctrl & PAM_ST_USE_PASS1)) {
- _pam_log(LOG_WARNING, "pam_stress: no forwarded password");
+ pam_syslog(pamh, LOG_WARNING, "no forwarded password");
return PAM_PERM_DENIED;
} else { /* we will have to get one */
struct pam_message msg[1],*pmsg[1];
@@ -185,8 +176,8 @@ static int stress_get_password(pam_handle_t *pamh, int flags
if (resp) {
if ((resp[0].resp == NULL) && (ctrl & PAM_ST_DEBUG)) {
- _pam_log(LOG_DEBUG,
- "pam_sm_authenticate: NULL authtok given");
+ pam_syslog(pamh, LOG_DEBUG,
+ "pam_sm_authenticate: NULL authtok given");
}
if ((flags & PAM_DISALLOW_NULL_AUTHTOK)
&& resp[0].resp == NULL) {
@@ -197,9 +188,13 @@ static int stress_get_password(pam_handle_t *pamh, int flags
pass = resp[0].resp; /* remember this! */
resp[0].resp = NULL;
- } else if (ctrl & PAM_ST_DEBUG) {
- _pam_log(LOG_DEBUG,"pam_sm_authenticate: no error reported");
- _pam_log(LOG_DEBUG,"getting password, but NULL returned!?");
+ } else {
+ if (ctrl & PAM_ST_DEBUG) {
+ pam_syslog(pamh, LOG_DEBUG,
+ "pam_sm_authenticate: no error reported");
+ pam_syslog(pamh, LOG_DEBUG,
+ "getting password, but NULL returned!?");
+ }
return PAM_CONV_ERR;
}
if (resp)
@@ -213,7 +208,8 @@ static int stress_get_password(pam_handle_t *pamh, int flags
/* function to clean up data items */
-static void wipe_up(pam_handle_t *pamh, void *data, int error)
+static void
+wipe_up (pam_handle_t *pamh UNUSED, void *data, int error UNUSED)
{
free(data);
}
@@ -229,28 +225,30 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
D(("called."));
- ctrl = _pam_parse(argc,argv);
- _pam_report(ctrl, "pam_sm_authenticate", flags, argc, argv);
+ ctrl = _pam_parse(pamh, argc, argv);
+ _pam_report(pamh, ctrl, "pam_sm_authenticate", flags, argc, argv);
/* try to get the username */
retval = pam_get_user(pamh, &username, "username: ");
if (retval != PAM_SUCCESS || !username) {
- _pam_log(LOG_WARNING, "pam_sm_authenticate: failed to get username");
+ pam_syslog(pamh, LOG_WARNING,
+ "pam_sm_authenticate: failed to get username");
if (retval == PAM_SUCCESS)
retval = PAM_USER_UNKNOWN; /* username was null */
return retval;
}
else if ((ctrl & PAM_ST_DEBUG) && (retval == PAM_SUCCESS)) {
- _pam_log(LOG_DEBUG, "pam_sm_authenticate: username = %s", username);
+ pam_syslog(pamh, LOG_DEBUG,
+ "pam_sm_authenticate: username = %s", username);
}
/* now get the password */
retval = stress_get_password(pamh,flags,ctrl,&pass);
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_WARNING, "pam_sm_authenticate: "
- "failed to get a password");
+ pam_syslog(pamh, LOG_WARNING,
+ "pam_sm_authenticate: failed to get a password");
return retval;
}
@@ -261,18 +259,19 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
free(pass);
pass = NULL;
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_WARNING, "pam_sm_authenticate: "
- "failed to store new password");
+ pam_syslog(pamh, LOG_WARNING,
+ "pam_sm_authenticate: failed to store new password");
return retval;
}
/* if we are debugging then we print the password */
if (ctrl & PAM_ST_DEBUG) {
- (void) pam_get_item(pamh,PAM_AUTHTOK,(const void **)&pass);
- _pam_log(LOG_DEBUG,
- "pam_st_authenticate: password entered is: [%s]\n",pass);
- pass = NULL;
+ const void *pam_pass;
+ (void) pam_get_item(pamh,PAM_AUTHTOK,&pam_pass);
+ pam_syslog(pamh, LOG_DEBUG,
+ "pam_st_authenticate: password entered is: [%s]",
+ (const char *)pam_pass);
}
/* if we signal a fail for this function then fail */
@@ -287,11 +286,11 @@ PAM_EXTERN
int pam_sm_setcred(pam_handle_t *pamh, int flags,
int argc, const char **argv)
{
- int ctrl = _pam_parse(argc,argv);
+ int ctrl = _pam_parse(pamh, argc, argv);
D(("called. [post parsing]"));
- _pam_report(ctrl, "pam_sm_setcred", flags, argc, argv);
+ _pam_report(pamh, ctrl, "pam_sm_setcred", flags, argc, argv);
if (ctrl & PAM_ST_FAIL_2)
return PAM_CRED_ERR;
@@ -305,11 +304,11 @@ PAM_EXTERN
int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
int argc, const char **argv)
{
- int ctrl = _pam_parse(argc,argv);
+ int ctrl = _pam_parse(pamh, argc, argv);
D(("called. [post parsing]"));
- _pam_report(ctrl,"pam_sm_acct_mgmt", flags, argc, argv);
+ _pam_report(pamh, ctrl,"pam_sm_acct_mgmt", flags, argc, argv);
if (ctrl & PAM_ST_FAIL_1)
return PAM_PERM_DENIED;
@@ -320,14 +319,15 @@ int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
return PAM_BUF_ERR;
retval = pam_set_data(pamh,"stress_new_pwd",text,wipe_up);
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_DEBUG,
- "pam_sm_acct_mgmt: failed setting stress_new_pwd");
+ pam_syslog(pamh, LOG_DEBUG,
+ "pam_sm_acct_mgmt: failed setting stress_new_pwd");
free(text);
return retval;
}
if (ctrl & PAM_ST_DEBUG) {
- _pam_log(LOG_DEBUG,"pam_sm_acct_mgmt: need a new password");
+ pam_syslog(pamh, LOG_DEBUG,
+ "pam_sm_acct_mgmt: need a new password");
}
return PAM_NEW_AUTHTOK_REQD;
}
@@ -339,23 +339,23 @@ PAM_EXTERN
int pam_sm_open_session(pam_handle_t *pamh, int flags,
int argc, const char **argv)
{
- char *username,*service;
- int ctrl = _pam_parse(argc,argv);
+ const void *username, *service;
+ int ctrl = _pam_parse(pamh, argc, argv);
D(("called. [post parsing]"));
- _pam_report(ctrl,"pam_sm_open_session", flags, argc, argv);
+ _pam_report(pamh, ctrl,"pam_sm_open_session", flags, argc, argv);
- if ((pam_get_item(pamh, PAM_USER, (const void **) &username)
+ if ((pam_get_item(pamh, PAM_USER, &username)
!= PAM_SUCCESS || !username)
- || (pam_get_item(pamh, PAM_SERVICE, (const void **) &service)
+ || (pam_get_item(pamh, PAM_SERVICE, &service)
!= PAM_SUCCESS || !service)) {
- _pam_log(LOG_WARNING,"pam_sm_open_session: for whom?");
+ pam_syslog(pamh, LOG_WARNING, "pam_sm_open_session: for whom?");
return PAM_SESSION_ERR;
}
- _pam_log(LOG_NOTICE,"pam_stress: opened [%s] session for user [%s]"
- , service, username);
+ pam_syslog(pamh, LOG_NOTICE, "opened [%s] session for user [%s]",
+ (const char *)service, (const char *)username);
if (ctrl & PAM_ST_FAIL_1)
return PAM_SESSION_ERR;
@@ -367,23 +367,23 @@ PAM_EXTERN
int pam_sm_close_session(pam_handle_t *pamh, int flags,
int argc, const char **argv)
{
- const char *username,*service;
- int ctrl = _pam_parse(argc,argv);
+ const void *username, *service;
+ int ctrl = _pam_parse(pamh, argc, argv);
D(("called. [post parsing]"));
- _pam_report(ctrl,"pam_sm_close_session", flags, argc, argv);
+ _pam_report(pamh, ctrl,"pam_sm_close_session", flags, argc, argv);
- if ((pam_get_item(pamh, PAM_USER, (const void **)&username)
+ if ((pam_get_item(pamh, PAM_USER, &username)
!= PAM_SUCCESS || !username)
- || (pam_get_item(pamh, PAM_SERVICE, (const void **)&service)
+ || (pam_get_item(pamh, PAM_SERVICE, &service)
!= PAM_SUCCESS || !service)) {
- _pam_log(LOG_WARNING,"pam_sm_close_session: for whom?");
+ pam_syslog(pamh, LOG_WARNING, "pam_sm_close_session: for whom?");
return PAM_SESSION_ERR;
}
- _pam_log(LOG_NOTICE,"pam_stress: closed [%s] session for user [%s]"
- , service, username);
+ pam_syslog(pamh, LOG_NOTICE, "closed [%s] session for user [%s]",
+ (const char *)service, (const char *)username);
if (ctrl & PAM_ST_FAIL_2)
return PAM_SESSION_ERR;
@@ -396,17 +396,17 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
int argc, const char **argv)
{
int retval;
- int ctrl = _pam_parse(argc,argv);
+ int ctrl = _pam_parse(pamh, argc, argv);
D(("called. [post parsing]"));
- _pam_report(ctrl,"pam_sm_chauthtok", flags, argc, argv);
+ _pam_report(pamh, ctrl,"pam_sm_chauthtok", flags, argc, argv);
/* this function should be called twice by the Linux-PAM library */
if (flags & PAM_PRELIM_CHECK) { /* first call */
if (ctrl & PAM_ST_DEBUG) {
- _pam_log(LOG_DEBUG,"pam_sm_chauthtok: prelim check");
+ pam_syslog(pamh, LOG_DEBUG, "pam_sm_chauthtok: prelim check");
}
if (ctrl & PAM_ST_PRELIM)
return PAM_TRY_AGAIN;
@@ -415,12 +415,12 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
} else if (flags & PAM_UPDATE_AUTHTOK) { /* second call */
struct pam_message msg[3],*pmsg[3];
struct pam_response *resp;
- const char *text;
+ const void *text;
char *txt=NULL;
int i;
if (ctrl & PAM_ST_DEBUG) {
- _pam_log(LOG_DEBUG,"pam_sm_chauthtok: alter password");
+ pam_syslog(pamh, LOG_DEBUG, "pam_sm_chauthtok: alter password");
}
if (ctrl & PAM_ST_FAIL_1)
@@ -428,7 +428,7 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
if ( !(ctrl && PAM_ST_EXPIRED)
&& (flags & PAM_CHANGE_EXPIRED_AUTHTOK)
- && (pam_get_data(pamh,"stress_new_pwd",(const void **)&text)
+ && (pam_get_data(pamh,"stress_new_pwd", &text)
!= PAM_SUCCESS || strcmp(text,"yes"))) {
return PAM_SUCCESS; /* the token has not expired */
}
@@ -441,13 +441,13 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
char *pass;
if (ctrl & PAM_ST_DEBUG) {
- _pam_log(LOG_DEBUG
- ,"pam_sm_chauthtok: getting old password");
+ pam_syslog(pamh, LOG_DEBUG,
+ "pam_sm_chauthtok: getting old password");
}
retval = stress_get_password(pamh,flags,ctrl,&pass);
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_DEBUG
- ,"pam_sm_chauthtok: no password obtained");
+ pam_syslog(pamh, LOG_DEBUG,
+ "pam_sm_chauthtok: no password obtained");
return retval;
}
retval = pam_set_item(pamh, PAM_OLDAUTHTOK, pass);
@@ -455,8 +455,8 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
free(pass);
pass = NULL;
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_DEBUG
- ,"pam_sm_chauthtok: could not set OLDAUTHTOK");
+ pam_syslog(pamh, LOG_DEBUG,
+ "pam_sm_chauthtok: could not set OLDAUTHTOK");
return retval;
}
}
@@ -464,21 +464,21 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
/* set up for conversation */
if (!(flags & PAM_SILENT)) {
- char *username;
+ const void *username;
- if ( pam_get_item(pamh, PAM_USER, (const void **)&username)
+ if ( pam_get_item(pamh, PAM_USER, &username)
|| username == NULL ) {
- _pam_log(LOG_ERR,"no username set");
+ pam_syslog(pamh, LOG_ERR, "no username set");
return PAM_USER_UNKNOWN;
}
pmsg[0] = &msg[0];
msg[0].msg_style = PAM_TEXT_INFO;
-#define _LOCAL_STRESS_COMMENT "Changing STRESS password for "
- txt = (char *) malloc(sizeof(_LOCAL_STRESS_COMMENT)
- +strlen(username)+1);
- strcpy(txt, _LOCAL_STRESS_COMMENT);
-#undef _LOCAL_STRESS_COMMENT
- strcat(txt, username);
+ if (asprintf(&txt, _("Changing STRESS password for %s."),
+ (const char *)username) < 0) {
+ pam_syslog(pamh, LOG_CRIT, "out of memory");
+ return PAM_BUF_ERR;
+ }
+
msg[0].msg = txt;
i = 1;
} else {
@@ -487,10 +487,10 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
pmsg[i] = &msg[i];
msg[i].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[i++].msg = "Enter new STRESS password: ";
+ msg[i++].msg = _("Enter new STRESS password: ");
pmsg[i] = &msg[i];
msg[i].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[i++].msg = "Retype new STRESS password: ";
+ msg[i++].msg = _("Retype new STRESS password: ");
resp = NULL;
retval = converse(pamh,i,pmsg,&resp);
@@ -503,7 +503,8 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
}
if (resp == NULL) {
- _pam_log(LOG_ERR, "pam_sm_chauthtok: no response from conv");
+ pam_syslog(pamh, LOG_ERR,
+ "pam_sm_chauthtok: no response from conv");
return PAM_CONV_ERR;
}
@@ -518,8 +519,8 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
if (!(flags & PAM_SILENT) && !(ctrl & PAM_ST_NO_WARN)) {
pmsg[0] = &msg[0];
msg[0].msg_style = PAM_ERROR_MSG;
- msg[0].msg = "Verification mis-typed; "
- "password unchanged";
+ msg[0].msg = _("Verification mis-typed; "
+ "password unchanged");
resp = NULL;
(void) converse(pamh,1,pmsg,&resp);
if (resp) {
@@ -529,20 +530,22 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
return PAM_AUTHTOK_ERR;
}
- if (pam_get_item(pamh,PAM_AUTHTOK,(const void **)&text)
+ if (pam_get_item(pamh,PAM_AUTHTOK,&text)
== PAM_SUCCESS) {
(void) pam_set_item(pamh,PAM_OLDAUTHTOK,text);
text = NULL;
}
(void) pam_set_item(pamh,PAM_AUTHTOK,resp[0].resp);
} else {
- _pam_log(LOG_DEBUG,"pam_sm_chauthtok: problem with resp");
+ pam_syslog(pamh, LOG_DEBUG,
+ "pam_sm_chauthtok: problem with resp");
retval = PAM_SYSTEM_ERR;
}
_pam_drop_reply(resp, i); /* clean up the passwords */
} else {
- _pam_log(LOG_ERR,"pam_sm_chauthtok: this must be a Linux-PAM error");
+ pam_syslog(pamh, LOG_ERR,
+ "pam_sm_chauthtok: this must be a Linux-PAM error");
return PAM_SYSTEM_ERR;
}
diff --git a/Linux-PAM/modules/pam_stress/tst-pam_stress b/Linux-PAM/modules/pam_stress/tst-pam_stress
new file mode 100755
index 00000000..24be7560
--- /dev/null
+++ b/Linux-PAM/modules/pam_stress/tst-pam_stress
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_stress.so
diff --git a/Linux-PAM/modules/pam_succeed_if/Makefile b/Linux-PAM/modules/pam_succeed_if/Makefile
deleted file mode 100644
index cea9be3b..00000000
--- a/Linux-PAM/modules/pam_succeed_if/Makefile
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-# $Id: Makefile,v 1.1 2004/09/24 11:42:39 kukuk Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_succeed_if
-MAN8=$(TITLE).8
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_succeed_if/Makefile.am b/Linux-PAM/modules/pam_succeed_if/Makefile.am
new file mode 100644
index 00000000..d97f4c1d
--- /dev/null
+++ b/Linux-PAM/modules/pam_succeed_if/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README ${MANS} ${XMLS} tst-pam_succeed_if
+
+TESTS = tst-pam_succeed_if
+
+man_MANS = pam_succeed_if.8
+
+XMLS = README.xml pam_succeed_if.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_succeed_if.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_succeed_if.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
diff --git a/Linux-PAM/modules/pam_succeed_if/Makefile.in b/Linux-PAM/modules/pam_succeed_if/Makefile.in
new file mode 100644
index 00000000..a5090537
--- /dev/null
+++ b/Linux-PAM/modules/pam_succeed_if/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_succeed_if
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_succeed_if_la_LIBADD =
+pam_succeed_if_la_SOURCES = pam_succeed_if.c
+pam_succeed_if_la_OBJECTS = pam_succeed_if.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_succeed_if.c
+DIST_SOURCES = pam_succeed_if.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README ${MANS} ${XMLS} tst-pam_succeed_if
+TESTS = tst-pam_succeed_if
+man_MANS = pam_succeed_if.8
+XMLS = README.xml pam_succeed_if.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_succeed_if.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_succeed_if/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_succeed_if/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_succeed_if.la: $(pam_succeed_if_la_OBJECTS) $(pam_succeed_if_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_succeed_if_la_OBJECTS) $(pam_succeed_if_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_succeed_if.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_succeed_if.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_succeed_if/README b/Linux-PAM/modules/pam_succeed_if/README
index fdb278ef..4516a9d1 100644
--- a/Linux-PAM/modules/pam_succeed_if/README
+++ b/Linux-PAM/modules/pam_succeed_if/README
@@ -1,68 +1,124 @@
-pam_succeed_if:
- Succeed or fail based on account characteristics.
-
- pam_succeed_if.so is designed to succeed or fail authentication based
- on characteristics of the account belonging to the user being
- authenticated.
-
- The module can be given one or more conditions as module arguments, and
- authentication will succeed only if all of the conditions are met.
-
- Conditions are expressed in the form
-
- ATTRIBUTE OPERATOR VALUE
-
- Recognized attributes:
-
- LOGIN - The user's login name.
- UID - The user's UID.
- GID - The user's primary GID.
- SHELL - The user's shell.
- HOME - The user's home directory.
-
- Recognized operators:
-
- < - Arithmetic less-than.
- <= - Arithmetic less-than-or-equal-to.
- > - Arithmetic greater-than.
- >= - Arithmetic greater-than-or-equal-to.
- eq - Arithmetic equality.
- = - String equality.
- ne - Arithmetic inequality.
- != - String inequality.
- =~ - Wildcard match.
- !~ - Wildcard mismatch.
- ingroup - Group membership check. [*]
- notingroup - Group non-membership check. [*]
-
- * The "ingroup" and "notingroup" operators should only be
- used with the USER attribute.
-
- Examples:
-
- Deny authentication to all users except those in the wheel
- group, before even asking for a password:
- auth requisite pam_succeed_if.so user ingroup wheel
-
- Assume all users with UID less than 500 ("system users") have
- valid accounts.
- account sufficient pam_succeed_if.so uid < 500
-
- Deny login to all nologin users.
- auth requisite pam_succeed_if.so shell !~ nologin
-
-RECOGNIZED ARGUMENTS:
- debug write debugging messages to syslog
- use_uid perform checks on the account of the user under whose
- UID the application is running instead of the user
- being authenticated
- quiet don't log failure or success to syslog
- quiet_fail don't log failure to syslog
- quiet_success don't log success to syslog
-
-
-MODULE SERVICES PROVIDED:
- authentication, account management
-
-AUTHOR:
- Nalin Dahyabhai <nalin@redhat.com>
+pam_succeed_if — test account characteristics
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_succeed_if.so is designed to succeed or fail authentication based on
+characteristics of the account belonging to the user being authenticated. One
+use is to select whether to load other modules based on this test.
+
+The module should be given one or more conditions as module arguments, and
+authentication will succeed only if all of the conditions are met.
+
+OPTIONS
+
+The following flags are supported:
+
+debug
+
+ Turns on debugging messages sent to syslog.
+
+use_uid
+
+ Evaluate conditions using the account of the user whose UID the application
+ is running under instead of the user being authenticated.
+
+quiet
+
+ Don't log failure or success to the system log.
+
+quiet_fail
+
+ Don't log failure to the system log.
+
+quiet_success
+
+ Don't log success to the system log.
+
+Conditions are three words: a field, a test, and a value to test for.
+
+Available fields are user, uid, gid, shell, home and service:
+
+field < number
+
+ Field has a value numerically less than number.
+
+field <= number
+
+ Field has a value numerically less than or equal to number.
+
+field eq number
+
+ Field has a value numerically less equal to number.
+
+field >= number
+
+ Field has a value numerically greater than or equal to number.
+
+field > number
+
+ Field has a value numerically greater than number.
+
+field ne number
+
+ Field has a value numerically different from number.
+
+field = string
+
+ Field exactly matches the given string.
+
+field != string
+
+ Field does not match the given string.
+
+field =~ glob
+
+ Field matches the given glob.
+
+field !~ glob
+
+ Field does not match the given glob.
+
+field in item:item:...
+
+ Field is contained in the list of items separated by colons.
+
+field notin item:item:...
+
+ Field is not contained in the list of items separated by colons.
+
+user ingroup group
+
+ User is in given group.
+
+user notingroup group
+
+ User is not in given group.
+
+user innetgr netgroup
+
+ (user,host) is in given netgroup.
+
+user notinnetgr group
+
+ (user,host) is not in given netgroup.
+
+EXAMPLES
+
+To emulate the behaviour of pam_wheel, except there is no fallback to group 0:
+
+auth required pam_succeed_if.so quiet user ingroup wheel
+
+
+Given that the type matches, only loads the othermodule rule if the UID is over
+500. Adjust the number after default to skip several rules.
+
+type [default=1 success=ignore] pam_succeed_if.so quiet uid > 500
+type required othermodule.so arguments...
+
+
+AUTHOR
+
+Nalin Dahyabhai <nalin@redhat.com>
+
diff --git a/Linux-PAM/modules/pam_succeed_if/README.xml b/Linux-PAM/modules/pam_succeed_if/README.xml
new file mode 100644
index 00000000..c52f00a0
--- /dev/null
+++ b/Linux-PAM/modules/pam_succeed_if/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_succeed_if.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_succeed_if.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_succeed_if-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_succeed_if.8.xml" xpointer='xpointer(//refsect1[@id = "pam_succeed_if-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_succeed_if.8.xml" xpointer='xpointer(//refsect1[@id = "pam_succeed_if-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_succeed_if.8.xml" xpointer='xpointer(//refsect1[@id = "pam_succeed_if-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_succeed_if.8.xml" xpointer='xpointer(//refsect1[@id = "pam_succeed_if-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.8 b/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.8
index da95a033..30af456c 100644
--- a/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.8
+++ b/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.8
@@ -1,37 +1,143 @@
-.\" Copyright 2003, 2004 Red Hat, Inc.
-.\" Written by Nalin Dahyabhai <nalin@redhat.com>
-.TH pam_succeed_if 8 2004/12/27 "Linux-PAM" "System Administrator's Manual"
-
-.SH NAME
-pam_succeed_if \- succeed or fail based on account characteristics
-
-.SH SYNOPSIS
-.B account sufficient pam_succeed_if.so uid < 500
-
-.SH DESCRIPTION
-pam_succeed_if.so is designed to succeed or fail authentication based on
-characteristics of the account belonging to the user being authenticated.
-
-The module can be given one or more conditions as module arguments, and
-authentication will succeed only if all of the conditions are met.
-
-.SH ARGUMENTS
-.IP debug
+.\" Title: pam_succeed_if
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets vsnapshot_2006\-08\-24_0226 <http://docbook.sf.net/>
+.\" Date: 08/31/2006
+.\" Manual: Linux\-PAM
+.\" Source: Linux\-PAM
+.\"
+.TH "PAM_SUCCEED_IF" "8" "08/31/2006" "Linux\-PAM" "Linux\-PAM"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_succeed_if \- test account characteristics
+.SH "SYNOPSIS"
+.HP 18
+\fBpam_succeed_if.so\fR [\fIflag\fR...] [\fIcondition\fR...]
+.SH "DESCRIPTION"
+.PP
+pam_succeed_if.so is designed to succeed or fail authentication based on characteristics of the account belonging to the user being authenticated. One use is to select whether to load other modules based on this test.
+.PP
+The module should be given one or more conditions as module arguments, and authentication will succeed only if all of the conditions are met.
+.SH "OPTIONS"
+.PP
+The following
+\fIflag\fRs are supported:
+.TP 3n
+\fBdebug\fR
Turns on debugging messages sent to syslog.
-.IP use_uid
-Evaluate conditions using the account of the user whose UID the application
-is running under instead of the user being authenticated.
-.IP quiet
+.TP 3n
+\fBuse_uid\fR
+Evaluate conditions using the account of the user whose UID the application is running under instead of the user being authenticated.
+.TP 3n
+\fBquiet\fR
Don't log failure or success to the system log.
-.IP quiet_fail
+.TP 3n
+\fBquiet_fail\fR
Don't log failure to the system log.
-.IP quiet_success
+.TP 3n
+\fBquiet_success\fR
Don't log success to the system log.
+.PP
+\fICondition\fRs are three words: a field, a test, and a value to test for.
+.PP
+Available fields are
+\fIuser\fR,
+\fIuid\fR,
+\fIgid\fR,
+\fIshell\fR,
+\fIhome\fR
+and
+\fIservice\fR:
+.TP 3n
+\fBfield < number\fR
+Field has a value numerically less than number.
+.TP 3n
+\fBfield <= number\fR
+Field has a value numerically less than or equal to number.
+.TP 3n
+\fBfield eq number\fR
+Field has a value numerically less equal to number.
+.TP 3n
+\fBfield >= number\fR
+Field has a value numerically greater than or equal to number.
+.TP 3n
+\fBfield > number\fR
+Field has a value numerically greater than number.
+.TP 3n
+\fBfield ne number\fR
+Field has a value numerically different from number.
+.TP 3n
+\fBfield = string\fR
+Field exactly matches the given string.
+.TP 3n
+\fBfield != string\fR
+Field does not match the given string.
+.TP 3n
+\fBfield =~ glob\fR
+Field matches the given glob.
+.TP 3n
+\fBfield !~ glob\fR
+Field does not match the given glob.
+.TP 3n
+\fBfield in item:item:...\fR
+Field is contained in the list of items separated by colons.
+.TP 3n
+\fBfield notin item:item:...\fR
+Field is not contained in the list of items separated by colons.
+.TP 3n
+\fBuser ingroup group\fR
+User is in given group.
+.TP 3n
+\fBuser notingroup group\fR
+User is not in given group.
+.TP 3n
+\fBuser innetgr netgroup\fR
+(user,host) is in given netgroup.
+.TP 3n
+\fBuser notinnetgr group\fR
+(user,host) is not in given netgroup.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+All services are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+The condition was true.
+.TP 3n
+PAM_AUTH_ERR
+The condition was false.
+.TP 3n
+PAM_SERVICE_ERR
+A service error occured or the arguments can't be parsed as numbers.
+.SH "EXAMPLES"
+.PP
+To emulate the behaviour of
+\fIpam_wheel\fR, except there is no fallback to group 0:
+.sp
+.RS 3n
+.nf
+auth required pam_succeed_if.so quiet user ingroup wheel
+
+.fi
+.RE
+.PP
+Given that the type matches, only loads the othermodule rule if the UID is over 500. Adjust the number after default to skip several rules.
+.sp
+.RS 3n
+.nf
+type [default=1 success=ignore] pam_succeed_if.so quiet uid > 500
+type required othermodule.so arguments...
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
-.SH BUGS
-Let's hope not, but if you find any, please report them via the "Bug Track"
-link at http://bugzilla.redhat.com/bugzilla/
-
-.SH AUTHOR
+\fBglob\fR(7),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
Nalin Dahyabhai <nalin@redhat.com>
diff --git a/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.8.xml b/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.8.xml
new file mode 100644
index 00000000..b7ad29e6
--- /dev/null
+++ b/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.8.xml
@@ -0,0 +1,297 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+
+<refentry id='pam_succeed_if'>
+<!-- Copyright 2003, 2004 Red Hat, Inc. -->
+<!-- Written by Nalin Dahyabhai &lt;nalin@redhat.com&gt; -->
+
+ <refmeta>
+ <refentrytitle>pam_succeed_if</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class='sectdesc'>Linux-PAM</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_succeed_if-name'>
+ <refname>pam_succeed_if</refname>
+ <refpurpose>test account characteristics</refpurpose>
+ </refnamediv>
+
+
+ <refsynopsisdiv>
+ <cmdsynopsis id='pam_succeed_if-cmdsynopsis'>
+ <command>pam_succeed_if.so</command>
+ <arg choice='opt' rep='repeat'><replaceable>flag</replaceable></arg>
+ <arg choice='opt' rep='repeat'><replaceable>condition</replaceable></arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id='pam_succeed_if-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ pam_succeed_if.so is designed to succeed or fail authentication
+ based on characteristics of the account belonging to the user being
+ authenticated. One use is to select whether to load other modules based
+ on this test.
+ </para>
+
+ <para>
+ The module should be given one or more conditions as module arguments,
+ and authentication will succeed only if all of the conditions are met.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_succeed_if-options">
+ <title>OPTIONS</title>
+ <para>
+ The following <emphasis>flag</emphasis>s are supported:
+ </para>
+
+ <variablelist>
+ <varlistentry>
+ <term><option>debug</option></term>
+ <listitem>
+ <para>Turns on debugging messages sent to syslog.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>use_uid</option></term>
+ <listitem>
+ <para>
+ Evaluate conditions using the account of the user whose UID
+ the application is running under instead of the user being
+ authenticated.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>quiet</option></term>
+ <listitem>
+ <para>Don't log failure or success to the system log.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>quiet_fail</option></term>
+ <listitem>
+ <para>
+ Don't log failure to the system log.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>quiet_success</option></term>
+ <listitem>
+ <para>
+ Don't log success to the system log.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ <emphasis>Condition</emphasis>s are three words: a field, a test,
+ and a value to test for.
+ </para>
+ <para>
+ Available fields are <emphasis>user</emphasis>,
+ <emphasis>uid</emphasis>, <emphasis>gid</emphasis>,
+ <emphasis>shell</emphasis>, <emphasis>home</emphasis>
+ and <emphasis>service</emphasis>:
+ </para>
+
+ <variablelist>
+ <varlistentry>
+ <term><option>field &lt; number</option></term>
+ <listitem>
+ <para>Field has a value numerically less than number.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field &lt;= number</option></term>
+ <listitem>
+ <para>
+ Field has a value numerically less than or equal to number.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field eq number</option></term>
+ <listitem>
+ <para>
+ Field has a value numerically less equal to number.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field &gt;= number</option></term>
+ <listitem>
+ <para>
+ Field has a value numerically greater than or equal to number.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field &gt; number</option></term>
+ <listitem>
+ <para>
+ Field has a value numerically greater than number.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field ne number</option></term>
+ <listitem>
+ <para>
+ Field has a value numerically different from number.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field = string</option></term>
+ <listitem>
+ <para>
+ Field exactly matches the given string.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field != string</option></term>
+ <listitem>
+ <para>
+ Field does not match the given string.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field =~ glob</option></term>
+ <listitem>
+ <para>Field matches the given glob.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field !~ glob</option></term>
+ <listitem>
+ <para>Field does not match the given glob.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field in item:item:...</option></term>
+ <listitem>
+ <para>Field is contained in the list of items separated by colons.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>field notin item:item:...</option></term>
+ <listitem>
+ <para>Field is not contained in the list of items separated by colons.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>user ingroup group</option></term>
+ <listitem>
+ <para>User is in given group.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>user notingroup group</option></term>
+ <listitem>
+ <para>User is not in given group.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>user innetgr netgroup</option></term>
+ <listitem>
+ <para>(user,host) is in given netgroup.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>user notinnetgr group</option></term>
+ <listitem>
+ <para>(user,host) is not in given netgroup.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_succeed_if-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ All services are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_succeed_if-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The condition was true.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ The condition was false.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ A service error occured or the arguments can't be
+ parsed as numbers.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+
+ <refsect1 id='pam_succeed_if-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ To emulate the behaviour of <emphasis>pam_wheel</emphasis>, except
+ there is no fallback to group 0:
+ </para>
+ <programlisting>
+auth required pam_succeed_if.so quiet user ingroup wheel
+ </programlisting>
+
+ <para>
+ Given that the type matches, only loads the othermodule rule if
+ the UID is over 500. Adjust the number after default to skip
+ several rules.
+ </para>
+ <programlisting>
+type [default=1 success=ignore] pam_succeed_if.so quiet uid &gt; 500
+type required othermodule.so arguments...
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id='pam_succeed_if-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>glob</refentrytitle><manvolnum>7</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_succeed_if-author'>
+ <title>AUTHOR</title>
+ <para>Nalin Dahyabhai &lt;nalin@redhat.com&gt;</para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.c b/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.c
index 23974afa..4f33ba2e 100644
--- a/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.c
+++ b/Linux-PAM/modules/pam_succeed_if/pam_succeed_if.c
@@ -37,7 +37,7 @@
*
*/
-#define _GNU_SOURCE
+#include "config.h"
#include <sys/types.h>
#include <errno.h>
@@ -52,34 +52,23 @@
#include <unistd.h>
#include <pwd.h>
#include <grp.h>
-#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
+#include <netdb.h>
-#define MODULE "pam_succeed_if"
+#define PAM_SM_AUTH
+#define PAM_SM_ACCOUNT
+#define PAM_SM_SESSION
+#define PAM_SM_PASSWORD
-static void
-log_error(int priority, const char *fmt, ...)
-{
- va_list va;
- char *fmt2;
- fmt2 = malloc(strlen(fmt) + strlen(MODULE) + 3);
- va_start(va, fmt);
- if (fmt2 == NULL) {
- vsyslog(LOG_AUTHPRIV | priority, fmt, va);
- } else {
- snprintf(fmt2, strlen(fmt) + strlen(MODULE) + 3,
- "%s: %s", MODULE, fmt);
- vsyslog(LOG_AUTHPRIV | priority, fmt2, va);
- free(fmt2);
- }
- va_end(va);
-}
+#include <security/pam_modules.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/* Basically, run cmp(atol(left), atol(right)), returning PAM_SUCCESS if
* the function returns non-zero, PAM_AUTH_ERR if it returns zero, and
- * PAM_SYSTEM_ERR if the arguments can't be parsed as numbers. */
+ * PAM_SERVICE_ERR if the arguments can't be parsed as numbers. */
static int
-evaluate_num(const char *left, const char *right, int (*cmp)(int, int))
+evaluate_num(const pam_handle_t *pamh, const char *left,
+ const char *right, int (*cmp)(int, int))
{
long l, r;
char *p;
@@ -88,20 +77,20 @@ evaluate_num(const char *left, const char *right, int (*cmp)(int, int))
errno = 0;
l = strtol(left, &p, 0);
if ((p == NULL) || (*p != '\0') || errno) {
- log_error(LOG_INFO, "\"%s\" is not a number", left);
+ pam_syslog(pamh, LOG_INFO, "\"%s\" is not a number", left);
ret = PAM_SERVICE_ERR;
}
r = strtol(right, &p, 0);
if ((p == NULL) || (*p != '\0') || errno) {
- log_error(LOG_INFO, "\"%s\" is not a number", right);
+ pam_syslog(pamh, LOG_INFO, "\"%s\" is not a number", right);
ret = PAM_SERVICE_ERR;
}
if (ret != PAM_SUCCESS) {
return ret;
}
-
+
return cmp(l, r) ? PAM_SUCCESS : PAM_AUTH_ERR;
}
@@ -139,9 +128,9 @@ ge(int i, int j)
/* Test for numeric equality. */
static int
-evaluate_eqn(const char *left, const char *right)
+evaluate_eqn(const pam_handle_t *pamh, const char *left, const char *right)
{
- return evaluate_num(left, right, eq);
+ return evaluate_num(pamh, left, right, eq);
}
/* Test for string equality. */
static int
@@ -151,9 +140,9 @@ evaluate_eqs(const char *left, const char *right)
}
/* Test for numeric inequality. */
static int
-evaluate_nen(const char *left, const char *right)
+evaluate_nen(const pam_handle_t *pamh, const char *left, const char *right)
{
- return evaluate_num(left, right, ne);
+ return evaluate_num(pamh, left, right, ne);
}
/* Test for string inequality. */
static int
@@ -163,27 +152,27 @@ evaluate_nes(const char *left, const char *right)
}
/* Test for numeric less-than-ness(?) */
static int
-evaluate_lt(const char *left, const char *right)
+evaluate_lt(const pam_handle_t *pamh, const char *left, const char *right)
{
- return evaluate_num(left, right, lt);
+ return evaluate_num(pamh, left, right, lt);
}
/* Test for numeric less-than-or-equal-ness(?) */
static int
-evaluate_le(const char *left, const char *right)
+evaluate_le(const pam_handle_t *pamh, const char *left, const char *right)
{
- return evaluate_num(left, right, le);
+ return evaluate_num(pamh, left, right, le);
}
/* Test for numeric greater-than-ness(?) */
static int
-evaluate_gt(const char *left, const char *right)
+evaluate_gt(const pam_handle_t *pamh, const char *left, const char *right)
{
- return evaluate_num(left, right, gt);
+ return evaluate_num(pamh, left, right, gt);
}
/* Test for numeric greater-than-or-equal-ness(?) */
static int
-evaluate_ge(const char *left, const char *right)
+evaluate_ge(const pam_handle_t *pamh, const char *left, const char *right)
{
- return evaluate_num(left, right, ge);
+ return evaluate_num(pamh, left, right, ge);
}
/* Check for file glob match. */
static int
@@ -197,34 +186,57 @@ evaluate_noglob(const char *left, const char *right)
{
return (fnmatch(right, left, 0) != 0) ? PAM_SUCCESS : PAM_AUTH_ERR;
}
+/* Check for list match. */
+static int
+evaluate_inlist(const char *left, const char *right)
+{
+ char *p;
+ if ((p=strstr(right, left)) == NULL)
+ return PAM_AUTH_ERR;
+ if (p == right || *(p-1) == ':') { /* ':' is a list separator */
+ p += strlen(left);
+ if (*p == '\0' || *p == ':') {
+ return PAM_SUCCESS;
+ }
+ }
+ return PAM_AUTH_ERR;
+}
+/* Check for list mismatch. */
+static int
+evaluate_notinlist(const char *left, const char *right)
+{
+ return evaluate_inlist(left, right) != PAM_SUCCESS ? PAM_SUCCESS : PAM_AUTH_ERR;
+}
/* Return PAM_SUCCESS if the user is in the group. */
static int
evaluate_ingroup(pam_handle_t *pamh, const char *user, const char *group)
{
- int ret;
- ret = _pammodutil_user_in_group_nam_nam(pamh, user, group);
- switch (ret) {
- case 1:
+ if (pam_modutil_user_in_group_nam_nam(pamh, user, group) == 1)
return PAM_SUCCESS;
- break;
- default:
- break;
- }
return PAM_AUTH_ERR;
}
/* Return PAM_SUCCESS if the user is NOT in the group. */
static int
evaluate_notingroup(pam_handle_t *pamh, const char *user, const char *group)
{
- int ret;
- ret = _pammodutil_user_in_group_nam_nam(pamh, user, group);
- switch (ret) {
- case 0:
+ if (pam_modutil_user_in_group_nam_nam(pamh, user, group) == 0)
+ return PAM_SUCCESS;
+ return PAM_AUTH_ERR;
+}
+/* Return PAM_SUCCESS if the (host,user) is in the netgroup. */
+static int
+evaluate_innetgr(const char *host, const char *user, const char *group)
+{
+ if (innetgr(group, host, user, NULL) == 1)
+ return PAM_SUCCESS;
+ return PAM_AUTH_ERR;
+}
+/* Return PAM_SUCCESS if the (host,user) is NOT in the netgroup. */
+static int
+evaluate_notinnetgr(const char *host, const char *user, const char *group)
+{
+ if (innetgr(group, host, user, NULL) == 0)
return PAM_SUCCESS;
- break;
- default:
- break;
- }
return PAM_AUTH_ERR;
}
@@ -261,38 +273,46 @@ evaluate(pam_handle_t *pamh, int debug,
snprintf(buf, sizeof(buf), "%s", pwd->pw_dir);
left = buf;
}
+ if (strcasecmp(left, "service") == 0) {
+ const void *svc;
+ if (pam_get_item(pamh, PAM_SERVICE, &svc) != PAM_SUCCESS)
+ svc = "";
+ snprintf(buf, sizeof(buf), "%s", (const char *)svc);
+ left = buf;
+ }
/* If we have no idea what's going on, return an error. */
if (left != buf) {
- log_error(LOG_CRIT, "unknown attribute \"%s\"", left);
+ pam_syslog(pamh, LOG_CRIT, "unknown attribute \"%s\"", left);
return PAM_SERVICE_ERR;
}
if (debug) {
- log_error(LOG_DEBUG, "'%s' resolves to '%s'", attribute, left);
+ pam_syslog(pamh, LOG_DEBUG, "'%s' resolves to '%s'",
+ attribute, left);
}
/* Attribute value < some threshold. */
if ((strcasecmp(qual, "<") == 0) ||
(strcasecmp(qual, "lt") == 0)) {
- return evaluate_lt(left, right);
+ return evaluate_lt(pamh, left, right);
}
/* Attribute value <= some threshold. */
if ((strcasecmp(qual, "<=") == 0) ||
(strcasecmp(qual, "le") == 0)) {
- return evaluate_le(left, right);
+ return evaluate_le(pamh, left, right);
}
/* Attribute value > some threshold. */
if ((strcasecmp(qual, ">") == 0) ||
(strcasecmp(qual, "gt") == 0)) {
- return evaluate_gt(left, right);
+ return evaluate_gt(pamh, left, right);
}
/* Attribute value >= some threshold. */
if ((strcasecmp(qual, ">=") == 0) ||
(strcasecmp(qual, "ge") == 0)) {
- return evaluate_ge(left, right);
+ return evaluate_ge(pamh, left, right);
}
/* Attribute value == some threshold. */
if (strcasecmp(qual, "eq") == 0) {
- return evaluate_eqn(left, right);
+ return evaluate_eqn(pamh, left, right);
}
/* Attribute value = some string. */
if (strcasecmp(qual, "=") == 0) {
@@ -300,7 +320,7 @@ evaluate(pam_handle_t *pamh, int debug,
}
/* Attribute value != some threshold. */
if (strcasecmp(qual, "ne") == 0) {
- return evaluate_nen(left, right);
+ return evaluate_nen(pamh, left, right);
}
/* Attribute value != some string. */
if (strcasecmp(qual, "!=") == 0) {
@@ -315,6 +335,13 @@ evaluate(pam_handle_t *pamh, int debug,
(strcasecmp(qual, "noglob") == 0)) {
return evaluate_noglob(left, right);
}
+ /* Attribute value matches item in list. */
+ if (strcasecmp(qual, "in") == 0) {
+ return evaluate_inlist(left, right);
+ }
+ if (strcasecmp(qual, "notin") == 0) {
+ return evaluate_notinlist(left, right);
+ }
/* User is in this group. */
if (strcasecmp(qual, "ingroup") == 0) {
return evaluate_ingroup(pamh, pwd->pw_name, right);
@@ -323,14 +350,29 @@ evaluate(pam_handle_t *pamh, int debug,
if (strcasecmp(qual, "notingroup") == 0) {
return evaluate_notingroup(pamh, pwd->pw_name, right);
}
+ /* (Rhost, user) is in this netgroup. */
+ if (strcasecmp(qual, "innetgr") == 0) {
+ const void *rhost;
+ if (pam_get_item(pamh, PAM_RHOST, &rhost) != PAM_SUCCESS)
+ rhost = NULL;
+ return evaluate_innetgr(rhost, pwd->pw_name, right);
+ }
+ /* (Rhost, user) is not in this group. */
+ if (strcasecmp(qual, "notinnetgr") == 0) {
+ const void *rhost;
+ if (pam_get_item(pamh, PAM_RHOST, &rhost) != PAM_SUCCESS)
+ rhost = NULL;
+ return evaluate_notinnetgr(rhost, pwd->pw_name, right);
+ }
/* Fail closed. */
return PAM_SERVICE_ERR;
}
-int
-pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
- const char *prompt;
+ const void *prompt;
const char *user;
struct passwd *pwd;
int ret, i, count, use_uid, debug;
@@ -338,7 +380,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
int quiet_fail, quiet_succ;
/* Get the user prompt. */
- ret = pam_get_item(pamh, PAM_USER_PROMPT, (const void**) &prompt);
+ ret = pam_get_item(pamh, PAM_USER_PROMPT, &prompt);
if ((ret != PAM_SUCCESS) || (prompt == NULL) || (strlen(prompt) == 0)) {
prompt = "login: ";
}
@@ -366,29 +408,31 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
if (use_uid) {
/* Get information about the user. */
- pwd = _pammodutil_getpwuid(pamh, getuid());
+ pwd = pam_modutil_getpwuid(pamh, getuid());
if (pwd == NULL) {
- log_error(LOG_CRIT,
- "error retrieving information about user %ld",
- (long)getuid());
- return PAM_SERVICE_ERR;
+ pam_syslog(pamh, LOG_CRIT,
+ "error retrieving information about user %lu",
+ (unsigned long)getuid());
+ return PAM_USER_UNKNOWN;
}
+ user = pwd->pw_name;
} else {
/* Get the user's name. */
ret = pam_get_user(pamh, &user, prompt);
if ((ret != PAM_SUCCESS) || (user == NULL)) {
- log_error(LOG_CRIT, "error retrieving user name: %s",
- pam_strerror(pamh, ret));
+ pam_syslog(pamh, LOG_CRIT,
+ "error retrieving user name: %s",
+ pam_strerror(pamh, ret));
return ret;
}
/* Get information about the user. */
- pwd = _pammodutil_getpwnam(pamh, user);
+ pwd = pam_modutil_getpwnam(pamh, user);
if (pwd == NULL) {
- log_error(LOG_CRIT,
- "error retrieving information about user %s",
- user);
- return PAM_SERVICE_ERR;
+ pam_syslog(pamh, LOG_CRIT,
+ "error retrieving information about user %s",
+ user);
+ return PAM_USER_UNKNOWN;
}
}
@@ -402,18 +446,18 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
pwd);
if (ret != PAM_SUCCESS) {
if(!quiet_fail)
- log_error(LOG_INFO,
- "requirement \"%s %s %s\" "
- "not met by user \"%s\"",
- left, qual, right, user);
+ pam_syslog(pamh, LOG_INFO,
+ "requirement \"%s %s %s\" "
+ "not met by user \"%s\"",
+ left, qual, right, user);
break;
}
else
if(!quiet_succ)
- log_error(LOG_INFO,
- "requirement \"%s %s %s\" "
- "was met by user \"%s\"",
- left, qual, right, user);
+ pam_syslog(pamh, LOG_INFO,
+ "requirement \"%s %s %s\" "
+ "was met by user \"%s\"",
+ left, qual, right, user);
left = qual = right = NULL;
}
if ((i < argc) && (strcmp(argv[i], "debug") == 0)) {
@@ -457,14 +501,46 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
return ret;
}
-int
-pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
- return PAM_SUCCESS;
+ return PAM_IGNORE;
}
-int
+PAM_EXTERN int
pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
return pam_sm_authenticate(pamh, flags, argc, argv);
}
+
+PAM_EXTERN int
+pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
+{
+ return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+/* static module data */
+#ifdef PAM_STATIC
+struct pam_module _pam_succeed_if_modstruct = {
+ "pam_succeed_if",
+ pam_sm_authenticate,
+ pam_sm_setcred,
+ pam_sm_acct_mgmt,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ pam_sm_chauthtok
+};
+#endif
diff --git a/Linux-PAM/modules/pam_succeed_if/tst-pam_succeed_if b/Linux-PAM/modules/pam_succeed_if/tst-pam_succeed_if
new file mode 100755
index 00000000..f2b6dd3f
--- /dev/null
+++ b/Linux-PAM/modules/pam_succeed_if/tst-pam_succeed_if
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_succeed_if.so
diff --git a/Linux-PAM/modules/pam_tally/Makefile b/Linux-PAM/modules/pam_tally/Makefile
deleted file mode 100644
index 40617a1a..00000000
--- a/Linux-PAM/modules/pam_tally/Makefile
+++ /dev/null
@@ -1,109 +0,0 @@
-#
-# $Id: Makefile,v 1.5 2004/09/24 13:13:21 kukuk Exp $
-#
-# This Makefile controls a build process of $(TITLE) module and
-# application for Linux-PAM. You should not modify this Makefile
-# (unless you know what you are doing!).
-#
-#
-
-include ../../Make.Rules
-
-TITLE=pam_tally
-
-#
-## Additional rules for making (and moving) the application added.
-## Assuming that all modules' applications are called $TITLE
-#
-
-LIBSRC = $(TITLE).c
-LIBOBJ = $(TITLE).o
-LIBOBJD = $(addprefix dynamic/,$(LIBOBJ))
-LIBOBJS = $(addprefix static/,$(LIBOBJ))
-
-APPSRC = $(TITLE)_app.c
-APPOBJ = $(TITLE)_app.o
-APPOBJD = $(addprefix dynamic/,$(APPOBJ))
-APPOBJS = $(addprefix static/,$(APPOBJ))
-
-dynamic/%.o : %.c
- $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-static/%.o : %.c
- $(CC) $(CFLAGS) $(STATIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-
-ifdef DYNAMIC
-LIBSHARED = $(TITLE).so
-endif
-
-ifdef STATIC
-LIBSTATIC = lib$(TITLE).o
-endif
-
-APPLICATION = $(TITLE)
-APPMODE = 755
-
-LINK_PAMMODUTILS = -L../pammodutil -lpammodutil -L../../libpam -lpam
-INCLUDE_PAMMODUTILS = -I../pammodutil/include
-
-LDFLAGS += $(LINK_PAMMODUTILS)
-CFLAGS += $(INCLUDE_PAMMODUTILS)
-
-####################### don't edit below #######################
-
-all: dirs $(LIBSHARED) $(LIBSTATIC) register $(APPLICATION)
-
-dirs:
-ifdef DYNAMIC
- $(MKDIR) ./dynamic
-endif
-ifdef STATIC
- $(MKDIR) ./static
-endif
-
-register:
-ifdef STATIC
- ( cd .. ; ./register_static $(TITLE) $(TITLE)/$(LIBSTATIC) )
-endif
-
-ifdef DYNAMIC
-$(LIBOBJD): $(LIBSRC)
-
-$(LIBSHARED): $(LIBOBJD)
- $(LD_D) -o $@ $(LIBOBJD) $(LDFLAGS)
-
-$(APPLICATION): $(APPOBJD) $(TITLE).c
- $(CC) $(CFLAGS) -o $@ $(APPOBJD) $(LDFLAGS) $(LOADLIBES)
-
-endif
-
-ifdef STATIC
-$(LIBOBJS): $(LIBSRC)
-
-$(LIBSTATIC): $(LIBOBJS)
- $(LD) -r -o $@ $(LIBOBJS)
-
-$(APPLICATION): $(APPOBJS) $(TITLE).c
- $(CC) $(CFLAGS) -o $@ $(APPOBJS) $(LOADLIBES)
-endif
-
-install: all
- $(MKDIR) $(FAKEROOT)$(SECUREDIR)
-ifdef DYNAMIC
- $(INSTALL) -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR)
-endif
- $(MKDIR) $(FAKEROOT)$(SUPLEMENTED)
- $(INSTALL) -m $(APPMODE) $(APPLICATION) $(FAKEROOT)$(SUPLEMENTED)
-
-remove:
- rm -f $(FAKEROOT)$(SECUREDIR)/$(TITLE).so
- rm -f $(FAKEROOT)$(SUPLEMENTED)/$(TITLE)
-
-clean:
- rm -f $(LIBOBJD) $(LIBOBJS) $(APPOBJD) $(APPOBJS) core *~
- rm -f *.a *.o *.so *.bak dynamic/* static/* $(APPLICATION)
- rm -rf dynamic static
-
-.c.o:
- $(CC) $(CFLAGS) -c $<
diff --git a/Linux-PAM/modules/pam_tally/Makefile.am b/Linux-PAM/modules/pam_tally/Makefile.am
new file mode 100644
index 00000000..ffb88886
--- /dev/null
+++ b/Linux-PAM/modules/pam_tally/Makefile.am
@@ -0,0 +1,38 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_tally
+
+man_MANS = pam_tally.8
+XMLS = README.xml pam_tally.8.xml
+
+TESTS = tst-pam_tally
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+noinst_HEADERS = faillog.h
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+
+pam_tally_la_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ pam_tally_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_tally.la
+sbin_PROGRAMS = pam_tally
+
+pam_tally_SOURCES = pam_tally_app.c
+pam_tally_LDFLAGS = -L$(top_builddir)/libpam -lpam
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_tally.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_tally/Makefile.in b/Linux-PAM/modules/pam_tally/Makefile.in
new file mode 100644
index 00000000..631d79c4
--- /dev/null
+++ b/Linux-PAM/modules/pam_tally/Makefile.in
@@ -0,0 +1,719 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+sbin_PROGRAMS = pam_tally$(EXEEXT)
+subdir = modules/pam_tally
+DIST_COMMON = README $(noinst_HEADERS) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(sbindir)" \
+ "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_tally_la_LIBADD =
+pam_tally_la_SOURCES = pam_tally.c
+pam_tally_la_OBJECTS = pam_tally.lo
+pam_tally_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(pam_tally_la_LDFLAGS) $(LDFLAGS) -o $@
+sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+PROGRAMS = $(sbin_PROGRAMS)
+am_pam_tally_OBJECTS = pam_tally_app.$(OBJEXT)
+pam_tally_OBJECTS = $(am_pam_tally_OBJECTS)
+pam_tally_LDADD = $(LDADD)
+pam_tally_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(pam_tally_LDFLAGS) $(LDFLAGS) -o $@
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_tally.c $(pam_tally_SOURCES)
+DIST_SOURCES = pam_tally.c $(pam_tally_SOURCES)
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+HEADERS = $(noinst_HEADERS)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_tally
+man_MANS = pam_tally.8
+XMLS = README.xml pam_tally.8.xml
+TESTS = tst-pam_tally
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+noinst_HEADERS = faillog.h
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+pam_tally_la_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_tally.la
+pam_tally_SOURCES = pam_tally_app.c
+pam_tally_LDFLAGS = -L$(top_builddir)/libpam -lpam
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_tally/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_tally/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_tally.la: $(pam_tally_la_OBJECTS) $(pam_tally_la_DEPENDENCIES)
+ $(pam_tally_la_LINK) -rpath $(securelibdir) $(pam_tally_la_OBJECTS) $(pam_tally_la_LIBADD) $(LIBS)
+install-sbinPROGRAMS: $(sbin_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)"
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ if test -f $$p \
+ || test -f $$p1 \
+ ; then \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
+ else :; fi; \
+ done
+
+uninstall-sbinPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \
+ rm -f "$(DESTDIR)$(sbindir)/$$f"; \
+ done
+
+clean-sbinPROGRAMS:
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+pam_tally$(EXEEXT): $(pam_tally_OBJECTS) $(pam_tally_DEPENDENCIES)
+ @rm -f pam_tally$(EXEEXT)
+ $(pam_tally_LINK) $(pam_tally_OBJECTS) $(pam_tally_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_tally.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_tally_app.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(DATA) $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \
+ clean-securelibLTLIBRARIES mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am: install-sbinPROGRAMS
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-sbinPROGRAMS \
+ uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-sbinPROGRAMS \
+ clean-securelibLTLIBRARIES ctags distclean distclean-compile \
+ distclean-generic distclean-libtool distclean-tags distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-html install-html-am \
+ install-info install-info-am install-man install-man8 \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-sbinPROGRAMS install-securelibLTLIBRARIES \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-man \
+ uninstall-man8 uninstall-sbinPROGRAMS \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_tally.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_tally/README b/Linux-PAM/modules/pam_tally/README
index c8b715bd..cfd8a468 100644
--- a/Linux-PAM/modules/pam_tally/README
+++ b/Linux-PAM/modules/pam_tally/README
@@ -1,116 +1,136 @@
-SUMMARY:
- pam_tally.so:
-
- Maintains a count of attempted accesses, can reset count on success,
- can deny access if too many attempts fail.
-
- Options:
-
- * onerr=[succeed|fail] (if something weird happens
- such as unable to open the file, what to do?)
- * file=/where/to/keep/counts (default /var/log/faillog)
- * audit (will display the username typed if the user is not found)
-
- (auth)
- Authentication phase first checks if user should be denied access
- and if not it increments attempted login counter. Then on call to
- pam_setcred it resets the attempts counter if the user is NOT
- magic root.
- * deny=n (deny access if tally for this user exceeds n)
-
- * lock_time=n (always deny for n seconds after failed attempt)
-
- * unlock_time=n (allow access after n seconds after the last
- failed attempt with exceeded tally)
-
- * magic_root (access attempts by root as requesting user ignore
- deny and don't change counter.
- Use this for su and similar services.)
-
- * even_deny_root_account (Root can become unavailable. BEWARE.
- Note that magic root trying to gain root bypasses this,
- but normal users can be locked out.)
-
- * per_user (If /var/log/faillog contains a non-zero
- .fail_max/.fail_locktime field for this user then use it
- instead of deny=n/lock_time=n parameter.)
-
- * no_lock_time (Don't use .fail_locktime filed in
- /var/log/faillog for this user)
-
- * no_reset (don't reset count on successful entry,
- only decrement)
-
-
- (account)
- Account phase resets attempts counter if the user is NOT magic root.
- This phase can be used optionaly for services which don't call
- pam_setcred correctly or if the reset should be done regardless
- of the failure of the account phase of other modules.
-
- * magic_root (access attempts by root as requesting user
- don't change counter.
- Use this for su and similar services.)
-
- * no_reset (don't reset count on successful entry,
- only decrement)
-
- Also checks to make sure that the counts file is a plain
- file and not world writable.
-
- - Tim Baverstock <warwick@sable.demon.co.uk>, v0.1 5 March 1997
- - Tomas Mraz <tmraz@redhat.com>, v0.2 5 January 2005
-
-LONGER:
-
-pam_tally comes in two parts: pam_tally.so and pam_tally.
-
-pam_tally.so sits in a pam config file, in the auth and account sections.
-
-In the auth section, it denies access if attempted logins exceed some
-threshold and it increments a per-uid counter for each attempted login,
-in the account section, it resets that counter to zero on successful
-login. If the module isn't used in the account section it resets the counter
-to zero on call to pam_setcred.
-
-Root is treated specially:
-
-1. When a process already running as root tries to access some service and the
-'magic_root' flag is set, the access is `magic', and bypasses pam_tally's
-checks: handy for `su'ing from root into an account otherwise blocked.
-NOTE: This was changed from the previous version of pam_tally where the default
-was to treat root as magic and there were the 'no_magic_root' flag. However
-for most of services the current default make sense.
-
-2. Normally, failed attempts to access root will NOT cause the root
-account to become blocked, to prevent denial-of-service: if your users aren't
-given shell accounts and root may only login via `su' or at the machine
-console (not telnet/rsh, etc), this is safe. If you really want root to be
-blocked for some given service, use even_deny_root_account.
-
-pam_tally is an (optional) application which can be used to interrogate and
-manipulate the counter file. It can display users' counts, set individual
-counts, or clear all counts. Setting artificially high counts may be useful
-for blocking users without changing their passwords. I found it useful to
-clear all counts every midnight from a cron..
-
-The counts file is organised as a binary-word array, indexed by uid. You
-can probably make sense of it with `od', if you don't want to use the
-supplied application.
-
-BUGS:
-
-pam_tally is very dependant on getpw*(): a database of usernames
-would be much more flexible.
-
-The (4.0 Redhat) utilities seem to do funny things with uid, and I'm
-not wholly sure I understood what I should have been doing anyway so
-the `keep a count of current logins' bit has been #ifdef'd out and you
-can only reset the counter on successful authentication, for now.
-
-IMPORTANT NOTICE:
-In the original version of pam_tally there was a bug where the information
-if the password was correct or not was leaked by returning error from
-different pam management phases. This was solved by moving the denying
-functionality to the auth phase. However it's necessary to update the pam
-configuration by moving the required options (as deny=N) to the auth phase.
+pam_tally — The login counter (tallying) module
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+This module maintains a count of attempted accesses, can reset count on
+success, can deny access if too many attempts fail.
+
+pam_tally comes in two parts: pam_tally.so and pam_tally. The former is the PAM
+module and the latter, a stand-alone program. pam_tally is an (optional)
+application which can be used to interrogate and manipulate the counter file.
+It can display users' counts, set individual counts, or clear all counts.
+Setting artificially high counts may be useful for blocking users without
+changing their passwords. For example, one might find it useful to clear all
+counts every midnight from a cron job. The faillog(8) command can be used
+instead of pam_tally to to maintain the counter file.
+
+Normally, failed attempts to access root will not cause the root account to
+become blocked, to prevent denial-of-service: if your users aren't given shell
+accounts and root may only login via su or at the machine console (not telnet/
+rsh, etc), this is safe.
+
+OPTIONS
+
+GLOBAL OPTIONS
+
+ This can be used for auth and account services.
+
+ onerr=[fail|succeed]
+
+ If something weird happens (like unable to open the file), return with
+ PAM_SUCESS if onerr=succeed is given, else with the corresponding PAM
+ error code.
+
+ file=/path/to/counter
+
+ File where to keep counts. Default is /var/log/faillog.
+
+ audit
+
+ Will display the username typed if the user is not found.
+
+AUTH OPTIONS
+
+ Authentication phase first checks if user should be denied access and if
+ not it increments attempted login counter. Then on call to pam_setcred(3)
+ it resets the attempts counter.
+
+ deny=n
+
+ Deny access if tally for this user exceeds n.
+
+ lock_time=n
+
+ Always deny for n seconds after failed attempt.
+
+ unlock_time=n
+
+ Allow access after n seconds after failed attempt. If this option is
+ used the user will be locked out for the specified amount of time after
+ he exceeded his maximum allowed attempts. Otherwise the account is
+ locked until the lock is removed by a manual intervention of the system
+ administrator.
+
+ magic_root
+
+ If the module is invoked by a user with uid=0 the counter is not
+ incremented. The sys-admin should use this for user launched services,
+ like su, otherwise this argument should be omitted.
+
+ no_lock_time
+
+ Do not use the .fail_locktime field in /var/log/faillog for this user.
+
+ no_reset
+
+ Don't reset count on successful entry, only decrement.
+
+ even_deny_root_account
+
+ Root account can become unavailable.
+
+ even_deny_root_account
+
+ Root account can become unavailable.
+
+ per_user
+
+ If /var/log/faillog contains a non-zero .fail_max/.fail_locktime field
+ for this user then use it instead of deny=n/ lock_time=n parameter.
+
+ no_lock_time
+
+ Don't use .fail_locktime filed in /var/log/faillog for this user.
+
+ACCOUNT OPTIONS
+
+ Account phase resets attempts counter if the user is not magic root. This
+ phase can be used optionaly for services which don't call pam_setcred(3)
+ correctly or if the reset should be done regardless of the failure of the
+ account phase of other modules.
+
+ magic_root
+
+ If the module is invoked by a user with uid=0 the counter is not
+ incremented. The sys-admin should use this for user launched services,
+ like su, otherwise this argument should be omitted.
+
+ no_reset
+
+ Don't reset count on successful entry, only decrement.
+
+EXAMPLES
+
+Add the following line to /etc/pam.d/login to lock the account after too many
+failed logins. The number of allowed fails is specified by /var/log/faillog and
+needs to be set with pam_tally or faillog(8) before.
+
+auth required pam_securetty.so
+auth required pam_tally.so per_user
+auth required pam_env.so
+auth required pam_unix.so
+auth required pam_nologin.so
+account required pam_unix.so
+password required pam_unix.so
+session required pam_limits.so
+session required pam_unix.so
+session required pam_lastlog.so nowtmp
+session optional pam_mail.so standard
+
+
+AUTHOR
+
+pam_tally was written by Tim Baverstock and Tomas Mraz.
+
diff --git a/Linux-PAM/modules/pam_tally/README.xml b/Linux-PAM/modules/pam_tally/README.xml
new file mode 100644
index 00000000..3c6de50e
--- /dev/null
+++ b/Linux-PAM/modules/pam_tally/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_tally.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_tally.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_tally-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_tally.8.xml" xpointer='xpointer(//refsect1[@id = "pam_tally-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_tally.8.xml" xpointer='xpointer(//refsect1[@id = "pam_tally-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_tally.8.xml" xpointer='xpointer(//refsect1[@id = "pam_tally-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_tally.8.xml" xpointer='xpointer(//refsect1[@id = "pam_tally-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_tally/pam_tally.8 b/Linux-PAM/modules/pam_tally/pam_tally.8
new file mode 100644
index 00000000..a4476b6b
--- /dev/null
+++ b/Linux-PAM/modules/pam_tally/pam_tally.8
@@ -0,0 +1,188 @@
+.\" Title: pam_tally
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/18/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_TALLY" "8" "06/18/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_tally \- The login counter (tallying) module
+.SH "SYNOPSIS"
+.HP 13
+\fBpam_tally.so\fR [file=\fI/path/to/counter\fR] [onerr=[\fIfail\fR|\fIsucceed\fR]] [magic_root] [even_deny_root_account] [deny=\fIn\fR] [lock_time=\fIn\fR] [unlock_time=\fIn\fR] [per_user] [no_lock_time] [no_reset] [audit]
+.HP 10
+\fBpam_tally\fR [\-\-file\ \fI/path/to/counter\fR] [\-\-user\ \fIusername\fR] [\-\-reset[=\fIn\fR]] [\-\-quiet]
+.SH "DESCRIPTION"
+.PP
+This module maintains a count of attempted accesses, can reset count on success, can deny access if too many attempts fail.
+.PP
+pam_tally comes in two parts:
+\fBpam_tally.so\fR
+and
+\fBpam_tally\fR. The former is the PAM module and the latter, a stand\-alone program.
+\fBpam_tally\fR
+is an (optional) application which can be used to interrogate and manipulate the counter file. It can display users' counts, set individual counts, or clear all counts. Setting artificially high counts may be useful for blocking users without changing their passwords. For example, one might find it useful to clear all counts every midnight from a cron job. The
+\fBfaillog\fR(8)
+command can be used instead of pam_tally to to maintain the counter file.
+.PP
+Normally, failed attempts to access
+\fIroot\fR
+will
+\fBnot\fR
+cause the root account to become blocked, to prevent denial\-of\-service: if your users aren't given shell accounts and root may only login via
+\fBsu\fR
+or at the machine console (not telnet/rsh, etc), this is safe.
+.SH "OPTIONS"
+.TP 3n
+GLOBAL OPTIONS
+This can be used for
+\fIauth\fR
+and
+\fIaccount\fR
+services.
+.RS 3n
+.TP 3n
+\fBonerr=[\fR\fB\fIfail\fR\fR\fB|\fR\fB\fIsucceed\fR\fR\fB]\fR
+If something weird happens (like unable to open the file), return with
+\fBPAM_SUCESS\fR
+if
+\fBonerr=\fR\fB\fIsucceed\fR\fR
+is given, else with the corresponding PAM error code.
+.TP 3n
+\fBfile=\fR\fB\fI/path/to/counter\fR\fR
+File where to keep counts. Default is
+\fI/var/log/faillog\fR.
+.TP 3n
+\fBaudit\fR
+Will display the username typed if the user is not found.
+.RE
+.TP 3n
+AUTH OPTIONS
+Authentication phase first checks if user should be denied access and if not it increments attempted login counter. Then on call to
+\fBpam_setcred\fR(3)
+it resets the attempts counter.
+.RS 3n
+.TP 3n
+\fBdeny=\fR\fB\fIn\fR\fR
+Deny access if tally for this user exceeds
+\fIn\fR.
+.TP 3n
+\fBlock_time=\fR\fB\fIn\fR\fR
+Always deny for
+\fIn\fR
+seconds after failed attempt.
+.TP 3n
+\fBunlock_time=\fR\fB\fIn\fR\fR
+Allow access after
+\fIn\fR
+seconds after failed attempt. If this option is used the user will be locked out for the specified amount of time after he exceeded his maximum allowed attempts. Otherwise the account is locked until the lock is removed by a manual intervention of the system administrator.
+.TP 3n
+\fBmagic_root\fR
+If the module is invoked by a user with uid=0 the counter is not incremented. The sys\-admin should use this for user launched services, like
+\fBsu\fR, otherwise this argument should be omitted.
+.TP 3n
+\fBno_lock_time\fR
+Do not use the .fail_locktime field in
+\fI/var/log/faillog\fR
+for this user.
+.TP 3n
+\fBno_reset\fR
+Don't reset count on successful entry, only decrement.
+.TP 3n
+\fBeven_deny_root_account\fR
+Root account can become unavailable.
+.TP 3n
+\fBeven_deny_root_account\fR
+Root account can become unavailable.
+.TP 3n
+\fBper_user\fR
+If
+\fI/var/log/faillog\fR
+contains a non\-zero .fail_max/.fail_locktime field for this user then use it instead of
+\fBdeny=\fR\fB\fIn\fR\fR/
+\fBlock_time=\fR\fB\fIn\fR\fR
+parameter.
+.TP 3n
+\fBno_lock_time\fR
+Don't use .fail_locktime filed in
+\fI/var/log/faillog\fR
+for this user.
+.RE
+.TP 3n
+ACCOUNT OPTIONS
+Account phase resets attempts counter if the user is
+\fBnot\fR
+magic root. This phase can be used optionaly for services which don't call
+\fBpam_setcred\fR(3)
+correctly or if the reset should be done regardless of the failure of the account phase of other modules.
+.RS 3n
+.TP 3n
+\fBmagic_root\fR
+If the module is invoked by a user with uid=0 the counter is not incremented. The sys\-admin should use this for user launched services, like
+\fBsu\fR, otherwise this argument should be omitted.
+.TP 3n
+\fBno_reset\fR
+Don't reset count on successful entry, only decrement.
+.RE
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The
+\fBauth\fR
+and
+\fBaccount\fR
+services are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_AUTH_ERR
+A invalid option was given, the module was not able to retrive the user name, no valid counter file was found, or too many failed logins.
+.TP 3n
+PAM_SUCCESS
+Everything was successfull.
+.TP 3n
+PAM_USER_UNKNOWN
+User not known.
+.SH "EXAMPLES"
+.PP
+Add the following line to
+\fI/etc/pam.d/login\fR
+to lock the account after too many failed logins. The number of allowed fails is specified by
+\fI/var/log/faillog\fR
+and needs to be set with pam_tally or
+\fBfaillog\fR(8)
+before.
+.sp
+.RS 3n
+.nf
+auth required pam_securetty.so
+auth required pam_tally.so per_user
+auth required pam_env.so
+auth required pam_unix.so
+auth required pam_nologin.so
+account required pam_unix.so
+password required pam_unix.so
+session required pam_limits.so
+session required pam_unix.so
+session required pam_lastlog.so nowtmp
+session optional pam_mail.so standard
+
+.fi
+.RE
+.SH "FILES"
+.TP 3n
+\fI/var/log/faillog\fR
+failure logging file
+.SH "SEE ALSO"
+.PP
+
+\fBfaillog\fR(8),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_tally was written by Tim Baverstock and Tomas Mraz.
diff --git a/Linux-PAM/modules/pam_tally/pam_tally.8.xml b/Linux-PAM/modules/pam_tally/pam_tally.8.xml
new file mode 100644
index 00000000..1261130a
--- /dev/null
+++ b/Linux-PAM/modules/pam_tally/pam_tally.8.xml
@@ -0,0 +1,437 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_tally">
+
+ <refmeta>
+ <refentrytitle>pam_tally</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_tally-name">
+ <refname>pam_tally</refname>
+ <refpurpose>The login counter (tallying) module</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_tally-cmdsynopsis1">
+ <command>pam_tally.so</command>
+ <arg choice="opt">
+ file=<replaceable>/path/to/counter</replaceable>
+ </arg>
+ <arg choice="opt">
+ onerr=[<replaceable>fail</replaceable>|<replaceable>succeed</replaceable>]
+ </arg>
+ <arg choice="opt">
+ magic_root
+ </arg>
+ <arg choice="opt">
+ even_deny_root_account
+ </arg>
+ <arg choice="opt">
+ deny=<replaceable>n</replaceable>
+ </arg>
+ <arg choice="opt">
+ lock_time=<replaceable>n</replaceable>
+ </arg>
+ <arg choice="opt">
+ unlock_time=<replaceable>n</replaceable>
+ </arg>
+ <arg choice="opt">
+ per_user
+ </arg>
+ <arg choice="opt">
+ no_lock_time
+ </arg>
+ <arg choice="opt">
+ no_reset
+ </arg>
+ <arg choice="opt">
+ audit
+ </arg>
+ </cmdsynopsis>
+ <cmdsynopsis id="pam_tally-cmdsynopsis2">
+ <command>pam_tally</command>
+ <arg choice="opt">
+ --file <replaceable>/path/to/counter</replaceable>
+ </arg>
+ <arg choice="opt">
+ --user <replaceable>username</replaceable>
+ </arg>
+ <arg choice="opt">
+ --reset[=<replaceable>n</replaceable>]
+ </arg>
+ <arg choice="opt">
+ --quiet
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_tally-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ This module maintains a count of attempted accesses, can
+ reset count on success, can deny access if too many attempts fail.
+ </para>
+ <para>
+ pam_tally comes in two parts:
+ <emphasis remap='B'>pam_tally.so</emphasis> and
+ <command>pam_tally</command>. The former is the PAM module and
+ the latter, a stand-alone program. <command>pam_tally</command>
+ is an (optional) application which can be used to interrogate and
+ manipulate the counter file. It can display users' counts, set
+ individual counts, or clear all counts. Setting artificially high
+ counts may be useful for blocking users without changing their
+ passwords. For example, one might find it useful to clear all counts
+ every midnight from a cron job. The
+ <citerefentry>
+ <refentrytitle>faillog</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry> command can be used instead of pam_tally to to
+ maintain the counter file.
+ </para>
+ <para>
+ Normally, failed attempts to access <emphasis>root</emphasis> will
+ <emphasis remap='B'>not</emphasis> cause the root account to become
+ blocked, to prevent denial-of-service: if your users aren't given
+ shell accounts and root may only login via <command>su</command> or
+ at the machine console (not telnet/rsh, etc), this is safe.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_tally-options">
+
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ GLOBAL OPTIONS
+ </term>
+ <listitem>
+ <para>
+ This can be used for <emphasis>auth</emphasis> and
+ <emphasis>account</emphasis> services.
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>onerr=[<replaceable>fail</replaceable>|<replaceable>succeed</replaceable>]</option>
+ </term>
+ <listitem>
+ <para>
+ If something weird happens (like unable to open the file),
+ return with <errorcode>PAM_SUCESS</errorcode> if
+ <option>onerr=<replaceable>succeed</replaceable></option>
+ is given, else with the corresponding PAM error code.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>file=<replaceable>/path/to/counter</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ File where to keep counts. Default is
+ <filename>/var/log/faillog</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>audit</option>
+ </term>
+ <listitem>
+ <para>
+ Will display the username typed if the user is not found.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ AUTH OPTIONS
+ </term>
+ <listitem>
+ <para>
+ Authentication phase first checks if user should be denied
+ access and if not it increments attempted login counter. Then
+ on call to <citerefentry>
+ <refentrytitle>pam_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> it resets the attempts counter.
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>deny=<replaceable>n</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Deny access if tally for this user exceeds
+ <replaceable>n</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>lock_time=<replaceable>n</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Always deny for <replaceable>n</replaceable> seconds
+ after failed attempt.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>unlock_time=<replaceable>n</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Allow access after <replaceable>n</replaceable> seconds
+ after failed attempt. If this option is used the user will
+ be locked out for the specified amount of time after he
+ exceeded his maximum allowed attempts. Otherwise the
+ account is locked until the lock is removed by a manual
+ intervention of the system administrator.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>magic_root</option>
+ </term>
+ <listitem>
+ <para>
+ If the module is invoked by a user with uid=0 the
+ counter is not incremented. The sys-admin should use this
+ for user launched services, like <command>su</command>,
+ otherwise this argument should be omitted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>no_lock_time</option>
+ </term>
+ <listitem>
+ <para>
+ Do not use the .fail_locktime field in
+ <filename>/var/log/faillog</filename> for this user.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>no_reset</option>
+ </term>
+ <listitem>
+ <para>
+ Don't reset count on successful entry, only decrement.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>even_deny_root_account</option>
+ </term>
+ <listitem>
+ <para>
+ Root account can become unavailable.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>even_deny_root_account</option>
+ </term>
+ <listitem>
+ <para>
+ Root account can become unavailable.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>per_user</option>
+ </term>
+ <listitem>
+ <para>
+ If <filename>/var/log/faillog</filename> contains a non-zero
+ .fail_max/.fail_locktime field for this user then use it
+ instead of <option>deny=<replaceable>n</replaceable></option>/
+ <option>lock_time=<replaceable>n</replaceable></option> parameter.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>no_lock_time</option>
+ </term>
+ <listitem>
+ <para>
+ Don't use .fail_locktime filed in
+ <filename>/var/log/faillog</filename> for this user.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </listitem>
+ </varlistentry>
+
+
+ <varlistentry>
+ <term>
+ ACCOUNT OPTIONS
+ </term>
+ <listitem>
+ <para>
+ Account phase resets attempts counter if the user is
+ <emphasis remap='B'>not</emphasis> magic root.
+ This phase can be used optionaly for services which don't call
+ <citerefentry>
+ <refentrytitle>pam_setcred</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> correctly or if the reset should be done regardless
+ of the failure of the account phase of other modules.
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>magic_root</option>
+ </term>
+ <listitem>
+ <para>
+ If the module is invoked by a user with uid=0 the
+ counter is not incremented. The sys-admin should use this
+ for user launched services, like <command>su</command>,
+ otherwise this argument should be omitted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>no_reset</option>
+ </term>
+ <listitem>
+ <para>
+ Don't reset count on successful entry, only decrement.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_tally-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The <option>auth</option> and <option>account</option>
+ services are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_tally-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ A invalid option was given, the module was not able
+ to retrive the user name, no valid counter file
+ was found, or too many failed logins.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Everything was successfull.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_tally-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add the following line to <filename>/etc/pam.d/login</filename> to
+ lock the account after too many failed logins. The number of
+ allowed fails is specified by <filename>/var/log/faillog</filename>
+ and needs to be set with pam_tally or <citerefentry>
+ <refentrytitle>faillog</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry> before.
+ </para>
+ <programlisting>
+auth required pam_securetty.so
+auth required pam_tally.so per_user
+auth required pam_env.so
+auth required pam_unix.so
+auth required pam_nologin.so
+account required pam_unix.so
+password required pam_unix.so
+session required pam_limits.so
+session required pam_unix.so
+session required pam_lastlog.so nowtmp
+session optional pam_mail.so standard
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id="pam_tally-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/var/log/faillog</filename></term>
+ <listitem>
+ <para>failure logging file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_tally-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>faillog</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_tally-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_tally was written by Tim Baverstock and Tomas Mraz.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_tally/pam_tally.c b/Linux-PAM/modules/pam_tally/pam_tally.c
index 1e48662e..66fc5f35 100644
--- a/Linux-PAM/modules/pam_tally/pam_tally.c
+++ b/Linux-PAM/modules/pam_tally/pam_tally.c
@@ -1,7 +1,6 @@
/*
* pam_tally.c
- *
- * $Id: pam_tally.c,v 1.15 2005/01/24 14:04:17 t8m Exp $
+ *
*/
@@ -11,14 +10,11 @@
* Stuff stolen from pam_rootok and pam_listfile
*
* Changes by Tomas Mraz <tmraz@redhat.com> 5 January 2005
- * Audit option added for Tomas patch by Sebastien Tricaud <toady@gscore.org> 13 January 2005
+ * Audit option added for Tomas patch by
+ * Sebastien Tricaud <toady@gscore.org> 13 January 2005
*/
-#include <security/_pam_aconf.h>
-
-#if defined(MAIN) && defined(MEMORY_DEBUG)
-# undef exit
-#endif /* defined(MAIN) && defined(MEMORY_DEBUG) */
+#include "config.h"
#include <stdio.h>
#include <string.h>
@@ -34,11 +30,6 @@
#include <sys/param.h>
#include "faillog.h"
-#ifndef TRUE
-#define TRUE 1L
-#define FALSE 0L
-#endif
-
/*
* here, we make a definition for the externally accessible function
* in this file (this definition is required for static a module
@@ -52,7 +43,17 @@
/* #define PAM_SM_PASSWORD */
#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
+
+#ifndef TRUE
+#define TRUE 1L
+#define FALSE 0L
+#endif
+
+#ifndef HAVE_FSEEKO
+#define fseeko fseek
+#endif
/*---------------------------------------------------------------------*/
@@ -63,8 +64,6 @@
#define TALLY_FMT "%hu"
#define TALLY_HI ((tally_t)~0L)
-#define UID_FMT "%hu"
-
#ifndef FILENAME_MAX
# define FILENAME_MAX MAXPATHLEN
#endif
@@ -102,48 +101,51 @@ struct tally_options {
/* some syslogging */
-static void _pam_log(int err, const char *format, ...)
+#ifdef MAIN
+#define pam_syslog tally_log
+static void
+tally_log (const pam_handle_t *pamh UNUSED, int priority UNUSED,
+ const char *fmt, ...)
{
- va_list args;
- va_start(args, format);
+ va_list args;
-#ifdef MAIN
- vfprintf(stderr,format,args);
- fprintf(stderr,"\n");
-#else
- openlog(MODULE_NAME, LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- closelog();
-#endif
- va_end(args);
+ va_start(args, fmt);
+ fprintf(stderr, "%s: ", MODULE_NAME);
+ vfprintf(stderr, fmt, args);
+ fprintf(stderr,"\n");
+ va_end(args);
}
+#endif
/*---------------------------------------------------------------------*/
/* --- Support function: parse arguments --- */
-static void log_phase_no_auth( int phase, const char *argv )
+#ifndef MAIN
+
+static void
+log_phase_no_auth(pam_handle_t *pamh, int phase, const char *argv)
{
if ( phase != PHASE_AUTH ) {
- _pam_log(LOG_ERR,
- MODULE_NAME ": option %s allowed in auth phase only", argv);
+ pam_syslog(pamh, LOG_ERR,
+ "option %s allowed in auth phase only", argv);
}
}
-static int tally_parse_args( struct tally_options *opts, int phase,
- int argc, const char **argv )
+static int
+tally_parse_args(pam_handle_t *pamh, struct tally_options *opts,
+ int phase, int argc, const char **argv)
{
memset(opts, 0, sizeof(*opts));
opts->filename = DEFAULT_LOGFILE;
-
+
for ( ; argc-- > 0; ++argv ) {
if ( ! strncmp( *argv, "file=", 5 ) ) {
const char *from = *argv + 5;
if ( *from!='/' || strlen(from)>FILENAME_MAX-1 ) {
- _pam_log(LOG_ERR,
- MODULE_NAME ": filename not /rooted or too long; ",
- *argv);
+ pam_syslog(pamh, LOG_ERR,
+ "filename not /rooted or too long; %s", *argv);
return PAM_AUTH_ERR;
}
opts->filename = from;
@@ -158,38 +160,38 @@ static int tally_parse_args( struct tally_options *opts, int phase,
opts->ctrl |= OPT_MAGIC_ROOT;
}
else if ( ! strcmp( *argv, "even_deny_root_account" ) ) {
- log_phase_no_auth(phase, *argv);
+ log_phase_no_auth(pamh, phase, *argv);
opts->ctrl |= OPT_DENY_ROOT;
}
else if ( ! strncmp( *argv, "deny=", 5 ) ) {
- log_phase_no_auth(phase, *argv);
+ log_phase_no_auth(pamh, phase, *argv);
if ( sscanf((*argv)+5,TALLY_FMT,&opts->deny) != 1 ) {
- _pam_log(LOG_ERR,"bad number supplied; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "bad number supplied: %s", *argv);
return PAM_AUTH_ERR;
}
}
else if ( ! strncmp( *argv, "lock_time=", 10 ) ) {
- log_phase_no_auth(phase, *argv);
+ log_phase_no_auth(pamh, phase, *argv);
if ( sscanf((*argv)+10,"%ld",&opts->lock_time) != 1 ) {
- _pam_log(LOG_ERR,"bad number supplied; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "bad number supplied: %s", *argv);
return PAM_AUTH_ERR;
}
}
else if ( ! strncmp( *argv, "unlock_time=", 12 ) ) {
- log_phase_no_auth(phase, *argv);
+ log_phase_no_auth(pamh, phase, *argv);
if ( sscanf((*argv)+12,"%ld",&opts->unlock_time) != 1 ) {
- _pam_log(LOG_ERR,"bad number supplied; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "bad number supplied: %s", *argv);
return PAM_AUTH_ERR;
}
}
else if ( ! strcmp( *argv, "per_user" ) )
{
- log_phase_no_auth(phase, *argv);
+ log_phase_no_auth(pamh, phase, *argv);
opts->ctrl |= OPT_PER_USER;
}
else if ( ! strcmp( *argv, "no_lock_time") )
{
- log_phase_no_auth(phase, *argv);
+ log_phase_no_auth(pamh, phase, *argv);
opts->ctrl |= OPT_NO_LOCK_TIME;
}
else if ( ! strcmp( *argv, "no_reset" ) ) {
@@ -199,13 +201,15 @@ static int tally_parse_args( struct tally_options *opts, int phase,
opts->ctrl |= OPT_AUDIT;
}
else {
- _pam_log(LOG_ERR, MODULE_NAME ": unknown option; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
return PAM_SUCCESS;
}
+#endif /* #ifndef MAIN */
+
/*---------------------------------------------------------------------*/
/* --- Support function: get uid (and optionally username) from PAM or
@@ -215,69 +219,81 @@ static int tally_parse_args( struct tally_options *opts, int phase,
static char *cline_user=0; /* cline_user is used in the administration prog */
#endif
-static int pam_get_uid( pam_handle_t *pamh, uid_t *uid, const char **userp, struct tally_options *opts)
- {
+static int
+pam_get_uid(pam_handle_t *pamh, uid_t *uid, const char **userp, struct tally_options *opts)
+{
const char *user = NULL;
struct passwd *pw;
#ifdef MAIN
user = cline_user;
#else
- pam_get_user( pamh, &user, NULL );
+ if ((pam_get_user( pamh, &user, NULL )) != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_ERR, "pam_get_user; user?");
+ return PAM_AUTH_ERR;
+ }
#endif
if ( !user || !*user ) {
- _pam_log(LOG_ERR, MODULE_NAME ": pam_get_uid; user?");
+ pam_syslog(pamh, LOG_ERR, "pam_get_uid; user?");
return PAM_AUTH_ERR;
}
- if ( ! ( pw = _pammodutil_getpwnam( pamh, user ) ) ) {
- opts->ctrl & OPT_AUDIT ?
- _pam_log(LOG_ERR,MODULE_NAME ": pam_get_uid; no such user %s",user) :
- _pam_log(LOG_ERR,MODULE_NAME ": pam_get_uid; no such user");
+ if ( ! ( pw = pam_modutil_getpwnam( pamh, user ) ) ) {
+ opts->ctrl & OPT_AUDIT ?
+ pam_syslog(pamh, LOG_ERR, "pam_get_uid; no such user %s", user) :
+ pam_syslog(pamh, LOG_ERR, "pam_get_uid; no such user");
return PAM_USER_UNKNOWN;
}
-
+
if ( uid ) *uid = pw->pw_uid;
if ( userp ) *userp = user;
return PAM_SUCCESS;
- }
+}
/*---------------------------------------------------------------------*/
/* --- Support functions: set/get tally data --- */
-static void _cleanup( pam_handle_t *pamh, void *data, int error_status )
- {
+#ifndef MAIN
+
+static void
+_cleanup(pam_handle_t *pamh UNUSED, void *data, int error_status UNUSED)
+{
free(data);
- }
+}
+
-static void tally_set_data( pam_handle_t *pamh, time_t oldtime )
- {
+static void
+tally_set_data( pam_handle_t *pamh, time_t oldtime )
+{
time_t *data;
-
+
if ( (data=malloc(sizeof(time_t))) != NULL ) {
- *data = oldtime;
+ *data = oldtime;
pam_set_data(pamh, MODULE_NAME, (void *)data, _cleanup);
}
- }
+}
-static int tally_get_data( pam_handle_t *pamh, time_t *oldtime )
- {
+static int
+tally_get_data( pam_handle_t *pamh, time_t *oldtime )
+{
int rv;
const void *data;
rv = pam_get_data(pamh, MODULE_NAME, &data);
- if ( rv == PAM_SUCCESS && oldtime != NULL ) {
+ if ( rv == PAM_SUCCESS && data != NULL && oldtime != NULL ) {
*oldtime = *(const time_t *)data;
pam_set_data(pamh, MODULE_NAME, NULL, NULL);
}
else {
rv = -1;
- *oldtime = 0;
+ if (oldtime)
+ *oldtime = 0;
}
return rv;
- }
+}
+#endif /* #ifndef MAIN */
/*---------------------------------------------------------------------*/
@@ -286,12 +302,10 @@ static int tally_get_data( pam_handle_t *pamh, time_t *oldtime )
/* If on entry *tally==TALLY_HI, tallyfile is opened READONLY */
/* Otherwise, if on entry tallyfile doesn't exist, creation is attempted. */
-static int get_tally( tally_t *tally,
- uid_t uid,
- const char *filename,
- FILE **TALLY,
- struct fail_s *fsp)
- {
+static int
+get_tally(pam_handle_t *pamh, tally_t *tally, uid_t uid,
+ const char *filename, FILE **TALLY, struct fail_s *fsp)
+{
struct stat fileinfo;
int lstat_ret = lstat(filename,&fileinfo);
@@ -301,7 +315,7 @@ static int get_tally( tally_t *tally,
/* Create file, or append-open in pathological case. */
umask(oldmask);
if ( !*TALLY ) {
- _pam_log(LOG_ALERT, "Couldn't create %s",filename);
+ pam_syslog(pamh, LOG_ALERT, "Couldn't create %s", filename);
return PAM_AUTH_ERR;
}
lstat_ret = fstat(fileno(*TALLY),&fileinfo);
@@ -309,21 +323,21 @@ static int get_tally( tally_t *tally,
}
if ( lstat_ret ) {
- _pam_log(LOG_ALERT, "Couldn't stat %s",filename);
+ pam_syslog(pamh, LOG_ALERT, "Couldn't stat %s", filename);
return PAM_AUTH_ERR;
}
if((fileinfo.st_mode & S_IWOTH) || !S_ISREG(fileinfo.st_mode)) {
/* If the file is world writable or is not a
normal file, return error */
- _pam_log(LOG_ALERT,
+ pam_syslog(pamh, LOG_ALERT,
"%s is either world writable or not a normal file",
filename);
return PAM_AUTH_ERR;
}
if ( ! ( *TALLY = fopen(filename,(*tally!=TALLY_HI)?"r+":"r") ) ) {
- _pam_log(LOG_ALERT, "Error opening %s for update", filename);
+ pam_syslog(pamh, LOG_ALERT, "Error opening %s for update", filename);
/* Discovering why account service fails: e/uid are target user.
*
@@ -333,12 +347,12 @@ static int get_tally( tally_t *tally,
return PAM_AUTH_ERR;
}
- if ( fseek( *TALLY, uid * sizeof(struct faillog), SEEK_SET ) ) {
- _pam_log(LOG_ALERT, "fseek failed %s", filename);
+ if ( fseeko( *TALLY, (off_t) uid * sizeof(struct faillog), SEEK_SET ) ) {
+ pam_syslog(pamh, LOG_ALERT, "fseek failed for %s", filename);
fclose(*TALLY);
return PAM_AUTH_ERR;
}
-
+
if ( fileinfo.st_size <= uid * sizeof(struct faillog) ) {
memset(fsp, 0, sizeof(struct faillog));
@@ -355,41 +369,41 @@ static int get_tally( tally_t *tally,
*tally = fsp->fs_faillog.fail_cnt;
}
-
+
return PAM_SUCCESS;
- }
+}
/*---------------------------------------------------------------------*/
/* --- Support function: update and close tallyfile with tally!=TALLY_HI --- */
-static int set_tally( tally_t tally,
- uid_t uid,
- const char *filename,
- FILE **TALLY,
- struct fail_s *fsp)
- {
- if ( tally!=TALLY_HI )
- {
- if ( fseek( *TALLY, uid * sizeof(struct faillog), SEEK_SET ) ) {
- _pam_log(LOG_ALERT, "fseek failed %s", filename);
- return PAM_AUTH_ERR;
- }
- fsp->fs_faillog.fail_cnt = tally;
- if (fwrite((char *) &fsp->fs_faillog,
+static int
+set_tally(pam_handle_t *pamh, tally_t tally, uid_t uid,
+ const char *filename, FILE **TALLY, struct fail_s *fsp)
+{
+ int retval = PAM_SUCCESS;
+
+ if ( tally!=TALLY_HI ) {
+ if ( fseeko( *TALLY, (off_t) uid * sizeof(struct faillog), SEEK_SET ) ) {
+ pam_syslog(pamh, LOG_ALERT, "fseek failed for %s", filename);
+ retval = PAM_AUTH_ERR;
+ } else {
+ fsp->fs_faillog.fail_cnt = tally;
+ if (fwrite((char *) &fsp->fs_faillog,
sizeof(struct faillog), 1, *TALLY)==0 ) {
- _pam_log(LOG_ALERT, "tally update (fwrite) failed.", filename);
- return PAM_AUTH_ERR;
+ pam_syslog(pamh, LOG_ALERT, "update (fwrite) failed for %s", filename);
+ retval = PAM_AUTH_ERR;
}
}
-
+ }
+
if ( fclose(*TALLY) ) {
- _pam_log(LOG_ALERT, "tally update (fclose) failed.", filename);
+ pam_syslog(pamh, LOG_ALERT, "update (fclose) failed for %s", filename);
return PAM_AUTH_ERR;
}
*TALLY=NULL;
- return PAM_SUCCESS;
- }
+ return retval;
+}
/*---------------------------------------------------------------------*/
@@ -397,32 +411,29 @@ static int set_tally( tally_t tally,
#ifndef MAIN
-#define PAM_FUNCTION(name) \
- PAM_EXTERN int name (pam_handle_t *pamh,int flags,int argc,const char **argv)
-
#define RETURN_ERROR(i) return ((opts->ctrl & OPT_FAIL_ON_ERROR)?(i):(PAM_SUCCESS))
/*---------------------------------------------------------------------*/
/* --- tally bump function: bump tally for uid by (signed) inc --- */
-static int tally_bump (int inc, time_t *oldtime,
- pam_handle_t *pamh,
- uid_t uid,
- const char *user,
- struct tally_options *opts) {
+static int
+tally_bump (int inc, time_t *oldtime, pam_handle_t *pamh,
+ uid_t uid, const char *user, struct tally_options *opts)
+{
tally_t
tally = 0; /* !TALLY_HI --> Log opened for update */
FILE
*TALLY = NULL;
- const char
+ const void
*remote_host = NULL,
*cur_tty = NULL;
struct fail_s fs, *fsp = &fs;
int i;
- i=get_tally( &tally, uid, opts->filename, &TALLY, fsp );
+ i=get_tally(pamh, &tally, uid, opts->filename, &TALLY, fsp);
+ if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
/* to remember old fail time (for locktime) */
fsp->fs_fail_time = fsp->fs_faillog.fail_time;
@@ -436,10 +447,10 @@ static int tally_bump (int inc, time_t *oldtime,
fsp->fs_faillog.fail_time = *oldtime;
}
}
- (void) pam_get_item(pamh, PAM_RHOST, (const void **)&remote_host);
+ (void) pam_get_item(pamh, PAM_RHOST, &remote_host);
if (!remote_host) {
- (void) pam_get_item(pamh, PAM_TTY, (const void **)&cur_tty);
+ (void) pam_get_item(pamh, PAM_TTY, &cur_tty);
if (!cur_tty) {
strncpy(fsp->fs_faillog.fail_line, "unknown",
sizeof(fsp->fs_faillog.fail_line) - 1);
@@ -455,30 +466,28 @@ static int tally_bump (int inc, time_t *oldtime,
(size_t)sizeof(fsp->fs_faillog.fail_line));
fsp->fs_faillog.fail_line[sizeof(fsp->fs_faillog.fail_line)-1] = 0;
}
- if ( i != PAM_SUCCESS ) { if (TALLY) fclose(TALLY); RETURN_ERROR( i ); }
-
+
if ( !(opts->ctrl & OPT_MAGIC_ROOT) || getuid() ) { /* magic_root doesn't change tally */
tally+=inc;
-
+
if ( tally==TALLY_HI ) { /* Overflow *and* underflow. :) */
tally-=inc;
- _pam_log(LOG_ALERT,"Tally %sflowed for user %s",
+ pam_syslog(pamh, LOG_ALERT, "Tally %sflowed for user %s",
(inc<0)?"under":"over",user);
}
}
-
- i=set_tally( tally, uid, opts->filename, &TALLY, fsp );
- if ( i != PAM_SUCCESS ) { if (TALLY) fclose(TALLY); RETURN_ERROR( i ); }
+
+ i=set_tally(pamh, tally, uid, opts->filename, &TALLY, fsp );
+ if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
return PAM_SUCCESS;
-}
+}
-static int tally_check (time_t oldtime,
- pam_handle_t *pamh,
- uid_t uid,
- const char *user,
- struct tally_options *opts) {
+static int
+tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
+ const char *user, struct tally_options *opts)
+{
tally_t
deny = opts->deny;
tally_t
@@ -489,17 +498,16 @@ static int tally_check (time_t oldtime,
struct fail_s fs, *fsp = &fs;
FILE *TALLY=0;
int i;
-
- i=get_tally( &tally, uid, opts->filename, &TALLY, fsp );
- if (TALLY) fclose(TALLY);
+
+ i=get_tally(pamh, &tally, uid, opts->filename, &TALLY, fsp);
if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
-
+
if ( !(opts->ctrl & OPT_MAGIC_ROOT) || getuid() ) { /* magic_root skips tally check */
-
+
/* To deny or not to deny; that is the question */
-
+
/* if there's .fail_max entry and per_user=TRUE then deny=.fail_max */
-
+
if ( (fsp->fs_faillog.fail_max) && (opts->ctrl & OPT_PER_USER) ) {
deny = fsp->fs_faillog.fail_max;
}
@@ -510,11 +518,11 @@ static int tally_check (time_t oldtime,
&& !(opts->ctrl & OPT_NO_LOCK_TIME) )
{
if ( lock_time + oldtime > time(NULL) )
- {
- _pam_log(LOG_NOTICE,
- "user %s ("UID_FMT") has time limit [%lds left]"
+ {
+ pam_syslog(pamh, LOG_NOTICE,
+ "user %s (%lu) has time limit [%lds left]"
" since last failure.",
- user,uid,
+ user, (unsigned long int) uid,
oldtime+lock_time
-time(NULL));
return PAM_AUTH_ERR;
@@ -532,19 +540,19 @@ static int tally_check (time_t oldtime,
( tally > deny ) && /* tally>deny means exceeded */
( ((opts->ctrl & OPT_DENY_ROOT) || uid) ) /* even_deny stops uid check */
) {
- _pam_log(LOG_NOTICE,"user %s ("UID_FMT") tally "TALLY_FMT", deny "TALLY_FMT,
- user, uid, tally, deny);
+ pam_syslog(pamh, LOG_NOTICE,
+ "user %s (%lu) tally "TALLY_FMT", deny "TALLY_FMT,
+ user, (unsigned long int) uid, tally, deny);
return PAM_AUTH_ERR; /* Only unconditional failure */
}
}
-
+
return PAM_SUCCESS;
}
-static int tally_reset (pam_handle_t *pamh,
- uid_t uid,
- const char *user,
- struct tally_options *opts) {
+static int
+tally_reset (pam_handle_t *pamh, uid_t uid, struct tally_options *opts)
+{
tally_t
tally = 0; /* !TALLY_HI --> Log opened for update */
@@ -552,25 +560,25 @@ static int tally_reset (pam_handle_t *pamh,
FILE *TALLY=0;
int i;
- i=get_tally( &tally, uid, opts->filename, &TALLY, fsp );
- if ( i != PAM_SUCCESS ) { if (TALLY) fclose(TALLY); RETURN_ERROR( i ); }
-
+ i=get_tally(pamh, &tally, uid, opts->filename, &TALLY, fsp);
+ if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
+
/* resets if not magic root
*/
-
- if ( (!(opts->ctrl & OPT_MAGIC_ROOT) || getuid())
- && !(opts->ctrl & OPT_NO_RESET) )
+
+ if ( (!(opts->ctrl & OPT_MAGIC_ROOT) || getuid())
+ && !(opts->ctrl & OPT_NO_RESET) )
{ tally=0; }
-
+
if (tally == 0)
{
fsp->fs_faillog.fail_time = (time_t) 0;
- strcpy(fsp->fs_faillog.fail_line, "");
+ strcpy(fsp->fs_faillog.fail_line, "");
}
- i=set_tally( tally, uid, opts->filename, &TALLY, fsp );
- if ( i != PAM_SUCCESS ) { if (TALLY) fclose(TALLY); RETURN_ERROR( i ); }
-
+ i=set_tally(pamh, tally, uid, opts->filename, &TALLY, fsp);
+ if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
+
return PAM_SUCCESS;
}
@@ -580,61 +588,67 @@ static int tally_reset (pam_handle_t *pamh,
#ifdef PAM_SM_AUTH
-PAM_FUNCTION( pam_sm_authenticate ) {
+PAM_EXTERN int
+pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
int
rvcheck, rvbump;
time_t
oldtime = 0;
- struct tally_options
+ struct tally_options
options, *opts = &options;
- uid_t
+ uid_t
uid;
const char
*user;
-
- rvcheck = tally_parse_args(opts, PHASE_AUTH, argc, argv);
+
+ rvcheck = tally_parse_args(pamh, opts, PHASE_AUTH, argc, argv);
if ( rvcheck != PAM_SUCCESS )
RETURN_ERROR( rvcheck );
-
+
rvcheck = pam_get_uid(pamh, &uid, &user, opts);
if ( rvcheck != PAM_SUCCESS )
RETURN_ERROR( rvcheck );
-
+
rvbump = tally_bump(1, &oldtime, pamh, uid, user, opts);
rvcheck = tally_check(oldtime, pamh, uid, user, opts);
-
+
tally_set_data(pamh, oldtime);
-
+
return rvcheck != PAM_SUCCESS ? rvcheck : rvbump;
}
-PAM_FUNCTION( pam_sm_setcred ) {
+PAM_EXTERN int
+pam_sm_setcred(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
int
rv;
time_t
oldtime = 0;
- struct tally_options
+ struct tally_options
options, *opts = &options;
- uid_t
+ uid_t
uid;
const char
*user;
-
- rv = tally_parse_args(opts, PHASE_AUTH, argc, argv);
+
+ rv = tally_parse_args(pamh, opts, PHASE_AUTH, argc, argv);
if ( rv != PAM_SUCCESS )
RETURN_ERROR( rv );
rv = pam_get_uid(pamh, &uid, &user, opts);
if ( rv != PAM_SUCCESS )
RETURN_ERROR( rv );
-
+
if ( tally_get_data(pamh, &oldtime) != 0 )
/* no data found */
return PAM_SUCCESS;
-
+
if ( (rv=tally_bump(-1, &oldtime, pamh, uid, user, opts)) != PAM_SUCCESS )
return rv;
- return tally_reset(pamh, uid, user, opts);
+ return tally_reset(pamh, uid, opts);
}
#endif
@@ -647,19 +661,22 @@ PAM_FUNCTION( pam_sm_setcred ) {
/* To reset failcount of user on successfull login */
-PAM_FUNCTION( pam_sm_acct_mgmt ) {
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
int
rv;
time_t
oldtime = 0;
- struct tally_options
+ struct tally_options
options, *opts = &options;
- uid_t
+ uid_t
uid;
const char
*user;
-
- rv = tally_parse_args(opts, PHASE_ACCOUNT, argc, argv);
+
+ rv = tally_parse_args(pamh, opts, PHASE_ACCOUNT, argc, argv);
if ( rv != PAM_SUCCESS )
RETURN_ERROR( rv );
@@ -670,11 +687,11 @@ PAM_FUNCTION( pam_sm_acct_mgmt ) {
if ( tally_get_data(pamh, &oldtime) != 0 )
/* no data found */
return PAM_SUCCESS;
-
+
if ( (rv=tally_bump(-1, &oldtime, pamh, uid, user, opts)) != PAM_SUCCESS )
return rv;
- return tally_reset(pamh, uid, user, opts);
-}
+ return tally_reset(pamh, uid, opts);
+}
#endif /* #ifdef PAM_SM_ACCOUNT */
@@ -717,16 +734,20 @@ static int cline_quiet = 0;
* Not going to link with pamlib just for these.. :)
*/
-static const char * pam_errors( int i ) {
+static const char *
+pam_errors( int i )
+{
switch (i) {
- case PAM_AUTH_ERR: return "Authentication error";
- case PAM_SERVICE_ERR: return "Service error";
- case PAM_USER_UNKNOWN: return "Unknown user";
- default: return "Unknown error";
+ case PAM_AUTH_ERR: return _("Authentication error");
+ case PAM_SERVICE_ERR: return _("Service error");
+ case PAM_USER_UNKNOWN: return _("Unknown user");
+ default: return _("Unknown error");
}
}
-static int getopts( int argc, char **argv ) {
+static int
+getopts( char **argv )
+{
const char *pname = *argv;
for ( ; *argv ; (void)(*argv && ++argv) ) {
if ( !strcmp (*argv,"--file") ) cline_filename=*++argv;
@@ -736,31 +757,31 @@ static int getopts( int argc, char **argv ) {
else if ( !strcmp (*argv,"--reset") ) cline_reset=0;
else if ( !strncmp(*argv,"--reset=",8)) {
if ( sscanf(*argv+8,TALLY_FMT,&cline_reset) != 1 )
- fprintf(stderr,"%s: Bad number given to --reset=\n",pname), exit(0);
+ fprintf(stderr,_("%s: Bad number given to --reset=\n"),pname), exit(0);
}
else if ( !strcmp (*argv,"--quiet") ) cline_quiet=1;
else {
- fprintf(stderr,"%s: Unrecognised option %s\n",pname,*argv);
+ fprintf(stderr,_("%s: Unrecognised option %s\n"),pname,*argv);
return FALSE;
}
}
return TRUE;
}
-int main ( int argc, char **argv ) {
-
+int main ( int argc UNUSED, char **argv )
+{
struct fail_s fs, *fsp = &fs;
- if ( ! getopts( argc, argv+1 ) ) {
- printf("%s: [--file rooted-filename] [--user username] "
- "[--reset[=n]] [--quiet]\n",
+ if ( ! getopts( argv+1 ) ) {
+ printf(_("%s: [--file rooted-filename] [--user username] "
+ "[--reset[=n]] [--quiet]\n"),
*argv);
exit(0);
}
umask(077);
- /*
+ /*
* Major difference between individual user and all users:
* --user just handles one user, just like PAM.
* --user=* handles all users, sniffing cline_filename for nonzeros
@@ -772,29 +793,28 @@ int main ( int argc, char **argv ) {
FILE *TALLY=0;
struct tally_options opts;
int i;
-
+
memset(&opts, 0, sizeof(opts));
opts.ctrl = OPT_AUDIT;
- i=pam_get_uid( NULL, &uid, NULL, &opts);
- if ( i != PAM_SUCCESS ) {
+ i=pam_get_uid(NULL, &uid, NULL, &opts);
+ if ( i != PAM_SUCCESS ) {
fprintf(stderr,"%s: %s\n",*argv,pam_errors(i));
exit(0);
}
-
- i=get_tally( &tally, uid, cline_filename, &TALLY, fsp );
- if ( i != PAM_SUCCESS ) {
- if (TALLY) fclose(TALLY);
+
+ i=get_tally(NULL, &tally, uid, cline_filename, &TALLY, fsp);
+ if ( i != PAM_SUCCESS ) {
fprintf(stderr,"%s: %s\n",*argv,pam_errors(i));
exit(0);
}
-
- if ( !cline_quiet )
- printf("User %s\t("UID_FMT")\t%s "TALLY_FMT"\n",cline_user,uid,
+
+ if ( !cline_quiet )
+ printf("User %s\t(%lu)\t%s "TALLY_FMT"\n",cline_user,
+ (unsigned long int) uid,
(cline_reset!=TALLY_HI)?"had":"has",tally);
-
- i=set_tally( cline_reset, uid, cline_filename, &TALLY, fsp );
- if ( i != PAM_SUCCESS ) {
- if (TALLY) fclose(TALLY);
+
+ i=set_tally(NULL, cline_reset, uid, cline_filename, &TALLY, fsp);
+ if ( i != PAM_SUCCESS ) {
fprintf(stderr,"%s: %s\n",*argv,pam_errors(i));
exit(0);
}
@@ -803,7 +823,7 @@ int main ( int argc, char **argv ) {
FILE *TALLY=fopen(cline_filename, "r");
uid_t uid=0;
if ( !TALLY ) perror(*argv), exit(0);
-
+
for ( ; !feof(TALLY); uid++ ) {
tally_t tally;
struct passwd *pw;
@@ -812,20 +832,22 @@ int main ( int argc, char **argv ) {
|| ! fsp->fs_faillog.fail_cnt ) {
continue;
}
- tally = fsp->fs_faillog.fail_cnt;
-
+ tally = fsp->fs_faillog.fail_cnt;
+
if ( ( pw=getpwuid(uid) ) ) {
- printf("User %s\t("UID_FMT")\t%s "TALLY_FMT"\n",pw->pw_name,uid,
+ printf("User %s\t(%lu)\t%s "TALLY_FMT"\n",pw->pw_name,
+ (unsigned long int) uid,
(cline_reset!=TALLY_HI)?"had":"has",tally);
}
else {
- printf("User [NONAME]\t("UID_FMT")\t%s "TALLY_FMT"\n",uid,
+ printf("User [NONAME]\t(%lu)\t%s "TALLY_FMT"\n",
+ (unsigned long int) uid,
(cline_reset!=TALLY_HI)?"had":"has",tally);
}
}
fclose(TALLY);
if ( cline_reset!=0 && cline_reset!=TALLY_HI ) {
- fprintf(stderr,"%s: Can't reset all users to non-zero\n",*argv);
+ fprintf(stderr,_("%s: Can't reset all users to non-zero\n"),*argv);
}
else if ( !cline_reset ) {
TALLY=fopen(cline_filename, "w");
@@ -837,4 +859,4 @@ int main ( int argc, char **argv ) {
}
-#endif
+#endif /* #ifndef MAIN */
diff --git a/Linux-PAM/modules/pam_tally/tst-pam_tally b/Linux-PAM/modules/pam_tally/tst-pam_tally
new file mode 100755
index 00000000..15291af6
--- /dev/null
+++ b/Linux-PAM/modules/pam_tally/tst-pam_tally
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_tally.so
diff --git a/Linux-PAM/modules/pam_time/Makefile b/Linux-PAM/modules/pam_time/Makefile
deleted file mode 100644
index 4aa4e276..00000000
--- a/Linux-PAM/modules/pam_time/Makefile
+++ /dev/null
@@ -1,21 +0,0 @@
-# $Id: Makefile,v 1.2 2000/11/19 23:54:05 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-
-include ../../Make.Rules
-
-TITLE=pam_time
-LOCAL_CONFILE=./time.conf
-INSTALLED_CONFILE=$(SCONFIGD)/time.conf
-
-DEFS=-DDEFAULT_CONF_FILE=\"$(INSTALLED_CONFILE)\"
-CFLAGS += $(DEFS)
-
-MODULE_SIMPLE_INSTALL=bash -f ../install_conf "$(FAKEROOT)" "$(SCONFIGD)" "$(INSTALLED_CONFILE)" "$(TITLE)" "$(LOCAL_CONFILE)"
-MODULE_SIMPLE_REMOVE=rm -f $(FAKEROOT)$(INSTALLED_CONFILE)
-MODULE_SIMPLE_CLEAN=rm -f ./.ignore_age
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_time/Makefile.am b/Linux-PAM/modules/pam_time/Makefile.am
new file mode 100644
index 00000000..6c5ae3a2
--- /dev/null
+++ b/Linux-PAM/modules/pam_time/Makefile.am
@@ -0,0 +1,32 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) time.conf tst-pam_time
+
+man_MANS = time.conf.5 pam_time.8
+XMLS = README.xml time.conf.5.xml pam_time.8.xml
+
+TESTS = tst-pam_time
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DPAM_TIME_CONF=\"$(SCONFIGDIR)/time.conf\"
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_time.la
+secureconf_DATA = time.conf
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_time.8.xml time.conf.5.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
diff --git a/Linux-PAM/modules/pam_time/Makefile.in b/Linux-PAM/modules/pam_time/Makefile.in
new file mode 100644
index 00000000..9e3810bf
--- /dev/null
+++ b/Linux-PAM/modules/pam_time/Makefile.in
@@ -0,0 +1,736 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_time
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" \
+ "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_time_la_LIBADD =
+pam_time_la_SOURCES = pam_time.c
+pam_time_la_OBJECTS = pam_time.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_time.c
+DIST_SOURCES = pam_time.c
+man5dir = $(mandir)/man5
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+secureconfDATA_INSTALL = $(INSTALL_DATA)
+DATA = $(noinst_DATA) $(secureconf_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) time.conf tst-pam_time
+man_MANS = time.conf.5 pam_time.8
+XMLS = README.xml time.conf.5.xml pam_time.8.xml
+TESTS = tst-pam_time
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DPAM_TIME_CONF=\"$(SCONFIGDIR)/time.conf\"
+
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_time.la
+secureconf_DATA = time.conf
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_time/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_time/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_time.la: $(pam_time_la_OBJECTS) $(pam_time_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_time_la_OBJECTS) $(pam_time_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_time.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man5: $(man5_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)"
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+uninstall-man5:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.5*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 5*) ;; \
+ *) ext='5' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man5dir)/$$inst"; \
+ done
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+install-secureconfDATA: $(secureconf_DATA)
+ @$(NORMAL_INSTALL)
+ test -z "$(secureconfdir)" || $(MKDIR_P) "$(DESTDIR)$(secureconfdir)"
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f=$(am__strip_dir) \
+ echo " $(secureconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ $(secureconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+uninstall-secureconfDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(secureconf_DATA)'; for p in $$list; do \
+ f=$(am__strip_dir) \
+ echo " rm -f '$(DESTDIR)$(secureconfdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(secureconfdir)/$$f"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-secureconfDATA \
+ install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man5 install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-secureconfDATA \
+ uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man5 uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man5 install-man8 \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-secureconfDATA install-securelibLTLIBRARIES \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-man \
+ uninstall-man5 uninstall-man8 uninstall-secureconfDATA \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_time.8.xml time.conf.5.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_time/README b/Linux-PAM/modules/pam_time/README
index 0228b907..abafd936 100644
--- a/Linux-PAM/modules/pam_time/README
+++ b/Linux-PAM/modules/pam_time/README
@@ -1,30 +1,33 @@
-$Id: README,v 1.2 2000/12/04 19:02:35 baggins Exp $
+pam_time — PAM module for time control access
-This is a help file for the pam_time module. It explains the need for
-pam_time and also the syntax of the /etc/security/time.conf file.
-[a lot of the syntax is freely adapted from the porttime file of the
-shadow suite.]
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
-1. Introduction
-===============
+DESCRIPTION
-It is desirable to restrict access to a system and or specific
-applications at various times of the day and on specific days or over
-various terminal lines.
+The pam_time PAM module does not authenticate the user, but instead it
+restricts access to a system and or specific applications at various times of
+the day and on specific days or over various terminal lines. This module can be
+configured to deny access to (individual) users based on their name, the time
+of day, the day of week, the service they are applying for and their terminal
+from which they are making their request.
-The pam_time module is intended to offer a configurable module that
-satisfies this purpose, within the context of Linux-PAM.
+By default rules for time/port access are taken from config file /etc/security/
+time.conf.
-2. the /etc/security/time.conf file
-===================================
+EXAMPLES
-This file is the configuration script for defining time/port access
-control to the system/applications.
+These are some example lines which might be specified in /etc/security/
+time.conf.
-Its syntax is described in the sample ./time.conf provided in this
-directory.
+All users except for root are denied access to console-login at all times:
+
+login ; tty* & !ttyp* ; !root ; !Al0000-2400
+
+
+Games (configured to use PAM) are only to be accessed out of working hours.
+This rule does not apply to the user waster:
+
+
+games ; * ; !waster ; Wd0000-2400 | Wk1800-0800
-unrecognised rules are ignored (but an error is logged to syslog(3))
---------------------
-Bugs to Andrew <morgan@parc.power.net> or the list <pam-list@redhat.com>
diff --git a/Linux-PAM/modules/pam_time/README.xml b/Linux-PAM/modules/pam_time/README.xml
new file mode 100644
index 00000000..6c11eec1
--- /dev/null
+++ b/Linux-PAM/modules/pam_time/README.xml
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamtime SYSTEM "pam_time.8.xml">
+-->
+<!--
+<!ENTITY timeconf SYSTEM "time.conf.5.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_time.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_time-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_time.8.xml" xpointer='xpointer(//refsect1[@id = "pam_time-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="time.conf.5.xml" xpointer='xpointer(//refsect1[@id = "time.conf-examples"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_time/pam_time.8 b/Linux-PAM/modules/pam_time/pam_time.8
new file mode 100644
index 00000000..89506830
--- /dev/null
+++ b/Linux-PAM/modules/pam_time/pam_time.8
@@ -0,0 +1,72 @@
+.\" Title: pam_time
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/21/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_TIME" "8" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_time \- PAM module for time control access
+.SH "SYNOPSIS"
+.HP 12
+\fBpam_time.so\fR
+.SH "DESCRIPTION"
+.PP
+The pam_time PAM module does not authenticate the user, but instead it restricts access to a system and or specific applications at various times of the day and on specific days or over various terminal lines. This module can be configured to deny access to (individual) users based on their name, the time of day, the day of week, the service they are applying for and their terminal from which they are making their request.
+.PP
+By default rules for time/port access are taken from config file
+\fI/etc/security/time.conf\fR.
+.SH "OPTIONS"
+.PP
+This module does not recognice any options.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBaccount\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+Access was granted.
+.TP 3n
+PAM_ABORT
+Not all relevant data could be gotten.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_PERM_DENIED
+Access was not granted.
+.TP 3n
+PAM_USER_UNKNOWN
+The user is not known to the system.
+.SH "FILES"
+.TP 3n
+\fI/etc/security/time.conf\fR
+Default configuration file
+.SH "EXAMPLES"
+.sp
+.RS 3n
+.nf
+#%PAM\-1.0
+#
+# apply pam_time accounting to login requests
+#
+login account required pam_time.so
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBtime.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8).
+.SH "AUTHOR"
+.PP
+pam_time was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_time/pam_time.8.xml b/Linux-PAM/modules/pam_time/pam_time.8.xml
new file mode 100644
index 00000000..1ec7eb0e
--- /dev/null
+++ b/Linux-PAM/modules/pam_time/pam_time.8.xml
@@ -0,0 +1,148 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_time'>
+
+ <refmeta>
+ <refentrytitle>pam_time</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id='pam_time-name'>
+ <refname>pam_time</refname>
+ <refpurpose>
+ PAM module for time control access
+ </refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_time-cmdsynopsis">
+ <command>pam_time.so</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_time-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_time PAM module does not authenticate the user, but instead
+ it restricts access to a system and or specific applications at
+ various times of the day and on specific days or over various
+ terminal lines. This module can be configured to deny access to
+ (individual) users based on their name, the time of day, the day of
+ week, the service they are applying for and their terminal from which
+ they are making their request.
+ </para>
+ <para>
+ By default rules for time/port access are taken from config file
+ <filename>/etc/security/time.conf</filename>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_time-options">
+ <title>OPTIONS</title>
+ <para>This module does not recognice any options.</para>
+ </refsect1>
+
+ <refsect1 id="pam_time-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>account</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_time-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Access was granted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ Not all relevant data could be gotten.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ Access was not granted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ The user is not known to the system.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_time-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/security/time.conf</filename></term>
+ <listitem>
+ <para>Default configuration file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_time-examples'>
+ <title>EXAMPLES</title>
+ <programlisting>
+#%PAM-1.0
+#
+# apply pam_time accounting to login requests
+#
+login account required pam_time.so
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id="pam_time-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>time.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_time-authors">
+ <title>AUTHOR</title>
+ <para>
+ pam_time was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_time/pam_time.c b/Linux-PAM/modules/pam_time/pam_time.c
index c04180f2..43b716f0 100644
--- a/Linux-PAM/modules/pam_time/pam_time.c
+++ b/Linux-PAM/modules/pam_time/pam_time.c
@@ -1,19 +1,12 @@
/* pam_time module */
/*
- * $Id: pam_time.c,v 1.5 2004/09/22 09:37:50 kukuk Exp $
- *
* Written by Andrew Morgan <morgan@linux.kernel.org> 1996/6/22
* (File syntax and much other inspiration from the shadow package
* shadow-960129)
*/
-static const char rcsid[] =
-"$Id: pam_time.c,v 1.5 2004/09/22 09:37:50 kukuk Exp $;\n"
-"\t\tVersion 0.22 for Linux-PAM\n"
-"Copyright (C) Andrew G. Morgan 1996 <morgan@linux.kernel.org>\n";
-
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <sys/file.h>
#include <stdio.h>
@@ -27,23 +20,18 @@ static const char rcsid[] =
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
+#include <netdb.h>
-#ifdef DEFAULT_CONF_FILE
-# define PAM_TIME_CONF DEFAULT_CONF_FILE /* from external define */
-#else
-# define PAM_TIME_CONF "/etc/security/time.conf"
-#endif
#define PAM_TIME_BUFLEN 1000
#define FIELD_SEPARATOR ';' /* this is new as of .02 */
-#ifdef TRUE
-# undef TRUE
-#endif
-#ifdef FALSE
-# undef FALSE
+#ifndef TRUE
+# define TRUE 1
+#endif
+#ifndef FALSE
+# define FALSE 0
#endif
-typedef enum { FALSE, TRUE } boolean;
typedef enum { AND, OR } operator;
/*
@@ -57,21 +45,12 @@ typedef enum { AND, OR } operator;
#include <security/_pam_macros.h>
#include <security/pam_modules.h>
+#include <security/pam_ext.h>
/* --- static functions for checking whether the user should be let in --- */
-static void _log_err(const char *format, ... )
-{
- va_list args;
-
- va_start(args, format);
- openlog("pam_time", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(LOG_CRIT, format, args);
- va_end(args);
- closelog();
-}
-
-static void shift_bytes(char *mem, int from, int by)
+static void
+shift_bytes(char *mem, int from, int by)
{
while (by-- > 0) {
*mem = mem[from];
@@ -79,14 +58,15 @@ static void shift_bytes(char *mem, int from, int by)
}
}
-static int read_field(int fd, char **buf, int *from, int *to)
+static int
+read_field(pam_handle_t *pamh, int fd, char **buf, int *from, int *to)
{
/* is buf set ? */
if (! *buf) {
*buf = (char *) malloc(PAM_TIME_BUFLEN);
if (! *buf) {
- _log_err("out of memory");
+ pam_syslog(pamh, LOG_ERR, "out of memory");
D(("no memory"));
return -1;
}
@@ -97,7 +77,7 @@ static int read_field(int fd, char **buf, int *from, int *to)
/* do we have a file open ? return error */
if (fd < 0 && *to <= 0) {
- _log_err( PAM_TIME_CONF " not opened");
+ pam_syslog(pamh, LOG_ERR, "error opening %s: %m", PAM_TIME_CONF);
memset(*buf, 0, PAM_TIME_BUFLEN);
_pam_drop(*buf);
return -1;
@@ -126,7 +106,7 @@ static int read_field(int fd, char **buf, int *from, int *to)
i = read(fd, *to + *buf, PAM_TIME_BUFLEN - *to);
if (i < 0) {
- _log_err("error reading " PAM_TIME_CONF);
+ pam_syslog(pamh, LOG_ERR, "error reading %s: %m", PAM_TIME_CONF);
close(fd);
return -1;
} else if (!i) {
@@ -134,7 +114,7 @@ static int read_field(int fd, char **buf, int *from, int *to)
fd = -1; /* end of file reached */
} else
*to += i;
-
+
/*
* contract the buffer. Delete any comments, and replace all
* multiple spaces with single commas
@@ -165,8 +145,9 @@ static int read_field(int fd, char **buf, int *from, int *to)
*to -= j-i;
++i;
} else {
- _log_err("internal error in " __FILE__
- " at line %d", __LINE__ );
+ pam_syslog(pamh, LOG_CRIT,
+ "internal error in file %s at line %d",
+ __FILE__, __LINE__);
close(fd);
return -1;
}
@@ -229,13 +210,13 @@ static int read_field(int fd, char **buf, int *from, int *to)
/* read a member from a field */
-static int logic_member(const char *string, int *at)
+static int
+logic_member(const char *string, int *at)
{
- int len,c,to;
+ int c,to;
int done=0;
int token=0;
- len=0;
to=*at;
do {
c = string[to++];
@@ -258,7 +239,7 @@ static int logic_member(const char *string, int *at)
default:
if (isalpha(c) || c == '*' || isdigit(c) || c == '_'
- || c == '-' || c == '.' || c == '/') {
+ || c == '-' || c == '.' || c == '/' || c == ':') {
token = 1;
} else if (token) {
--to;
@@ -274,11 +255,12 @@ static int logic_member(const char *string, int *at)
typedef enum { VAL, OP } expect;
-static boolean logic_field(const void *me, const char *x, int rule,
- boolean (*agrees)(const void *, const char *
- , int, int))
+static int
+logic_field(pam_handle_t *pamh, const void *me, const char *x, int rule,
+ int (*agrees)(pam_handle_t *pamh,
+ const void *, const char *, int, int))
{
- boolean left=FALSE, right, not=FALSE;
+ int left=FALSE, right, not=FALSE;
operator oper=OR;
int at=0, l;
expect next=VAL;
@@ -289,15 +271,18 @@ static boolean logic_field(const void *me, const char *x, int rule,
if (next == VAL) {
if (c == '!')
not = !not;
- else if (isalpha(c) || c == '*') {
- right = not ^ agrees(me, x+at, l, rule);
+ else if (isalpha(c) || c == '*' || isdigit(c) || c == '_'
+ || c == '-' || c == '.' || c == '/' || c == ':') {
+ right = not ^ agrees(pamh, me, x+at, l, rule);
if (oper == AND)
left &= right;
else
left |= right;
next = OP;
} else {
- _log_err("garbled syntax; expected name (rule #%d)", rule);
+ pam_syslog(pamh, LOG_ERR,
+ "garbled syntax; expected name (rule #%d)",
+ rule);
return FALSE;
}
} else { /* OP */
@@ -309,8 +294,9 @@ static boolean logic_field(const void *me, const char *x, int rule,
oper = OR;
break;
default:
- _log_err("garbled syntax; expected & or | (rule #%d)"
- , rule);
+ pam_syslog(pamh, LOG_ERR,
+ "garbled syntax; expected & or | (rule #%d)",
+ rule);
D(("%c at %d",c,at));
return FALSE;
}
@@ -322,7 +308,9 @@ static boolean logic_field(const void *me, const char *x, int rule,
return left;
}
-static boolean is_same(const void *A, const char *b, int len, int rule)
+static int
+is_same(pam_handle_t *pamh UNUSED, const void *A, const char *b,
+ int len, int rule UNUSED)
{
int i;
const char *a;
@@ -344,10 +332,10 @@ typedef struct {
int minute; /* integer, hour*100+minute for now */
} TIME;
-struct day {
+static struct day {
const char *d;
int bit;
-} static const days[11] = {
+} const days[11] = {
{ "su", 01 },
{ "mo", 02 },
{ "tu", 04 },
@@ -361,7 +349,8 @@ struct day {
{ NULL, 0 }
};
-static TIME time_now(void)
+static TIME
+time_now(void)
{
struct tm *local;
time_t the_time;
@@ -377,9 +366,11 @@ static TIME time_now(void)
}
/* take the current date and see if the range "date" passes it */
-static boolean check_time(const void *AT, const char *times, int len, int rule)
+static int
+check_time(pam_handle_t *pamh, const void *AT, const char *times,
+ int len, int rule)
{
- boolean not,pass;
+ int not,pass;
int marked_day, time_start, time_end;
const TIME *at;
int i,j=0;
@@ -389,7 +380,9 @@ static boolean check_time(const void *AT, const char *times, int len, int rule)
if (times == NULL) {
/* this should not happen */
- _log_err("internal error: " __FILE__ " line %d", __LINE__);
+ pam_syslog(pamh, LOG_CRIT,
+ "internal error in file %s at line %d",
+ __FILE__, __LINE__);
return FALSE;
}
@@ -413,13 +406,13 @@ static boolean check_time(const void *AT, const char *times, int len, int rule)
}
j += 2;
if (this_day == -1) {
- _log_err("bad day specified (rule #%d)", rule);
+ pam_syslog(pamh, LOG_ERR, "bad day specified (rule #%d)", rule);
return FALSE;
}
marked_day ^= this_day;
}
if (marked_day == 0) {
- _log_err("no day specified");
+ pam_syslog(pamh, LOG_ERR, "no day specified");
return FALSE;
}
D(("day range = 0%o", marked_day));
@@ -443,7 +436,7 @@ static boolean check_time(const void *AT, const char *times, int len, int rule)
D(("i=%d, time_end=%d, times[j]='%c'", i, time_end, times[j]));
if (i != 5 || time_end == -1) {
- _log_err("no/bad times specified (rule #%d)", rule);
+ pam_syslog(pamh, LOG_ERR, "no/bad times specified (rule #%d)", rule);
return TRUE;
}
D(("times(%d to %d)", time_start,time_end));
@@ -476,8 +469,9 @@ static boolean check_time(const void *AT, const char *times, int len, int rule)
return (not ^ pass);
}
-static int check_account(const char *service
- , const char *tty, const char *user)
+static int
+check_account(pam_handle_t *pamh, const char *service,
+ const char *tty, const char *user)
{
int from=0,to=0,fd=-1;
char *buffer=NULL;
@@ -487,11 +481,11 @@ static int check_account(const char *service
here_and_now = time_now(); /* find current time */
do {
- boolean good=TRUE,intime;
+ int good=TRUE,intime;
/* here we get the service name field */
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh, fd, &buffer, &from, &to);
if (!buffer || !buffer[0]) {
/* empty line .. ? */
@@ -499,43 +493,51 @@ static int check_account(const char *service
}
++count;
- good = logic_field(service, buffer, count, is_same);
+ good = logic_field(pamh, service, buffer, count, is_same);
D(("with service: %s", good ? "passes":"fails" ));
/* here we get the terminal name field */
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh, fd, &buffer, &from, &to);
if (!buffer || !buffer[0]) {
- _log_err(PAM_TIME_CONF "; no tty entry #%d", count);
+ pam_syslog(pamh, LOG_ERR,
+ "%s: no tty entry #%d", PAM_TIME_CONF, count);
continue;
}
- good &= logic_field(tty, buffer, count, is_same);
+ good &= logic_field(pamh, tty, buffer, count, is_same);
D(("with tty: %s", good ? "passes":"fails" ));
/* here we get the username field */
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh, fd, &buffer, &from, &to);
if (!buffer || !buffer[0]) {
- _log_err(PAM_TIME_CONF "; no user entry #%d", count);
+ pam_syslog(pamh, LOG_ERR,
+ "%s: no user entry #%d", PAM_TIME_CONF, count);
continue;
}
- good &= logic_field(user, buffer, count, is_same);
+ /* If buffer starts with @, we are using netgroups */
+ if (buffer[0] == '@')
+ good &= innetgr (&buffer[1], NULL, user, NULL);
+ else
+ good &= logic_field(pamh, user, buffer, count, is_same);
D(("with user: %s", good ? "passes":"fails" ));
/* here we get the time field */
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh, fd, &buffer, &from, &to);
if (!buffer || !buffer[0]) {
- _log_err(PAM_TIME_CONF "; no time entry #%d", count);
+ pam_syslog(pamh, LOG_ERR,
+ "%s: no time entry #%d", PAM_TIME_CONF, count);
continue;
}
- intime = logic_field(&here_and_now, buffer, count, check_time);
+ intime = logic_field(pamh, &here_and_now, buffer, count, check_time);
D(("with time: %s", intime ? "passes":"fails" ));
- fd = read_field(fd,&buffer,&from,&to);
+ fd = read_field(pamh, fd, &buffer, &from, &to);
if (buffer && buffer[0]) {
- _log_err(PAM_TIME_CONF "; poorly terminated rule #%d", count);
+ pam_syslog(pamh, LOG_ERR,
+ "%s: poorly terminated rule #%d", PAM_TIME_CONF, count);
continue;
}
@@ -555,17 +557,19 @@ static int check_account(const char *service
/* --- public account management functions --- */
-PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
- const char *service=NULL, *tty=NULL;
+ const void *service=NULL, *void_tty=NULL;
+ const char *tty;
const char *user=NULL;
/* set service name */
- if (pam_get_item(pamh, PAM_SERVICE, (const void **)&service)
+ if (pam_get_item(pamh, PAM_SERVICE, &service)
!= PAM_SUCCESS || service == NULL) {
- _log_err("cannot find the current service name");
+ pam_syslog(pamh, LOG_ERR, "cannot find the current service name");
return PAM_ABORT;
}
@@ -573,28 +577,33 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc
if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL
|| *user == '\0') {
- _log_err("cannot determine the user's name");
+ pam_syslog(pamh, LOG_ERR, "can not get the username");
return PAM_USER_UNKNOWN;
}
/* set tty name */
- if (pam_get_item(pamh, PAM_TTY, (const void **)&tty) != PAM_SUCCESS
- || tty == NULL) {
+ if (pam_get_item(pamh, PAM_TTY, &void_tty) != PAM_SUCCESS
+ || void_tty == NULL) {
D(("PAM_TTY not set, probing stdin"));
tty = ttyname(STDIN_FILENO);
if (tty == NULL) {
- _log_err("couldn't get the tty name");
- return PAM_ABORT;
+ tty = "";
}
if (pam_set_item(pamh, PAM_TTY, tty) != PAM_SUCCESS) {
- _log_err("couldn't set tty name");
+ pam_syslog(pamh, LOG_ERR, "couldn't set tty name");
return PAM_ABORT;
}
}
-
- if (strncmp("/dev/",tty,5) == 0) { /* strip leading /dev/ */
- tty += 5;
+ else
+ tty = void_tty;
+
+ if (tty[0] == '/') { /* full path */
+ const char *t;
+ tty++;
+ if ((t = strchr(tty, '/')) != NULL) {
+ tty = t + 1;
+ }
}
/* good, now we have the service name, the user and the terminal name */
@@ -603,7 +612,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc
D(("user=%s", user));
D(("tty=%s", tty));
- return check_account(service,tty,user);
+ return check_account(pamh, service, tty, user);
}
/* end of module definition */
diff --git a/Linux-PAM/modules/pam_time/time.conf b/Linux-PAM/modules/pam_time/time.conf
index d2062fdb..c7b7989c 100644
--- a/Linux-PAM/modules/pam_time/time.conf
+++ b/Linux-PAM/modules/pam_time/time.conf
@@ -20,7 +20,8 @@
# is a logic list of terminal names that this rule applies to.
#
# users
-# is a logic list of users to whom this rule applies.
+# is a logic list of users or a netgroup of users to whom this
+# rule applies.
#
# NB. For these items the simple wildcard '*' may be used only once.
#
@@ -61,4 +62,4 @@
#
# End of example file.
-# \ No newline at end of file
+#
diff --git a/Linux-PAM/modules/pam_time/time.conf.5 b/Linux-PAM/modules/pam_time/time.conf.5
new file mode 100644
index 00000000..400344a6
--- /dev/null
+++ b/Linux-PAM/modules/pam_time/time.conf.5
@@ -0,0 +1,92 @@
+.\" Title: time.conf
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/21/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "TIME.CONF" "5" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+time.conf \- configuration file for the pam_time module
+.SH "DESCRIPTION"
+.PP
+The pam_time PAM module does not authenticate the user, but instead it restricts access to a system and or specific applications at various times of the day and on specific days or over various terminal lines. This module can be configured to deny access to (individual) users based on their name, the time of day, the day of week, the service they are applying for and their terminal from which they are making their request.
+.PP
+For this module to function correctly there must be a correctly formatted
+\fI/etc/security/time.conf\fR
+file present. White spaces are ignored and lines maybe extended with '\\' (escaped newlines). Text following a '#' is ignored to the end of the line.
+.PP
+The syntax of the lines is as follows:
+.PP
+
+\fIservices\fR;\fIttys\fR;\fIusers\fR;\fItimes\fR
+.PP
+In words, each rule occupies a line, terminated with a newline or the beginning of a comment; a '\fB#\fR'. It contains four fields separated with semicolons, '\fB;\fR'.
+.PP
+The first field, the
+\fIservices\fR
+field, is a logic list of PAM service names that the rule applies to.
+.PP
+The second field, the
+\fItty\fR
+field, is a logic list of terminal names that this rule applies to.
+.PP
+The third field, the
+\fIusers\fR
+field, is a logic list of users or a netgroup of users to whom this rule applies.
+.PP
+For these items the simple wildcard '*' may be used only once. With netgroups no wildcards or logic operators are allowed.
+.PP
+The
+\fItimes\fR
+field is used to indicate the times at which this rule applies. The format here is a logic list of day/time\-range entries. The days are specified by a sequence of two character entries, MoTuSa for example is Monday Tuesday and Saturday. Note that repeated days are unset MoMo = no day, and MoWk = all weekdays bar Monday. The two character combinations accepted are Mo Tu We Th Fr Sa Su Wk Wd Al, the last two being week\-end days and all 7 days of the week respectively. As a final example, AlFr means all days except Friday.
+.PP
+Each day/time\-range can be prefixed with a '!' to indicate "anything but". The time\-range part is two 24\-hour times HHMM, separated by a hyphen, indicating the start and finish time (if the finish time is smaller than the start time it is deemed to apply on the following day).
+.PP
+For a rule to be active, ALL of service+ttys+users must be satisfied by the applying process.
+.PP
+Note, currently there is no daemon enforcing the end of a session. This needs to be remedied.
+.PP
+Poorly formatted rules are logged as errors using
+\fBsyslog\fR(3).
+.SH "EXAMPLES"
+.PP
+These are some example lines which might be specified in
+\fI/etc/security/time.conf\fR.
+.PP
+All users except for
+\fIroot\fR
+are denied access to console\-login at all times:
+.sp
+.RS 3n
+.nf
+login ; tty* & !ttyp* ; !root ; !Al0000\-2400
+
+.fi
+.RE
+.sp
+.PP
+Games (configured to use PAM) are only to be accessed out of working hours. This rule does not apply to the user
+\fIwaster\fR:
+.sp
+.RS 3n
+.nf
+
+games ; * ; !waster ; Wd0000\-2400 | Wk1800\-0800
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam_time\fR(8),
+\fBpam.d\fR(5),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_time was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_time/time.conf.5.xml b/Linux-PAM/modules/pam_time/time.conf.5.xml
new file mode 100644
index 00000000..224fda34
--- /dev/null
+++ b/Linux-PAM/modules/pam_time/time.conf.5.xml
@@ -0,0 +1,143 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="time.conf">
+
+ <refmeta>
+ <refentrytitle>time.conf</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv>
+ <refname>time.conf</refname>
+ <refpurpose>configuration file for the pam_time module</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='time.conf-description'>
+ <title>DESCRIPTION</title>
+
+ <para>
+ The pam_time PAM module does not authenticate the user, but instead
+ it restricts access to a system and or specific applications at
+ various times of the day and on specific days or over various
+ terminal lines. This module can be configured to deny access to
+ (individual) users based on their name, the time of day, the day of
+ week, the service they are applying for and their terminal from which
+ they are making their request.
+ </para>
+ <para>
+ For this module to function correctly there must be a correctly
+ formatted <filename>/etc/security/time.conf</filename> file present.
+ White spaces are ignored and lines maybe extended with '\' (escaped
+ newlines). Text following a '#' is ignored to the end of the line.
+ </para>
+
+ <para>
+ The syntax of the lines is as follows:
+ </para>
+
+ <para>
+ <replaceable>services</replaceable>;<replaceable>ttys</replaceable>;<replaceable>users</replaceable>;<replaceable>times</replaceable>
+ </para>
+ <para>
+ In words, each rule occupies a line, terminated with a newline
+ or the beginning of a comment; a '<emphasis remap='B'>#</emphasis>'.
+ It contains four fields separated with semicolons,
+ '<emphasis remap='B'>;</emphasis>'.
+ </para>
+
+ <para>
+ The first field, the <replaceable>services</replaceable> field,
+ is a logic list of PAM service names that the rule applies to.
+ </para>
+
+ <para>
+ The second field, the <replaceable>tty</replaceable>
+ field, is a logic list of terminal names that this rule applies to.
+ </para>
+
+ <para>
+ The third field, the <replaceable>users</replaceable>
+ field, is a logic list of users or a netgroup of users to whom this
+ rule applies.
+ </para>
+
+ <para>
+ For these items the simple wildcard '*' may be used only once.
+ With netgroups no wildcards or logic operators are allowed.
+ </para>
+
+ <para>
+ The <replaceable>times</replaceable> field is used to indicate the times
+ at which this rule applies. The format here is a logic
+ list of day/time-range entries. The days are specified by a sequence of
+ two character entries, MoTuSa for example is Monday Tuesday and Saturday.
+ Note that repeated days are unset MoMo = no day, and MoWk = all weekdays
+ bar Monday. The two character combinations accepted are Mo Tu We Th Fr Sa
+ Su Wk Wd Al, the last two being week-end days and all 7 days of the week
+ respectively. As a final example, AlFr means all days except Friday.
+ </para>
+ <para>
+ Each day/time-range can be prefixed with a '!' to indicate
+ "anything but".
+ The time-range part is two 24-hour times HHMM, separated by a hyphen,
+ indicating the start and finish time (if the finish time is smaller
+ than the start time it is deemed to apply on the following day).
+ </para>
+
+ <para>
+ For a rule to be active, ALL of service+ttys+users must be satisfied
+ by the applying process.
+ </para>
+ <para>
+ Note, currently there is no daemon enforcing the end of a session.
+ This needs to be remedied.
+ </para>
+ <para>
+ Poorly formatted rules are logged as errors using
+ <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="time.conf-examples">
+ <title>EXAMPLES</title>
+ <para>
+ These are some example lines which might be specified in
+ <filename>/etc/security/time.conf</filename>.
+ </para>
+ <para>
+ All users except for <emphasis>root</emphasis> are denied access
+ to console-login at all times:
+ <programlisting>
+login ; tty* &amp; !ttyp* ; !root ; !Al0000-2400
+ </programlisting>
+ </para>
+
+ <para>
+ Games (configured to use PAM) are only to be accessed out of
+ working hours. This rule does not apply to the user
+ <emphasis>waster</emphasis>:
+ <programlisting>
+games ; * ; !waster ; Wd0000-2400 | Wk1800-0800
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id="time.conf-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry><refentrytitle>pam_time</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id="time.conf-author">
+ <title>AUTHOR</title>
+ <para>
+ pam_time was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/Linux-PAM/modules/pam_time/tst-pam_time b/Linux-PAM/modules/pam_time/tst-pam_time
new file mode 100755
index 00000000..030717bb
--- /dev/null
+++ b/Linux-PAM/modules/pam_time/tst-pam_time
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_time.so
diff --git a/Linux-PAM/modules/pam_umask/Makefile.am b/Linux-PAM/modules/pam_umask/Makefile.am
new file mode 100644
index 00000000..56fa63b4
--- /dev/null
+++ b/Linux-PAM/modules/pam_umask/Makefile.am
@@ -0,0 +1,32 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_umask
+
+man_MANS = pam_umask.8
+
+XMLS = README.xml pam_umask.8.xml
+
+TESTS = tst-pam_umask
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_umask.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_umask.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_umask/Makefile.in b/Linux-PAM/modules/pam_umask/Makefile.in
new file mode 100644
index 00000000..45dd9509
--- /dev/null
+++ b/Linux-PAM/modules/pam_umask/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_umask
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_umask_la_LIBADD =
+pam_umask_la_SOURCES = pam_umask.c
+pam_umask_la_OBJECTS = pam_umask.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_umask.c
+DIST_SOURCES = pam_umask.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_umask
+man_MANS = pam_umask.8
+XMLS = README.xml pam_umask.8.xml
+TESTS = tst-pam_umask
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_umask.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_umask/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_umask/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_umask.la: $(pam_umask_la_OBJECTS) $(pam_umask_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_umask_la_OBJECTS) $(pam_umask_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_umask.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_umask.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_umask/README b/Linux-PAM/modules/pam_umask/README
new file mode 100644
index 00000000..69003ec3
--- /dev/null
+++ b/Linux-PAM/modules/pam_umask/README
@@ -0,0 +1,58 @@
+pam_umask — PAM module to set the file mode creation mask
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+pam_umask is a PAM module to set the file mode creation mask of the current
+environment. The umask affects the default permissions assigned to newly
+created files.
+
+The PAM module tries to get the umask value from the following places in the
+following order:
+
+ â— umask= argument
+
+ â— umask= entry of the users GECOS field
+
+ â— pri= entry of the users GECOS field
+
+ â— ulimit= entry of the users GECOS field
+
+ â— UMASK= entry from /etc/default/login
+
+ â— UMASK entry from /etc/login.defs
+
+OPTIONS
+
+debug
+
+ Print debug information.
+
+silent
+
+ Don't print informative messages.
+
+usergroups
+
+ If the user is not root, and the user ID is equal to the group ID, and the
+ username is the same as primary group name, the umask group bits are set to
+ be the same as owner bits (examples: 022 -> 002, 077 -> 007).
+
+umask=mask
+
+ Sets the calling process's file mode creation mask (umask) to mask & 0777.
+ The value is interpreted as Octal.
+
+EXAMPLES
+
+Add the following line to /etc/pam.d/login to set the user specific umask at
+login:
+
+ session optional pam_umask.so umask=0022
+
+
+AUTHOR
+
+pam_umask was written by Thorsten Kukuk <kukuk@thkukuk.de>.
+
diff --git a/Linux-PAM/modules/pam_umask/README.xml b/Linux-PAM/modules/pam_umask/README.xml
new file mode 100644
index 00000000..9afbe543
--- /dev/null
+++ b/Linux-PAM/modules/pam_umask/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_umask.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_umask.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_umask-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_umask.8.xml" xpointer='xpointer(//refsect1[@id = "pam_umask-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_umask.8.xml" xpointer='xpointer(//refsect1[@id = "pam_umask-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_umask.8.xml" xpointer='xpointer(//refsect1[@id = "pam_umask-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_umask.8.xml" xpointer='xpointer(//refsect1[@id = "pam_umask-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_umask/pam_umask.8 b/Linux-PAM/modules/pam_umask/pam_umask.8
new file mode 100644
index 00000000..43160d63
--- /dev/null
+++ b/Linux-PAM/modules/pam_umask/pam_umask.8
@@ -0,0 +1,96 @@
+.\" Title: pam_umask
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 08/06/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_UMASK" "8" "08/06/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_umask \- PAM module to set the file mode creation mask
+.SH "SYNOPSIS"
+.HP 13
+\fBpam_umask.so\fR [debug] [silent] [usergroups] [umask=\fImask\fR]
+.SH "DESCRIPTION"
+.PP
+pam_umask is a PAM module to set the file mode creation mask of the current environment. The umask affects the default permissions assigned to newly created files.
+.PP
+The PAM module tries to get the umask value from the following places in the following order:
+.TP 3n
+\(bu
+umask= argument
+.TP 3n
+\(bu
+umask= entry of the users GECOS field
+.TP 3n
+\(bu
+pri= entry of the users GECOS field
+.TP 3n
+\(bu
+ulimit= entry of the users GECOS field
+.TP 3n
+\(bu
+UMASK= entry from /etc/default/login
+.TP 3n
+\(bu
+UMASK entry from /etc/login.defs
+.sp
+.RE
+.SH "OPTIONS"
+.PP
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBsilent\fR
+Don't print informative messages.
+.TP 3n
+\fBusergroups\fR
+If the user is not root, and the user ID is equal to the group ID, and the username is the same as primary group name, the umask group bits are set to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007).
+.TP 3n
+\fBumask=\fR\fB\fImask\fR\fR
+Sets the calling process's file mode creation mask (umask) to
+\fBmask\fR
+& 0777. The value is interpreted as Octal.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBsession\fR
+service is supported.
+.SH "RETURN VALUES"
+.PP
+.TP 3n
+PAM_SUCCESS
+The new umask was set successfull.
+.TP 3n
+PAM_SERVICE_ERR
+No username was given.
+.TP 3n
+PAM_USER_UNKNOWN
+User not known.
+.SH "EXAMPLES"
+.PP
+Add the following line to
+\fI/etc/pam.d/login\fR
+to set the user specific umask at login:
+.sp
+.RS 3n
+.nf
+ session optional pam_umask.so umask=0022
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_umask was written by Thorsten Kukuk <kukuk@thkukuk.de>.
diff --git a/Linux-PAM/modules/pam_umask/pam_umask.8.xml b/Linux-PAM/modules/pam_umask/pam_umask.8.xml
new file mode 100644
index 00000000..d65e6660
--- /dev/null
+++ b/Linux-PAM/modules/pam_umask/pam_umask.8.xml
@@ -0,0 +1,220 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_umask">
+
+ <refmeta>
+ <refentrytitle>pam_umask</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_umask-name">
+ <refname>pam_umask</refname>
+ <refpurpose>PAM module to set the file mode creation mask</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_umask-cmdsynopsis">
+ <command>pam_umask.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ silent
+ </arg>
+ <arg choice="opt">
+ usergroups
+ </arg>
+ <arg choice="opt">
+ umask=<replaceable>mask</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_umask-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ pam_umask is a PAM module to set the file mode creation mask
+ of the current environment. The umask affects the default
+ permissions assigned to newly created files.
+ </para>
+ <para>
+ The PAM module tries to get the umask value from the
+ following places in the following order:
+ <itemizedlist>
+ <listitem>
+ <para>
+ umask= argument
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ umask= entry of the users GECOS field
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ pri= entry of the users GECOS field
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ ulimit= entry of the users GECOS field
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ UMASK= entry from /etc/default/login
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ UMASK entry from /etc/login.defs
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+
+ </refsect1>
+
+ <refsect1 id="pam_umask-options">
+
+ <title>OPTIONS</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>silent</option>
+ </term>
+ <listitem>
+ <para>
+ Don't print informative messages.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>usergroups</option>
+ </term>
+ <listitem>
+ <para>
+ If the user is not root, and the user ID is equal to the
+ group ID, and the username is the same as primary group name,
+ the umask group bits are set to be the same as
+ owner bits (examples: 022 -> 002, 077 -> 007).
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>umask=<replaceable>mask</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Sets the calling process's file mode creation mask (umask)
+ to <option>mask</option> &amp; 0777. The value is interpreted
+ as Octal.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_umask-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>session</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_umask-return_values'>
+ <title>RETURN VALUES</title>
+ <para>
+ <variablelist>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ The new umask was set successfull.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ No username was given.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_umask-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add the following line to <filename>/etc/pam.d/login</filename> to
+ set the user specific umask at login:
+ <programlisting>
+ session optional pam_umask.so umask=0022
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_umask-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_umask-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_umask was written by Thorsten Kukuk &lt;kukuk@thkukuk.de&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_umask/pam_umask.c b/Linux-PAM/modules/pam_umask/pam_umask.c
new file mode 100644
index 00000000..fdeb3c51
--- /dev/null
+++ b/Linux-PAM/modules/pam_umask/pam_umask.c
@@ -0,0 +1,319 @@
+/*
+ * Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@thkukuk.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License V2, in which case the provisions of the GPL
+ * are required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include <pwd.h>
+#include <grp.h>
+#include <stdio.h>
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+#include <string.h>
+#include <stdarg.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/resource.h>
+#include <syslog.h>
+
+#define PAM_SM_SESSION
+
+#include <security/pam_modules.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
+
+#define BUF_SIZE 4096
+#define LOGIN_DEFS "/etc/login.defs"
+#define LOGIN_CONF "/etc/default/login"
+
+struct options_t {
+ int debug;
+ int usergroups;
+ int silent;
+ char *umask;
+};
+typedef struct options_t options_t;
+
+static void
+parse_option (const pam_handle_t *pamh, const char *argv, options_t *options)
+{
+ if (argv == NULL || argv[0] == '\0')
+ return;
+
+ if (strcasecmp (argv, "debug") == 0)
+ options->debug = 1;
+ else if (strncasecmp (argv, "umask=", 6) == 0)
+ options->umask = strdup (&argv[6]);
+ else if (strcasecmp (argv, "usergroups") == 0)
+ options->usergroups = 1;
+ else if (strcasecmp (argv, "silent") == 0)
+ options->silent = 1;
+ else
+ pam_syslog (pamh, LOG_ERR, "Unknown option: `%s'", argv);
+}
+
+static char *
+search_key (const char *filename)
+{
+ FILE *fp;
+ char *buf = NULL;
+ size_t buflen = 0;
+ char *retval = NULL;
+
+ fp = fopen (filename, "r");
+ if (NULL == fp)
+ return NULL;
+
+ while (!feof (fp))
+ {
+ char *tmp, *cp;
+#if defined(HAVE_GETLINE)
+ ssize_t n = getline (&buf, &buflen, fp);
+#elif defined (HAVE_GETDELIM)
+ ssize_t n = getdelim (&buf, &buflen, '\n', fp);
+#else
+ ssize_t n;
+
+ if (buf == NULL)
+ {
+ buflen = BUF_SIZE;
+ buf = malloc (buflen);
+ }
+ buf[0] = '\0';
+ if (fgets (buf, buflen - 1, fp) == NULL)
+ break;
+ else if (buf != NULL)
+ n = strlen (buf);
+ else
+ n = 0;
+#endif /* HAVE_GETLINE / HAVE_GETDELIM */
+ cp = buf;
+
+ if (n < 1)
+ break;
+
+ tmp = strchr (cp, '#'); /* remove comments */
+ if (tmp)
+ *tmp = '\0';
+ while (isspace ((int)*cp)) /* remove spaces and tabs */
+ ++cp;
+ if (*cp == '\0') /* ignore empty lines */
+ continue;
+
+ if (cp[strlen (cp) - 1] == '\n')
+ cp[strlen (cp) - 1] = '\0';
+
+ tmp = strsep (&cp, " \t=");
+ if (cp != NULL)
+ while (isspace ((int)*cp) || *cp == '=')
+ ++cp;
+
+ if (strcasecmp (tmp, "UMASK") == 0)
+ {
+ retval = strdup (cp);
+ break;
+ }
+ }
+ fclose (fp);
+
+ free (buf);
+
+ return retval;
+}
+
+static int
+get_options (const pam_handle_t *pamh, options_t *options,
+ int argc, const char **argv)
+{
+ memset (options, 0, sizeof (options_t));
+ /* Parse parameters for module */
+ for ( ; argc-- > 0; argv++)
+ parse_option (pamh, *argv, options);
+
+ if (options->umask == NULL)
+ options->umask = search_key (LOGIN_DEFS);
+ if (options->umask == NULL)
+ options->umask = search_key (LOGIN_CONF);
+
+ return 0;
+}
+
+static void
+set_umask (const char *value)
+{
+ const char *value_orig = value;
+ mode_t mask;
+ char *endptr;
+
+ mask = strtoul (value, &endptr, 8) & 0777;
+ if (((mask == 0) && (value_orig == endptr)) ||
+ ((mask == ULONG_MAX) && (errno == ERANGE)))
+ return;
+ umask (mask);
+ return;
+}
+
+/* Set the process nice, ulimit, and umask from the
+ password file entry. */
+static void
+setup_limits_from_gecos (pam_handle_t *pamh, options_t *options,
+ struct passwd *pw)
+{
+ char *cp;
+
+ if (options->usergroups)
+ {
+ /* if not root, and UID == GID, and username is the same as
+ primary group name, set umask group bits to be the same as
+ owner bits (examples: 022 -> 002, 077 -> 007). */
+ if (pw->pw_uid != 0 && pw->pw_uid == pw->pw_gid)
+ {
+ struct group *grp = pam_modutil_getgrgid (pamh, pw->pw_gid);
+ if (grp && (strcmp (pw->pw_name, grp->gr_name) == 0))
+ {
+ mode_t oldmask = umask (0777);
+ umask ((oldmask & ~070) | ((oldmask >> 3) & 070));
+ }
+ }
+ }
+
+ /* See if the GECOS field contains values for NICE, UMASK or ULIMIT. */
+ for (cp = pw->pw_gecos; cp != NULL; cp = strchr (cp, ','))
+ {
+ if (*cp == ',')
+ cp++;
+
+ if (strncasecmp (cp, "umask=", 6) == 0)
+ umask (strtol (cp + 6, NULL, 8) & 0777);
+ else if (strncasecmp (cp, "pri=", 4) == 0)
+ {
+ errno = 0;
+ if (nice (strtol (cp + 4, NULL, 10)) == -1 && errno != 0)
+ {
+ if (!options->silent || options->debug)
+ pam_error (pamh, "nice failed: %m\n");
+ pam_syslog (pamh, LOG_ERR, "nice failed: %m");
+ }
+ }
+ else if (strncasecmp (cp, "ulimit=", 7) == 0)
+ {
+ struct rlimit rlimit_fsize;
+ rlimit_fsize.rlim_cur = 512L * strtol (cp + 7, NULL, 10);
+ rlimit_fsize.rlim_max = rlimit_fsize.rlim_cur;
+ if (setrlimit (RLIMIT_FSIZE, &rlimit_fsize) == -1)
+ {
+ if (!options->silent || options->debug)
+ pam_error (pamh, "setrlimit failed: %m\n");
+ pam_syslog (pamh, LOG_ERR, "setrlimit failed: %m");
+ }
+ }
+ }
+}
+
+
+PAM_EXTERN int
+pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ struct passwd *pw;
+ options_t options;
+ const char *name;
+ int retval = PAM_SUCCESS;
+
+ get_options (pamh, &options, argc, argv);
+ if (flags & PAM_SILENT)
+ options.silent = 1;
+
+ /* get the user name. */
+ if ((retval = pam_get_user (pamh, &name, NULL)) != PAM_SUCCESS)
+ {
+ pam_syslog (pamh, LOG_ERR, "pam_get_user failed: return %d", retval);
+ return (retval == PAM_CONV_AGAIN ? PAM_INCOMPLETE:retval);
+ }
+
+ if (name == NULL || name[0] == '\0')
+ {
+ if (name)
+ {
+ pam_syslog (pamh, LOG_ERR, "bad username [%s]", name);
+ return PAM_USER_UNKNOWN;
+ }
+ return PAM_SERVICE_ERR;
+ }
+
+ pw = pam_modutil_getpwnam (pamh, name);
+ if (pw == NULL)
+ {
+ pam_syslog (pamh, LOG_ERR, "account for %s not found", name);
+ return PAM_USER_UNKNOWN;
+ }
+
+ if (options.umask != NULL)
+ {
+ set_umask (options.umask);
+ free (options.umask);
+ }
+
+ setup_limits_from_gecos (pamh, &options, pw);
+
+ return retval;
+}
+
+PAM_EXTERN int
+pam_sm_close_session (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_SUCCESS;
+}
+
+#ifdef PAM_STATIC
+
+/* static module data */
+
+struct pam_module _pam_umask_modstruct = {
+ "pam_umask",
+ NULL,
+ NULL,
+ NULL,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ NULL
+};
+
+#endif
+
+/* end of module definition */
diff --git a/Linux-PAM/modules/pam_umask/tst-pam_umask b/Linux-PAM/modules/pam_umask/tst-pam_umask
new file mode 100755
index 00000000..3608a9de
--- /dev/null
+++ b/Linux-PAM/modules/pam_umask/tst-pam_umask
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_umask.so
diff --git a/Linux-PAM/modules/pam_unix/Makefile b/Linux-PAM/modules/pam_unix/Makefile
deleted file mode 100644
index 7f32e073..00000000
--- a/Linux-PAM/modules/pam_unix/Makefile
+++ /dev/null
@@ -1,191 +0,0 @@
-# $Id: Makefile,v 1.8 2004/11/08 08:58:37 kukuk Exp $
-#
-# This Makefile controls a build process of the pam_unix modules
-# for Linux-PAM. You should not modify this Makefile.
-#
-
-include ../../Make.Rules
-
-########################################################################
-# some options... uncomment to take effect
-########################################################################
-
-# Unless someone wants to work out how to make this work with the new
-# autoconf stuff, you should use a separate module for this type of thing
-# pam_cracklib perhaps..?
-# do you want cracklib?
-#ifeq ($(HAVE_CRACKLIB),yes)
-#USE_CRACKLIB=-D"USE_CRACKLIB"
-#endif
-
-ifeq ($(shell if [ -f /usr/lib/cracklib_dict.hwm ]; then echo yes ; fi),yes)
- CRACKLIB_DICTPATH=/usr/lib/cracklib_dict
-else
- CRACKLIB_DICTPATH=/usr/share/dict/cracklib_dict
-endif
-EXTRAS += -DCRACKLIB_DICTS=\"$(CRACKLIB_DICTPATH)\"
-
-ifeq ($(HAVE_LIBCRYPT),yes)
- EXTRALS += -lcrypt
-endif
-ifeq ($(HAVE_LIBNSL),yes)
- EXTRALS += -lnsl
-endif
-# do you want to use lckpwdf?
-ifeq ($(WITH_LCKPWDF),yes)
-USE_LCKPWDF=-D"USE_LCKPWDF"
-# do you need to include the locking functions in the source?
-ifeq ($(HAVE_LCKPWDF),no)
- NEED_LCKPWDF=-D"NEED_LCKPWDF"
-endif
-endif
-
-ifeq ($(HAVE_LIBNSL),yes)
- LIBNSL = -lnsl
-endif
-
-ifeq ($(HAVE_LIBCRYPT),yes)
- LIBCRYPT=-lcrypt
-endif
-
-CHKPWD=unix_chkpwd
-
-BIGCRYPT=bigcrypt
-
-EXTRAS += -DCHKPWD_HELPER=\"$(SUPLEMENTED)/$(CHKPWD)\"
-
-LINK_PAMMODUTILS = -L../pammodutil -lpammodutil
-INCLUDE_PAMMODUTILS = -I../pammodutil/include
-
-########################################################################
-
-CFLAGS += $(USE_CRACKLIB) $(USE_LCKPWDF) $(NEED_LCKPWDF) $(EXTRAS) \
- $(INCLUDE_PAMMODUTILS)
-
-LDLIBS = $(EXTRALS) $(LINK_PAMMODUTILS)
-
-ifdef USE_CRACKLIB
-CRACKLIB = -lcrack
-endif
-
-
-LIBOBJ = pam_unix_auth.o pam_unix_acct.o pam_unix_sess.o pam_unix_passwd.o \
- support.o
-LIBSRC = pam_unix_auth.c pam_unix_acct.c pam_unix_sess.c pam_unix_passwd.c \
- support.c
-LIBOBJD = $(addprefix dynamic/,$(LIBOBJ))
-LIBOBJS = $(addprefix static/,$(LIBOBJ))
-
-PLUS = md5_good.o md5_broken.o md5_crypt_good.o md5_crypt_broken.o \
- yppasswd_xdr.o bigcrypt.o
-
-ifdef DYNAMIC
-LIBSHARED = pam_unix.so
-endif
-ifdef STATIC
-LIBSTATIC = libpam_unix.o
-endif
-
-
-########################### don't edit below #######################
-
-all: dirs info $(PLUS) $(LIBSHARED) $(LIBSTATIC) $(CHKPWD) $(BIGCRYPT) \
- register
-
-dynamic/%.o : %.c
- $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-static/%.o: %.c
- $(CC) $(CFLAGS) $(STATIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-dummy:
- @echo "**** This is not a top-level Makefile "
- exit
-
-info:
- @echo
- @echo "*** Building pam-unix module of the framework..."
- @echo
-
-dirs:
-ifdef DYNAMIC
- mkdir -p ./dynamic
-endif
-ifdef STATIC
- mkdir -p ./static
-endif
-
-register:
-ifdef STATIC
- ( cd .. ; ./register_static pam_unix_auth pam_unix/$(LIBSTATIC) ; \
- ./register_static pam_unix_acct "" ; \
- ./register_static pam_unix_session "" ; \
- ./register_static pam_unix_passwd "" ; \
- )
-endif
-
-ifdef DYNAMIC
-$(LIBOBJD): $(LIBSRC)
-
-$(LIBSHARED): $(LIBOBJD)
- $(LD_D) -o $@ $(LIBOBJD) $(PLUS) $(CRACKLIB) $(LDLIBS) $(LIBNSL) $(LIBCRYPT) $(NEED_LINK_LIB_C) -L../../libpam -lpam
-endif
-
-ifdef STATIC
-$(LIBOBJS): $(LIBSRC)
-
-$(LIBSTATIC): $(LIBOBJS)
- $(LD) -r -o $@ $(LIBOBJS) $(PLUS) $(CRACKLIB) $(LDLIBS) $(LIBNSL) $(LIBCRYPT)
-endif
-
-$(CHKPWD): unix_chkpwd.o md5_good.o md5_broken.o \
- md5_crypt_good.o md5_crypt_broken.o \
- bigcrypt.o
- $(CC) $(CFLAGS) -o $(CHKPWD) $^ $(LDLIBS) $(LIBCRYPT)
-
-$(BIGCRYPT): bigcrypt_main.o bigcrypt.o
- $(CC) -o $(BIGCRYPT) $^ $(LDLIBS) $(LIBCRYPT)
-
-unix_chkpwd.o: unix_chkpwd.c
- $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-md5_good.o: md5.c
- $(CC) $(CFLAGS) $(CPPFLAGS) -DHIGHFIRST -D'MD5Name(x)=Good##x' \
- $(TARGET_ARCH) -c $< -o $@
-
-md5_broken.o: md5.c
- $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' \
- $(TARGET_ARCH) -c $< -o $@
-
-md5_crypt_good.o: md5_crypt.c
- $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Good##x' \
- $(TARGET_ARCH) -c $< -o $@
-
-md5_crypt_broken.o: md5_crypt.c
- $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' \
- $(TARGET_ARCH) -c $< -o $@
-
-install: all
- mkdir -p $(FAKEROOT)$(SECUREDIR)
-ifdef DYNAMIC
- install -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR)
- for x in pam_unix_auth pam_unix_acct pam_unix_passwd pam_unix_session;\
- do ln -sf $(LIBSHARED) $(FAKEROOT)$(SECUREDIR)/$$x.so ; done
-endif
- $(MKDIR) $(FAKEROOT)$(SUPLEMENTED)
- install -m 4555 $(CHKPWD) $(FAKEROOT)$(SUPLEMENTED)
-
-remove:
- rm -f $(FAKEROOT)$(SECUREDIR)/$(LIBSHARED)
- for x in pam_unix_auth pam_unix_acct pam_unix_passwd pam_unix_session;\
- do rm -f $(FAKEROOT)$(SECUREDIR)/$$x.so ; done
- rm -f $(FAKEROOT)$(SUPLEMENTED)/$(CHKPWD)
-
-clean:
- rm -f $(LIBOBJD) $(LIBOBJS) $(CHKPWD) $(BIGCRYPT) *.o *.so core
- rm -f *~ *.a *.out *.bak
- rm -rf dynamic static
-
-.c.o:
- $(CC) -c $(CFLAGS) $<
-
diff --git a/Linux-PAM/modules/pam_unix/Makefile.am b/Linux-PAM/modules/pam_unix/Makefile.am
new file mode 100644
index 00000000..83b6c0b3
--- /dev/null
+++ b/Linux-PAM/modules/pam_unix/Makefile.am
@@ -0,0 +1,61 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README md5.c md5_crypt.c lckpwdf.-c $(MANS) CHANGELOG \
+ tst-pam_unix $(XMLS)
+
+man_MANS = pam_unix.8 unix_chkpwd.8
+XMLS = README.xml pam_unix.8.xml
+
+TESTS = tst-pam_unix
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DCHKPWD_HELPER=\"$(sbindir)/unix_chkpwd\"
+
+if HAVE_LIBSELINUX
+ AM_CFLAGS += -D"WITH_SELINUX"
+endif
+if HAVE_LIBCRACK
+ AM_CFLAGS += -D"USE_CRACKLIB"
+endif
+
+pam_unix_la_LDFLAGS = -no-undefined -avoid-version -module \
+ @LIBCRACK@ @LIBNSL@ -L$(top_builddir)/libpam -lpam \
+ @LIBCRYPT@ @LIBSELINUX@
+if HAVE_VERSIONING
+ pam_unix_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_unix.la
+
+noinst_HEADERS = md5.h support.h yppasswd.h bigcrypt.h
+
+sbin_PROGRAMS = unix_chkpwd
+
+noinst_PROGRAMS = bigcrypt
+
+pam_unix_la_SOURCES = bigcrypt.c pam_unix_acct.c \
+ pam_unix_auth.c pam_unix_passwd.c pam_unix_sess.c support.c \
+ yppasswd_xdr.c md5_good.c md5_broken.c
+
+bigcrypt_SOURCES = bigcrypt.c bigcrypt_main.c
+bigcrypt_CFLAGS = $(AM_CFLAGS)
+bigcrypt_LDFLAGS = @LIBCRYPT@
+
+unix_chkpwd_SOURCES = unix_chkpwd.c md5_good.c md5_broken.c bigcrypt.c
+unix_chkpwd_CFLAGS = $(AM_CFLAGS) @PIE_CFLAGS@
+unix_chkpwd_LDFLAGS = @PIE_LDFLAGS@ -L$(top_builddir)/libpam -lpam \
+ @LIBCRYPT@ @LIBSELINUX@
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_unix.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_unix/Makefile.in b/Linux-PAM/modules/pam_unix/Makefile.in
new file mode 100644
index 00000000..e3b34afb
--- /dev/null
+++ b/Linux-PAM/modules/pam_unix/Makefile.in
@@ -0,0 +1,859 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_LIBSELINUX_TRUE@am__append_1 = -D"WITH_SELINUX"
+@HAVE_LIBCRACK_TRUE@am__append_2 = -D"USE_CRACKLIB"
+@HAVE_VERSIONING_TRUE@am__append_3 = -Wl,--version-script=$(srcdir)/../modules.map
+sbin_PROGRAMS = unix_chkpwd$(EXEEXT)
+noinst_PROGRAMS = bigcrypt$(EXEEXT)
+subdir = modules/pam_unix
+DIST_COMMON = README $(noinst_HEADERS) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(sbindir)" \
+ "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_unix_la_LIBADD =
+am_pam_unix_la_OBJECTS = bigcrypt.lo pam_unix_acct.lo pam_unix_auth.lo \
+ pam_unix_passwd.lo pam_unix_sess.lo support.lo yppasswd_xdr.lo \
+ md5_good.lo md5_broken.lo
+pam_unix_la_OBJECTS = $(am_pam_unix_la_OBJECTS)
+pam_unix_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(pam_unix_la_LDFLAGS) $(LDFLAGS) -o $@
+sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+PROGRAMS = $(noinst_PROGRAMS) $(sbin_PROGRAMS)
+am_bigcrypt_OBJECTS = bigcrypt-bigcrypt.$(OBJEXT) \
+ bigcrypt-bigcrypt_main.$(OBJEXT)
+bigcrypt_OBJECTS = $(am_bigcrypt_OBJECTS)
+bigcrypt_LDADD = $(LDADD)
+bigcrypt_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(bigcrypt_CFLAGS) $(CFLAGS) \
+ $(bigcrypt_LDFLAGS) $(LDFLAGS) -o $@
+am_unix_chkpwd_OBJECTS = unix_chkpwd-unix_chkpwd.$(OBJEXT) \
+ unix_chkpwd-md5_good.$(OBJEXT) \
+ unix_chkpwd-md5_broken.$(OBJEXT) \
+ unix_chkpwd-bigcrypt.$(OBJEXT)
+unix_chkpwd_OBJECTS = $(am_unix_chkpwd_OBJECTS)
+unix_chkpwd_LDADD = $(LDADD)
+unix_chkpwd_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(unix_chkpwd_CFLAGS) \
+ $(CFLAGS) $(unix_chkpwd_LDFLAGS) $(LDFLAGS) -o $@
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = $(pam_unix_la_SOURCES) $(bigcrypt_SOURCES) \
+ $(unix_chkpwd_SOURCES)
+DIST_SOURCES = $(pam_unix_la_SOURCES) $(bigcrypt_SOURCES) \
+ $(unix_chkpwd_SOURCES)
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+HEADERS = $(noinst_HEADERS)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README md5.c md5_crypt.c lckpwdf.-c $(MANS) CHANGELOG \
+ tst-pam_unix $(XMLS)
+
+man_MANS = pam_unix.8 unix_chkpwd.8
+XMLS = README.xml pam_unix.8.xml
+TESTS = tst-pam_unix
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include \
+ -I$(top_srcdir)/libpamc/include \
+ -DCHKPWD_HELPER=\"$(sbindir)/unix_chkpwd\" $(am__append_1) \
+ $(am__append_2)
+pam_unix_la_LDFLAGS = -no-undefined -avoid-version -module @LIBCRACK@ \
+ @LIBNSL@ -L$(top_builddir)/libpam -lpam @LIBCRYPT@ \
+ @LIBSELINUX@ $(am__append_3)
+securelib_LTLIBRARIES = pam_unix.la
+noinst_HEADERS = md5.h support.h yppasswd.h bigcrypt.h
+pam_unix_la_SOURCES = bigcrypt.c pam_unix_acct.c \
+ pam_unix_auth.c pam_unix_passwd.c pam_unix_sess.c support.c \
+ yppasswd_xdr.c md5_good.c md5_broken.c
+
+bigcrypt_SOURCES = bigcrypt.c bigcrypt_main.c
+bigcrypt_CFLAGS = $(AM_CFLAGS)
+bigcrypt_LDFLAGS = @LIBCRYPT@
+unix_chkpwd_SOURCES = unix_chkpwd.c md5_good.c md5_broken.c bigcrypt.c
+unix_chkpwd_CFLAGS = $(AM_CFLAGS) @PIE_CFLAGS@
+unix_chkpwd_LDFLAGS = @PIE_LDFLAGS@ -L$(top_builddir)/libpam -lpam \
+ @LIBCRYPT@ @LIBSELINUX@
+
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_unix/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_unix/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_unix.la: $(pam_unix_la_OBJECTS) $(pam_unix_la_DEPENDENCIES)
+ $(pam_unix_la_LINK) -rpath $(securelibdir) $(pam_unix_la_OBJECTS) $(pam_unix_la_LIBADD) $(LIBS)
+
+clean-noinstPROGRAMS:
+ @list='$(noinst_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+install-sbinPROGRAMS: $(sbin_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)"
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ if test -f $$p \
+ || test -f $$p1 \
+ ; then \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
+ else :; fi; \
+ done
+
+uninstall-sbinPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \
+ rm -f "$(DESTDIR)$(sbindir)/$$f"; \
+ done
+
+clean-sbinPROGRAMS:
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+bigcrypt$(EXEEXT): $(bigcrypt_OBJECTS) $(bigcrypt_DEPENDENCIES)
+ @rm -f bigcrypt$(EXEEXT)
+ $(bigcrypt_LINK) $(bigcrypt_OBJECTS) $(bigcrypt_LDADD) $(LIBS)
+unix_chkpwd$(EXEEXT): $(unix_chkpwd_OBJECTS) $(unix_chkpwd_DEPENDENCIES)
+ @rm -f unix_chkpwd$(EXEEXT)
+ $(unix_chkpwd_LINK) $(unix_chkpwd_OBJECTS) $(unix_chkpwd_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bigcrypt-bigcrypt.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bigcrypt-bigcrypt_main.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bigcrypt.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5_broken.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5_good.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_unix_acct.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_unix_auth.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_unix_passwd.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_unix_sess.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/support.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unix_chkpwd-bigcrypt.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unix_chkpwd-md5_broken.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unix_chkpwd-md5_good.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unix_chkpwd-unix_chkpwd.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/yppasswd_xdr.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+bigcrypt-bigcrypt.o: bigcrypt.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bigcrypt_CFLAGS) $(CFLAGS) -MT bigcrypt-bigcrypt.o -MD -MP -MF $(DEPDIR)/bigcrypt-bigcrypt.Tpo -c -o bigcrypt-bigcrypt.o `test -f 'bigcrypt.c' || echo '$(srcdir)/'`bigcrypt.c
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/bigcrypt-bigcrypt.Tpo $(DEPDIR)/bigcrypt-bigcrypt.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bigcrypt.c' object='bigcrypt-bigcrypt.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bigcrypt_CFLAGS) $(CFLAGS) -c -o bigcrypt-bigcrypt.o `test -f 'bigcrypt.c' || echo '$(srcdir)/'`bigcrypt.c
+
+bigcrypt-bigcrypt.obj: bigcrypt.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bigcrypt_CFLAGS) $(CFLAGS) -MT bigcrypt-bigcrypt.obj -MD -MP -MF $(DEPDIR)/bigcrypt-bigcrypt.Tpo -c -o bigcrypt-bigcrypt.obj `if test -f 'bigcrypt.c'; then $(CYGPATH_W) 'bigcrypt.c'; else $(CYGPATH_W) '$(srcdir)/bigcrypt.c'; fi`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/bigcrypt-bigcrypt.Tpo $(DEPDIR)/bigcrypt-bigcrypt.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bigcrypt.c' object='bigcrypt-bigcrypt.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bigcrypt_CFLAGS) $(CFLAGS) -c -o bigcrypt-bigcrypt.obj `if test -f 'bigcrypt.c'; then $(CYGPATH_W) 'bigcrypt.c'; else $(CYGPATH_W) '$(srcdir)/bigcrypt.c'; fi`
+
+bigcrypt-bigcrypt_main.o: bigcrypt_main.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bigcrypt_CFLAGS) $(CFLAGS) -MT bigcrypt-bigcrypt_main.o -MD -MP -MF $(DEPDIR)/bigcrypt-bigcrypt_main.Tpo -c -o bigcrypt-bigcrypt_main.o `test -f 'bigcrypt_main.c' || echo '$(srcdir)/'`bigcrypt_main.c
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/bigcrypt-bigcrypt_main.Tpo $(DEPDIR)/bigcrypt-bigcrypt_main.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bigcrypt_main.c' object='bigcrypt-bigcrypt_main.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bigcrypt_CFLAGS) $(CFLAGS) -c -o bigcrypt-bigcrypt_main.o `test -f 'bigcrypt_main.c' || echo '$(srcdir)/'`bigcrypt_main.c
+
+bigcrypt-bigcrypt_main.obj: bigcrypt_main.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bigcrypt_CFLAGS) $(CFLAGS) -MT bigcrypt-bigcrypt_main.obj -MD -MP -MF $(DEPDIR)/bigcrypt-bigcrypt_main.Tpo -c -o bigcrypt-bigcrypt_main.obj `if test -f 'bigcrypt_main.c'; then $(CYGPATH_W) 'bigcrypt_main.c'; else $(CYGPATH_W) '$(srcdir)/bigcrypt_main.c'; fi`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/bigcrypt-bigcrypt_main.Tpo $(DEPDIR)/bigcrypt-bigcrypt_main.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bigcrypt_main.c' object='bigcrypt-bigcrypt_main.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bigcrypt_CFLAGS) $(CFLAGS) -c -o bigcrypt-bigcrypt_main.obj `if test -f 'bigcrypt_main.c'; then $(CYGPATH_W) 'bigcrypt_main.c'; else $(CYGPATH_W) '$(srcdir)/bigcrypt_main.c'; fi`
+
+unix_chkpwd-unix_chkpwd.o: unix_chkpwd.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -MT unix_chkpwd-unix_chkpwd.o -MD -MP -MF $(DEPDIR)/unix_chkpwd-unix_chkpwd.Tpo -c -o unix_chkpwd-unix_chkpwd.o `test -f 'unix_chkpwd.c' || echo '$(srcdir)/'`unix_chkpwd.c
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/unix_chkpwd-unix_chkpwd.Tpo $(DEPDIR)/unix_chkpwd-unix_chkpwd.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='unix_chkpwd.c' object='unix_chkpwd-unix_chkpwd.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -c -o unix_chkpwd-unix_chkpwd.o `test -f 'unix_chkpwd.c' || echo '$(srcdir)/'`unix_chkpwd.c
+
+unix_chkpwd-unix_chkpwd.obj: unix_chkpwd.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -MT unix_chkpwd-unix_chkpwd.obj -MD -MP -MF $(DEPDIR)/unix_chkpwd-unix_chkpwd.Tpo -c -o unix_chkpwd-unix_chkpwd.obj `if test -f 'unix_chkpwd.c'; then $(CYGPATH_W) 'unix_chkpwd.c'; else $(CYGPATH_W) '$(srcdir)/unix_chkpwd.c'; fi`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/unix_chkpwd-unix_chkpwd.Tpo $(DEPDIR)/unix_chkpwd-unix_chkpwd.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='unix_chkpwd.c' object='unix_chkpwd-unix_chkpwd.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -c -o unix_chkpwd-unix_chkpwd.obj `if test -f 'unix_chkpwd.c'; then $(CYGPATH_W) 'unix_chkpwd.c'; else $(CYGPATH_W) '$(srcdir)/unix_chkpwd.c'; fi`
+
+unix_chkpwd-md5_good.o: md5_good.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -MT unix_chkpwd-md5_good.o -MD -MP -MF $(DEPDIR)/unix_chkpwd-md5_good.Tpo -c -o unix_chkpwd-md5_good.o `test -f 'md5_good.c' || echo '$(srcdir)/'`md5_good.c
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/unix_chkpwd-md5_good.Tpo $(DEPDIR)/unix_chkpwd-md5_good.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='md5_good.c' object='unix_chkpwd-md5_good.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -c -o unix_chkpwd-md5_good.o `test -f 'md5_good.c' || echo '$(srcdir)/'`md5_good.c
+
+unix_chkpwd-md5_good.obj: md5_good.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -MT unix_chkpwd-md5_good.obj -MD -MP -MF $(DEPDIR)/unix_chkpwd-md5_good.Tpo -c -o unix_chkpwd-md5_good.obj `if test -f 'md5_good.c'; then $(CYGPATH_W) 'md5_good.c'; else $(CYGPATH_W) '$(srcdir)/md5_good.c'; fi`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/unix_chkpwd-md5_good.Tpo $(DEPDIR)/unix_chkpwd-md5_good.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='md5_good.c' object='unix_chkpwd-md5_good.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -c -o unix_chkpwd-md5_good.obj `if test -f 'md5_good.c'; then $(CYGPATH_W) 'md5_good.c'; else $(CYGPATH_W) '$(srcdir)/md5_good.c'; fi`
+
+unix_chkpwd-md5_broken.o: md5_broken.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -MT unix_chkpwd-md5_broken.o -MD -MP -MF $(DEPDIR)/unix_chkpwd-md5_broken.Tpo -c -o unix_chkpwd-md5_broken.o `test -f 'md5_broken.c' || echo '$(srcdir)/'`md5_broken.c
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/unix_chkpwd-md5_broken.Tpo $(DEPDIR)/unix_chkpwd-md5_broken.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='md5_broken.c' object='unix_chkpwd-md5_broken.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -c -o unix_chkpwd-md5_broken.o `test -f 'md5_broken.c' || echo '$(srcdir)/'`md5_broken.c
+
+unix_chkpwd-md5_broken.obj: md5_broken.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -MT unix_chkpwd-md5_broken.obj -MD -MP -MF $(DEPDIR)/unix_chkpwd-md5_broken.Tpo -c -o unix_chkpwd-md5_broken.obj `if test -f 'md5_broken.c'; then $(CYGPATH_W) 'md5_broken.c'; else $(CYGPATH_W) '$(srcdir)/md5_broken.c'; fi`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/unix_chkpwd-md5_broken.Tpo $(DEPDIR)/unix_chkpwd-md5_broken.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='md5_broken.c' object='unix_chkpwd-md5_broken.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -c -o unix_chkpwd-md5_broken.obj `if test -f 'md5_broken.c'; then $(CYGPATH_W) 'md5_broken.c'; else $(CYGPATH_W) '$(srcdir)/md5_broken.c'; fi`
+
+unix_chkpwd-bigcrypt.o: bigcrypt.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -MT unix_chkpwd-bigcrypt.o -MD -MP -MF $(DEPDIR)/unix_chkpwd-bigcrypt.Tpo -c -o unix_chkpwd-bigcrypt.o `test -f 'bigcrypt.c' || echo '$(srcdir)/'`bigcrypt.c
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/unix_chkpwd-bigcrypt.Tpo $(DEPDIR)/unix_chkpwd-bigcrypt.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bigcrypt.c' object='unix_chkpwd-bigcrypt.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -c -o unix_chkpwd-bigcrypt.o `test -f 'bigcrypt.c' || echo '$(srcdir)/'`bigcrypt.c
+
+unix_chkpwd-bigcrypt.obj: bigcrypt.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -MT unix_chkpwd-bigcrypt.obj -MD -MP -MF $(DEPDIR)/unix_chkpwd-bigcrypt.Tpo -c -o unix_chkpwd-bigcrypt.obj `if test -f 'bigcrypt.c'; then $(CYGPATH_W) 'bigcrypt.c'; else $(CYGPATH_W) '$(srcdir)/bigcrypt.c'; fi`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/unix_chkpwd-bigcrypt.Tpo $(DEPDIR)/unix_chkpwd-bigcrypt.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bigcrypt.c' object='unix_chkpwd-bigcrypt.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(unix_chkpwd_CFLAGS) $(CFLAGS) -c -o unix_chkpwd-bigcrypt.obj `if test -f 'bigcrypt.c'; then $(CYGPATH_W) 'bigcrypt.c'; else $(CYGPATH_W) '$(srcdir)/bigcrypt.c'; fi`
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(DATA) $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \
+ clean-sbinPROGRAMS clean-securelibLTLIBRARIES mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am: install-sbinPROGRAMS
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-sbinPROGRAMS \
+ uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-noinstPROGRAMS \
+ clean-sbinPROGRAMS clean-securelibLTLIBRARIES ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-man8 install-pdf install-pdf-am install-ps \
+ install-ps-am install-sbinPROGRAMS \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-sbinPROGRAMS uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_unix.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_unix/README b/Linux-PAM/modules/pam_unix/README
index afeee3da..3421eb31 100644
--- a/Linux-PAM/modules/pam_unix/README
+++ b/Linux-PAM/modules/pam_unix/README
@@ -1,37 +1,142 @@
-pam_unix comes as one module pam_unix.so.
-
-The following links are left for compatibility with old versions:
-pam_unix_auth: authentication module providing
- pam_authenticate() and pam_setcred() hooks
-pam_unix_sess: session module, providing session logging
-pam_unix_acct: account management, providing shadow account
- managment features, password aging etc..
-pam_unix_passwd: password updating facilities providing
- cracklib password strength checking facilities.
-
-The following options are recognized:
- debug - log more debugging info
- audit - a little more extreme than debug
- use_first_pass - don't prompt the user for passwords
- take them from PAM_ items instead
- try_first_pass - don't prompt the user for the passwords
- unless PAM_(OLD)AUTHTOK is unset
- use_authtok - like try_first_pass, but * fail * if the new
- PAM_AUTHTOK has not been previously set.
- (intended for stacking password modules only)
- not_set_pass - don't set the PAM_ items with the passwords
- used by this module.
- shadow - try to maintian a shadow based system.
- md5 - when a user changes their password next,
- encrypt it with the md5 algorithm.
- bigcrypt - when a user changes their password next,
- excrypt it with the DEC C2 - algorithm(0).
- nodelay - used to prevent failed authentication
- resulting in a delay of about 1 second.
- nis - use NIS RPC for setting new password
- remember=X - remember X old passwords, they are kept in
- /etc/security/opasswd in MD5 crypted form
- broken_shadow - ignore errors reading shadow information for
- users in the account management module
-
- invalid arguments are logged to syslog.
+pam_unix — Module for traditional password authentication
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+This is the standard Unix authentication module. It uses standard calls from
+the system's libraries to retrieve and set account information as well as
+authentication. Usually this is obtained from the /etc/passwd and the /etc/
+shadow file as well if shadow is enabled.
+
+The account component performs the task of establishing the status of the
+user's account and password based on the following shadow elements: expire,
+last_change, max_change, min_change, warn_change. In the case of the latter, it
+may offer advice to the user on changing their password or, through the
+PAM_AUTHTOKEN_REQD return, delay giving service to the user until they have
+established a new password. The entries listed above are documented in the
+shadow(5) manual page. Should the user's record not contain one or more of
+these entries, the corresponding shadow check is not performed.
+
+The authentication component performs the task of checking the users
+credentials (password). The default action of this module is to not permit the
+user access to a service if their official password is blank.
+
+A helper binary, unix_chkpwd(8), is provided to check the user's password when
+it is stored in a read protected database. This binary is very simple and will
+only check the password of the user invoking it. It is called transparently on
+behalf of the user by the authenticating component of this module. In this way
+it is possible for applications like xlock(1) to work without being
+setuid-root. The module, by default, will temporarily turn off SIGCHLD handling
+for the duration of execution of the helper binary. This is generally the right
+thing to do, as many applications are not prepared to handle this signal from a
+child they didn't know was fork()d. The noreap module argument can be used to
+suppress this temporary shielding and may be needed for use with certain
+applications.
+
+The password component of this module performs the task of updating the user's
+password.
+
+The session component of this module logs when a user logins or leave the
+system.
+
+Remaining arguments, supported by others functions of this module, are silently
+ignored. Other arguments are logged as errors through syslog(3).
+
+OPTIONS
+
+debug
+
+ Turns on debugging via syslog(3).
+
+audit
+
+ A little more extreme than debug.
+
+nullok
+
+ The default action of this module is to not permit the user access to a
+ service if their official password is blank. The nullok argument overrides
+ this default.
+
+try_first_pass
+
+ Before prompting the user for their password, the module first tries the
+ previous stacked module's password in case that satisfies this module as
+ well.
+
+use_first_pass
+
+ The argument use_first_pass forces the module to use a previous stacked
+ modules password and will never prompt the user - if no password is
+ available or the password is not appropriate, the user will be denied
+ access.
+
+nodelay
+
+ This argument can be used to discourage the authentication component from
+ requesting a delay should the authentication as a whole fail. The default
+ action is for the module to request a delay-on-failure of the order of two
+ second.
+
+use_authtok
+
+ When password changing enforce the module to set the new password to the
+ one provided by a previously stacked password module (this is used in the
+ example of the stacking of the pam_cracklib module documented above).
+
+not_set_pass
+
+ This argument is used to inform the module that it is not to pay attention
+ to/make available the old or new passwords from/to other (stacked) password
+ modules.
+
+nis
+
+ NIS RPC is used for setting new passwords.
+
+remember=n
+
+ The last n passwords for each user are saved in /etc/security/opasswd in
+ order to force password change history and keep the user from alternating
+ between the same password too frequently.
+
+shadow
+
+ Try to maintain a shadow based system.
+
+md5
+
+ When a user changes their password next, encrypt it with the MD5 algorithm.
+
+bigcrypt
+
+ When a user changes their password next, encrypt it with the DEC C2
+ algorithm.
+
+broken_shadow
+
+ Ignore errors reading shadow inforation for users in the account management
+ module.
+
+Invalid arguments are logged with syslog(3).
+
+EXAMPLES
+
+An example usage for /etc/pam.d/login would be:
+
+# Authenticate the user
+auth required pam_unix.so
+# Ensure users account and password are still active
+account required pam_unix.so
+# Change the users password, but at first check the strength
+# with pam_cracklib(8)
+password required pam_cracklib.so retry=3 minlen=6 difok=3
+password required pam_unix.so use_authtok nullok md5
+session required pam_unix.so
+
+
+AUTHOR
+
+pam_unix was written by various people.
+
diff --git a/Linux-PAM/modules/pam_unix/README.xml b/Linux-PAM/modules/pam_unix/README.xml
new file mode 100644
index 00000000..7fd340b3
--- /dev/null
+++ b/Linux-PAM/modules/pam_unix/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_unix.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_unix.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_unix-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_unix.8.xml" xpointer='xpointer(//refsect1[@id = "pam_unix-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_unix.8.xml" xpointer='xpointer(//refsect1[@id = "pam_unix-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_unix.8.xml" xpointer='xpointer(//refsect1[@id = "pam_unix-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_unix.8.xml" xpointer='xpointer(//refsect1[@id = "pam_unix-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_unix/bigcrypt.c b/Linux-PAM/modules/pam_unix/bigcrypt.c
index 6b73f3d2..d825bc71 100644
--- a/Linux-PAM/modules/pam_unix/bigcrypt.c
+++ b/Linux-PAM/modules/pam_unix/bigcrypt.c
@@ -24,12 +24,16 @@
* Andy Phillips <atp@mssl.ucl.ac.uk>
*/
+#include "config.h"
+
#include <string.h>
#include <stdlib.h>
#include <security/_pam_macros.h>
+#ifdef HAVE_CRYPT_H
+#include <crypt.h>
+#endif
-char *crypt(const char *key, const char *salt);
-char *bigcrypt(const char *key, const char *salt);
+#include "bigcrypt.h"
/*
* Max cleartext password length in segments of 8 characters this
diff --git a/Linux-PAM/modules/pam_unix/bigcrypt.h b/Linux-PAM/modules/pam_unix/bigcrypt.h
new file mode 100644
index 00000000..a66a96e6
--- /dev/null
+++ b/Linux-PAM/modules/pam_unix/bigcrypt.h
@@ -0,0 +1 @@
+extern char *bigcrypt(const char *key, const char *salt);
diff --git a/Linux-PAM/modules/pam_unix/bigcrypt_main.c b/Linux-PAM/modules/pam_unix/bigcrypt_main.c
index 70819072..fab212d9 100644
--- a/Linux-PAM/modules/pam_unix/bigcrypt_main.c
+++ b/Linux-PAM/modules/pam_unix/bigcrypt_main.c
@@ -1,7 +1,7 @@
#include <stdio.h>
#include <string.h>
-extern const char *bigcrypt(const char *password, const char *salt);
+#include "bigcrypt.h"
int
main(int argc, char **argv)
diff --git a/Linux-PAM/modules/pam_unix/lckpwdf.-c b/Linux-PAM/modules/pam_unix/lckpwdf.-c
index b5ff4585..7145617e 100644
--- a/Linux-PAM/modules/pam_unix/lckpwdf.-c
+++ b/Linux-PAM/modules/pam_unix/lckpwdf.-c
@@ -26,6 +26,9 @@
#include <fcntl.h>
#include <signal.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif
#define LOCKFILE "/etc/.pwd.lock"
#define TIMEOUT 15
@@ -64,6 +67,28 @@ static int lckpwdf(void)
if (lockfd != -1)
return -1;
+#ifdef WITH_SELINUX
+ if(is_selinux_enabled()>0)
+ {
+ lockfd = open(LOCKFILE, O_WRONLY);
+ if(lockfd == -1 && errno == ENOENT)
+ {
+ security_context_t create_context;
+ int rc;
+
+ if(getfilecon("/etc/passwd", &create_context))
+ return -1;
+ rc = setfscreatecon(create_context);
+ freecon(create_context);
+ if(rc)
+ return -1;
+ lockfd = open(LOCKFILE, O_CREAT | O_WRONLY, 0600);
+ if(setfscreatecon(NULL))
+ return -1;
+ }
+ }
+ else
+#endif
lockfd = open(LOCKFILE, O_CREAT | O_WRONLY, 0600);
if (lockfd == -1)
return -1;
diff --git a/Linux-PAM/modules/pam_unix/md5_broken.c b/Linux-PAM/modules/pam_unix/md5_broken.c
new file mode 100644
index 00000000..193daebb
--- /dev/null
+++ b/Linux-PAM/modules/pam_unix/md5_broken.c
@@ -0,0 +1,4 @@
+#define MD5Name(x) Broken##x
+
+#include "md5.c"
+#include "md5_crypt.c"
diff --git a/Linux-PAM/modules/pam_unix/md5_good.c b/Linux-PAM/modules/pam_unix/md5_good.c
new file mode 100644
index 00000000..131e4516
--- /dev/null
+++ b/Linux-PAM/modules/pam_unix/md5_good.c
@@ -0,0 +1,5 @@
+#define HIGHFIRST
+#define MD5Name(x) Good##x
+
+#include "md5.c"
+#include "md5_crypt.c"
diff --git a/Linux-PAM/modules/pam_unix/pam_unix.8 b/Linux-PAM/modules/pam_unix/pam_unix.8
new file mode 100644
index 00000000..e57de221
--- /dev/null
+++ b/Linux-PAM/modules/pam_unix/pam_unix.8
@@ -0,0 +1,143 @@
+.\" Title: pam_unix
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 09/20/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_UNIX" "8" "09/20/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_unix \- Module for traditional password authentication
+.SH "SYNOPSIS"
+.HP 12
+\fBpam_unix.so\fR [...]
+.SH "DESCRIPTION"
+.PP
+This is the standard Unix authentication module. It uses standard calls from the system's libraries to retrieve and set account information as well as authentication. Usually this is obtained from the /etc/passwd and the /etc/shadow file as well if shadow is enabled.
+.PP
+The account component performs the task of establishing the status of the user's account and password based on the following
+\fIshadow\fR
+elements: expire, last_change, max_change, min_change, warn_change. In the case of the latter, it may offer advice to the user on changing their password or, through the
+\fBPAM_AUTHTOKEN_REQD\fR
+return, delay giving service to the user until they have established a new password. The entries listed above are documented in the
+\fBshadow\fR(5)
+manual page. Should the user's record not contain one or more of these entries, the corresponding
+\fIshadow\fR
+check is not performed.
+.PP
+The authentication component performs the task of checking the users credentials (password). The default action of this module is to not permit the user access to a service if their official password is blank.
+.PP
+A helper binary,
+\fBunix_chkpwd\fR(8), is provided to check the user's password when it is stored in a read protected database. This binary is very simple and will only check the password of the user invoking it. It is called transparently on behalf of the user by the authenticating component of this module. In this way it is possible for applications like
+\fBxlock\fR(1)
+to work without being setuid\-root. The module, by default, will temporarily turn off SIGCHLD handling for the duration of execution of the helper binary. This is generally the right thing to do, as many applications are not prepared to handle this signal from a child they didn't know was
+\fBfork()\fRd. The
+\fBnoreap\fR
+module argument can be used to suppress this temporary shielding and may be needed for use with certain applications.
+.PP
+The password component of this module performs the task of updating the user's password.
+.PP
+The session component of this module logs when a user logins or leave the system.
+.PP
+Remaining arguments, supported by others functions of this module, are silently ignored. Other arguments are logged as errors through
+\fBsyslog\fR(3).
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+Turns on debugging via
+\fBsyslog\fR(3).
+.TP 3n
+\fBaudit\fR
+A little more extreme than debug.
+.TP 3n
+\fBnullok\fR
+The default action of this module is to not permit the user access to a service if their official password is blank. The
+\fBnullok\fR
+argument overrides this default.
+.TP 3n
+\fBtry_first_pass\fR
+Before prompting the user for their password, the module first tries the previous stacked module's password in case that satisfies this module as well.
+.TP 3n
+\fBuse_first_pass\fR
+The argument
+\fBuse_first_pass\fR
+forces the module to use a previous stacked modules password and will never prompt the user \- if no password is available or the password is not appropriate, the user will be denied access.
+.TP 3n
+\fBnodelay\fR
+This argument can be used to discourage the authentication component from requesting a delay should the authentication as a whole fail. The default action is for the module to request a delay\-on\-failure of the order of two second.
+.TP 3n
+\fBuse_authtok\fR
+When password changing enforce the module to set the new password to the one provided by a previously stacked
+\fBpassword\fR
+module (this is used in the example of the stacking of the
+\fBpam_cracklib\fR
+module documented above).
+.TP 3n
+\fBnot_set_pass\fR
+This argument is used to inform the module that it is not to pay attention to/make available the old or new passwords from/to other (stacked) password modules.
+.TP 3n
+\fBnis\fR
+NIS RPC is used for setting new passwords.
+.TP 3n
+\fBremember=\fR\fB\fIn\fR\fR
+The last
+\fIn\fR
+passwords for each user are saved in
+\fI/etc/security/opasswd\fR
+in order to force password change history and keep the user from alternating between the same password too frequently.
+.TP 3n
+\fBshadow\fR
+Try to maintain a shadow based system.
+.TP 3n
+\fBmd5\fR
+When a user changes their password next, encrypt it with the MD5 algorithm.
+.TP 3n
+\fBbigcrypt\fR
+When a user changes their password next, encrypt it with the DEC C2 algorithm.
+.TP 3n
+\fBbroken_shadow\fR
+Ignore errors reading shadow inforation for users in the account management module.
+.PP
+Invalid arguments are logged with
+\fBsyslog\fR(3).
+.SH "MODULE SERVICES PROVIDED"
+.PP
+All service are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_IGNORE
+Ignore this module.
+.SH "EXAMPLES"
+.PP
+An example usage for
+\fI/etc/pam.d/login\fR
+would be:
+.sp
+.RS 3n
+.nf
+# Authenticate the user
+auth required pam_unix.so
+# Ensure users account and password are still active
+account required pam_unix.so
+# Change the users password, but at first check the strength
+# with pam_cracklib(8)
+password required pam_cracklib.so retry=3 minlen=6 difok=3
+password required pam_unix.so use_authtok nullok md5
+session required pam_unix.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_unix was written by various people.
diff --git a/Linux-PAM/modules/pam_unix/pam_unix.8.xml b/Linux-PAM/modules/pam_unix/pam_unix.8.xml
new file mode 100644
index 00000000..41757977
--- /dev/null
+++ b/Linux-PAM/modules/pam_unix/pam_unix.8.xml
@@ -0,0 +1,342 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_unix">
+
+ <refmeta>
+ <refentrytitle>pam_unix</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_unix-name">
+ <refname>pam_unix</refname>
+ <refpurpose>Module for traditional password authentication</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_unix-cmdsynopsis">
+ <command>pam_unix.so</command>
+ <arg choice="opt">
+ ...
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_unix-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ This is the standard Unix authentication module. It uses standard
+ calls from the system's libraries to retrieve and set account
+ information as well as authentication. Usually this is obtained
+ from the /etc/passwd and the /etc/shadow file as well if shadow is
+ enabled.
+ </para>
+
+ <para>
+ The account component performs the task of establishing the status
+ of the user's account and password based on the following
+ <emphasis>shadow</emphasis> elements: expire, last_change, max_change,
+ min_change, warn_change. In the case of the latter, it may offer advice
+ to the user on changing their password or, through the
+ <emphasis remap='B'>PAM_AUTHTOKEN_REQD</emphasis> return, delay
+ giving service to the user until they have established a new password.
+ The entries listed above are documented in the <citerefentry>
+ <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry> manual page. Should the user's record not contain
+ one or more of these entries, the corresponding
+ <emphasis>shadow</emphasis> check is not performed.
+ </para>
+
+ <para>
+ The authentication component performs the task of checking the
+ users credentials (password). The default action of this module
+ is to not permit the user access to a service if their official
+ password is blank.
+ </para>
+
+ <para>
+ A helper binary, <citerefentry>
+ <refentrytitle>unix_chkpwd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>, is provided
+ to check the user's password when it is stored in a read
+ protected database. This binary is very simple and will only
+ check the password of the user invoking it. It is called
+ transparently on behalf of the user by the authenticating
+ component of this module. In this way it is possible
+ for applications like <citerefentry>
+ <refentrytitle>xlock</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> to work without
+ being setuid-root. The module, by default, will temporarily turn
+ off SIGCHLD handling for the duration of execution of the helper
+ binary. This is generally the right thing to do, as many applications
+ are not prepared to handle this signal from a child they didn't know
+ was <function>fork()</function>d. The <option>noreap</option> module
+ argument can be used to suppress this temporary shielding and may be
+ needed for use with certain applications.
+ </para>
+
+ <para>
+ The password component of this module performs the task of updating
+ the user's password.
+ </para>
+
+ <para>
+ The session component of this module logs when a user logins
+ or leave the system.
+ </para>
+
+ <para>
+ Remaining arguments, supported by others functions of this
+ module, are silently ignored. Other arguments are logged as
+ errors through <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_unix-options">
+
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Turns on debugging via
+ <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>audit</option>
+ </term>
+ <listitem>
+ <para>
+ A little more extreme than debug.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>nullok</option>
+ </term>
+ <listitem>
+ <para>
+ The default action of this module is to not permit the
+ user access to a service if their official password is blank.
+ The <option>nullok</option> argument overrides this default.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>try_first_pass</option>
+ </term>
+ <listitem>
+ <para>
+ Before prompting the user for their password, the module first
+ tries the previous stacked module's password in case that
+ satisfies this module as well.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>use_first_pass</option>
+ </term>
+ <listitem>
+ <para>
+ The argument <option>use_first_pass</option> forces the module
+ to use a previous stacked modules password and will never prompt
+ the user - if no password is available or the password is not
+ appropriate, the user will be denied access.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>nodelay</option>
+ </term>
+ <listitem>
+ <para>
+ This argument can be used to discourage the authentication
+ component from requesting a delay should the authentication
+ as a whole fail. The default action is for the module to
+ request a delay-on-failure of the order of two second.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>use_authtok</option>
+ </term>
+ <listitem>
+ <para>
+ When password changing enforce the module to set the new
+ password to the one provided by a previously stacked
+ <option>password</option> module (this is used in the
+ example of the stacking of the <command>pam_cracklib</command>
+ module documented above).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>not_set_pass</option>
+ </term>
+ <listitem>
+ <para>
+ This argument is used to inform the module that it is not to
+ pay attention to/make available the old or new passwords from/to
+ other (stacked) password modules.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>nis</option>
+ </term>
+ <listitem>
+ <para>
+ NIS RPC is used for setting new passwords.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>remember=<replaceable>n</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The last <replaceable>n</replaceable> passwords for each
+ user are saved in <filename>/etc/security/opasswd</filename>
+ in order to force password change history and keep the user
+ from alternating between the same password too frequently.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>shadow</option>
+ </term>
+ <listitem>
+ <para>
+ Try to maintain a shadow based system.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>md5</option>
+ </term>
+ <listitem>
+ <para>
+ When a user changes their password next, encrypt
+ it with the MD5 algorithm.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>bigcrypt</option>
+ </term>
+ <listitem>
+ <para>
+ When a user changes their password next,
+ encrypt it with the DEC C2 algorithm.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>broken_shadow</option>
+ </term>
+ <listitem>
+ <para>
+ Ignore errors reading shadow inforation for
+ users in the account management module.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ Invalid arguments are logged with <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_unix-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ All service are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_unix-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ Ignore this module.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_unix-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ An example usage for <filename>/etc/pam.d/login</filename>
+ would be:
+ <programlisting>
+# Authenticate the user
+auth required pam_unix.so
+# Ensure users account and password are still active
+account required pam_unix.so
+# Change the users password, but at first check the strength
+# with pam_cracklib(8)
+password required pam_cracklib.so retry=3 minlen=6 difok=3
+password required pam_unix.so use_authtok nullok md5
+session required pam_unix.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_unix-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_unix-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_unix was written by various people.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_unix/pam_unix_acct.c b/Linux-PAM/modules/pam_unix/pam_unix_acct.c
index 02e07ba6..cb2550df 100644
--- a/Linux-PAM/modules/pam_unix/pam_unix_acct.c
+++ b/Linux-PAM/modules/pam_unix/pam_unix_acct.c
@@ -14,13 +14,13 @@
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
@@ -34,7 +34,7 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdlib.h>
#include <stdio.h>
@@ -45,6 +45,12 @@
#include <pwd.h>
#include <shadow.h>
#include <time.h> /* for time() */
+#include <errno.h>
+#include <sys/wait.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#define SELINUX_ENABLED is_selinux_enabled()>0
+#endif
#include <security/_pam_macros.h>
@@ -53,14 +59,130 @@
#define PAM_SM_ACCOUNT
#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
-
-#ifndef LINUX_PAM
-#include <security/pam_appl.h>
-#endif /* LINUX_PAM */
+#include <security/pam_ext.h>
+#include <security/pam_modutil.h>
#include "support.h"
-
+
+#ifdef WITH_SELINUX
+
+struct spwd spwd;
+
+struct spwd *_unix_run_verify_binary(pam_handle_t *pamh, unsigned int ctrl, const char *user)
+{
+ int retval=0, child, fds[2];
+ void (*sighandler)(int) = NULL;
+ D(("running verify_binary"));
+
+ /* create a pipe for the messages */
+ if (pipe(fds) != 0) {
+ D(("could not make pipe"));
+ pam_syslog(pamh, LOG_ERR, "Could not make pipe: %m");
+ return NULL;
+ }
+ D(("called."));
+
+ if (off(UNIX_NOREAP, ctrl)) {
+ /*
+ * This code arranges that the demise of the child does not cause
+ * the application to receive a signal it is not expecting - which
+ * may kill the application or worse.
+ *
+ * The "noreap" module argument is provided so that the admin can
+ * override this behavior.
+ */
+ sighandler = signal(SIGCHLD, SIG_DFL);
+ }
+
+ /* fork */
+ child = fork();
+ if (child == 0) {
+ size_t i=0;
+ struct rlimit rlim;
+ static char *envp[] = { NULL };
+ char *args[] = { NULL, NULL, NULL, NULL };
+
+ close(0); close(1);
+ /* reopen stdin as pipe */
+ close(fds[0]);
+ dup2(fds[1], STDOUT_FILENO);
+
+ /* XXX - should really tidy up PAM here too */
+
+ if (getrlimit(RLIMIT_NOFILE,&rlim)==0) {
+ for (i=2; i < rlim.rlim_max; i++) {
+ if ((unsigned int)fds[1] != i) {
+ close(i);
+ }
+ }
+ }
+
+ if (SELINUX_ENABLED && geteuid() == 0) {
+ /* must set the real uid to 0 so the helper will not error
+ out if pam is called from setuid binary (su, sudo...) */
+ setuid(0);
+ }
+
+ /* exec binary helper */
+ args[0] = x_strdup(CHKPWD_HELPER);
+ args[1] = x_strdup(user);
+ args[2] = x_strdup("verify");
+
+ execve(CHKPWD_HELPER, args, envp);
+
+ pam_syslog(pamh, LOG_ERR, "helper binary execve failed: %m");
+ /* should not get here: exit with error */
+ close (fds[1]);
+ D(("helper binary is not available"));
+ exit(PAM_AUTHINFO_UNAVAIL);
+ } else {
+ close(fds[1]);
+ if (child > 0) {
+ char buf[1024];
+ int rc=0;
+ rc=waitpid(child, &retval, 0); /* wait for helper to complete */
+ if (rc<0) {
+ pam_syslog(pamh, LOG_ERR, "unix_chkpwd waitpid returned %d: %m", rc);
+ retval = PAM_AUTH_ERR;
+ } else {
+ retval = WEXITSTATUS(retval);
+ if (retval != PAM_AUTHINFO_UNAVAIL) {
+ rc = pam_modutil_read(fds[0], buf, sizeof(buf) - 1);
+ if(rc > 0) {
+ buf[rc] = '\0';
+ if (sscanf(buf,"%ld:%ld:%ld:%ld:%ld:%ld",
+ &spwd.sp_lstchg, /* last password change */
+ &spwd.sp_min, /* days until change allowed. */
+ &spwd.sp_max, /* days before change required */
+ &spwd.sp_warn, /* days warning for expiration */
+ &spwd.sp_inact, /* days before account inactive */
+ &spwd.sp_expire) /* date when account expires */ != 6 ) retval = PAM_AUTH_ERR;
+ }
+ else {
+ pam_syslog(pamh, LOG_ERR, " ERROR %d: %m", rc); retval = PAM_AUTH_ERR;
+ }
+ }
+ }
+ } else {
+ pam_syslog(pamh, LOG_ERR, "Fork failed: %m");
+ D(("fork failed"));
+ retval = PAM_AUTH_ERR;
+ }
+ close(fds[0]);
+ }
+ if (sighandler != SIG_ERR) {
+ (void) signal(SIGCHLD, sighandler); /* restore old signal handler */
+ }
+ D(("Returning %d",retval));
+ if (retval != PAM_SUCCESS) {
+ return NULL;
+ }
+ return &spwd;
+}
+
+#endif
+
+
/*
* PAM framework looks for this entry-point to pass control to the
* account management module.
@@ -70,31 +192,33 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
int argc, const char **argv)
{
unsigned int ctrl;
+ const void *void_uname;
const char *uname;
int retval, daysleft;
time_t curdays;
struct spwd *spent;
struct passwd *pwent;
- char buf[80];
+ char buf[256];
D(("called."));
ctrl = _set_ctrl(pamh, flags, NULL, argc, argv);
- retval = pam_get_item(pamh, PAM_USER, (const void **) &uname);
+ retval = pam_get_item(pamh, PAM_USER, &void_uname);
+ uname = void_uname;
D(("user = `%s'", uname));
if (retval != PAM_SUCCESS || uname == NULL) {
- _log_err(LOG_ALERT, pamh
- ,"could not identify user (from uid=%d)"
- ,getuid());
+ pam_syslog(pamh, LOG_ALERT,
+ "could not identify user (from uid=%lu)",
+ (unsigned long int)getuid());
return PAM_USER_UNKNOWN;
}
- pwent = _pammodutil_getpwnam(pamh, uname);
+ pwent = pam_modutil_getpwnam(pamh, uname);
if (!pwent) {
- _log_err(LOG_ALERT, pamh
- ,"could not identify user (from getpwnam(%s))"
- ,uname);
+ pam_syslog(pamh, LOG_ALERT,
+ "could not identify user (from getpwnam(%s))",
+ uname);
return PAM_USER_UNKNOWN;
}
@@ -114,7 +238,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
return PAM_CRED_INSUFFICIENT;
}
}
- spent = _pammodutil_getspnam (pamh, uname);
+ spent = pam_modutil_getspnam (pamh, uname);
if (save_uid == pwent->pw_uid)
setreuid( save_uid, save_euid );
else {
@@ -124,10 +248,15 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
}
} else if (_unix_shadowed (pwent))
- spent = _pammodutil_getspnam (pamh, uname);
+ spent = pam_modutil_getspnam (pamh, uname);
else
return PAM_SUCCESS;
+#ifdef WITH_SELINUX
+ if (!spent && SELINUX_ENABLED )
+ spent = _unix_run_verify_binary(pamh, ctrl, uname);
+#endif
+
if (!spent)
if (on(UNIX_BROKEN_SHADOW,ctrl))
return PAM_SUCCESS;
@@ -138,58 +267,75 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
curdays = time(NULL) / (60 * 60 * 24);
D(("today is %d, last change %d", curdays, spent->sp_lstchg));
if ((curdays > spent->sp_expire) && (spent->sp_expire != -1)) {
- _log_err(LOG_NOTICE, pamh
- ,"account %s has expired (account expired)"
- ,uname);
+ pam_syslog(pamh, LOG_NOTICE,
+ "account %s has expired (account expired)",
+ uname);
_make_remark(pamh, ctrl, PAM_ERROR_MSG,
- "Your account has expired; please contact your system administrator");
+ _("Your account has expired; please contact your system administrator"));
D(("account expired"));
return PAM_ACCT_EXPIRED;
}
if (spent->sp_lstchg == 0) {
- _log_err(LOG_NOTICE, pamh
- ,"expired password for user %s (root enforced)"
- ,uname);
+ pam_syslog(pamh, LOG_NOTICE,
+ "expired password for user %s (root enforced)",
+ uname);
_make_remark(pamh, ctrl, PAM_ERROR_MSG,
- "You are required to change your password immediately (root enforced)");
+ _("You are required to change your password immediately (root enforced)"));
D(("need a new password"));
return PAM_NEW_AUTHTOK_REQD;
}
if (curdays < spent->sp_lstchg) {
- _log_err(LOG_DEBUG, pamh
- ,"account %s has password changed in future"
- ,uname);
+ pam_syslog(pamh, LOG_DEBUG,
+ "account %s has password changed in future",
+ uname);
return PAM_SUCCESS;
}
if ((curdays - spent->sp_lstchg > spent->sp_max)
&& (curdays - spent->sp_lstchg > spent->sp_inact)
&& (curdays - spent->sp_lstchg > spent->sp_max + spent->sp_inact)
&& (spent->sp_max != -1) && (spent->sp_inact != -1)) {
- _log_err(LOG_NOTICE, pamh
- ,"account %s has expired (failed to change password)"
- ,uname);
+ pam_syslog(pamh, LOG_NOTICE,
+ "account %s has expired (failed to change password)",
+ uname);
_make_remark(pamh, ctrl, PAM_ERROR_MSG,
- "Your account has expired; please contact your system administrator");
+ _("Your account has expired; please contact your system administrator"));
D(("account expired 2"));
return PAM_ACCT_EXPIRED;
}
if ((curdays - spent->sp_lstchg > spent->sp_max) && (spent->sp_max != -1)) {
- _log_err(LOG_DEBUG, pamh
- ,"expired password for user %s (password aged)"
- ,uname);
+ pam_syslog(pamh, LOG_DEBUG,
+ "expired password for user %s (password aged)",
+ uname);
_make_remark(pamh, ctrl, PAM_ERROR_MSG,
- "You are required to change your password immediately (password aged)");
+ _("You are required to change your password immediately (password aged)"));
D(("need a new password 2"));
return PAM_NEW_AUTHTOK_REQD;
}
if ((curdays - spent->sp_lstchg > spent->sp_max - spent->sp_warn)
&& (spent->sp_max != -1) && (spent->sp_warn != -1)) {
daysleft = (spent->sp_lstchg + spent->sp_max) - curdays;
- _log_err(LOG_DEBUG, pamh
- ,"password for user %s will expire in %d days"
- ,uname, daysleft);
- snprintf(buf, 80, "Warning: your password will expire in %d day%.2s",
- daysleft, daysleft == 1 ? "" : "s");
+ pam_syslog(pamh, LOG_DEBUG,
+ "password for user %s will expire in %d days",
+ uname, daysleft);
+#ifdef HAVE_DNGETTEXT
+ snprintf (buf, sizeof (buf),
+ dngettext(PACKAGE,
+ "Warning: your password will expire in %d day",
+ "Warning: your password will expire in %d days",
+ daysleft),
+ daysleft);
+#else
+ if (daysleft == 1)
+ snprintf(buf, sizeof (buf),
+ _("Warning: your password will expire in %d day"),
+ daysleft);
+ else
+ snprintf(buf, sizeof (buf),
+ /* TRANSLATORS: only used if dngettext is not support
+ed */
+ _("Warning: your password will expire in %d days"),
+ daysleft);
+#endif
_make_remark(pamh, ctrl, PAM_TEXT_INFO, buf);
}
diff --git a/Linux-PAM/modules/pam_unix/pam_unix_auth.c b/Linux-PAM/modules/pam_unix/pam_unix_auth.c
index 39e0cde5..3004bee8 100644
--- a/Linux-PAM/modules/pam_unix/pam_unix_auth.c
+++ b/Linux-PAM/modules/pam_unix/pam_unix_auth.c
@@ -37,7 +37,7 @@
/* #define DEBUG */
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
@@ -48,6 +48,7 @@
#include <ctype.h>
#include <sys/types.h>
#include <sys/stat.h>
+#include <syslog.h>
/* indicate the following groups are defined */
@@ -56,10 +57,7 @@
#define _PAM_EXTERN_FUNCTIONS
#include <security/_pam_macros.h>
#include <security/pam_modules.h>
-
-#ifndef LINUX_PAM
-#include <security/pam_appl.h>
-#endif /* LINUX_PAM */
+#include <security/pam_ext.h>
#include "support.h"
@@ -95,7 +93,8 @@ do { \
} while (0)
-static void setcred_free (pam_handle_t * pamh, void *ptr, int err)
+static void
+setcred_free (pam_handle_t *pamh UNUSED, void *ptr, int err UNUSED)
{
if (ptr)
free (ptr);
@@ -107,7 +106,8 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags
{
unsigned int ctrl;
int retval, *ret_data = NULL;
- const char *name, *p;
+ const char *name;
+ const void *p;
D(("called."));
@@ -124,12 +124,11 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags
if (retval == PAM_SUCCESS) {
/*
* Various libraries at various times have had bugs related to
- * '+' or '-' as the first character of a user name. Don't take
- * any chances here. Require that the username starts with an
- * alphanumeric character.
+ * '+' or '-' as the first character of a user name. Don't
+ * allow this characters here.
*/
- if (name == NULL || !isalnum(*name)) {
- _log_err(LOG_ERR, pamh, "bad username [%s]", name);
+ if (name == NULL || name[0] == '-' || name[0] == '+') {
+ pam_syslog(pamh, LOG_ERR, "bad username [%s]", name);
retval = PAM_USER_UNKNOWN;
AUTH_RETURN;
}
@@ -157,12 +156,12 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags
}
/* get this user's authentication token */
- retval = _unix_read_password(pamh, ctrl, NULL, "Password: ", NULL
+ retval = _unix_read_password(pamh, ctrl, NULL, _("Password: "), NULL
,_UNIX_AUTHTOK, &p);
if (retval != PAM_SUCCESS) {
if (retval != PAM_CONV_AGAIN) {
- _log_err(LOG_CRIT, pamh, "auth could not identify password for [%s]"
- ,name);
+ pam_syslog(pamh, LOG_CRIT,
+ "auth could not identify password for [%s]", name);
} else {
D(("conversation function is not ready yet"));
/*
@@ -193,11 +192,12 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags
* warned you. -- AOY
*/
-PAM_EXTERN int pam_sm_setcred(pam_handle_t * pamh, int flags
- ,int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
int retval;
- int *pretval = NULL;
+ const void *pretval = NULL;
D(("called."));
@@ -206,9 +206,9 @@ PAM_EXTERN int pam_sm_setcred(pam_handle_t * pamh, int flags
D(("recovering return code from auth call"));
/* We will only find something here if UNIX_LIKE_AUTH is set --
don't worry about an explicit check of argv. */
- pam_get_data(pamh, "unix_setcred_return", (const void **) &pretval);
- if(pretval) {
- retval = *pretval;
+ if (pam_get_data(pamh, "unix_setcred_return", &pretval) == PAM_SUCCESS
+ && pretval) {
+ retval = *(const int *)pretval;
pam_set_data(pamh, "unix_setcred_return", NULL, NULL);
D(("recovered data indicates that old retval was %d", retval));
}
diff --git a/Linux-PAM/modules/pam_unix/pam_unix_passwd.c b/Linux-PAM/modules/pam_unix/pam_unix_passwd.c
index 2ea57cc6..8921d1cc 100644
--- a/Linux-PAM/modules/pam_unix/pam_unix_passwd.c
+++ b/Linux-PAM/modules/pam_unix/pam_unix_passwd.c
@@ -35,7 +35,7 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
@@ -57,6 +57,16 @@
#include <rpcsvc/yp_prot.h>
#include <rpcsvc/ypclnt.h>
+#include <signal.h>
+#include <errno.h>
+#include <sys/wait.h>
+#ifdef WITH_SELINUX
+static int selinux_enabled=-1;
+#include <selinux/selinux.h>
+static security_context_t prev_context=NULL;
+#define SELINUX_ENABLED (selinux_enabled!=-1 ? selinux_enabled : (selinux_enabled=is_selinux_enabled()>0))
+#endif
+
#ifdef USE_CRACKLIB
#include <crack.h>
#endif
@@ -68,16 +78,13 @@
#define PAM_SM_PASSWORD
#include <security/pam_modules.h>
-
-#ifndef LINUX_PAM
-#include <security/pam_appl.h>
-#endif /* LINUX_PAM */
-
-#include <security/_pam_modutil.h>
+#include <security/pam_ext.h>
+#include <security/pam_modutil.h>
#include "yppasswd.h"
#include "md5.h"
#include "support.h"
+#include "bigcrypt.h"
#if !((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 1))
extern int getrpcport(const char *host, unsigned long prognum,
@@ -89,12 +96,10 @@ extern int getrpcport(const char *host, unsigned long prognum,
* password changing module.
*/
-#ifdef NEED_LCKPWDF
+#if defined(USE_LCKPWDF) && !defined(HAVE_LCKPWDF)
# include "./lckpwdf.-c"
#endif
-extern char *bigcrypt(const char *key, const char *salt);
-
/*
How it works:
Gets in username (has to be done) from the calling program
@@ -117,7 +122,7 @@ extern char *bigcrypt(const char *key, const char *salt);
#define PW_TMPFILE "/etc/npasswd"
#define SH_TMPFILE "/etc/nshadow"
#ifndef CRACKLIB_DICTS
-#define CRACKLIB_DICTS "/usr/share/dict/cracklib_dict"
+#define CRACKLIB_DICTS NULL
#endif
#define OPW_TMPFILE "/etc/security/nopasswd"
#define OLD_PASSWORDS_FILE "/etc/security/opasswd"
@@ -187,29 +192,131 @@ static char *getNISserver(pam_handle_t *pamh)
int port, err;
if ((err = yp_get_default_domain(&domainname)) != 0) {
- _log_err(LOG_WARNING, pamh, "can't get local yp domain: %s\n",
+ pam_syslog(pamh, LOG_WARNING, "can't get local yp domain: %s",
yperr_string(err));
return NULL;
}
if ((err = yp_master(domainname, "passwd.byname", &master)) != 0) {
- _log_err(LOG_WARNING, pamh, "can't find the master ypserver: %s\n",
+ pam_syslog(pamh, LOG_WARNING, "can't find the master ypserver: %s",
yperr_string(err));
return NULL;
}
port = getrpcport(master, YPPASSWDPROG, YPPASSWDPROC_UPDATE, IPPROTO_UDP);
if (port == 0) {
- _log_err(LOG_WARNING, pamh,
- "yppasswdd not running on NIS master host\n");
+ pam_syslog(pamh, LOG_WARNING,
+ "yppasswdd not running on NIS master host");
return NULL;
}
if (port >= IPPORT_RESERVED) {
- _log_err(LOG_WARNING, pamh,
- "yppasswd daemon running on illegal port.\n");
+ pam_syslog(pamh, LOG_WARNING,
+ "yppasswd daemon running on illegal port");
return NULL;
}
return master;
}
+#ifdef WITH_SELINUX
+
+static int _unix_run_shadow_binary(pam_handle_t *pamh, unsigned int ctrl, const char *user, const char *fromwhat, const char *towhat)
+{
+ int retval, child, fds[2];
+ void (*sighandler)(int) = NULL;
+
+ D(("called."));
+ /* create a pipe for the password */
+ if (pipe(fds) != 0) {
+ D(("could not make pipe"));
+ return PAM_AUTH_ERR;
+ }
+
+ if (off(UNIX_NOREAP, ctrl)) {
+ /*
+ * This code arranges that the demise of the child does not cause
+ * the application to receive a signal it is not expecting - which
+ * may kill the application or worse.
+ *
+ * The "noreap" module argument is provided so that the admin can
+ * override this behavior.
+ */
+ sighandler = signal(SIGCHLD, SIG_DFL);
+ }
+
+ /* fork */
+ child = fork();
+ if (child == 0) {
+ size_t i=0;
+ struct rlimit rlim;
+ static char *envp[] = { NULL };
+ char *args[] = { NULL, NULL, NULL, NULL };
+
+ /* XXX - should really tidy up PAM here too */
+
+ close(0); close(1);
+ /* reopen stdin as pipe */
+ close(fds[1]);
+ dup2(fds[0], STDIN_FILENO);
+
+ if (getrlimit(RLIMIT_NOFILE,&rlim)==0) {
+ for (i=2; i < rlim.rlim_max; i++) {
+ if ((unsigned int)fds[0] != i)
+ close(i);
+ }
+ }
+
+ if (SELINUX_ENABLED && geteuid() == 0) {
+ /* must set the real uid to 0 so the helper will not error
+ out if pam is called from setuid binary (su, sudo...) */
+ setuid(0);
+ }
+
+ /* exec binary helper */
+ args[0] = x_strdup(CHKPWD_HELPER);
+ args[1] = x_strdup(user);
+ args[2] = x_strdup("shadow");
+
+ execve(CHKPWD_HELPER, args, envp);
+
+ /* should not get here: exit with error */
+ D(("helper binary is not available"));
+ exit(PAM_AUTHINFO_UNAVAIL);
+ } else if (child > 0) {
+ /* wait for child */
+ /* if the stored password is NULL */
+ int rc=0;
+ if (fromwhat)
+ pam_modutil_write(fds[1], fromwhat, strlen(fromwhat)+1);
+ else
+ pam_modutil_write(fds[1], "", 1);
+ if (towhat) {
+ pam_modutil_write(fds[1], towhat, strlen(towhat)+1);
+ }
+ else
+ pam_modutil_write(fds[1], "", 1);
+
+ close(fds[0]); /* close here to avoid possible SIGPIPE above */
+ close(fds[1]);
+ rc=waitpid(child, &retval, 0); /* wait for helper to complete */
+ if (rc<0) {
+ pam_syslog(pamh, LOG_ERR, "unix_chkpwd waitpid returned %d: %m", rc);
+ retval = PAM_AUTH_ERR;
+ } else {
+ retval = WEXITSTATUS(retval);
+ }
+ } else {
+ D(("fork failed"));
+ close(fds[0]);
+ close(fds[1]);
+ retval = PAM_AUTH_ERR;
+ }
+
+ if (sighandler != SIG_ERR) {
+ (void) signal(SIGCHLD, sighandler); /* restore old signal handler */
+ }
+
+ return retval;
+}
+#endif
+
static int check_old_password(const char *forwho, const char *newpass)
{
static char buf[16384];
@@ -270,37 +377,58 @@ static int save_old_password(pam_handle_t *pamh,
}
oldmask = umask(077);
+
+#ifdef WITH_SELINUX
+ if (SELINUX_ENABLED) {
+ security_context_t passwd_context=NULL;
+ if (getfilecon("/etc/passwd",&passwd_context)<0) {
+ return PAM_AUTHTOK_ERR;
+ };
+ if (getfscreatecon(&prev_context)<0) {
+ freecon(passwd_context);
+ return PAM_AUTHTOK_ERR;
+ }
+ if (setfscreatecon(passwd_context)) {
+ freecon(passwd_context);
+ freecon(prev_context);
+ return PAM_AUTHTOK_ERR;
+ }
+ freecon(passwd_context);
+ }
+#endif
pwfile = fopen(OPW_TMPFILE, "w");
umask(oldmask);
if (pwfile == NULL) {
- return PAM_AUTHTOK_ERR;
+ err = 1;
+ goto done;
}
opwfile = fopen(OLD_PASSWORDS_FILE, "r");
if (opwfile == NULL) {
fclose(pwfile);
- return PAM_AUTHTOK_ERR;
+ err = 1;
+ goto done;
}
- if (fstat (fileno (opwfile), &st) == -1)
- {
- fclose (opwfile);
- fclose (pwfile);
- return PAM_AUTHTOK_ERR;
- }
+ if (fstat(fileno(opwfile), &st) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
- if (fchown (fileno (pwfile), st.st_uid, st.st_gid) == -1)
- {
- fclose (opwfile);
- fclose (pwfile);
- return PAM_AUTHTOK_ERR;
- }
- if (fchmod (fileno (pwfile), st.st_mode) == -1)
- {
- fclose (opwfile);
- fclose (pwfile);
- return PAM_AUTHTOK_ERR;
- }
+ if (fchown(fileno(pwfile), st.st_uid, st.st_gid) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
+ if (fchmod(fileno(pwfile), st.st_mode) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
while (fgets(buf, 16380, opwfile)) {
if (!strncmp(buf, forwho, strlen(forwho))) {
@@ -337,13 +465,13 @@ static int save_old_password(pam_handle_t *pamh,
fclose(opwfile);
if (!found) {
- pwd = _pammodutil_getpwnam(pamh, forwho);
+ pwd = pam_modutil_getpwnam(pamh, forwho);
if (pwd == NULL) {
err = 1;
} else {
pass = crypt_md5_wrapper(oldpass);
- snprintf(nbuf, sizeof(nbuf), "%s:%d:1:%s\n",
- forwho, pwd->pw_uid, pass);
+ snprintf(nbuf, sizeof(nbuf), "%s:%lu:1:%s\n",
+ forwho, (unsigned long)pwd->pw_uid, pass);
_pam_delete(pass);
if (fputs(nbuf, pwfile) < 0) {
err = 1;
@@ -352,19 +480,31 @@ static int save_old_password(pam_handle_t *pamh,
}
if (fclose(pwfile)) {
- D(("error writing entries to old passwords file: %s\n",
- strerror(errno)));
+ D(("error writing entries to old passwords file: %m"));
err = 1;
}
+done:
if (!err) {
- if (!rename(OPW_TMPFILE, OLD_PASSWORDS_FILE)) {
- return PAM_SUCCESS;
- }
+ if (rename(OPW_TMPFILE, OLD_PASSWORDS_FILE))
+ err = 1;
+ }
+#ifdef WITH_SELINUX
+ if (SELINUX_ENABLED) {
+ if (setfscreatecon(prev_context)) {
+ err = 1;
+ }
+ if (prev_context)
+ freecon(prev_context);
+ prev_context=NULL;
+ }
+#endif
+ if (!err) {
+ return PAM_SUCCESS;
+ } else {
+ unlink(OPW_TMPFILE);
+ return PAM_AUTHTOK_ERR;
}
-
- unlink(OPW_TMPFILE);
- return PAM_AUTHTOK_ERR;
}
static int _update_passwd(pam_handle_t *pamh,
@@ -377,38 +517,59 @@ static int _update_passwd(pam_handle_t *pamh,
int oldmask;
oldmask = umask(077);
+#ifdef WITH_SELINUX
+ if (SELINUX_ENABLED) {
+ security_context_t passwd_context=NULL;
+ if (getfilecon("/etc/passwd",&passwd_context)<0) {
+ return PAM_AUTHTOK_ERR;
+ };
+ if (getfscreatecon(&prev_context)<0) {
+ freecon(passwd_context);
+ return PAM_AUTHTOK_ERR;
+ }
+ if (setfscreatecon(passwd_context)) {
+ freecon(passwd_context);
+ freecon(prev_context);
+ return PAM_AUTHTOK_ERR;
+ }
+ freecon(passwd_context);
+ }
+#endif
pwfile = fopen(PW_TMPFILE, "w");
umask(oldmask);
if (pwfile == NULL) {
- return PAM_AUTHTOK_ERR;
+ err = 1;
+ goto done;
}
opwfile = fopen("/etc/passwd", "r");
if (opwfile == NULL) {
fclose(pwfile);
- return PAM_AUTHTOK_ERR;
+ err = 1;
+ goto done;
}
- if (fstat (fileno (opwfile), &st) == -1)
- {
- fclose (opwfile);
- fclose (pwfile);
- return PAM_AUTHTOK_ERR;
- }
+ if (fstat(fileno(opwfile), &st) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
- if (fchown (fileno (pwfile), st.st_uid, st.st_gid) == -1)
- {
- fclose (opwfile);
- fclose (pwfile);
- return PAM_AUTHTOK_ERR;
- }
- if (fchmod (fileno (pwfile), st.st_mode) == -1)
- {
- fclose (opwfile);
- fclose (pwfile);
- }
+ if (fchown(fileno(pwfile), st.st_uid, st.st_gid) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
+ if (fchmod(fileno(pwfile), st.st_mode) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
- tmpent = fgetpwent (opwfile);
+ tmpent = fgetpwent(opwfile);
while (tmpent) {
if (!strcmp(tmpent->pw_name, forwho)) {
/* To shut gcc up */
@@ -422,7 +583,7 @@ static int _update_passwd(pam_handle_t *pamh,
err = 0;
}
if (putpwent(tmpent, pwfile)) {
- D(("error writing entry to password file: %s\n", strerror(errno)));
+ D(("error writing entry to password file: %m"));
err = 1;
break;
}
@@ -431,19 +592,33 @@ static int _update_passwd(pam_handle_t *pamh,
fclose(opwfile);
if (fclose(pwfile)) {
- D(("error writing entries to password file: %s\n", strerror(errno)));
+ D(("error writing entries to password file: %m"));
err = 1;
}
+done:
if (!err) {
- if (!rename(PW_TMPFILE, "/etc/passwd")) {
- _log_err(LOG_NOTICE, pamh, "password changed for %s", forwho);
- return PAM_SUCCESS;
- }
+ if (!rename(PW_TMPFILE, "/etc/passwd"))
+ pam_syslog(pamh, LOG_NOTICE, "password changed for %s", forwho);
+ else
+ err = 1;
+ }
+#ifdef WITH_SELINUX
+ if (SELINUX_ENABLED) {
+ if (setfscreatecon(prev_context)) {
+ err = 1;
+ }
+ if (prev_context)
+ freecon(prev_context);
+ prev_context=NULL;
+ }
+#endif
+ if (!err) {
+ return PAM_SUCCESS;
+ } else {
+ unlink(PW_TMPFILE);
+ return PAM_AUTHTOK_ERR;
}
-
- unlink(PW_TMPFILE);
- return PAM_AUTHTOK_ERR;
}
static int _update_shadow(pam_handle_t *pamh, const char *forwho, char *towhat)
@@ -459,37 +634,58 @@ static int _update_shadow(pam_handle_t *pamh, const char *forwho, char *towhat)
return PAM_USER_UNKNOWN;
}
oldmask = umask(077);
+
+#ifdef WITH_SELINUX
+ if (SELINUX_ENABLED) {
+ security_context_t shadow_context=NULL;
+ if (getfilecon("/etc/shadow",&shadow_context)<0) {
+ return PAM_AUTHTOK_ERR;
+ };
+ if (getfscreatecon(&prev_context)<0) {
+ freecon(shadow_context);
+ return PAM_AUTHTOK_ERR;
+ }
+ if (setfscreatecon(shadow_context)) {
+ freecon(shadow_context);
+ freecon(prev_context);
+ return PAM_AUTHTOK_ERR;
+ }
+ freecon(shadow_context);
+ }
+#endif
pwfile = fopen(SH_TMPFILE, "w");
umask(oldmask);
if (pwfile == NULL) {
- return PAM_AUTHTOK_ERR;
+ err = 1;
+ goto done;
}
opwfile = fopen("/etc/shadow", "r");
if (opwfile == NULL) {
fclose(pwfile);
- return PAM_AUTHTOK_ERR;
+ err = 1;
+ goto done;
}
- if (fstat (fileno (opwfile), &st) == -1)
- {
- fclose (opwfile);
- fclose (pwfile);
- return PAM_AUTHTOK_ERR;
- }
+ if (fstat(fileno(opwfile), &st) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
- if (fchown (fileno (pwfile), st.st_uid, st.st_gid) == -1)
- {
- fclose (opwfile);
- fclose (pwfile);
- return PAM_AUTHTOK_ERR;
- }
- if (fchmod (fileno (pwfile), st.st_mode) == -1)
- {
- fclose (opwfile);
- fclose (pwfile);
- return PAM_AUTHTOK_ERR;
- }
+ if (fchown(fileno(pwfile), st.st_uid, st.st_gid) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
+ if (fchmod(fileno(pwfile), st.st_mode) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
stmpent = fgetspent(opwfile);
while (stmpent) {
@@ -502,7 +698,7 @@ static int _update_shadow(pam_handle_t *pamh, const char *forwho, char *towhat)
}
if (putspent(stmpent, pwfile)) {
- D(("error writing entry to shadow file: %s\n", strerror(errno)));
+ D(("error writing entry to shadow file: %m"));
err = 1;
break;
}
@@ -512,26 +708,45 @@ static int _update_shadow(pam_handle_t *pamh, const char *forwho, char *towhat)
fclose(opwfile);
if (fclose(pwfile)) {
- D(("error writing entries to shadow file: %s\n", strerror(errno)));
+ D(("error writing entries to shadow file: %m"));
err = 1;
}
+ done:
if (!err) {
- if (!rename(SH_TMPFILE, "/etc/shadow")) {
- _log_err(LOG_NOTICE, pamh, "password changed for %s", forwho);
- return PAM_SUCCESS;
- }
+ if (!rename(SH_TMPFILE, "/etc/shadow"))
+ pam_syslog(pamh, LOG_NOTICE, "password changed for %s", forwho);
+ else
+ err = 1;
+ }
+
+#ifdef WITH_SELINUX
+ if (SELINUX_ENABLED) {
+ if (setfscreatecon(prev_context)) {
+ err = 1;
+ }
+ if (prev_context)
+ freecon(prev_context);
+ prev_context=NULL;
}
+#endif
- unlink(SH_TMPFILE);
- return PAM_AUTHTOK_ERR;
+ if (!err) {
+ return PAM_SUCCESS;
+ } else {
+ unlink(SH_TMPFILE);
+ return PAM_AUTHTOK_ERR;
+ }
}
-static int _do_setpass(pam_handle_t* pamh, const char *forwho, char *fromwhat,
+static int _do_setpass(pam_handle_t* pamh, const char *forwho,
+ const char *fromwhat,
char *towhat, unsigned int ctrl, int remember)
{
struct passwd *pwd = NULL;
int retval = 0;
+ int unlocked = 0;
+ char *master = NULL;
D(("called"));
@@ -542,35 +757,19 @@ static int _do_setpass(pam_handle_t* pamh, const char *forwho, char *fromwhat,
goto done;
}
- if (_unix_comesfromsource(pamh, forwho, 1, 0)) {
- /* first, save old password */
- if (save_old_password(pamh, forwho, fromwhat, remember)) {
- retval = PAM_AUTHTOK_ERR;
- goto done;
- }
- if (on(UNIX_SHADOW, ctrl) || _unix_shadowed(pwd)) {
- retval = _update_shadow(pamh, forwho, towhat);
- if (retval == PAM_SUCCESS)
- if (!_unix_shadowed(pwd))
- retval = _update_passwd(pamh, forwho, "x");
- } else {
- retval = _update_passwd(pamh, forwho, towhat);
- }
- } else if (on(UNIX_NIS, ctrl) && _unix_comesfromsource(pamh, forwho, 0, 1)) {
+ if (on(UNIX_NIS, ctrl) && _unix_comesfromsource(pamh, forwho, 0, 1)) {
+ if ((master=getNISserver(pamh)) != NULL) {
struct timeval timeout;
struct yppasswd yppwd;
CLIENT *clnt;
- char *master;
int status;
- int err = 0;
+ enum clnt_stat err;
/* Unlock passwd file to avoid deadlock */
#ifdef USE_LCKPWDF
ulckpwdf();
#endif
- /* Make RPC call to NIS server */
- if ((master = getNISserver(pamh)) == NULL)
- return PAM_TRY_AGAIN;
+ unlocked = 1;
/* Initialize password information */
yppwd.newpw.pw_passwd = pwd->pw_passwd;
@@ -580,7 +779,7 @@ static int _do_setpass(pam_handle_t* pamh, const char *forwho, char *fromwhat,
yppwd.newpw.pw_gecos = pwd->pw_gecos;
yppwd.newpw.pw_dir = pwd->pw_dir;
yppwd.newpw.pw_shell = pwd->pw_shell;
- yppwd.oldpass = fromwhat ? fromwhat : "";
+ yppwd.oldpass = fromwhat ? strdup (fromwhat) : strdup ("");
yppwd.newpw.pw_passwd = towhat;
D(("Set password %s for %s", yppwd.newpw.pw_passwd, forwho));
@@ -600,29 +799,73 @@ static int _do_setpass(pam_handle_t* pamh, const char *forwho, char *fromwhat,
(xdrproc_t) xdr_int, (char *) &status,
timeout);
+ free (yppwd.oldpass);
+
if (err) {
- clnt_perrno(err);
- retval = PAM_TRY_AGAIN;
+ _make_remark(pamh, ctrl, PAM_TEXT_INFO,
+ clnt_sperrno(err));
} else if (status) {
D(("Error while changing NIS password.\n"));
- retval = PAM_TRY_AGAIN;
}
D(("The password has%s been changed on %s.",
(err || status) ? " not" : "", master));
- _log_err(LOG_NOTICE, pamh, "password%s changed for %s on %s",
+ pam_syslog(pamh, LOG_NOTICE, "password%s changed for %s on %s",
(err || status) ? " not" : "", pwd->pw_name, master);
auth_destroy(clnt->cl_auth);
clnt_destroy(clnt);
- if ((err || status) != 0) {
+ if (err || status) {
+ _make_remark(pamh, ctrl, PAM_TEXT_INFO,
+ _("NIS password could not be changed."));
retval = PAM_TRY_AGAIN;
}
#ifdef DEBUG
sleep(5);
#endif
- return retval;
+ } else {
+ retval = PAM_TRY_AGAIN;
+ }
}
+ if (_unix_comesfromsource(pamh, forwho, 1, 0)) {
+#ifdef USE_LCKPWDF
+ if(unlocked) {
+ int i = 0;
+ /* These values for the number of attempts and the sleep time
+ are, of course, completely arbitrary.
+ My reading of the PAM docs is that, once pam_chauthtok() has been
+ called with PAM_UPDATE_AUTHTOK, we are obliged to take any
+ reasonable steps to make sure the token is updated; so retrying
+ for 1/10 sec. isn't overdoing it. */
+ while((retval = lckpwdf()) != 0 && i < 100) {
+ usleep(1000);
+ i++;
+ }
+ if(retval != 0) {
+ return PAM_AUTHTOK_LOCK_BUSY;
+ }
+ }
+#endif
+ /* first, save old password */
+ if (save_old_password(pamh, forwho, fromwhat, remember)) {
+ retval = PAM_AUTHTOK_ERR;
+ goto done;
+ }
+ if (on(UNIX_SHADOW, ctrl) || _unix_shadowed(pwd)) {
+ retval = _update_shadow(pamh, forwho, towhat);
+#ifdef WITH_SELINUX
+ if (retval != PAM_SUCCESS && SELINUX_ENABLED)
+ retval = _unix_run_shadow_binary(pamh, ctrl, forwho, fromwhat, towhat);
+#endif
+ if (retval == PAM_SUCCESS)
+ if (!_unix_shadowed(pwd))
+ retval = _update_passwd(pamh, forwho, "x");
+ } else {
+ retval = _update_passwd(pamh, forwho, towhat);
+ }
+ }
+
+
done:
#ifdef USE_LCKPWDF
ulckpwdf();
@@ -631,7 +874,7 @@ done:
return retval;
}
-static int _unix_verify_shadow(const char *user, unsigned int ctrl)
+static int _unix_verify_shadow(pam_handle_t *pamh, const char *user, unsigned int ctrl)
{
struct passwd *pwd = NULL; /* Password and shadow password */
struct spwd *spwdent = NULL; /* file entries for the user */
@@ -650,6 +893,10 @@ static int _unix_verify_shadow(const char *user, unsigned int ctrl)
spwdent = getspnam(user);
endspent();
+#ifdef WITH_SELINUX
+ if (spwdent == NULL && SELINUX_ENABLED )
+ spwdent = _unix_run_verify_binary(pamh, ctrl, user);
+#endif
if (spwdent == NULL)
return PAM_AUTHINFO_UNAVAIL;
} else {
@@ -674,10 +921,22 @@ static int _unix_verify_shadow(const char *user, unsigned int ctrl)
if (off(UNIX__IAMROOT, ctrl)) {
/* Get the current number of days since 1970 */
curdays = time(NULL) / (60 * 60 * 24);
- if ((curdays < (spwdent->sp_lstchg + spwdent->sp_min))
- && (spwdent->sp_min != -1))
+ if (curdays < spwdent->sp_lstchg) {
+ pam_syslog(pamh, LOG_DEBUG,
+ "account %s has password changed in future",
+ user);
+ curdays = spwdent->sp_lstchg;
+ }
+ if ((curdays - spwdent->sp_lstchg < spwdent->sp_min)
+ && (spwdent->sp_min != -1))
+ /*
+ * The last password change was too recent.
+ */
retval = PAM_AUTHTOK_ERR;
- else if ((curdays > (spwdent->sp_lstchg + spwdent->sp_max + spwdent->sp_inact))
+ else if ((curdays - spwdent->sp_lstchg > spwdent->sp_max)
+ && (curdays - spwdent->sp_lstchg > spwdent->sp_inact)
+ && (curdays - spwdent->sp_lstchg >
+ spwdent->sp_max + spwdent->sp_inact)
&& (spwdent->sp_max != -1) && (spwdent->sp_inact != -1)
&& (spwdent->sp_lstchg != 0))
/*
@@ -700,7 +959,7 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh
,const char *pass_old
,const char *pass_new)
{
- const char *user;
+ const void *user;
const char *remark = NULL;
int retval = PAM_SUCCESS;
@@ -710,10 +969,10 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh
if (pass_new == NULL || (pass_old && !strcmp(pass_old, pass_new))) {
if (on(UNIX_DEBUG, ctrl)) {
- _log_err(LOG_DEBUG, pamh, "bad authentication token");
+ pam_syslog(pamh, LOG_DEBUG, "bad authentication token");
}
_make_remark(pamh, ctrl, PAM_ERROR_MSG, pass_new == NULL ?
- "No password supplied" : "Password unchanged");
+ _("No password supplied") : _("Password unchanged"));
return PAM_AUTHTOK_ERR;
}
/*
@@ -721,27 +980,27 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh
* checking this would be the place - AGM
*/
- retval = pam_get_item(pamh, PAM_USER, (const void **) &user);
+ retval = pam_get_item(pamh, PAM_USER, &user);
if (retval != PAM_SUCCESS) {
if (on(UNIX_DEBUG, ctrl)) {
- _log_err(LOG_ERR, pamh, "Can not get username");
+ pam_syslog(pamh, LOG_ERR, "Can not get username");
return PAM_AUTHTOK_ERR;
}
}
if (off(UNIX__IAMROOT, ctrl)) {
#ifdef USE_CRACKLIB
- remark = FascistCheck(pass_new, CRACKLIB_DICTS);
+ remark = FascistCheck (pass_new, CRACKLIB_DICTS);
D(("called cracklib [%s]", remark));
#else
if (strlen(pass_new) < 6)
- remark = "You must choose a longer password";
+ remark = _("You must choose a longer password");
D(("length check [%s]", remark));
#endif
if (on(UNIX_REMEMBER_PASSWD, ctrl)) {
if ((retval = check_old_password(user, pass_new)) == PAM_AUTHTOK_ERR)
- remark = "Password has been already used. Choose another.";
+ remark = _("Password has been already used. Choose another.");
if (retval == PAM_ABORT) {
- _log_err(LOG_ERR, pamh, "can't open %s file to check old passwords",
+ pam_syslog(pamh, LOG_ERR, "can't open %s file to check old passwords",
OLD_PASSWORDS_FILE);
return retval;
}
@@ -764,7 +1023,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
/* <DO NOT free() THESE> */
const char *user;
- char *pass_old, *pass_new;
+ const void *pass_old, *pass_new;
/* </DO NOT free() THESE> */
D(("called."));
@@ -778,20 +1037,19 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
if (retval == PAM_SUCCESS) {
/*
* Various libraries at various times have had bugs related to
- * '+' or '-' as the first character of a user name. Don't take
- * any chances here. Require that the username starts with an
- * alphanumeric character.
+ * '+' or '-' as the first character of a user name. Don't
+ * allow them.
*/
- if (user == NULL || !isalnum(*user)) {
- _log_err(LOG_ERR, pamh, "bad username [%s]", user);
+ if (user == NULL || user[0] == '-' || user[0] == '+') {
+ pam_syslog(pamh, LOG_ERR, "bad username [%s]", user);
return PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS && on(UNIX_DEBUG, ctrl))
- _log_err(LOG_DEBUG, pamh, "username [%s] obtained",
+ pam_syslog(pamh, LOG_DEBUG, "username [%s] obtained",
user);
} else {
if (on(UNIX_DEBUG, ctrl))
- _log_err(LOG_DEBUG, pamh,
+ pam_syslog(pamh, LOG_DEBUG,
"password - could not identify user");
return retval;
}
@@ -805,23 +1063,23 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
* getpwnam() doesn't tell you *where* the information it gives you
* came from, nor should it. That's our job.
*/
- if (_unix_comesfromsource(pamh, user, 1, 1) == 0) {
- _log_err(LOG_DEBUG, pamh,
- "user \"%s\" does not exist in /etc/passwd or NIS",
- user);
+ if (_unix_comesfromsource(pamh, user, 1, on(UNIX_NIS, ctrl)) == 0) {
+ pam_syslog(pamh, LOG_DEBUG,
+ "user \"%s\" does not exist in /etc/passwd%s",
+ user, on(UNIX_NIS, ctrl) ? " or NIS" : "");
return PAM_USER_UNKNOWN;
} else {
struct passwd *pwd;
_unix_getpwnam(pamh, user, 1, 1, &pwd);
if (pwd == NULL) {
- _log_err(LOG_DEBUG, pamh,
+ pam_syslog(pamh, LOG_DEBUG,
"user \"%s\" has corrupted passwd entry",
user);
return PAM_USER_UNKNOWN;
}
if (!_unix_shadowed(pwd) &&
(strchr(pwd->pw_passwd, '*') != NULL)) {
- _log_err(LOG_DEBUG, pamh,
+ pam_syslog(pamh, LOG_DEBUG,
"user \"%s\" does not have modifiable password",
user);
return PAM_USER_UNKNOWN;
@@ -846,32 +1104,27 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
if (_unix_blankpasswd(pamh, ctrl, user)) {
return PAM_SUCCESS;
} else if (off(UNIX__IAMROOT, ctrl)) {
-
/* instruct user what is happening */
-#define greeting "Changing password for "
- Announce = (char *) malloc(sizeof(greeting) + strlen(user));
- if (Announce == NULL) {
- _log_err(LOG_CRIT, pamh,
+ if (asprintf(&Announce, _("Changing password for %s."),
+ user) < 0) {
+ pam_syslog(pamh, LOG_CRIT,
"password - out of memory");
return PAM_BUF_ERR;
}
- (void) strcpy(Announce, greeting);
- (void) strcpy(Announce + sizeof(greeting) - 1, user);
-#undef greeting
lctrl = ctrl;
set(UNIX__OLD_PASSWD, lctrl);
retval = _unix_read_password(pamh, lctrl
,Announce
- ,"(current) UNIX password: "
+ ,_("(current) UNIX password: ")
,NULL
,_UNIX_OLD_AUTHTOK
- ,(const char **) &pass_old);
+ ,&pass_old);
free(Announce);
if (retval != PAM_SUCCESS) {
- _log_err(LOG_NOTICE, pamh
- ,"password - (old) token not obtained");
+ pam_syslog(pamh, LOG_NOTICE,
+ "password - (old) token not obtained");
return retval;
}
/* verify that this is the password for this user */
@@ -891,14 +1144,14 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
retval = pam_set_item(pamh, PAM_OLDAUTHTOK, (const void *) pass_old);
pass_old = NULL;
if (retval != PAM_SUCCESS) {
- _log_err(LOG_CRIT, pamh,
+ pam_syslog(pamh, LOG_CRIT,
"failed to set PAM_OLDAUTHTOK");
}
- retval = _unix_verify_shadow(user, ctrl);
+ retval = _unix_verify_shadow(pamh,user, ctrl);
if (retval == PAM_AUTHTOK_ERR) {
if (off(UNIX__IAMROOT, ctrl))
_make_remark(pamh, ctrl, PAM_ERROR_MSG,
- "You must wait longer to change your password");
+ _("You must wait longer to change your password"));
else
retval = PAM_SUCCESS;
}
@@ -925,10 +1178,10 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
if (off(UNIX_NOT_SET_PASS, ctrl)) {
retval = pam_get_item(pamh, PAM_OLDAUTHTOK
- ,(const void **) &pass_old);
+ ,&pass_old);
} else {
retval = pam_get_data(pamh, _UNIX_OLD_AUTHTOK
- ,(const void **) &pass_old);
+ ,&pass_old);
if (retval == PAM_NO_MODULE_DATA) {
retval = PAM_SUCCESS;
pass_old = NULL;
@@ -937,7 +1190,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
D(("pass_old [%s]", pass_old));
if (retval != PAM_SUCCESS) {
- _log_err(LOG_NOTICE, pamh, "user not authenticated");
+ pam_syslog(pamh, LOG_NOTICE, "user not authenticated");
return retval;
}
@@ -958,15 +1211,15 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
retval = _unix_read_password(pamh, lctrl
,NULL
- ,"Enter new UNIX password: "
- ,"Retype new UNIX password: "
+ ,_("Enter new UNIX password: ")
+ ,_("Retype new UNIX password: ")
,_UNIX_NEW_AUTHTOK
- ,(const char **) &pass_new);
+ ,&pass_new);
if (retval != PAM_SUCCESS) {
if (on(UNIX_DEBUG, ctrl)) {
- _log_err(LOG_ALERT, pamh
- ,"password - new password not obtained");
+ pam_syslog(pamh, LOG_ALERT,
+ "password - new password not obtained");
}
pass_old = NULL; /* tidy up */
return retval;
@@ -979,14 +1232,14 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
* password is acceptable.
*/
- if (pass_new[0] == '\0') { /* "\0" password = NULL */
+ if (*(const char *)pass_new == '\0') { /* "\0" password = NULL */
pass_new = NULL;
}
retval = _pam_unix_approve_pass(pamh, ctrl, pass_old, pass_new);
}
if (retval != PAM_SUCCESS) {
- _log_err(LOG_NOTICE, pamh,
+ pam_syslog(pamh, LOG_NOTICE,
"new password not acceptable");
pass_new = pass_old = NULL; /* tidy up */
return retval;
@@ -1011,7 +1264,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
if (pass_old) {
retval = _unix_verify_password(pamh, user, pass_old, ctrl);
if (retval != PAM_SUCCESS) {
- _log_err(LOG_NOTICE, pamh, "user password changed by another process");
+ pam_syslog(pamh, LOG_NOTICE, "user password changed by another process");
#ifdef USE_LCKPWDF
ulckpwdf();
#endif
@@ -1019,9 +1272,9 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
}
}
- retval = _unix_verify_shadow(user, ctrl);
+ retval = _unix_verify_shadow(pamh, user, ctrl);
if (retval != PAM_SUCCESS) {
- _log_err(LOG_NOTICE, pamh, "user not authenticated 2");
+ pam_syslog(pamh, LOG_NOTICE, "user not authenticated 2");
#ifdef USE_LCKPWDF
ulckpwdf();
#endif
@@ -1030,7 +1283,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
retval = _pam_unix_approve_pass(pamh, ctrl, pass_old, pass_new);
if (retval != PAM_SUCCESS) {
- _log_err(LOG_NOTICE, pamh,
+ pam_syslog(pamh, LOG_NOTICE,
"new password not acceptable 2");
pass_new = pass_old = NULL; /* tidy up */
#ifdef USE_LCKPWDF
@@ -1074,7 +1327,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
char *temp = malloc(9);
if (temp == NULL) {
- _log_err(LOG_CRIT, pamh,
+ pam_syslog(pamh, LOG_CRIT,
"out of memory for password");
pass_new = pass_old = NULL; /* tidy up */
#ifdef USE_LCKPWDF
@@ -1106,7 +1359,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
_pam_delete(tpass);
pass_old = pass_new = NULL;
} else { /* something has broken with the module */
- _log_err(LOG_ALERT, pamh,
+ pam_syslog(pamh, LOG_ALERT,
"password received unknown request");
retval = PAM_ABORT;
}
diff --git a/Linux-PAM/modules/pam_unix/pam_unix_sess.c b/Linux-PAM/modules/pam_unix/pam_unix_sess.c
index a29a7085..b7af4503 100644
--- a/Linux-PAM/modules/pam_unix/pam_unix_sess.c
+++ b/Linux-PAM/modules/pam_unix/pam_unix_sess.c
@@ -1,5 +1,5 @@
/*
- * $Id: pam_unix_sess.c,v 1.5 2005/03/23 14:35:21 t8m Exp $
+ * $Id: pam_unix_sess.c,v 1.9 2006/06/17 16:44:58 kukuk Exp $
*
* Copyright Alexander O. Yuriev, 1996. All rights reserved.
* Copyright Jan Rêkorajski, 1999. All rights reserved.
@@ -36,7 +36,7 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
@@ -53,11 +53,8 @@
#include <security/_pam_macros.h>
#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
-
-#ifndef LINUX_PAM
-#include <security/pam_appl.h>
-#endif /* LINUX_PAM */
+#include <security/pam_ext.h>
+#include <security/pam_modutil.h>
#include "support.h"
@@ -80,23 +77,23 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t * pamh, int flags,
retval = pam_get_item(pamh, PAM_USER, (void *) &user_name);
if (user_name == NULL || *user_name == '\0' || retval != PAM_SUCCESS) {
- _log_err(LOG_CRIT, pamh,
+ pam_syslog(pamh, LOG_CRIT,
"open_session - error recovering username");
return PAM_SESSION_ERR; /* How did we get authenticated with
no username?! */
}
retval = pam_get_item(pamh, PAM_SERVICE, (void *) &service);
if (service == NULL || *service == '\0' || retval != PAM_SUCCESS) {
- _log_err(LOG_CRIT, pamh,
+ pam_syslog(pamh, LOG_CRIT,
"open_session - error recovering service");
return PAM_SESSION_ERR;
}
- login_name = _pammodutil_getlogin(pamh);
+ login_name = pam_modutil_getlogin(pamh);
if (login_name == NULL) {
login_name = "";
}
- _log_err(LOG_INFO, pamh, "session opened for user %s by %s(uid=%d)",
- user_name, login_name, getuid());
+ pam_syslog(pamh, LOG_INFO, "session opened for user %s by %s(uid=%lu)",
+ user_name, login_name, (unsigned long)getuid());
return PAM_SUCCESS;
}
@@ -114,19 +111,19 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t * pamh, int flags,
retval = pam_get_item(pamh, PAM_USER, (void *) &user_name);
if (user_name == NULL || *user_name == '\0' || retval != PAM_SUCCESS) {
- _log_err(LOG_CRIT, pamh,
+ pam_syslog(pamh, LOG_CRIT,
"close_session - error recovering username");
return PAM_SESSION_ERR; /* How did we get authenticated with
no username?! */
}
retval = pam_get_item(pamh, PAM_SERVICE, (void *) &service);
if (service == NULL || *service == '\0' || retval != PAM_SUCCESS) {
- _log_err(LOG_CRIT, pamh,
+ pam_syslog(pamh, LOG_CRIT,
"close_session - error recovering service");
return PAM_SESSION_ERR;
}
- _log_err(LOG_INFO, pamh, "session closed for user %s"
- ,user_name);
+ pam_syslog(pamh, LOG_INFO, "session closed for user %s",
+ user_name);
return PAM_SUCCESS;
}
diff --git a/Linux-PAM/modules/pam_unix/support.c b/Linux-PAM/modules/pam_unix/support.c
index 1584f2f1..954f2c73 100644
--- a/Linux-PAM/modules/pam_unix/support.c
+++ b/Linux-PAM/modules/pam_unix/support.c
@@ -1,10 +1,8 @@
-/*
- * $Id: support.c,v 1.25 2005/01/10 09:45:37 kukuk Exp $
- *
+/*
* Copyright information at end of file.
*/
-#define _BSD_SOURCE
+#include "config.h"
#include <stdlib.h>
#include <unistd.h>
@@ -19,94 +17,34 @@
#include <errno.h>
#include <signal.h>
#include <ctype.h>
+#include <syslog.h>
+#include <sys/resource.h>
#include <rpcsvc/ypclnt.h>
#include <security/_pam_macros.h>
#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
+#include <security/pam_ext.h>
+#include <security/pam_modutil.h>
#include "md5.h"
#include "support.h"
-
-extern char *crypt(const char *key, const char *salt);
-extern char *bigcrypt(const char *key, const char *salt);
-
-/* syslogging function for errors and other information */
-
-void _log_err(int err, pam_handle_t *pamh, const char *format,...)
-{
- char *service = NULL;
- char logname[256];
- va_list args;
-
- pam_get_item(pamh, PAM_SERVICE, (const void **) &service);
- if (service) {
- strncpy(logname, service, sizeof(logname));
- logname[sizeof(logname) - 1 - strlen("(pam_unix)")] = '\0';
- strncat(logname, "(pam_unix)", strlen("(pam_unix)"));
- } else {
- strncpy(logname, "pam_unix", sizeof(logname) - 1);
- }
-
- va_start(args, format);
- openlog(logname, LOG_CONS | LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
+#include "bigcrypt.h"
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#define SELINUX_ENABLED is_selinux_enabled()>0
+#else
+#define SELINUX_ENABLED 0
+#endif
/* this is a front-end for module-application conversations */
-static int converse(pam_handle_t * pamh, int ctrl, int nargs
- ,struct pam_message **message
- ,struct pam_response **response)
-{
- int retval;
- struct pam_conv *conv;
-
- D(("begin to converse"));
-
- retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv);
- if (retval == PAM_SUCCESS) {
-
- retval = conv->conv(nargs, (const struct pam_message **) message
- ,response, conv->appdata_ptr);
-
- D(("returned from application's conversation function"));
-
- if (retval != PAM_SUCCESS && on(UNIX_DEBUG, ctrl)) {
- _log_err(LOG_DEBUG, pamh, "conversation failure [%s]"
- ,pam_strerror(pamh, retval));
- }
- } else if (retval != PAM_CONV_AGAIN) {
- _log_err(LOG_ERR, pamh
- ,"couldn't obtain coversation function [%s]"
- ,pam_strerror(pamh, retval));
- }
- D(("ready to return from module conversation"));
-
- return retval; /* propagate error status */
-}
-
-int _make_remark(pam_handle_t * pamh, unsigned int ctrl
- ,int type, const char *text)
+int _make_remark(pam_handle_t * pamh, unsigned int ctrl,
+ int type, const char *text)
{
int retval = PAM_SUCCESS;
if (off(UNIX__QUIET, ctrl)) {
- struct pam_message *pmsg[1], msg[1];
- struct pam_response *resp;
-
- pmsg[0] = &msg[0];
- msg[0].msg = text;
- msg[0].msg_style = type;
-
- resp = NULL;
- retval = converse(pamh, ctrl, 1, pmsg, &resp);
-
- if (resp) {
- _pam_drop_reply(resp, 1);
- }
+ retval = pam_prompt(pamh, type, NULL, "%s", text);
}
return retval;
}
@@ -157,7 +95,7 @@ int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int argc,
}
if (j >= UNIX_CTRLS_) {
- _log_err(LOG_ERR, pamh,
+ pam_syslog(pamh, LOG_ERR,
"unrecognized option [%s]", *argv);
} else {
ctrl &= unix_args[j].mask; /* for turning things off */
@@ -193,7 +131,7 @@ int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int argc,
return ctrl;
}
-static void _cleanup(pam_handle_t * pamh, void *x, int error_status)
+static void _cleanup(pam_handle_t * pamh UNUSED, void *x, int error_status UNUSED)
{
_pam_delete(x);
}
@@ -225,10 +163,10 @@ struct _pam_failed_auth {
static void _cleanup_failures(pam_handle_t * pamh, void *fl, int err)
{
int quiet;
- const char *service = NULL;
- const char *ruser = NULL;
- const char *rhost = NULL;
- const char *tty = NULL;
+ const void *service = NULL;
+ const void *ruser = NULL;
+ const void *rhost = NULL;
+ const void *tty = NULL;
struct _pam_failed_auth *failure;
D(("called"));
@@ -244,32 +182,32 @@ static void _cleanup_failures(pam_handle_t * pamh, void *fl, int err)
/* log the number of authentication failures */
if (failure->count > 1) {
(void) pam_get_item(pamh, PAM_SERVICE,
- (const void **)&service);
+ &service);
(void) pam_get_item(pamh, PAM_RUSER,
- (const void **)&ruser);
+ &ruser);
(void) pam_get_item(pamh, PAM_RHOST,
- (const void **)&rhost);
+ &rhost);
(void) pam_get_item(pamh, PAM_TTY,
- (const void **)&tty);
- _log_err(LOG_NOTICE, pamh,
+ &tty);
+ pam_syslog(pamh, LOG_NOTICE,
"%d more authentication failure%s; "
"logname=%s uid=%d euid=%d "
"tty=%s ruser=%s rhost=%s "
"%s%s",
failure->count - 1, failure->count == 2 ? "" : "s",
failure->name, failure->uid, failure->euid,
- tty ? tty : "", ruser ? ruser : "",
- rhost ? rhost : "",
+ tty ? (const char *)tty : "", ruser ? (const char *)ruser : "",
+ rhost ? (const char *)rhost : "",
(failure->user && failure->user[0] != '\0')
? " user=" : "", failure->user
);
if (failure->count > UNIX_MAX_RETRIES) {
- _log_err(LOG_ALERT, pamh
- ,"service(%s) ignoring max retries; %d > %d"
- ,service == NULL ? "**unknown**" : service
- ,failure->count
- ,UNIX_MAX_RETRIES);
+ pam_syslog(pamh, LOG_ALERT,
+ "service(%s) ignoring max retries; %d > %d",
+ service == NULL ? "**unknown**" : (const char *)service,
+ failure->count,
+ UNIX_MAX_RETRIES);
}
}
}
@@ -282,7 +220,7 @@ static void _cleanup_failures(pam_handle_t * pamh, void *fl, int err)
/*
* _unix_getpwnam() searches only /etc/passwd and NIS to find user information
*/
-static void _unix_cleanup(pam_handle_t *pamh, void *data, int error_status)
+static void _unix_cleanup(pam_handle_t *pamh UNUSED, void *data, int error_status UNUSED)
{
free(data);
}
@@ -327,7 +265,7 @@ int _unix_getpwnam(pam_handle_t *pamh, const char *name,
i = yp_match(domain, "passwd.byname", name,
strlen(name), &userinfo, &len);
yp_unbind(domain);
- if ((i == YPERR_SUCCESS) && (len < sizeof(buf))) {
+ if ((i == YPERR_SUCCESS) && ((size_t)len < sizeof(buf))) {
strncpy(buf, userinfo, sizeof(buf) - 1);
buf[sizeof(buf) - 1] = '\0';
matched = 1;
@@ -391,7 +329,7 @@ int _unix_getpwnam(pam_handle_t *pamh, const char *name,
memset(*ret, '\0', buflen);
(*ret)->pw_uid = strtol(suid, &p, 10);
- if ((strlen(sgid) == 0) || (*p != '\0')) {
+ if ((strlen(suid) == 0) || (*p != '\0')) {
free(*ret);
*ret = NULL;
return matched;
@@ -467,13 +405,13 @@ _unix_blankpasswd (pam_handle_t *pamh, unsigned int ctrl, const char *name)
/* UNIX passwords area */
/* Get password file entry... */
- pwd = _pammodutil_getpwnam (pamh, name);
+ pwd = pam_modutil_getpwnam (pamh, name);
if (pwd != NULL) {
if (strcmp( pwd->pw_passwd, "*NP*" ) == 0)
- { /* NIS+ */
+ { /* NIS+ */
uid_t save_euid, save_uid;
-
+
save_euid = geteuid();
save_uid = getuid();
if (save_uid == pwd->pw_uid)
@@ -488,8 +426,8 @@ _unix_blankpasswd (pam_handle_t *pamh, unsigned int ctrl, const char *name)
return 0;
}
}
-
- spwdent = _pammodutil_getspnam (pamh, name);
+
+ spwdent = pam_modutil_getspnam (pamh, name);
if (save_uid == pwd->pw_uid)
setreuid( save_uid, save_euid );
else {
@@ -502,7 +440,7 @@ _unix_blankpasswd (pam_handle_t *pamh, unsigned int ctrl, const char *name)
* ...and shadow password file entry for this user,
* if shadowing is enabled
*/
- spwdent = _pammodutil_getspnam(pamh, name);
+ spwdent = pam_modutil_getspnam(pamh, name);
}
if (spwdent)
salt = x_strdup(spwdent->sp_pwdp);
@@ -562,18 +500,39 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
/* fork */
child = fork();
if (child == 0) {
+ int i=0;
+ struct rlimit rlim;
static char *envp[] = { NULL };
- char *args[] = { NULL, NULL, NULL };
+ char *args[] = { NULL, NULL, NULL, NULL };
/* XXX - should really tidy up PAM here too */
+ close(0); close(1);
/* reopen stdin as pipe */
close(fds[1]);
dup2(fds[0], STDIN_FILENO);
+ if (getrlimit(RLIMIT_NOFILE,&rlim)==0) {
+ for (i=2; i < (int)rlim.rlim_max; i++) {
+ if (fds[0] != i)
+ close(i);
+ }
+ }
+
+ if (SELINUX_ENABLED && geteuid() == 0) {
+ /* must set the real uid to 0 so the helper will not error
+ out if pam is called from setuid binary (su, sudo...) */
+ setuid(0);
+ }
+
/* exec binary helper */
- args[0] = x_strdup(CHKPWD_HELPER);
+ args[0] = strdup(CHKPWD_HELPER);
args[1] = x_strdup(user);
+ if (off(UNIX__NONULL, ctrl)) { /* this means we've succeeded */
+ args[2]=strdup("nullok");
+ } else {
+ args[2]=strdup("nonull");
+ }
execve(CHKPWD_HELPER, args, envp);
@@ -583,11 +542,7 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
} else if (child > 0) {
/* wait for child */
/* if the stored password is NULL */
- if (off(UNIX__NONULL, ctrl)) { /* this means we've succeeded */
- write(fds[1], "nullok\0\0", 8);
- } else {
- write(fds[1], "nonull\0\0", 8);
- }
+ int rc=0;
if (passwd != NULL) { /* send the password to the child */
write(fds[1], passwd, strlen(passwd)+1);
passwd = NULL;
@@ -596,14 +551,21 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
}
close(fds[0]); /* close here to avoid possible SIGPIPE above */
close(fds[1]);
- (void) waitpid(child, &retval, 0); /* wait for helper to complete */
- retval = (retval == 0) ? PAM_SUCCESS:PAM_AUTH_ERR;
+ rc=waitpid(child, &retval, 0); /* wait for helper to complete */
+ if (rc<0) {
+ pam_syslog(pamh, LOG_ERR, "unix_chkpwd waitpid returned %d: %m", rc);
+ retval = PAM_AUTH_ERR;
+ } else {
+ retval = WEXITSTATUS(retval);
+ }
} else {
D(("fork failed"));
+ close(fds[0]);
+ close(fds[1]);
retval = PAM_AUTH_ERR;
}
- if (sighandler != NULL) {
+ if (sighandler != SIG_ERR) {
(void) signal(SIGCHLD, sighandler); /* restore old signal handler */
}
@@ -621,6 +583,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
char *data_name;
int retval;
+
D(("called"));
#ifdef HAVE_PAM_FAIL_DELAY
@@ -635,13 +598,13 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
D(("locating user's record"));
/* UNIX passwords area */
- pwd = _pammodutil_getpwnam (pamh, name); /* Get password file entry... */
+ pwd = pam_modutil_getpwnam (pamh, name); /* Get password file entry... */
if (pwd != NULL) {
if (strcmp( pwd->pw_passwd, "*NP*" ) == 0)
- { /* NIS+ */
+ { /* NIS+ */
uid_t save_euid, save_uid;
-
+
save_euid = geteuid();
save_uid = getuid();
if (save_uid == pwd->pw_uid)
@@ -655,8 +618,8 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
return PAM_CRED_INSUFFICIENT;
}
}
-
- spwdent = _pammodutil_getspnam (pamh, name);
+
+ spwdent = pam_modutil_getspnam (pamh, name);
if (save_uid == pwd->pw_uid)
setreuid( save_uid, save_euid );
else {
@@ -669,7 +632,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
* ...and shadow password file entry for this user,
* if shadowing is enabled
*/
- spwdent = _pammodutil_getspnam (pamh, name);
+ spwdent = pam_modutil_getspnam (pamh, name);
}
if (spwdent)
salt = x_strdup(spwdent->sp_pwdp);
@@ -679,7 +642,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
data_name = (char *) malloc(sizeof(FAIL_PREFIX) + strlen(name));
if (data_name == NULL) {
- _log_err(LOG_CRIT, pamh, "no memory for data-name");
+ pam_syslog(pamh, LOG_CRIT, "no memory for data-name");
} else {
strcpy(data_name, FAIL_PREFIX);
strcpy(data_name + sizeof(FAIL_PREFIX) - 1, name);
@@ -687,15 +650,11 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
retval = PAM_SUCCESS;
if (pwd == NULL || salt == NULL || !strcmp(salt, "x") || ((salt[0] == '#') && (salt[1] == '#') && !strcmp(salt + 2, name))) {
- if (geteuid()) {
+
+ if (pwd != NULL && (geteuid() || SELINUX_ENABLED)) {
/* we are not root perhaps this is the reason? Run helper */
D(("running helper binary"));
retval = _unix_run_helper_binary(pamh, p, ctrl, name);
- if (pwd == NULL && !on(UNIX_AUDIT,ctrl)
- && retval != PAM_SUCCESS)
- {
- name = NULL;
- }
} else {
D(("user's record unavailable"));
p = NULL;
@@ -706,12 +665,12 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
if (on(UNIX_AUDIT, ctrl)) {
/* this might be a typo and the user has given a password
instead of a username. Careful with this. */
- _log_err(LOG_ALERT, pamh,
+ pam_syslog(pamh, LOG_ALERT,
"check pass; user (%s) unknown", name);
} else {
name = NULL;
if (on(UNIX_DEBUG, ctrl) || pwd == NULL) {
- _log_err(LOG_ALERT, pamh,
+ pam_syslog(pamh, LOG_ALERT,
"check pass; user unknown");
} else {
/* don't log failure as another pam module can succeed */
@@ -730,7 +689,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
D(("user has empty password - access denied"));
retval = PAM_AUTH_ERR;
}
- } else if (!p || (*salt == '*') || (salt_len < 13)) {
+ } else if (!p || (*salt == '*')) {
retval = PAM_AUTH_ERR;
} else {
if (!strncmp(salt, "$1$", 3)) {
@@ -739,24 +698,24 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
_pam_delete(pp);
pp = Brokencrypt_md5(p, salt);
}
- } else {
+ } else if (*salt != '$' && salt_len >= 13) {
pp = bigcrypt(p, salt);
+ if (strlen(pp) > salt_len) {
+ pp[salt_len] = '\0';
+ }
+ } else {
+ /*
+ * Ok, we don't know the crypt algorithm, but maybe
+ * libcrypt nows about it? We should try it.
+ */
+ pp = x_strdup (crypt(p, salt));
}
p = NULL; /* no longer needed here */
/* the moment of truth -- do we agree with the password? */
D(("comparing state of pp[%s] and salt[%s]", pp, salt));
- /*
- * Note, we are comparing the bigcrypt of the password with
- * the contents of the password field. If the latter was
- * encrypted with regular crypt (and not bigcrypt) it will
- * have been truncated for storage relative to the output
- * of bigcrypt here. As such we need to compare only the
- * stored string with the subset of bigcrypt's result.
- * Bug 521314: The strncmp comparison is for legacy support.
- */
- if (strncmp(pp, salt, salt_len) == 0) {
+ if (strcmp(pp, salt) == 0) {
retval = PAM_SUCCESS;
} else {
retval = PAM_AUTH_ERR;
@@ -780,8 +739,10 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
if (new != NULL) {
const char *login_name;
+ const void *void_old;
+
- login_name = _pammodutil_getlogin(pamh);
+ login_name = pam_modutil_getlogin(pamh);
if (login_name == NULL) {
login_name = "";
}
@@ -792,7 +753,11 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
new->name = x_strdup(login_name);
/* any previous failures for this user ? */
- pam_get_data(pamh, data_name, (const void **) &old);
+ if (pam_get_data(pamh, data_name, &void_old)
+ == PAM_SUCCESS)
+ old = void_old;
+ else
+ old = NULL;
if (old != NULL) {
new->count = old->count + 1;
@@ -800,29 +765,29 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
retval = PAM_MAXTRIES;
}
} else {
- const char *service=NULL;
- const char *ruser=NULL;
- const char *rhost=NULL;
- const char *tty=NULL;
+ const void *service=NULL;
+ const void *ruser=NULL;
+ const void *rhost=NULL;
+ const void *tty=NULL;
(void) pam_get_item(pamh, PAM_SERVICE,
- (const void **)&service);
+ &service);
(void) pam_get_item(pamh, PAM_RUSER,
- (const void **)&ruser);
+ &ruser);
(void) pam_get_item(pamh, PAM_RHOST,
- (const void **)&rhost);
+ &rhost);
(void) pam_get_item(pamh, PAM_TTY,
- (const void **)&tty);
+ &tty);
- _log_err(LOG_NOTICE, pamh,
+ pam_syslog(pamh, LOG_NOTICE,
"authentication failure; "
"logname=%s uid=%d euid=%d "
"tty=%s ruser=%s rhost=%s "
"%s%s",
new->name, new->uid, new->euid,
- tty ? tty : "",
- ruser ? ruser : "",
- rhost ? rhost : "",
+ tty ? (const char *)tty : "",
+ ruser ? (const char *)ruser : "",
+ rhost ? (const char *)rhost : "",
(new->user && new->user[0] != '\0')
? " user=" : "",
new->user
@@ -833,7 +798,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
pam_set_data(pamh, data_name, new, _cleanup_failures);
} else {
- _log_err(LOG_CRIT, pamh,
+ pam_syslog(pamh, LOG_CRIT,
"no memory for failure recorder");
}
}
@@ -862,10 +827,10 @@ int _unix_read_password(pam_handle_t * pamh
,const char *prompt1
,const char *prompt2
,const char *data_name
- ,const char **pass)
+ ,const void **pass)
{
int authtok_flag;
- int retval;
+ int retval = PAM_SUCCESS;
char *token;
D(("called"));
@@ -887,17 +852,17 @@ int _unix_read_password(pam_handle_t * pamh
*/
if (on(UNIX_TRY_FIRST_PASS, ctrl) || on(UNIX_USE_FIRST_PASS, ctrl)) {
- retval = pam_get_item(pamh, authtok_flag, (const void **) pass);
+ retval = pam_get_item(pamh, authtok_flag, pass);
if (retval != PAM_SUCCESS) {
/* very strange. */
- _log_err(LOG_ALERT, pamh
- ,"pam_get_item returned error to unix-read-password"
+ pam_syslog(pamh, LOG_ALERT,
+ "pam_get_item returned error to unix-read-password"
);
return retval;
} else if (*pass != NULL) { /* we have a password! */
return PAM_SUCCESS;
} else if (on(UNIX_USE_FIRST_PASS, ctrl)) {
- return PAM_AUTHTOK_RECOVER_ERR; /* didn't work */
+ return PAM_AUTHTOK_RECOVERY_ERR; /* didn't work */
} else if (on(UNIX_USE_AUTHTOK, ctrl)
&& off(UNIX__OLD_PASSWD, ctrl)) {
return PAM_AUTHTOK_ERR;
@@ -909,77 +874,62 @@ int _unix_read_password(pam_handle_t * pamh
*/
{
- struct pam_message msg[3], *pmsg[3];
- struct pam_response *resp;
- int i, replies;
-
- /* prepare to converse */
+ int replies=1;
+ char *resp[2] = { NULL, NULL };
if (comment != NULL && off(UNIX__QUIET, ctrl)) {
- pmsg[0] = &msg[0];
- msg[0].msg_style = PAM_TEXT_INFO;
- msg[0].msg = comment;
- i = 1;
- } else {
- i = 0;
+ retval = pam_info(pamh, "%s", comment);
}
- pmsg[i] = &msg[i];
- msg[i].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[i++].msg = prompt1;
- replies = 1;
+ if (retval == PAM_SUCCESS) {
+ retval = pam_prompt(pamh, PAM_PROMPT_ECHO_OFF,
+ &resp[0], "%s", prompt1);
- if (prompt2 != NULL) {
- pmsg[i] = &msg[i];
- msg[i].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[i++].msg = prompt2;
- ++replies;
+ if (retval == PAM_SUCCESS && prompt2 != NULL) {
+ retval = pam_prompt(pamh, PAM_PROMPT_ECHO_OFF,
+ &resp[1], "%s", prompt2);
+ ++replies;
+ }
}
- /* so call the conversation expecting i responses */
- resp = NULL;
- retval = converse(pamh, ctrl, i, pmsg, &resp);
-
- if (resp != NULL) {
+ if (resp[0] != NULL && resp[replies-1] != NULL) {
/* interpret the response */
if (retval == PAM_SUCCESS) { /* a good conversation */
- token = x_strdup(resp[i - replies].resp);
+ token = resp[0];
if (token != NULL) {
if (replies == 2) {
-
/* verify that password entered correctly */
- if (!resp[i - 1].resp
- || strcmp(token, resp[i - 1].resp)) {
- _pam_delete(token); /* mistyped */
- retval = PAM_AUTHTOK_RECOVER_ERR;
- _make_remark(pamh, ctrl
- ,PAM_ERROR_MSG, MISTYPED_PASS);
+ if (strcmp(token, resp[replies - 1])) {
+ /* mistyped */
+ retval = PAM_AUTHTOK_RECOVERY_ERR;
+ _make_remark(pamh, ctrl,
+ PAM_ERROR_MSG, MISTYPED_PASS);
}
}
} else {
- _log_err(LOG_NOTICE, pamh
- ,"could not recover authentication token");
+ pam_syslog(pamh, LOG_NOTICE,
+ "could not recover authentication token");
}
}
- /*
- * tidy up the conversation (resp_retcode) is ignored
- * -- what is it for anyway? AGM
- */
-
- _pam_drop_reply(resp, i);
} else {
retval = (retval == PAM_SUCCESS)
- ? PAM_AUTHTOK_RECOVER_ERR : retval;
+ ? PAM_AUTHTOK_RECOVERY_ERR : retval;
}
+
+ resp[0] = NULL;
+ if (replies > 1)
+ _pam_delete(resp[1]);
}
if (retval != PAM_SUCCESS) {
+ _pam_delete(token);
+
if (on(UNIX_DEBUG, ctrl))
- _log_err(LOG_DEBUG, pamh,
+ pam_syslog(pamh, LOG_DEBUG,
"unable to obtain a password");
return retval;
}
@@ -992,12 +942,11 @@ int _unix_read_password(pam_handle_t * pamh
retval = pam_set_item(pamh, authtok_flag, token);
_pam_delete(token); /* clean it up */
if (retval != PAM_SUCCESS
- || (retval = pam_get_item(pamh, authtok_flag
- ,(const void **) pass))
+ || (retval = pam_get_item(pamh, authtok_flag, pass))
!= PAM_SUCCESS) {
*pass = NULL;
- _log_err(LOG_CRIT, pamh, "error manipulating password");
+ pam_syslog(pamh, LOG_CRIT, "error manipulating password");
return retval;
}
@@ -1009,9 +958,9 @@ int _unix_read_password(pam_handle_t * pamh
retval = pam_set_data(pamh, data_name, (void *) token, _cleanup);
if (retval != PAM_SUCCESS) {
- _log_err(LOG_CRIT, pamh
- ,"error manipulating password data [%s]"
- ,pam_strerror(pamh, retval));
+ pam_syslog(pamh, LOG_CRIT,
+ "error manipulating password data [%s]",
+ pam_strerror(pamh, retval));
_pam_delete(token);
return retval;
}
@@ -1055,13 +1004,13 @@ int _unix_shadowed(const struct passwd *pwd)
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
diff --git a/Linux-PAM/modules/pam_unix/support.h b/Linux-PAM/modules/pam_unix/support.h
index 39abadd5..1eb662fc 100644
--- a/Linux-PAM/modules/pam_unix/support.h
+++ b/Linux-PAM/modules/pam_unix/support.h
@@ -1,5 +1,5 @@
/*
- * $Id: support.h,v 1.8 2004/10/06 13:42:36 kukuk Exp $
+ * $Id: support.h,v 1.12 2005/09/26 14:27:09 t8m Exp $
*/
#ifndef _PAM_UNIX_SUPPORT_H
@@ -110,7 +110,7 @@ static const UNIX_Ctrls unix_args[UNIX_CTRLS_] =
/* UNIX__NULLOK */ {"nullok", _ALL_ON_^(01000), 0},
/* UNIX_DEBUG */ {"debug", _ALL_ON_, 040000},
/* UNIX_NODELAY */ {"nodelay", _ALL_ON_, 0100000},
-/* UNIX_NIS */ {"nis", _ALL_ON_^(010000), 0200000},
+/* UNIX_NIS */ {"nis", _ALL_ON_, 0200000},
/* UNIX_BIGCRYPT */ {"bigcrypt", _ALL_ON_^(020000), 0400000},
/* UNIX_LIKE_AUTH */ {"likeauth", _ALL_ON_, 01000000},
/* UNIX_REMEMBER_PASSWD */ {"remember=", _ALL_ON_, 02000000},
@@ -129,7 +129,6 @@ static const UNIX_Ctrls unix_args[UNIX_CTRLS_] =
_pam_drop(xx); \
}
-extern void _log_err(int err, pam_handle_t *pamh, const char *format,...);
extern int _make_remark(pam_handle_t * pamh, unsigned int ctrl
,int type, const char *text);
extern int _set_ctrl(pam_handle_t * pamh, int flags, int *remember, int argc,
@@ -149,7 +148,8 @@ extern int _unix_read_password(pam_handle_t * pamh
,const char *prompt1
,const char *prompt2
,const char *data_name
- ,const char **pass);
+ ,const void **pass);
extern int _unix_shadowed(const struct passwd *pwd);
+extern struct spwd *_unix_run_verify_binary(pam_handle_t *pamh, unsigned int ctrl, const char *user);
#endif /* _PAM_UNIX_SUPPORT_H */
diff --git a/Linux-PAM/modules/pam_unix/tst-pam_unix b/Linux-PAM/modules/pam_unix/tst-pam_unix
new file mode 100755
index 00000000..22922800
--- /dev/null
+++ b/Linux-PAM/modules/pam_unix/tst-pam_unix
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_unix.so
diff --git a/Linux-PAM/modules/pam_unix/unix_chkpwd.8 b/Linux-PAM/modules/pam_unix/unix_chkpwd.8
new file mode 100644
index 00000000..02ccfe4a
--- /dev/null
+++ b/Linux-PAM/modules/pam_unix/unix_chkpwd.8
@@ -0,0 +1,80 @@
+.\" Copyright (C) 2003 International Business Machines Corporation
+.\" This file is distributed according to the GNU General Public License.
+.\" See the file COPYING in the top level source directory for details.
+.\"
+.de Sh \" Subsection
+.br
+.if t .Sp
+.ne 5
+.PP
+\fB\\$1\fR
+.PP
+..
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Ip \" List item
+.br
+.ie \\n(.$>=3 .ne \\$3
+.el .ne 3
+.IP "\\$1" \\$2
+..
+.TH "UNIX_CHKPWD" 8 "2003-03-21" "Linux-PAM 0.76" "Linux-PAM Manual"
+.SH NAME
+unix_chkpwd \- helper binary that verifies the password of the current user
+.SH "SYNOPSIS"
+.ad l
+.hy 0
+
+/sbin/unix_chkpwd [\fIusername\fR]
+.sp
+.ad
+.hy
+.SH "DESCRIPTION"
+.PP
+\fBunix_chkpwd\fR is a helper program for the pam_unix module that verifies
+the password of the current user. It is not intended to be run directly from
+the command line and logs a security violation if done so.
+
+It is typically installed setuid root or setgid shadow.
+
+.SH "OPTIONS"
+.PP
+unix_pwdchk optionally takes the following argument:
+.TP
+\fIusername\fR
+The username of the user whose password you want to check: this must match the current user id.
+
+.SH "INPUTS"
+.PP
+unix_pwdchk expects the following inputs via stdin:
+.TP
+\fIoption\fR
+Either nullok or nonull, depending on whether the user can have an empty password.
+.TP
+\fIpassword\fR
+The password to verify.
+
+.SH "RETURN CODES"
+.PP
+\fBunix_chkpwd\fR has the following return codes:
+.TP
+1
+unix_chkpwd was inappropriately called from the command line or the password is incorrect.
+
+.TP
+0
+The password is correct.
+
+.SH "HISTORY"
+Written by Andrew Morgan
+
+.SH "SEE ALSO"
+
+.PP
+\fBpam\fR(8)
+
+.SH AUTHOR
+Emily Ratliff.
+
diff --git a/Linux-PAM/modules/pam_unix/unix_chkpwd.c b/Linux-PAM/modules/pam_unix/unix_chkpwd.c
index be32348f..87d29256 100644
--- a/Linux-PAM/modules/pam_unix/unix_chkpwd.c
+++ b/Linux-PAM/modules/pam_unix/unix_chkpwd.c
@@ -1,6 +1,4 @@
/*
- * $Id: unix_chkpwd.c,v 1.11 2004/11/16 14:27:42 toady Exp $
- *
* This program is designed to run setuid(root) or with sufficient
* privilege to read all of the unix password databases. It is designed
* to provide a mechanism for the current user (defined by this
@@ -13,13 +11,7 @@
*
*/
-#include <security/_pam_aconf.h>
-
-#ifdef MEMORY_DEBUG
-# undef exit
-# undef strdup
-# undef free
-#endif /* MEMORY_DEBUG */
+#include "config.h"
#include <stdarg.h>
#include <stdio.h>
@@ -28,21 +20,27 @@
#include <syslog.h>
#include <unistd.h>
#include <sys/types.h>
+#include <sys/stat.h>
#include <pwd.h>
#include <shadow.h>
#include <signal.h>
+#include <time.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#define SELINUX_ENABLED (selinux_enabled!=-1 ? selinux_enabled : (selinux_enabled=is_selinux_enabled()>0))
+static security_context_t prev_context=NULL;
+static int selinux_enabled=-1;
+#else
+#define SELINUX_ENABLED 0
+#endif
#define MAXPASS 200 /* the maximum length of a password */
+#include <security/_pam_types.h>
#include <security/_pam_macros.h>
#include "md5.h"
-
-extern char *crypt(const char *key, const char *salt);
-extern char *bigcrypt(const char *key, const char *salt);
-
-#define UNIX_PASSED 0
-#define UNIX_FAILED 1
+#include "bigcrypt.h"
/* syslogging function for errors and other information */
@@ -51,7 +49,7 @@ static void _log_err(int err, const char *format,...)
va_list args;
va_start(args, format);
- openlog("unix_chkpwd", LOG_CONS | LOG_PID, LOG_AUTH);
+ openlog("unix_chkpwd", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
vsyslog(err, format, args);
va_end(args);
closelog();
@@ -112,13 +110,40 @@ static void setup_signals(void)
(void) sigaction(SIGQUIT, &action, NULL);
}
+static int _verify_account(const char * const uname)
+{
+ struct spwd *spent;
+ struct passwd *pwent;
+
+ pwent = getpwnam(uname);
+ if (!pwent) {
+ _log_err(LOG_ALERT, "could not identify user (from getpwnam(%s))", uname);
+ return PAM_USER_UNKNOWN;
+ }
+
+ spent = getspnam( uname );
+ if (!spent) {
+ _log_err(LOG_ALERT, "could not get username from shadow (%s))", uname);
+ return PAM_AUTHINFO_UNAVAIL; /* Couldn't get username from shadow */
+ }
+ printf("%ld:%ld:%ld:%ld:%ld:%ld",
+ spent->sp_lstchg, /* last password change */
+ spent->sp_min, /* days until change allowed. */
+ spent->sp_max, /* days before change required */
+ spent->sp_warn, /* days warning for expiration */
+ spent->sp_inact, /* days before account inactive */
+ spent->sp_expire); /* date when account expires */
+
+ return PAM_SUCCESS;
+}
+
static int _unix_verify_password(const char *name, const char *p, int nullok)
{
struct passwd *pwd = NULL;
struct spwd *spwdent = NULL;
char *salt = NULL;
char *pp = NULL;
- int retval = UNIX_FAILED;
+ int retval = PAM_AUTH_ERR;
int salt_len;
/* UNIX passwords area */
@@ -156,28 +181,39 @@ static int _unix_verify_password(const char *name, const char *p, int nullok)
if (pwd == NULL || salt == NULL) {
_log_err(LOG_ALERT, "check pass; user unknown");
p = NULL;
- return retval;
+ return PAM_USER_UNKNOWN;
}
salt_len = strlen(salt);
- if (salt_len == 0)
- return (nullok == 0) ? UNIX_FAILED : UNIX_PASSED;
- else if (p == NULL || strlen(p) == 0)
- return UNIX_FAILED;
+ if (salt_len == 0) {
+ return (nullok == 0) ? PAM_AUTH_ERR : PAM_SUCCESS;
+ }
+ if (p == NULL || strlen(p) == 0) {
+ return PAM_AUTHTOK_ERR;
+ }
/* the moment of truth -- do we agree with the password? */
- retval = UNIX_FAILED;
+ retval = PAM_AUTH_ERR;
if (!strncmp(salt, "$1$", 3)) {
pp = Goodcrypt_md5(p, salt);
if (strcmp(pp, salt) == 0) {
- retval = UNIX_PASSED;
+ retval = PAM_SUCCESS;
} else {
pp = Brokencrypt_md5(p, salt);
if (strcmp(pp, salt) == 0)
- retval = UNIX_PASSED;
+ retval = PAM_SUCCESS;
+ }
+ } else if (*salt == '$') {
+ /*
+ * Ok, we don't know the crypt algorithm, but maybe
+ * libcrypt nows about it? We should try it.
+ */
+ pp = x_strdup (crypt(p, salt));
+ if (strcmp(pp, salt) == 0) {
+ retval = PAM_SUCCESS;
}
} else if ((*salt == '*') || (salt_len < 13)) {
- retval = UNIX_FAILED;
+ retval = PAM_AUTH_ERR;
} else {
pp = bigcrypt(p, salt);
/*
@@ -190,7 +226,7 @@ static int _unix_verify_password(const char *name, const char *p, int nullok)
* Bug 521314: the strncmp comparison is for legacy support.
*/
if (strncmp(pp, salt, salt_len) == 0) {
- retval = UNIX_PASSED;
+ retval = PAM_SUCCESS;
}
}
p = NULL; /* no longer needed here */
@@ -220,17 +256,178 @@ static char *getuidname(uid_t uid)
strncpy(username, pw->pw_name, sizeof(username));
username[sizeof(username) - 1] = '\0';
-
+
return username;
}
+#define SH_TMPFILE "/etc/nshadow"
+static int _update_shadow(const char *forwho)
+{
+ struct spwd *spwdent = NULL, *stmpent = NULL;
+ FILE *pwfile, *opwfile;
+ int err = 1;
+ int oldmask;
+ struct stat st;
+ char pass[MAXPASS + 1];
+ char towhat[MAXPASS + 1];
+ int npass=0;
+
+ /* read the password from stdin (a pipe from the pam_unix module) */
+
+ npass = read(STDIN_FILENO, pass, MAXPASS);
+
+ if (npass < 0) { /* is it a valid password? */
+
+ _log_err(LOG_DEBUG, "no password supplied");
+ return PAM_AUTHTOK_ERR;
+
+ } else if (npass >= MAXPASS) {
+
+ _log_err(LOG_DEBUG, "password too long");
+ return PAM_AUTHTOK_ERR;
+
+ } else {
+ /* does pass agree with the official one? */
+ int retval=0;
+ pass[npass] = '\0'; /* NUL terminate */
+ retval = _unix_verify_password(forwho, pass, 0);
+ if (retval != PAM_SUCCESS) {
+ return retval;
+ }
+ }
+
+ /* read the password from stdin (a pipe from the pam_unix module) */
+
+ npass = read(STDIN_FILENO, towhat, MAXPASS);
+
+ if (npass < 0) { /* is it a valid password? */
+
+ _log_err(LOG_DEBUG, "no new password supplied");
+ return PAM_AUTHTOK_ERR;
+
+ } else if (npass >= MAXPASS) {
+
+ _log_err(LOG_DEBUG, "new password too long");
+ return PAM_AUTHTOK_ERR;
+
+ }
+
+ towhat[npass] = '\0'; /* NUL terminate */
+ spwdent = getspnam(forwho);
+ if (spwdent == NULL) {
+ return PAM_USER_UNKNOWN;
+ }
+ oldmask = umask(077);
+
+#ifdef WITH_SELINUX
+ if (SELINUX_ENABLED) {
+ security_context_t shadow_context=NULL;
+ if (getfilecon("/etc/shadow",&shadow_context)<0) {
+ return PAM_AUTHTOK_ERR;
+ };
+ if (getfscreatecon(&prev_context)<0) {
+ freecon(shadow_context);
+ return PAM_AUTHTOK_ERR;
+ }
+ if (setfscreatecon(shadow_context)) {
+ freecon(shadow_context);
+ freecon(prev_context);
+ return PAM_AUTHTOK_ERR;
+ }
+ freecon(shadow_context);
+ }
+#endif
+ pwfile = fopen(SH_TMPFILE, "w");
+ umask(oldmask);
+ if (pwfile == NULL) {
+ err = 1;
+ goto done;
+ }
+
+ opwfile = fopen("/etc/shadow", "r");
+ if (opwfile == NULL) {
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
+
+ if (fstat(fileno(opwfile), &st) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
+
+ if (fchown(fileno(pwfile), st.st_uid, st.st_gid) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
+ if (fchmod(fileno(pwfile), st.st_mode) == -1) {
+ fclose(opwfile);
+ fclose(pwfile);
+ err = 1;
+ goto done;
+ }
+
+ stmpent = fgetspent(opwfile);
+ while (stmpent) {
+
+ if (!strcmp(stmpent->sp_namp, forwho)) {
+ stmpent->sp_pwdp = towhat;
+ stmpent->sp_lstchg = time(NULL) / (60 * 60 * 24);
+ err = 0;
+ D(("Set password %s for %s", stmpent->sp_pwdp, forwho));
+ }
+
+ if (putspent(stmpent, pwfile)) {
+ D(("error writing entry to shadow file: %m"));
+ err = 1;
+ break;
+ }
+
+ stmpent = fgetspent(opwfile);
+ }
+ fclose(opwfile);
+
+ if (fclose(pwfile)) {
+ D(("error writing entries to shadow file: %m"));
+ err = 1;
+ }
+
+ done:
+ if (!err) {
+ if (rename(SH_TMPFILE, "/etc/shadow"))
+ err = 1;
+ }
+
+#ifdef WITH_SELINUX
+ if (SELINUX_ENABLED) {
+ if (setfscreatecon(prev_context)) {
+ err = 1;
+ }
+ if (prev_context)
+ freecon(prev_context);
+ prev_context=NULL;
+ }
+#endif
+
+ if (!err) {
+ return PAM_SUCCESS;
+ } else {
+ unlink(SH_TMPFILE);
+ return PAM_AUTHTOK_ERR;
+ }
+}
+
int main(int argc, char *argv[])
{
char pass[MAXPASS + 1];
- char option[8];
+ char *option;
int npass, nullok;
int force_failure = 0;
- int retval = UNIX_FAILED;
+ int retval = PAM_AUTH_ERR;
char *user;
/*
@@ -247,8 +444,7 @@ int main(int argc, char *argv[])
* account).
*/
- if (isatty(STDIN_FILENO)) {
-
+ if (isatty(STDIN_FILENO) || argc != 3 ) {
_log_err(LOG_NOTICE
,"inappropriate use of Unix helper binary [UID=%d]"
,getuid());
@@ -256,36 +452,45 @@ int main(int argc, char *argv[])
,"This binary is not designed for running in this way\n"
"-- the system administrator has been informed\n");
sleep(10); /* this should discourage/annoy the user */
- return UNIX_FAILED;
+ return PAM_SYSTEM_ERR;
}
/*
- * determine the current user's name is
+ * Determine what the current user's name is.
+ * On a SELinux enabled system with a strict policy leaving the
+ * existing check prevents shadow password authentication from working.
+ * We must thus skip the check if the real uid is 0.
*/
- user = getuidname(getuid());
- if (argc == 2) {
- /* if the caller specifies the username, verify that user
- matches it */
- if (strcmp(user, argv[1])) {
- force_failure = 1;
- }
+ if (SELINUX_ENABLED && getuid() == 0) {
+ user=argv[1];
+ }
+ else {
+ user = getuidname(getuid());
+ /* if the caller specifies the username, verify that user
+ matches it */
+ if (strcmp(user, argv[1])) {
+ return PAM_AUTH_ERR;
+ }
}
- /* read the nullok/nonull option */
+ option=argv[2];
- npass = read(STDIN_FILENO, option, 8);
+ if (strncmp(argv[2], "verify", 8) == 0) {
+ /* Get the account information from the shadow file */
+ return _verify_account(argv[1]);
+ }
- if (npass < 0) {
- _log_err(LOG_DEBUG, "no option supplied");
- return UNIX_FAILED;
- } else {
- option[7] = '\0';
- if (strncmp(option, "nullok", 8) == 0)
- nullok = 1;
- else
- nullok = 0;
+ if (strncmp(option, "shadow", 8) == 0) {
+ /* Attempting to change the password */
+ return _update_shadow(argv[1]);
}
+ /* read the nullok/nonull option */
+ if (strncmp(option, "nullok", 8) == 0)
+ nullok = 1;
+ else
+ nullok = 0;
+
/* read the password from stdin (a pipe from the pam_unix module) */
npass = read(STDIN_FILENO, pass, MAXPASS);
@@ -317,10 +522,11 @@ int main(int argc, char *argv[])
/* return pass or fail */
- if ((retval != UNIX_PASSED) || force_failure) {
- return UNIX_FAILED;
+ if ((retval != PAM_SUCCESS) || force_failure) {
+ _log_err(LOG_NOTICE, "password check failed for user (%s)", user);
+ return PAM_AUTH_ERR;
} else {
- return UNIX_PASSED;
+ return PAM_SUCCESS;
}
}
@@ -339,13 +545,13 @@ int main(int argc, char *argv[])
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
diff --git a/Linux-PAM/modules/pam_unix/yppasswd_xdr.c b/Linux-PAM/modules/pam_unix/yppasswd_xdr.c
index b1a60b4c..bf3f2fc6 100644
--- a/Linux-PAM/modules/pam_unix/yppasswd_xdr.c
+++ b/Linux-PAM/modules/pam_unix/yppasswd_xdr.c
@@ -10,7 +10,7 @@
* editied manually.
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <rpc/rpc.h>
#include <rpcsvc/yp_prot.h>
diff --git a/Linux-PAM/modules/pam_userdb/Makefile b/Linux-PAM/modules/pam_userdb/Makefile
deleted file mode 100644
index 4da7310d..00000000
--- a/Linux-PAM/modules/pam_userdb/Makefile
+++ /dev/null
@@ -1,41 +0,0 @@
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-
-# $Id: Makefile,v 1.6 2004/09/14 14:22:40 kukuk Exp $
-# Created by Cristian Gafton <gafton@redhat.com>
-
-include ../../Make.Rules
-
-TITLE=pam_userdb
-
-ifeq ($(HAVE_NDBM_H),yes)
- WHICH_DB=ndbm
- ifeq ($(HAVE_LIBNDBM),yes)
- MODULE_SIMPLE_EXTRALIBS = -lndbm
- endif
-else
-ifeq ($(HAVE_LIBDB),yes)
- WHICH_DB=db
- MODULE_SIMPLE_EXTRALIBS = -ldb
-else
- WHICH_DB=none
-endif
-endif
-
-ifeq ($(HAVE_LIBCRYPT),yes)
- MODULE_SIMPLE_EXTRALIBS += -lcrypt
-endif
-
-ifeq ($(WHICH_DB),none)
-
-include ../dont_makefile
-
-else
-
-MODULE_SIMPLE_EXTRAFILES = conv
-
-include ../Simple.Rules
-
-endif
diff --git a/Linux-PAM/modules/pam_userdb/Makefile.am b/Linux-PAM/modules/pam_userdb/Makefile.am
new file mode 100644
index 00000000..a442ef83
--- /dev/null
+++ b/Linux-PAM/modules/pam_userdb/Makefile.am
@@ -0,0 +1,34 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) create.pl tst-pam_userdb
+
+man_MANS = pam_userdb.8
+XMLS = README.xml pam_userdb.8.xml
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam @LIBDB@ @LIBCRYPT@
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+if HAVE_LIBDB
+ securelib_LTLIBRARIES = pam_userdb.la
+ TESTS = tst-pam_userdb
+endif
+
+noinst_HEADERS = pam_userdb.h
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_userdb.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_userdb/Makefile.in b/Linux-PAM/modules/pam_userdb/Makefile.in
new file mode 100644
index 00000000..1c439359
--- /dev/null
+++ b/Linux-PAM/modules/pam_userdb/Makefile.in
@@ -0,0 +1,671 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_userdb
+DIST_COMMON = README $(noinst_HEADERS) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_userdb_la_LIBADD =
+pam_userdb_la_SOURCES = pam_userdb.c
+pam_userdb_la_OBJECTS = pam_userdb.lo
+@HAVE_LIBDB_TRUE@am_pam_userdb_la_rpath = -rpath $(securelibdir)
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_userdb.c
+DIST_SOURCES = pam_userdb.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+HEADERS = $(noinst_HEADERS)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) create.pl tst-pam_userdb
+man_MANS = pam_userdb.8
+XMLS = README.xml pam_userdb.8.xml
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam @LIBDB@ @LIBCRYPT@ \
+ $(am__append_1)
+@HAVE_LIBDB_TRUE@securelib_LTLIBRARIES = pam_userdb.la
+@HAVE_LIBDB_TRUE@TESTS = tst-pam_userdb
+noinst_HEADERS = pam_userdb.h
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_userdb/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_userdb/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_userdb.la: $(pam_userdb_la_OBJECTS) $(pam_userdb_la_DEPENDENCIES)
+ $(LINK) $(am_pam_userdb_la_rpath) $(pam_userdb_la_OBJECTS) $(pam_userdb_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_userdb.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA) $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_userdb.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_userdb/README b/Linux-PAM/modules/pam_userdb/README
index 1cab7b74..8e1a5ffd 100644
--- a/Linux-PAM/modules/pam_userdb/README
+++ b/Linux-PAM/modules/pam_userdb/README
@@ -1,61 +1,74 @@
-pam_userdb:
- Look up users in a .db database and verify their password against
- what is contained in that database. The database will have been
- created using db_load.
-
-RECOGNIZED ARGUMENTS:
- debug write a message to syslog indicating success or
- failure.
-
- db=[path] use the [path] database for performing lookup. There
- is no default; the module will return PAM_IGNORE if
- no database is provided. Some versions of DB will
- automatically append ".db" to whatever pathname you
- supply here.
-
- crypt=[mode] indicates whether encrypted or plaintext passwords
- are stored in the database. If [mode] is "crypt",
- passwords should be stored in the database in
- crypt(3) form. If [mode] is "none" or any other
- value, passwords should be stored in the database in
- plaintext.
-
- icase make the password verification to be case insensitive
- (ie when working with registration numbers and such)
- only works with plaintext password storage.
-
- dump dump all the entries in the database to the log (eek,
- don't do this by default!)
-
- use_authtok use the authentication token previously obtained by
- another module that did the conversation with the
- application. If this token can not be obtained then
- the module will try to converse again. This option can
- be used for stacking different modules that need to
- deal with the authentication tokens.
-
- unknown_ok do not return error when checking for a user that is
- not in the database. This can be used to stack more
- than one pam_userdb module that will check a
- username/password pair in more than a database.
-
- key_only the username and password are concatenated together
- in the database hash as 'username-password' with a
- random value. if the concatenation of the username and
- password with a dash in the middle returns any result,
- the user is valid. this is useful in cases where
- the username may not be unique but the username and
- password pair are.
-
-MODULE SERVICES PROVIDED:
- auth _authentication and _setcred (blank)
-
-EXAMPLE USE:
- auth sufficient pam_userdb.so icase db=/tmp/dbtest.db
-
-AUTHOR:
- Cristian Gafton <gafton@redhat.com>
-
-
-
-$Id: README,v 1.3 2004/09/28 13:48:47 kukuk Exp $
+pam_userdb — PAM module to authenticate against a db database
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_userdb module is used to verify a username/password pair against values
+stored in a Berkeley DB database. The database is indexed by the username, and
+the data fields corresponding to the username keys are the passwords.
+
+OPTIONS
+
+crypt=[crypt|none]
+
+ Indicates whether encrypted or plaintext passwords are stored in the
+ database. If it is crypt, passwords should be stored in the database in
+ crypt(3) form. If none is selected, passwords should be stored in the
+ database as plaintext.
+
+db=/path/database
+
+ Use the /path/database database for performing lookup. There is no default;
+ the module will return PAM_IGNORE if no database is provided.
+
+debug
+
+ Print debug information.
+
+dump
+
+ Dump all the entries in the database to the log. Don't do this by default!
+
+icase
+
+ Make the password verification to be case insensitive (ie when working with
+ registration numbers and such). Only works with plaintext password storage.
+
+try_first_pass
+
+ Use the authentication token previously obtained by another module that did
+ the conversation with the application. If this token can not be obtained
+ then the module will try to converse. This option can be used for stacking
+ different modules that need to deal with the authentication tokens.
+
+use_first_pass
+
+ Use the authentication token previously obtained by another module that did
+ the conversation with the application. If this token can not be obtained
+ then the module will fail. This option can be used for stacking different
+ modules that need to deal with the authentication tokens.
+
+unknown_ok
+
+ Do not return error when checking for a user that is not in the database.
+ This can be used to stack more than one pam_userdb module that will check a
+ username/password pair in more than a database.
+
+key_only
+
+ The username and password are concatenated together in the database hash as
+ 'username-password' with a random value. if the concatenation of the
+ username and password with a dash in the middle returns any result, the
+ user is valid. this is useful in cases where the username may not be unique
+ but the username and password pair are.
+
+EXAMPLES
+
+auth sufficient pam_userdb.so icase db=/etc/dbtest.db
+
+
+AUTHOR
+
+pam_userdb was written by Cristian Gafton >gafton@redhat.com<.
+
diff --git a/Linux-PAM/modules/pam_userdb/README.xml b/Linux-PAM/modules/pam_userdb/README.xml
new file mode 100644
index 00000000..b22c09e7
--- /dev/null
+++ b/Linux-PAM/modules/pam_userdb/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_userdb.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_userdb.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_userdb-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_userdb.8.xml" xpointer='xpointer(//refsect1[@id = "pam_userdb-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_userdb.8.xml" xpointer='xpointer(//refsect1[@id = "pam_userdb-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_userdb.8.xml" xpointer='xpointer(//refsect1[@id = "pam_userdb-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_userdb.8.xml" xpointer='xpointer(//refsect1[@id = "pam_userdb-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_userdb/conv.c b/Linux-PAM/modules/pam_userdb/conv.c
deleted file mode 100644
index de5d12f2..00000000
--- a/Linux-PAM/modules/pam_userdb/conv.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * Conversation related functions
- */
-
-/* $Id */
-/* Copyright at the end of the file */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <security/pam_modules.h>
-#include <security/_pam_macros.h>
-
-#include "pam_userdb.h"
-
-/*
- * dummy conversation function sending exactly one prompt
- * and expecting exactly one response from the other party
- */
-static int converse(pam_handle_t *pamh,
- struct pam_message **message,
- struct pam_response **response)
-{
- int retval;
- const struct pam_conv *conv;
-
- retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv ) ;
- if (retval == PAM_SUCCESS)
- retval = conv->conv(1, (const struct pam_message **)message,
- response, conv->appdata_ptr);
-
- return retval; /* propagate error status */
-}
-
-
-static char *_pam_delete(register char *xx)
-{
- _pam_overwrite(xx);
- _pam_drop(xx);
- return NULL;
-}
-
-/*
- * This is a conversation function to obtain the user's password
- */
-int conversation(pam_handle_t *pamh)
-{
- struct pam_message msg[2],*pmsg[2];
- struct pam_response *resp;
- int retval;
- char * token = NULL;
-
- pmsg[0] = &msg[0];
- msg[0].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[0].msg = "Password: ";
-
- /* so call the conversation expecting i responses */
- resp = NULL;
- retval = converse(pamh, pmsg, &resp);
-
- if (resp != NULL) {
- const char * item;
- /* interpret the response */
- if (retval == PAM_SUCCESS) { /* a good conversation */
- token = x_strdup(resp[0].resp);
- if (token == NULL) {
- return PAM_AUTHTOK_RECOVER_ERR;
- }
- }
-
- /* set the auth token */
- retval = pam_set_item(pamh, PAM_AUTHTOK, token);
- token = _pam_delete(token); /* clean it up */
- if ( (retval != PAM_SUCCESS) ||
- (retval = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&item))
- != PAM_SUCCESS ) {
- return retval;
- }
-
- _pam_drop_reply(resp, 1);
- } else {
- retval = (retval == PAM_SUCCESS)
- ? PAM_AUTHTOK_RECOVER_ERR:retval ;
- }
-
- return retval;
-}
-
-/*
- * Copyright (c) Cristian Gafton <gafton@redhat.com>, 1999
- * All rights reserved
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, and the entire permission notice in its entirety,
- * including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior
- * written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED `AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
diff --git a/Linux-PAM/modules/pam_userdb/pam_userdb.8 b/Linux-PAM/modules/pam_userdb/pam_userdb.8
new file mode 100644
index 00000000..b1ad6677
--- /dev/null
+++ b/Linux-PAM/modules/pam_userdb/pam_userdb.8
@@ -0,0 +1,104 @@
+.\" Title: pam_userdb
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/07/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_USERDB" "8" "06/07/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_userdb \- PAM module to authenticate against a db database
+.SH "SYNOPSIS"
+.HP 14
+\fBpam_userdb.so\fR db=\fI/path/database\fR [debug] [crypt=[crypt|none]] [icase] [dump] [try_first_pass] [use_first_pass] [unknown_ok] [key_only]
+.SH "DESCRIPTION"
+.PP
+The pam_userdb module is used to verify a username/password pair against values stored in a Berkeley DB database. The database is indexed by the username, and the data fields corresponding to the username keys are the passwords.
+.SH "OPTIONS"
+.TP 3n
+\fBcrypt=[crypt|none]\fR
+Indicates whether encrypted or plaintext passwords are stored in the database. If it is
+\fBcrypt\fR, passwords should be stored in the database in
+\fBcrypt\fR(3)
+form. If
+\fBnone\fR
+is selected, passwords should be stored in the database as plaintext.
+.TP 3n
+\fBdb=\fR\fB\fI/path/database\fR\fR
+Use the
+\fI/path/database\fR
+database for performing lookup. There is no default; the module will return
+\fBPAM_IGNORE\fR
+if no database is provided.
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBdump\fR
+Dump all the entries in the database to the log. Don't do this by default!
+.TP 3n
+\fBicase\fR
+Make the password verification to be case insensitive (ie when working with registration numbers and such). Only works with plaintext password storage.
+.TP 3n
+\fBtry_first_pass\fR
+Use the authentication token previously obtained by another module that did the conversation with the application. If this token can not be obtained then the module will try to converse. This option can be used for stacking different modules that need to deal with the authentication tokens.
+.TP 3n
+\fBuse_first_pass\fR
+Use the authentication token previously obtained by another module that did the conversation with the application. If this token can not be obtained then the module will fail. This option can be used for stacking different modules that need to deal with the authentication tokens.
+.TP 3n
+\fBunknown_ok\fR
+Do not return error when checking for a user that is not in the database. This can be used to stack more than one pam_userdb module that will check a username/password pair in more than a database.
+.TP 3n
+\fBkey_only\fR
+The username and password are concatenated together in the database hash as 'username\-password' with a random value. if the concatenation of the username and password with a dash in the middle returns any result, the user is valid. this is useful in cases where the username may not be unique but the username and password pair are.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The services
+\fBauth\fR
+and
+\fBaccount\fR
+are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_AUTH_ERR
+Authentication failure.
+.TP 3n
+PAM_AUTHTOK_RECOVERY_ERR
+Authentication information cannot be recovered.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_CONV_ERR
+Conversation failure.
+.TP 3n
+PAM_SERVICE_ERR
+Error in service module.
+.TP 3n
+PAM_SUCCESS
+Success.
+.TP 3n
+PAM_USER_UNKNOWN
+User not known to the underlying authentication module.
+.SH "EXAMPLES"
+.sp
+.RS 3n
+.nf
+auth sufficient pam_userdb.so icase db=/etc/dbtest.db
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBcrypt\fR(3),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_userdb was written by Cristian Gafton >gafton@redhat.com<.
diff --git a/Linux-PAM/modules/pam_userdb/pam_userdb.8.xml b/Linux-PAM/modules/pam_userdb/pam_userdb.8.xml
new file mode 100644
index 00000000..70b416b3
--- /dev/null
+++ b/Linux-PAM/modules/pam_userdb/pam_userdb.8.xml
@@ -0,0 +1,292 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_userdb">
+
+ <refmeta>
+ <refentrytitle>pam_userdb</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_userdb-name">
+ <refname>pam_userdb</refname>
+ <refpurpose>PAM module to authenticate against a db database</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_userdb-cmdsynopsis">
+ <command>pam_userdb.so</command>
+ <arg choice="plain">
+ db=<replaceable>/path/database</replaceable>
+ </arg>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ crypt=[crypt|none]
+ </arg>
+ <arg choice="opt">
+ icase
+ </arg>
+ <arg choice="opt">
+ dump
+ </arg>
+ <arg choice="opt">
+ try_first_pass
+ </arg>
+ <arg choice="opt">
+ use_first_pass
+ </arg>
+ <arg choice="opt">
+ unknown_ok
+ </arg>
+ <arg choice="opt">
+ key_only
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_userdb-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ The pam_userdb module is used to verify a username/password pair
+ against values stored in a Berkeley DB database. The database is
+ indexed by the username, and the data fields corresponding to the
+ username keys are the passwords.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_userdb-options">
+
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>crypt=[crypt|none]</option>
+ </term>
+ <listitem>
+ <para>
+ Indicates whether encrypted or plaintext passwords are stored
+ in the database. If it is <option>crypt</option>, passwords
+ should be stored in the database in
+ <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> form. If <option>none</option> is selected,
+ passwords should be stored in the database as plaintext.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>db=<replaceable>/path/database</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Use the <filename>/path/database</filename> database for
+ performing lookup. There is no default; the module will
+ return <emphasis remap='B'>PAM_IGNORE</emphasis> if no
+ database is provided.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>dump</option>
+ </term>
+ <listitem>
+ <para>
+ Dump all the entries in the database to the log.
+ Don't do this by default!
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>icase</option>
+ </term>
+ <listitem>
+ <para>
+ Make the password verification to be case insensitive
+ (ie when working with registration numbers and such).
+ Only works with plaintext password storage.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>try_first_pass</option>
+ </term>
+ <listitem>
+ <para>
+ Use the authentication token previously obtained by
+ another module that did the conversation with the
+ application. If this token can not be obtained then
+ the module will try to converse. This option can
+ be used for stacking different modules that need to
+ deal with the authentication tokens.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>use_first_pass</option>
+ </term>
+ <listitem>
+ <para>
+ Use the authentication token previously obtained by
+ another module that did the conversation with the
+ application. If this token can not be obtained then
+ the module will fail. This option can be used for
+ stacking different modules that need to deal with
+ the authentication tokens.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>unknown_ok</option>
+ </term>
+ <listitem>
+ <para>
+ Do not return error when checking for a user that is
+ not in the database. This can be used to stack more
+ than one pam_userdb module that will check a
+ username/password pair in more than a database.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>key_only</option>
+ </term>
+ <listitem>
+ <para>
+ The username and password are concatenated together
+ in the database hash as 'username-password' with a
+ random value. if the concatenation of the username and
+ password with a dash in the middle returns any result,
+ the user is valid. this is useful in cases where
+ the username may not be unique but the username and
+ password pair are.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_userdb-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The services <option>auth</option> and <option>account</option>
+ are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_userdb-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>Authentication failure.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_AUTHTOK_RECOVERY_ERR</term>
+ <listitem>
+ <para>
+ Authentication information cannot be recovered.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CONV_ERR</term>
+ <listitem>
+ <para>
+ Conversation failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ Error in service module.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Success.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known to the underlying authentication module.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_userdb-examples'>
+ <title>EXAMPLES</title>
+ <programlisting>
+auth sufficient pam_userdb.so icase db=/etc/dbtest.db
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id='pam_userdb-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_userdb-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_userdb was written by Cristian Gafton &gt;gafton@redhat.com&lt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_userdb/pam_userdb.c b/Linux-PAM/modules/pam_userdb/pam_userdb.c
index 86c7238b..a796b15e 100644
--- a/Linux-PAM/modules/pam_userdb/pam_userdb.c
+++ b/Linux-PAM/modules/pam_userdb/pam_userdb.c
@@ -1,12 +1,11 @@
/* pam_userdb module */
/*
- * $Id: pam_userdb.c,v 1.7 2004/09/28 13:48:47 kukuk Exp $
* Written by Cristian Gafton <gafton@redhat.com> 1996/09/10
* See the end of the file for Copyright Information
*/
-#include <security/_pam_aconf.h>
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
@@ -18,6 +17,9 @@
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>
+#ifdef HAVE_CRYPT_H
+#include <crypt.h>
+#endif
#include "pam_userdb.h"
@@ -43,23 +45,46 @@
#define PAM_SM_ACCOUNT
#include <security/pam_modules.h>
+#include <security/pam_ext.h>
+#include <security/_pam_macros.h>
-/* some syslogging */
-
-static void _pam_log(int err, const char *format, ...)
+/*
+ * Conversation function to obtain the user's password
+ */
+static int
+obtain_authtok(pam_handle_t *pamh)
{
- va_list args;
+ char *resp;
+ const void *item;
+ int retval;
+
+ retval = pam_prompt(pamh, PAM_PROMPT_ECHO_OFF, &resp, _("Password: "));
+
+ if (retval != PAM_SUCCESS)
+ return retval;
+
+ if (resp == NULL)
+ return PAM_CONV_ERR;
+
+ /* set the auth token */
+ retval = pam_set_item(pamh, PAM_AUTHTOK, resp);
+
+ /* clean it up */
+ _pam_overwrite(resp);
+ _pam_drop(resp);
+
+ if ( (retval != PAM_SUCCESS) ||
+ (retval = pam_get_item(pamh, PAM_AUTHTOK, &item))
+ != PAM_SUCCESS ) {
+ return retval;
+ }
- va_start(args, format);
- openlog(MODULE_NAME, LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
+ return retval;
}
static int
-_pam_parse (int argc, const char **argv,
- char **database, char **cryptmode)
+_pam_parse (pam_handle_t *pamh, int argc, const char **argv,
+ const char **database, const char **cryptmode)
{
int ctrl;
@@ -81,25 +106,29 @@ _pam_parse (int argc, const char **argv,
ctrl |= PAM_UNKNOWN_OK_ARG;
else if (!strcasecmp(*argv, "key_only"))
ctrl |= PAM_KEY_ONLY_ARG;
+ else if (!strcasecmp(*argv, "use_first_pass"))
+ ctrl |= PAM_USE_FPASS_ARG;
+ else if (!strcasecmp(*argv, "try_first_pass"))
+ ctrl |= PAM_TRY_FPASS_ARG;
else if (!strncasecmp(*argv,"db=", 3))
{
- *database = strdup((*argv) + 3);
- if ((*database == NULL) || (strlen (*database) == 0))
- _pam_log(LOG_ERR,
- "pam_parse: could not parse argument \"%s\"",
- *argv);
+ *database = (*argv) + 3;
+ if (**database == '\0') {
+ *database = NULL;
+ pam_syslog(pamh, LOG_ERR,
+ "db= specification missing argument - ignored");
+ }
}
else if (!strncasecmp(*argv,"crypt=", 6))
{
- *cryptmode = strdup((*argv) + 6);
- if ((*cryptmode == NULL) || (strlen (*cryptmode) == 0))
- _pam_log(LOG_ERR,
- "pam_parse: could not parse argument \"%s\"",
- *argv);
+ *cryptmode = (*argv) + 6;
+ if (**cryptmode == '\0')
+ pam_syslog(pamh, LOG_ERR,
+ "crypt= specification missing argument - ignored");
}
else
{
- _pam_log(LOG_ERR, "pam_parse: unknown option; %s", *argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
@@ -117,7 +146,7 @@ _pam_parse (int argc, const char **argv,
* -2 = System error
*/
static int
-user_lookup (const char *database, const char *cryptmode,
+user_lookup (pam_handle_t *pamh, const char *database, const char *cryptmode,
const char *user, const char *pass, int ctrl)
{
DBM *dbm;
@@ -126,19 +155,20 @@ user_lookup (const char *database, const char *cryptmode,
/* Open the DB file. */
dbm = dbm_open(database, O_RDONLY, 0644);
if (dbm == NULL) {
- _pam_log(LOG_ERR, "user_lookup: could not open database `%s'",
- database);
+ pam_syslog(pamh, LOG_ERR,
+ "user_lookup: could not open database `%s': %m", database);
return -2;
}
/* dump out the database contents for debugging */
if (ctrl & PAM_DUMP_ARG) {
- _pam_log(LOG_INFO, "Database dump:");
+ pam_syslog(pamh, LOG_INFO, "Database dump:");
for (key = dbm_firstkey(dbm); key.dptr != NULL;
key = dbm_nextkey(dbm)) {
data = dbm_fetch(dbm, key);
- _pam_log(LOG_INFO, "key[len=%d] = `%s', data[len=%d] = `%s'",
- key.dsize, key.dptr, data.dsize, data.dptr);
+ pam_syslog(pamh, LOG_INFO,
+ "key[len=%d] = `%s', data[len=%d] = `%s'",
+ key.dsize, key.dptr, data.dsize, data.dptr);
}
}
@@ -146,9 +176,10 @@ user_lookup (const char *database, const char *cryptmode,
memset(&key, 0, sizeof(key));
memset(&data, 0, sizeof(data));
if (ctrl & PAM_KEY_ONLY_ARG) {
- key.dptr = malloc(strlen(user) + 1 + strlen(pass) + 1);
- sprintf(key.dptr, "%s-%s", user, pass);
- key.dsize = strlen(key.dptr);
+ if (asprintf(&key.dptr, "%s-%s", user, pass) < 0)
+ key.dptr = NULL;
+ else
+ key.dsize = strlen(key.dptr);
} else {
key.dptr = x_strdup(user);
key.dsize = strlen(user);
@@ -161,8 +192,9 @@ user_lookup (const char *database, const char *cryptmode,
}
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_INFO, "password in database is [%p]`%s', len is %d",
- data.dptr, (char *) data.dptr, data.dsize);
+ pam_syslog(pamh, LOG_INFO,
+ "password in database is [%p]`%.*s', len is %d",
+ data.dptr, data.dsize, (char *) data.dptr, data.dsize);
}
if (data.dptr != NULL) {
@@ -174,7 +206,7 @@ user_lookup (const char *database, const char *cryptmode,
return 0; /* found it, data contents don't matter */
}
- if (strncasecmp(cryptmode, "crypt", 5) == 0) {
+ if (cryptmode && strncasecmp(cryptmode, "crypt", 5) == 0) {
/* crypt(3) password storage */
@@ -196,7 +228,7 @@ user_lookup (const char *database, const char *cryptmode,
} else {
compare = -2;
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_INFO, "crypt() returned NULL");
+ pam_syslog(pamh, LOG_INFO, "crypt() returned NULL");
}
};
@@ -208,18 +240,19 @@ user_lookup (const char *database, const char *cryptmode,
* default to plaintext password storage
*/
- if (strlen(pass) != data.dsize) {
- compare = 1; /* wrong password len -> wrong password */
- } else if (ctrl & PAM_ICASE_ARG) {
+ if (strlen(pass) != (size_t)data.dsize) {
+ compare = 1; /* wrong password len -> wrong password */
+ } else if (ctrl & PAM_ICASE_ARG) {
compare = strncasecmp(data.dptr, pass, data.dsize);
- } else {
+ } else {
compare = strncmp(data.dptr, pass, data.dsize);
- }
+ }
- if (strncasecmp(cryptmode, "none", 4) && ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_INFO, "invalid value for crypt parameter: %s",
- cryptmode);
- _pam_log(LOG_INFO, "defaulting to plaintext password mode");
+ if (cryptmode && strncasecmp(cryptmode, "none", 4)
+ && (ctrl & PAM_DEBUG_ARG)) {
+ pam_syslog(pamh, LOG_INFO, "invalid value for crypt parameter: %s",
+ cryptmode);
+ pam_syslog(pamh, LOG_INFO, "defaulting to plaintext password mode");
}
}
@@ -233,8 +266,7 @@ user_lookup (const char *database, const char *cryptmode,
int saw_user = 0;
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_INFO, "error returned by dbm_fetch: %s",
- strerror(errno));
+ pam_syslog(pamh, LOG_INFO, "error returned by dbm_fetch: %m");
}
/* probably we should check dbm_error() here */
@@ -257,7 +289,7 @@ user_lookup (const char *database, const char *cryptmode,
/* if we have the divider where we expect it to be... */
if (key.dptr[strlen(user)] == '-') {
saw_user = 1;
- if (key.dsize == strlen(user) + 1 + strlen(pass)) {
+ if ((size_t)key.dsize == strlen(user) + 1 + strlen(pass)) {
if (ctrl & PAM_ICASE_ARG) {
/* compare the password portion (case insensitive)*/
compare = strncasecmp(key.dptr + strlen(user) + 1,
@@ -290,91 +322,86 @@ user_lookup (const char *database, const char *cryptmode,
/* --- authentication management functions (only) --- */
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
const char *username;
- const char *password;
- char *database = NULL;
- char *cryptmode = NULL;
+ const void *password;
+ const char *database = NULL;
+ const char *cryptmode = NULL;
int retval = PAM_AUTH_ERR, ctrl;
/* parse arguments */
- ctrl = _pam_parse(argc, argv, &database, &cryptmode);
- if ((database == NULL) || (strlen(database) == 0)) {
- if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG,"can not get the database name");
+ ctrl = _pam_parse(pamh, argc, argv, &database, &cryptmode);
+ if (database == NULL) {
+ pam_syslog(pamh, LOG_ERR, "can not get the database name");
return PAM_SERVICE_ERR;
}
/* Get the username */
retval = pam_get_user(pamh, &username, NULL);
if ((retval != PAM_SUCCESS) || (!username)) {
- if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG,"can not get the username");
+ pam_syslog(pamh, LOG_ERR, "can not get the username");
return PAM_SERVICE_ERR;
}
- /* Converse just to be sure we have a password */
- retval = conversation(pamh);
- if (retval != PAM_SUCCESS) {
- _pam_log(LOG_ERR, "could not obtain password for `%s'",
- username);
- return PAM_CONV_ERR;
- }
-
- /* Check if we got a password. The docs say that if we didn't have one,
- * and use_authtok was specified as an argument, that we converse with the
- * user anyway, so check for one and handle a failure for that case. If
- * use_authtok wasn't specified, then we've already asked once and needn't
- * do so again. */
- retval = pam_get_item(pamh, PAM_AUTHTOK, (const void **) &password);
- if ((retval != PAM_SUCCESS) && ((ctrl & PAM_USE_AUTHTOK_ARG) != 0)) {
- retval = conversation(pamh);
+ if ((ctrl & PAM_USE_FPASS_ARG) == 0 && (ctrl & PAM_TRY_FPASS_ARG) == 0) {
+ /* Converse to obtain a password */
+ retval = obtain_authtok(pamh);
if (retval != PAM_SUCCESS) {
- _pam_log(LOG_ERR, "could not obtain password for `%s'",
- username);
- return PAM_CONV_ERR;
+ pam_syslog(pamh, LOG_ERR, "can not obtain password from user");
+ return retval;
}
}
- /* Get the password */
- retval = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&password);
- if (retval != PAM_SUCCESS) {
- _pam_log(LOG_ERR, "Could not retrieve user's password");
- return -2;
+ /* Check if we got a password */
+ retval = pam_get_item(pamh, PAM_AUTHTOK, &password);
+ if (retval != PAM_SUCCESS || password == NULL) {
+ if ((ctrl & PAM_TRY_FPASS_ARG) != 0) {
+ /* Converse to obtain a password */
+ retval = obtain_authtok(pamh);
+ if (retval != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_ERR, "can not obtain password from user");
+ return retval;
+ }
+ retval = pam_get_item(pamh, PAM_AUTHTOK, &password);
+ }
+ if (retval != PAM_SUCCESS || password == NULL) {
+ pam_syslog(pamh, LOG_ERR, "can not recover user password");
+ return PAM_AUTHTOK_RECOVERY_ERR;
+ }
}
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_INFO, "Verify user `%s' with password `%s'",
- username, password);
+ pam_syslog(pamh, LOG_INFO, "Verify user `%s' with a password",
+ username);
/* Now use the username to look up password in the database file */
- retval = user_lookup(database, cryptmode, username, password, ctrl);
+ retval = user_lookup(pamh, database, cryptmode, username, password, ctrl);
switch (retval) {
case -2:
/* some sort of system error. The log was already printed */
return PAM_SERVICE_ERR;
case -1:
/* incorrect password */
- _pam_log(LOG_WARNING,
- "user `%s' denied access (incorrect password)",
- username);
+ pam_syslog(pamh, LOG_WARNING,
+ "user `%s' denied access (incorrect password)",
+ username);
return PAM_AUTH_ERR;
case 1:
/* the user does not exist in the database */
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_NOTICE, "user `%s' not found in the database",
- username);
+ pam_syslog(pamh, LOG_NOTICE,
+ "user `%s' not found in the database", username);
return PAM_USER_UNKNOWN;
case 0:
/* Otherwise, the authentication looked good */
- _pam_log(LOG_NOTICE, "user '%s' granted acces", username);
+ pam_syslog(pamh, LOG_NOTICE, "user '%s' granted access", username);
return PAM_SUCCESS;
default:
/* we don't know anything about this return value */
- _pam_log(LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"internal module error (retval = %d, user = `%s'",
retval, username);
return PAM_SERVICE_ERR;
@@ -384,34 +411,34 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
return PAM_IGNORE;
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
-PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
const char *username;
- char *database = NULL;
- char *cryptmode = NULL;
+ const char *database = NULL;
+ const char *cryptmode = NULL;
int retval = PAM_AUTH_ERR, ctrl;
/* parse arguments */
- ctrl = _pam_parse(argc, argv, &database, &cryptmode);
+ ctrl = _pam_parse(pamh, argc, argv, &database, &cryptmode);
/* Get the username */
retval = pam_get_user(pamh, &username, NULL);
if ((retval != PAM_SUCCESS) || (!username)) {
- if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG,"can not get the username");
+ pam_syslog(pamh, LOG_ERR,"can not get the username");
return PAM_SERVICE_ERR;
}
/* Now use the username to look up password in the database file */
- retval = user_lookup(database, cryptmode, username, "", ctrl);
+ retval = user_lookup(pamh, database, cryptmode, username, "", ctrl);
switch (retval) {
case -2:
/* some sort of system error. The log was already printed */
@@ -427,10 +454,10 @@ int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
return PAM_USER_UNKNOWN;
default:
/* we don't know anything about this return value */
- _pam_log(LOG_ERR,
- "internal module error (retval = %d, user = `%s'",
- retval, username);
- return PAM_SERVICE_ERR;
+ pam_syslog(pamh, LOG_ERR,
+ "internal module error (retval = %d, user = `%s'",
+ retval, username);
+ return PAM_SERVICE_ERR;
}
return PAM_SUCCESS;
diff --git a/Linux-PAM/modules/pam_userdb/pam_userdb.h b/Linux-PAM/modules/pam_userdb/pam_userdb.h
index af03676b..5a3396a2 100644
--- a/Linux-PAM/modules/pam_userdb/pam_userdb.h
+++ b/Linux-PAM/modules/pam_userdb/pam_userdb.h
@@ -1,7 +1,7 @@
#ifndef _PAM_USERSDB_H
#define _PAM_USERSDB_H
-/* $Id: pam_userdb.h,v 1.2 2004/09/28 13:48:47 kukuk Exp $ */
+/* $Id: pam_userdb.h,v 1.4 2005/09/18 13:04:57 kukuk Exp $ */
/* Header files */
#include <security/pam_appl.h>
@@ -10,9 +10,10 @@
#define PAM_DEBUG_ARG 0x0001
#define PAM_ICASE_ARG 0x0002
#define PAM_DUMP_ARG 0x0004
-#define PAM_USE_AUTHTOK_ARG 0x0008
#define PAM_UNKNOWN_OK_ARG 0x0010
#define PAM_KEY_ONLY_ARG 0x0020
+#define PAM_USE_FPASS_ARG 0x0040
+#define PAM_TRY_FPASS_ARG 0x0080
/* Useful macros */
#define x_strdup(s) ( (s) ? strdup(s):NULL )
@@ -22,9 +23,6 @@
#define MODULE_NAME "pam_userdb"
#endif /* MODULE_NAME */
-/* function prototypes */
-int conversation(pam_handle_t *);
-
#endif /* _PAM_USERSDB_H */
/*
diff --git a/Linux-PAM/modules/pam_userdb/tst-pam_userdb b/Linux-PAM/modules/pam_userdb/tst-pam_userdb
new file mode 100755
index 00000000..5d5eb195
--- /dev/null
+++ b/Linux-PAM/modules/pam_userdb/tst-pam_userdb
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_userdb.so
diff --git a/Linux-PAM/modules/pam_warn/Makefile b/Linux-PAM/modules/pam_warn/Makefile
deleted file mode 100644
index b1420538..00000000
--- a/Linux-PAM/modules/pam_warn/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:06 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_warn
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_warn/Makefile.am b/Linux-PAM/modules/pam_warn/Makefile.am
new file mode 100644
index 00000000..6ecc1362
--- /dev/null
+++ b/Linux-PAM/modules/pam_warn/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_warn
+
+man_MANS = pam_warn.8
+XMLS = README.xml pam_warn.8.xml
+
+TESTS = tst-pam_warn
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_warn.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_warn.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_warn/Makefile.in b/Linux-PAM/modules/pam_warn/Makefile.in
new file mode 100644
index 00000000..aa0c0adf
--- /dev/null
+++ b/Linux-PAM/modules/pam_warn/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_warn
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_warn_la_LIBADD =
+pam_warn_la_SOURCES = pam_warn.c
+pam_warn_la_OBJECTS = pam_warn.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_warn.c
+DIST_SOURCES = pam_warn.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_warn
+man_MANS = pam_warn.8
+XMLS = README.xml pam_warn.8.xml
+TESTS = tst-pam_warn
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_warn.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_warn/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_warn/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_warn.la: $(pam_warn_la_OBJECTS) $(pam_warn_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_warn_la_OBJECTS) $(pam_warn_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_warn.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_warn.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_warn/README b/Linux-PAM/modules/pam_warn/README
index 3c4bde8a..d9619b53 100644
--- a/Linux-PAM/modules/pam_warn/README
+++ b/Linux-PAM/modules/pam_warn/README
@@ -1,26 +1,36 @@
-# $Id: README,v 1.1.1.1 2000/06/20 22:12:10 agmorgan Exp $
-#
+pam_warn — PAM module which logs all PAM items if called
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
-This module is an authentication module that does not authenticate.
-Instead it always returns PAM_IGNORE, indicating that it does not want
-to affect the authentication process.
+pam_warn is a PAM module that logs the service, terminal, user, remote user and
+remote host to syslog(3). The items are not probed for, but instead obtained
+from the standard PAM items. The module always returns PAM_IGNORE, indicating
+that it does not want to affect the authentication process.
-Its purpose is to log a message to the syslog indicating the
-pam_item's available at the time it was invoked. It is a diagnostic
-tool.
+OPTIONS
-Recognized arguments:
+This module does not recognice any options.
- <none>
+EXAMPLES
+
+#%PAM-1.0
+#
+# If we don't have config entries for a service, the
+# OTHER entries are used. To be secure, warn and deny
+# access to everything.
+other auth required pam_warn.so
+other auth required pam_deny.so
+other account required pam_warn.so
+other account required pam_deny.so
+other password required pam_warn.so
+other password required pam_deny.so
+other session required pam_warn.so
+other session required pam_deny.so
-module services provided:
- auth _authenticate and _setcred (blank)
- acct _acct_mgmt [mapped to _authenticate]
- session _open_session and
- _close_session [mapped to _authenticate ]
- password _chauthtok [mapped to _authenticate]
+AUTHOR
+pam_warn was written by Andrew G. Morgan <morgan@kernel.org>.
-Andrew Morgan
-1996/11/14
diff --git a/Linux-PAM/modules/pam_warn/README.xml b/Linux-PAM/modules/pam_warn/README.xml
new file mode 100644
index 00000000..4367c28f
--- /dev/null
+++ b/Linux-PAM/modules/pam_warn/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_warn.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_warn.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_warn-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_warn.8.xml" xpointer='xpointer(//refsect1[@id = "pam_warn-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_warn.8.xml" xpointer='xpointer(//refsect1[@id = "pam_warn-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_warn.8.xml" xpointer='xpointer(//refsect1[@id = "pam_warn-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_warn.8.xml" xpointer='xpointer(//refsect1[@id = "pam_warn-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_warn/pam_warn.8 b/Linux-PAM/modules/pam_warn/pam_warn.8
new file mode 100644
index 00000000..4e2c67c5
--- /dev/null
+++ b/Linux-PAM/modules/pam_warn/pam_warn.8
@@ -0,0 +1,67 @@
+.\" Title: pam_warn
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/09/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_WARN" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_warn \- PAM module which logs all PAM items if called
+.SH "SYNOPSIS"
+.HP 12
+\fBpam_warn.so\fR
+.SH "DESCRIPTION"
+.PP
+pam_warn is a PAM module that logs the service, terminal, user, remote user and remote host to
+\fBsyslog\fR(3). The items are not probed for, but instead obtained from the standard PAM items. The module always returns
+\fBPAM_IGNORE\fR, indicating that it does not want to affect the authentication process.
+.SH "OPTIONS"
+.PP
+This module does not recognice any options.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The services
+\fBauth\fR,
+\fBaccount\fR,
+\fBpassword\fR
+and
+\fBsession\fR
+are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_IGNORE
+This module always returns PAM_IGNORE.
+.SH "EXAMPLES"
+.sp
+.RS 3n
+.nf
+#%PAM\-1.0
+#
+# If we don't have config entries for a service, the
+# OTHER entries are used. To be secure, warn and deny
+# access to everything.
+other auth required pam_warn.so
+other auth required pam_deny.so
+other account required pam_warn.so
+other account required pam_deny.so
+other password required pam_warn.so
+other password required pam_deny.so
+other session required pam_warn.so
+other session required pam_deny.so
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_warn was written by Andrew G. Morgan <morgan@kernel.org>.
diff --git a/Linux-PAM/modules/pam_warn/pam_warn.8.xml b/Linux-PAM/modules/pam_warn/pam_warn.8.xml
new file mode 100644
index 00000000..1aa70f59
--- /dev/null
+++ b/Linux-PAM/modules/pam_warn/pam_warn.8.xml
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_warn">
+
+ <refmeta>
+ <refentrytitle>pam_warn</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+ <refnamediv id="pam_warn-name">
+ <refname>pam_warn</refname>
+ <refpurpose>PAM module which logs all PAM items if called</refpurpose>
+ </refnamediv>
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_warn-cmdsynopsis">
+ <command>pam_warn.so</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_warn-description">
+ <title>DESCRIPTION</title>
+ <para>
+ pam_warn is a PAM module that logs the service, terminal, user,
+ remote user and remote host to
+ <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>. The items are not probed for, but instead obtained
+ from the standard PAM items. The module always returns
+ <emphasis remap='B'>PAM_IGNORE</emphasis>, indicating that it
+ does not want to affect the authentication process.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_warn-options">
+ <title>OPTIONS</title>
+ <para>This module does not recognice any options.</para>
+ </refsect1>
+
+ <refsect1 id="pam_warn-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The services <option>auth</option>, <option>account</option>,
+ <option>password</option> and <option>session</option> are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_warn-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ This module always returns PAM_IGNORE.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_warn-examples'>
+ <title>EXAMPLES</title>
+ <programlisting>
+#%PAM-1.0
+#
+# If we don't have config entries for a service, the
+# OTHER entries are used. To be secure, warn and deny
+# access to everything.
+other auth required pam_warn.so
+other auth required pam_deny.so
+other account required pam_warn.so
+other account required pam_deny.so
+other password required pam_warn.so
+other password required pam_deny.so
+other session required pam_warn.so
+other session required pam_deny.so
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id='pam_warn-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_warn-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_warn was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_warn/pam_warn.c b/Linux-PAM/modules/pam_warn/pam_warn.c
index 90170c01..8c3b9d69 100644
--- a/Linux-PAM/modules/pam_warn/pam_warn.c
+++ b/Linux-PAM/modules/pam_warn/pam_warn.c
@@ -1,12 +1,12 @@
/* pam_warn module */
/*
- * $Id: pam_warn.c,v 1.2 2002/05/29 04:44:43 agmorgan Exp $
+ * $Id: pam_warn.c,v 1.6 2005/09/17 08:59:04 t8m Exp $
*
* Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11
*/
-#define _BSD_SOURCE
+#include "config.h"
#include <stdio.h>
#include <unistd.h>
@@ -24,28 +24,18 @@
#define PAM_SM_PASSWORD
#include <security/pam_modules.h>
+#include <security/pam_ext.h>
/* some syslogging */
#define OBTAIN(item, value, default_value) do { \
- (void) pam_get_item(pamh, item, (const void **) &value); \
+ (void) pam_get_item(pamh, item, &value); \
value = value ? value : default_value ; \
} while (0)
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-warn", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
static void log_items(pam_handle_t *pamh, const char *function)
{
- const char *service=NULL, *user=NULL, *terminal=NULL,
+ const void *service=NULL, *user=NULL, *terminal=NULL,
*rhost=NULL, *ruser=NULL;
OBTAIN(PAM_SERVICE, service, "<unknown>");
@@ -54,23 +44,27 @@ static void log_items(pam_handle_t *pamh, const char *function)
OBTAIN(PAM_RUSER, ruser, "<unknown>");
OBTAIN(PAM_RHOST, rhost, "<unknown>");
- _pam_log(LOG_NOTICE, "function=[%s] service=[%s] terminal=[%s] user=[%s]"
- " ruser=[%s] rhost=[%s]\n",
- function, service, terminal, user, ruser, rhost);
+ pam_syslog(pamh, LOG_NOTICE,
+ "function=[%s] service=[%s] terminal=[%s] user=[%s]"
+ " ruser=[%s] rhost=[%s]\n", function,
+ (const char *) service, (const char *) terminal,
+ (const char *) user, (const char *) ruser,
+ (const char *) rhost);
}
/* --- authentication management functions (only) --- */
PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__);
return PAM_IGNORE;
}
PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
+int pam_sm_setcred(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__);
return PAM_IGNORE;
@@ -79,30 +73,32 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
/* password updating functions */
PAM_EXTERN
-int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc,const char **argv)
+int pam_sm_chauthtok(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__);
return PAM_IGNORE;
}
PAM_EXTERN int
-pam_sm_acct_mgmt (pam_handle_t *pamh, int flags, int argc, const char **argv)
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__);
return PAM_IGNORE;
}
PAM_EXTERN int
-pam_sm_open_session (pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__);
return PAM_IGNORE;
}
PAM_EXTERN int
-pam_sm_close_session (pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__);
return PAM_IGNORE;
diff --git a/Linux-PAM/modules/pam_warn/tst-pam_warn b/Linux-PAM/modules/pam_warn/tst-pam_warn
new file mode 100755
index 00000000..0b48365a
--- /dev/null
+++ b/Linux-PAM/modules/pam_warn/tst-pam_warn
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_warn.so
diff --git a/Linux-PAM/modules/pam_wheel/Makefile b/Linux-PAM/modules/pam_wheel/Makefile
deleted file mode 100644
index 67947f81..00000000
--- a/Linux-PAM/modules/pam_wheel/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id: Makefile,v 1.2 2000/11/19 23:54:06 agmorgan Exp $
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_wheel
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_wheel/Makefile.am b/Linux-PAM/modules/pam_wheel/Makefile.am
new file mode 100644
index 00000000..82a98305
--- /dev/null
+++ b/Linux-PAM/modules/pam_wheel/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README ${MANS} $(XMLS) tst-pam_wheel
+
+man_MANS = pam_wheel.8
+XMLS = README.xml pam_wheel.8.xml
+
+TESTS = tst-pam_wheel
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_wheel.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_wheel.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_wheel/Makefile.in b/Linux-PAM/modules/pam_wheel/Makefile.in
new file mode 100644
index 00000000..2dd057d3
--- /dev/null
+++ b/Linux-PAM/modules/pam_wheel/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_wheel
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_wheel_la_LIBADD =
+pam_wheel_la_SOURCES = pam_wheel.c
+pam_wheel_la_OBJECTS = pam_wheel.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_wheel.c
+DIST_SOURCES = pam_wheel.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README ${MANS} $(XMLS) tst-pam_wheel
+man_MANS = pam_wheel.8
+XMLS = README.xml pam_wheel.8.xml
+TESTS = tst-pam_wheel
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_wheel.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_wheel/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_wheel/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_wheel.la: $(pam_wheel_la_OBJECTS) $(pam_wheel_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_wheel_la_OBJECTS) $(pam_wheel_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_wheel.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_wheel.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_wheel/README b/Linux-PAM/modules/pam_wheel/README
index 2cd156c0..6a2b21c5 100644
--- a/Linux-PAM/modules/pam_wheel/README
+++ b/Linux-PAM/modules/pam_wheel/README
@@ -1,39 +1,61 @@
+pam_wheel — Only permit root access to members of group wheel
-pam_wheel:
- only permit root authentication to members of wheel group
-
-RECOGNIZED ARGUMENTS:
- debug Write a message to syslog indicating success or
- failure.
-
- use_uid The check for wheel membership will be done against
- the current uid instead of the original one
- (useful when jumping with su from one account to
- another for example).
-
- trust The pam_wheel module will return PAM_SUCCESS instead
- of PAM_IGNORE if the user is a member of the wheel
- group (thus with a little play stacking the modules
- the wheel members may be able to su to root without
- being prompted for a passwd).
-
- deny Reverse the sense of the auth operation: if the user
- is trying to get UID 0 access and is a member of the
- wheel group, deny access (well, kind of nonsense, but
- for use in conjunction with 'group' argument... :-)
- Conversely, if the user is not in the group, return
- PAM_IGNORE (unless 'trust' was also specified, in
- which case we return PAM_SUCCESS).
-
- group=xxxx Instead of checking the wheel or GID 0 groups, use
- the xxxx group to perform the authentification.
-
- root_only The check for wheel membership is done only
- if the uid of requested account is 0.
-
-MODULE SERVICES PROVIDED:
- auth _authentication, _setcred (blank) and _acct_mgmt
-
-AUTHOR:
- Cristian Gafton <gafton@redhat.com>
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_wheel PAM module is used to enforce the so-called wheel group. By
+default it permits root access to the system if the applicant user is a member
+of the wheel group. If no group with this name exist, the module is using the
+group with the group-ID 0.
+
+OPTIONS
+
+debug
+
+ Print debug information.
+
+deny
+
+ Reverse the sense of the auth operation: if the user is trying to get UID 0
+ access and is a member of the wheel group (or the group of the group
+ option), deny access. Conversely, if the user is not in the group, return
+ PAM_IGNORE (unless trust was also specified, in which case we return
+ PAM_SUCCESS).
+
+group=name
+
+ Instead of checking the wheel or GID 0 groups, use the name group to
+ perform the authentication.
+
+root_only
+
+ The check for wheel membership is done only.
+
+trust
+
+ The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the
+ user is a member of the wheel group (thus with a little play stacking the
+ modules the wheel members may be able to su to root without being prompted
+ for a passwd).
+
+use_uid
+
+ The check for wheel membership will be done against the current uid instead
+ of the original one (useful when jumping with su from one account to
+ another for example).
+
+EXAMPLES
+
+The root account gains access by default (rootok), only wheel members can
+become root (wheel) but Unix authenticate non-root applicants.
+
+su auth sufficient pam_rootok.so
+su auth required pam_wheel.so
+su auth required pam_unix.so
+
+
+AUTHOR
+
+pam_wheel was written by Cristian Gafton <gafton@redhat.com>.
diff --git a/Linux-PAM/modules/pam_wheel/README.xml b/Linux-PAM/modules/pam_wheel/README.xml
new file mode 100644
index 00000000..9e33d7ff
--- /dev/null
+++ b/Linux-PAM/modules/pam_wheel/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_wheel.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_wheel.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_wheel-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_wheel/pam_wheel.8 b/Linux-PAM/modules/pam_wheel/pam_wheel.8
new file mode 100644
index 00000000..ae29c37e
--- /dev/null
+++ b/Linux-PAM/modules/pam_wheel/pam_wheel.8
@@ -0,0 +1,101 @@
+.\" Title: pam_wheel
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/09/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_WHEEL" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_wheel \- Only permit root access to members of group wheel
+.SH "SYNOPSIS"
+.HP 13
+\fBpam_wheel.so\fR [debug] [deny] [group=\fIname\fR] [root_only] [trust] [use_uid]
+.SH "DESCRIPTION"
+.PP
+The pam_wheel PAM module is used to enforce the so\-called
+\fIwheel\fR
+group. By default it permits root access to the system if the applicant user is a member of the
+\fIwheel\fR
+group. If no group with this name exist, the module is using the group with the group\-ID
+\fB0\fR.
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBdeny\fR
+Reverse the sense of the auth operation: if the user is trying to get UID 0 access and is a member of the wheel group (or the group of the
+\fBgroup\fR
+option), deny access. Conversely, if the user is not in the group, return PAM_IGNORE (unless
+\fBtrust\fR
+was also specified, in which case we return PAM_SUCCESS).
+.TP 3n
+\fBgroup=\fR\fB\fIname\fR\fR
+Instead of checking the wheel or GID 0 groups, use the
+\fB\fIname\fR\fR
+group to perform the authentication.
+.TP 3n
+\fBroot_only\fR
+The check for wheel membership is done only.
+.TP 3n
+\fBtrust\fR
+The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the user is a member of the wheel group (thus with a little play stacking the modules the wheel members may be able to su to root without being prompted for a passwd).
+.TP 3n
+\fBuse_uid\fR
+The check for wheel membership will be done against the current uid instead of the original one (useful when jumping with su from one account to another for example).
+.SH "MODULE SERVICES PROVIDED"
+.PP
+The
+\fBauth\fR
+and
+\fBaccount\fR
+services are supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_AUTH_ERR
+Authentication failure.
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_IGNORE
+The return value should be ignored by PAM dispatch.
+.TP 3n
+PAM_PERM_DENY
+Permission denied.
+.TP 3n
+PAM_SERVICE_ERR
+Cannot determine the user name.
+.TP 3n
+PAM_SUCCESS
+Success.
+.TP 3n
+PAM_USER_UNKNOWN
+User not known.
+.SH "EXAMPLES"
+.PP
+The root account gains access by default (rootok), only wheel members can become root (wheel) but Unix authenticate non\-root applicants.
+.sp
+.RS 3n
+.nf
+su auth sufficient pam_rootok.so
+su auth required pam_wheel.so
+su auth required pam_unix.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_wheel was written by Cristian Gafton <gafton@redhat.com>.
diff --git a/Linux-PAM/modules/pam_wheel/pam_wheel.8.xml b/Linux-PAM/modules/pam_wheel/pam_wheel.8.xml
new file mode 100644
index 00000000..bf8b7349
--- /dev/null
+++ b/Linux-PAM/modules/pam_wheel/pam_wheel.8.xml
@@ -0,0 +1,242 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_wheel">
+
+ <refmeta>
+ <refentrytitle>pam_wheel</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_wheel-name">
+ <refname>pam_wheel</refname>
+ <refpurpose>Only permit root access to members of group wheel</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_wheel-cmdsynopsis">
+ <command>pam_wheel.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ deny
+ </arg>
+ <arg choice="opt">
+ group=<replaceable>name</replaceable>
+ </arg>
+ <arg choice="opt">
+ root_only
+ </arg>
+ <arg choice="opt">
+ trust
+ </arg>
+ <arg choice="opt">
+ use_uid
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_wheel-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_wheel PAM module is used to enforce the so-called
+ <emphasis>wheel</emphasis> group. By default it permits root
+ access to the system if the applicant user is a member of the
+ <emphasis>wheel</emphasis> group. If no group with this name exist,
+ the module is using the group with the group-ID
+ <emphasis remap='B'>0</emphasis>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_wheel-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>deny</option>
+ </term>
+ <listitem>
+ <para>
+ Reverse the sense of the auth operation: if the user
+ is trying to get UID 0 access and is a member of the
+ wheel group (or the group of the <option>group</option> option),
+ deny access. Conversely, if the user is not in the group, return
+ PAM_IGNORE (unless <option>trust</option> was also specified,
+ in which case we return PAM_SUCCESS).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>group=<replaceable>name</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Instead of checking the wheel or GID 0 groups, use
+ the <option><replaceable>name</replaceable></option> group
+ to perform the authentication.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>root_only</option>
+ </term>
+ <listitem>
+ <para>
+ The check for wheel membership is done only.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>trust</option>
+ </term>
+ <listitem>
+ <para>
+ The pam_wheel module will return PAM_SUCCESS instead
+ of PAM_IGNORE if the user is a member of the wheel group
+ (thus with a little play stacking the modules the wheel
+ members may be able to su to root without being prompted
+ for a passwd).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>use_uid</option>
+ </term>
+ <listitem>
+ <para>
+ The check for wheel membership will be done against
+ the current uid instead of the original one (useful when
+ jumping with su from one account to another for example).
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_wheel-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ The <emphasis remap='B'>auth</emphasis> and
+ <emphasis remap='B'>account</emphasis> services are supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_wheel-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ Authentication failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_IGNORE</term>
+ <listitem>
+ <para>
+ The return value should be ignored by PAM dispatch.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_PERM_DENY</term>
+ <listitem>
+ <para>
+ Permission denied.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SERVICE_ERR</term>
+ <listitem>
+ <para>
+ Cannot determine the user name.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Success.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_wheel-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ The root account gains access by default (rootok), only wheel
+ members can become root (wheel) but Unix authenticate non-root
+ applicants.
+ <programlisting>
+su auth sufficient pam_rootok.so
+su auth required pam_wheel.so
+su auth required pam_unix.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_wheel-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_wheel-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_wheel was written by Cristian Gafton &lt;gafton@redhat.com&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_wheel/pam_wheel.c b/Linux-PAM/modules/pam_wheel/pam_wheel.c
index 92cd44b9..ca0e171d 100644
--- a/Linux-PAM/modules/pam_wheel/pam_wheel.c
+++ b/Linux-PAM/modules/pam_wheel/pam_wheel.c
@@ -21,7 +21,7 @@
* a wheel member.
*/
-#define _BSD_SOURCE
+#include "config.h"
#include <stdio.h>
#include <unistd.h>
@@ -43,23 +43,10 @@
#define PAM_SM_ACCOUNT
#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
-
-/* some syslogging */
-
-static void _pam_log(int err, const char *format, ...)
-{
- va_list args;
-
- va_start(args, format);
- openlog("PAM-Wheel", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
/* checks if a user is on a list of members of the GID 0 group */
-
static int is_on_list(char * const *list, const char *member)
{
while (list && *list) {
@@ -78,8 +65,9 @@ static int is_on_list(char * const *list, const char *member)
#define PAM_DENY_ARG 0x0010
#define PAM_ROOT_ONLY_ARG 0x0020
-static int _pam_parse(int argc, const char **argv, char *use_group,
- size_t group_length)
+static int
+_pam_parse (const pam_handle_t *pamh, int argc, const char **argv,
+ char *use_group, size_t group_length)
{
int ctrl=0;
@@ -103,15 +91,15 @@ static int _pam_parse(int argc, const char **argv, char *use_group,
else if (!strncmp(*argv,"group=",6))
strncpy(use_group,*argv+6,group_length-1);
else {
- _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv);
+ pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
return ctrl;
}
-static int perform_check(pam_handle_t *pamh, int flags, int ctrl,
- const char *use_group)
+static int
+perform_check (pam_handle_t *pamh, int ctrl, const char *use_group)
{
const char *username = NULL;
const char *fromsu;
@@ -122,15 +110,15 @@ static int perform_check(pam_handle_t *pamh, int flags, int ctrl,
retval = pam_get_user(pamh, &username, NULL);
if ((retval != PAM_SUCCESS) || (!username)) {
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_DEBUG,"can not get the username");
+ pam_syslog(pamh, LOG_DEBUG, "can not get the username");
}
return PAM_SERVICE_ERR;
}
- pwd = _pammodutil_getpwnam (pamh, username);
+ pwd = pam_modutil_getpwnam (pamh, username);
if (!pwd) {
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_NOTICE,"unknown user %s",username);
+ pam_syslog(pamh, LOG_NOTICE, "unknown user %s", username);
}
return PAM_USER_UNKNOWN;
}
@@ -140,24 +128,24 @@ static int perform_check(pam_handle_t *pamh, int flags, int ctrl,
return PAM_IGNORE;
}
}
-
+
if (ctrl & PAM_USE_UID_ARG) {
- tpwd = _pammodutil_getpwuid (pamh, getuid());
+ tpwd = pam_modutil_getpwuid (pamh, getuid());
if (!tpwd) {
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_NOTICE, "who is running me ?!");
+ pam_syslog(pamh, LOG_NOTICE, "who is running me ?!");
}
return PAM_SERVICE_ERR;
}
fromsu = tpwd->pw_name;
} else {
- fromsu = _pammodutil_getlogin(pamh);
+ fromsu = pam_modutil_getlogin(pamh);
if (fromsu) {
- tpwd = _pammodutil_getpwnam (pamh, fromsu);
+ tpwd = pam_modutil_getpwnam (pamh, fromsu);
}
if (!fromsu || !tpwd) {
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_NOTICE, "who is running me ?!");
+ pam_syslog(pamh, LOG_NOTICE, "who is running me ?!");
}
return PAM_SERVICE_ERR;
}
@@ -166,21 +154,22 @@ static int perform_check(pam_handle_t *pamh, int flags, int ctrl,
/*
* At this point fromsu = username-of-invoker; tpwd = pwd ptr for fromsu
*/
-
+
if (!use_group[0]) {
- if ((grp = _pammodutil_getgrnam (pamh, "wheel")) == NULL) {
- grp = _pammodutil_getgrgid (pamh, 0);
+ if ((grp = pam_modutil_getgrnam (pamh, "wheel")) == NULL) {
+ grp = pam_modutil_getgrgid (pamh, 0);
}
} else {
- grp = _pammodutil_getgrnam (pamh, use_group);
+ grp = pam_modutil_getgrnam (pamh, use_group);
}
if (!grp || (!grp->gr_mem && (tpwd->pw_gid != grp->gr_gid))) {
if (ctrl & PAM_DEBUG_ARG) {
if (!use_group[0]) {
- _pam_log(LOG_NOTICE,"no members in a GID 0 group");
+ pam_syslog(pamh, LOG_NOTICE, "no members in a GID 0 group");
} else {
- _pam_log(LOG_NOTICE,"no members in '%s' group", use_group);
+ pam_syslog(pamh, LOG_NOTICE,
+ "no members in '%s' group", use_group);
}
}
if (ctrl & PAM_DENY_ARG) {
@@ -193,7 +182,7 @@ static int perform_check(pam_handle_t *pamh, int flags, int ctrl,
return PAM_AUTH_ERR;
}
}
-
+
/*
* test if the user is a member of the group, or if the
* user has the "wheel" (sic) group as its primary group.
@@ -228,12 +217,13 @@ static int perform_check(pam_handle_t *pamh, int flags, int ctrl,
if (ctrl & PAM_DEBUG_ARG) {
if (retval == PAM_IGNORE) {
- _pam_log(LOG_NOTICE, "Ignoring access request '%s' for '%s'",
- fromsu, username);
+ pam_syslog(pamh, LOG_NOTICE,
+ "Ignoring access request '%s' for '%s'",
+ fromsu, username);
} else {
- _pam_log(LOG_NOTICE, "Access %s to '%s' for '%s'",
- (retval != PAM_SUCCESS) ? "denied":"granted",
- fromsu, username);
+ pam_syslog(pamh, LOG_NOTICE, "Access %s to '%s' for '%s'",
+ (retval != PAM_SUCCESS) ? "denied":"granted",
+ fromsu, username);
}
}
@@ -242,35 +232,35 @@ static int perform_check(pam_handle_t *pamh, int flags, int ctrl,
/* --- authentication management functions --- */
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
char use_group[BUFSIZ];
int ctrl;
- ctrl = _pam_parse(argc, argv, use_group, sizeof(use_group));
+ ctrl = _pam_parse(pamh, argc, argv, use_group, sizeof(use_group));
- return perform_check(pamh, flags, ctrl, use_group);
+ return perform_check(pamh, ctrl, use_group);
}
-PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
-PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+PAM_EXTERN int
+pam_sm_acct_mgmt (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
char use_group[BUFSIZ];
int ctrl;
- ctrl = _pam_parse(argc, argv, use_group, sizeof(use_group));
+ ctrl = _pam_parse(pamh, argc, argv, use_group, sizeof(use_group));
- return perform_check(pamh, flags, ctrl, use_group);
+ return perform_check(pamh, ctrl, use_group);
}
#ifdef PAM_STATIC
diff --git a/Linux-PAM/modules/pam_wheel/tst-pam_wheel b/Linux-PAM/modules/pam_wheel/tst-pam_wheel
new file mode 100755
index 00000000..4bf5d6a6
--- /dev/null
+++ b/Linux-PAM/modules/pam_wheel/tst-pam_wheel
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_wheel.so
diff --git a/Linux-PAM/modules/pam_xauth/Makefile b/Linux-PAM/modules/pam_xauth/Makefile
deleted file mode 100644
index 385466a2..00000000
--- a/Linux-PAM/modules/pam_xauth/Makefile
+++ /dev/null
@@ -1,12 +0,0 @@
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-
-include ../../Make.Rules
-
-TITLE=pam_xauth
-MAN8=pam_xauth.8
-
-include ../Simple.Rules
diff --git a/Linux-PAM/modules/pam_xauth/Makefile.am b/Linux-PAM/modules/pam_xauth/Makefile.am
new file mode 100644
index 00000000..8f1d56b0
--- /dev/null
+++ b/Linux-PAM/modules/pam_xauth/Makefile.am
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README ${MANS} $(XMLS) tst-pam_xauth
+
+man_MANS = pam_xauth.8
+XMLS = README.xml pam_xauth.8.xml
+
+TESTS = tst-pam_xauth
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam
+if HAVE_VERSIONING
+ AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+endif
+
+securelib_LTLIBRARIES = pam_xauth.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_xauth.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/Linux-PAM/modules/pam_xauth/Makefile.in b/Linux-PAM/modules/pam_xauth/Makefile.in
new file mode 100644
index 00000000..944d6778
--- /dev/null
+++ b/Linux-PAM/modules/pam_xauth/Makefile.in
@@ -0,0 +1,665 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
+subdir = modules/pam_xauth
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
+securelibLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(securelib_LTLIBRARIES)
+pam_xauth_la_LIBADD =
+pam_xauth_la_SOURCES = pam_xauth.c
+pam_xauth_la_OBJECTS = pam_xauth.lo
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = pam_xauth.c
+DIST_SOURCES = pam_xauth.c
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+DATA = $(noinst_DATA)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+CLEANFILES = *~
+EXTRA_DIST = README ${MANS} $(XMLS) tst-pam_xauth
+man_MANS = pam_xauth.8
+XMLS = README.xml pam_xauth.8.xml
+TESTS = tst-pam_xauth
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
+AM_LDFLAGS = -no-undefined -avoid-version -module \
+ -L$(top_builddir)/libpam -lpam $(am__append_1)
+securelib_LTLIBRARIES = pam_xauth.la
+@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_xauth/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu modules/pam_xauth/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)"
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-securelibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \
+ done
+
+clean-securelibLTLIBRARIES:
+ -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES)
+ @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+pam_xauth.la: $(pam_xauth_la_OBJECTS) $(pam_xauth_la_DEPENDENCIES)
+ $(LINK) -rpath $(securelibdir) $(pam_xauth_la_OBJECTS) $(pam_xauth_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_xauth.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
+installdirs:
+ for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man install-securelibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man: install-man8
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES
+
+uninstall-man: uninstall-man8
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man8 install-pdf \
+ install-pdf-am install-ps install-ps-am \
+ install-securelibLTLIBRARIES install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-man uninstall-man8 \
+ uninstall-securelibLTLIBRARIES
+
+@ENABLE_REGENERATE_MAN_TRUE@README: pam_xauth.8.xml
+@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/modules/pam_xauth/README b/Linux-PAM/modules/pam_xauth/README
index dd65292f..1e134d70 100644
--- a/Linux-PAM/modules/pam_xauth/README
+++ b/Linux-PAM/modules/pam_xauth/README
@@ -1,41 +1,90 @@
-pam_xauth:
- Forward xauth cookies from user to user, normally used by su, sudo, or
- userhelper.
-
- Primitive access control is provided by ~/.xauth/export in the invoking
- user's home directory and ~/.xauth/import in the target user's home
- directory.
-
- If a user has a ~/.xauth/import file, the user will only receive cookies
- from users listed in the file. If there is no ~/.xauth/import file,
- the user will accept cookies from any other user.
-
- If a user has a .xauth/export file, the user will only forward cookies
- to users listed in the file. If there is no ~/.xauth/export file, and
- the invoking user is not "root", the user will forward cookies to
- any other user. If there is no ~/.xauth/export file, and the invoking
- user is "root", the user will NOT forward cookies to other users.
-
- Both the import and export files support wildcards (such as "*"). Both
- the import and export files can be empty, signifying that no users are
- allowed.
-
-RECOGNIZED ARGUMENTS:
- debug write debugging messages to syslog
- xauthpath= the path to the xauth program, by default
- /usr/X11R6/bin/xauth
- systemuser= highest user id assigned to system users, defaults
- to 499 (pam_xauth will refuse to forward creds to
- target users with id equal to or below this number,
- except for root and possibly another specified user)
- targetuser= a target user id which is excepted from the systemuser
- checks
-
-
-MODULE SERVICES PROVIDED:
- session open session copies xauth cookie to new user
- close session deletes copied xauth cookie
-
-AUTHOR:
- Nalin Dahyabhai <nalin@redhat.com>, based on original version by
- Michael K. Johnson <johnsonm@redhat.com>
+pam_xauth — PAM module to forward xauth keys between users
+
+â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”â”
+
+DESCRIPTION
+
+The pam_xauth PAM module is designed to forward xauth keys (sometimes referred
+to as "cookies") between users.
+
+Without pam_xauth, when xauth is enabled and a user uses the su(1) command to
+assume another user's priviledges, that user is no longer able to access the
+original user's X display because the new user does not have the key needed to
+access the display. pam_xauth solves the problem by forwarding the key from the
+user running su (the source user) to the user whose identity the source user is
+assuming (the target user) when the session is created, and destroying the key
+when the session is torn down.
+
+This means, for example, that when you run su(1) from an xterm sesssion, you
+will be able to run X programs without explicitly dealing with the xauth(1)
+xauth command or ~/.Xauthority files.
+
+pam_xauth will only forward keys if xauth can list a key connected to the
+$DISPLAY environment variable.
+
+Primitive access control is provided by ~/.xauth/export in the invoking user's
+home directory and ~/.xauth/import in the target user's home directory.
+
+If a user has a ~/.xauth/import file, the user will only receive cookies from
+users listed in the file. If there is no ~/.xauth/import file, the user will
+accept cookies from any other user.
+
+If a user has a .xauth/export file, the user will only forward cookies to users
+listed in the file. If there is no ~/.xauth/export file, and the invoking user
+is not root, the user will forward cookies to any other user. If there is no ~
+/.xauth/export file, and the invoking user is root, the user will not forward
+cookies to other users.
+
+Both the import and export files support wildcards (such as *). Both the import
+and export files can be empty, signifying that no users are allowed.
+
+OPTIONS
+
+debug
+
+ Print debug information.
+
+xauthpath=/path/to/xauth
+
+ Specify the path the xauth program (it is expected in /usr/X11R6/bin/xauth,
+ /usr/bin/xauth, or /usr/bin/X11/xauth by default).
+
+systemuser=UID
+
+ Specify the highest UID which will be assumed to belong to a "system" user.
+ pam_xauth will refuse to forward credentials to users with UID less than or
+ equal to this number, except for root and the "targetuser", if specified.
+
+targetuser=UID
+
+ Specify a single target UID which is exempt from the systemuser check.
+
+EXAMPLES
+
+Add the following line to /etc/pam.d/su to forward xauth keys between users
+when calling su:
+
+session optional pam_xauth.so
+
+
+IMPLEMENTATION DETAILS
+
+pam_xauth will work only if it is used from a setuid application in which the
+getuid() call returns the id of the user running the application, and for which
+PAM can supply the name of the account that the user is attempting to assume.
+The typical application of this type is su(1). The application must call both
+pam_open_session() and pam_close_session() with the ruid set to the uid of the
+calling user and the euid set to root, and must have provided as the PAM_USER
+item the name of the target user.
+
+pam_xauth calls xauth(1) the source user to extract the key for $DISPLAY, then
+calls xauth as the target user to merge the key into the a temporary database
+and later remove the database.
+
+pam_xauth cannot be told to not remove the keys when the session is closed.
+
+AUTHOR
+
+pam_xauth was written by Nalin Dahyabhai <nalin@redhat.com>, based on original
+version by Michael K. Johnson <johnsonm@redhat.com>.
+
diff --git a/Linux-PAM/modules/pam_xauth/README.xml b/Linux-PAM/modules/pam_xauth/README.xml
new file mode 100644
index 00000000..adefbd98
--- /dev/null
+++ b/Linux-PAM/modules/pam_xauth/README.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_xauth.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_xauth.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_xauth-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-implementation"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_xauth.8.xml" xpointer='xpointer(//refsect1[@id = "pam_xauth-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/Linux-PAM/modules/pam_xauth/pam_xauth.8 b/Linux-PAM/modules/pam_xauth/pam_xauth.8
index 9acb7249..85f5dbf3 100644
--- a/Linux-PAM/modules/pam_xauth/pam_xauth.8
+++ b/Linux-PAM/modules/pam_xauth/pam_xauth.8
@@ -1,82 +1,141 @@
-.\" Copyright 2001,2003 Red Hat, Inc.
-.\" Written by Nalin Dahyabhai <nalin@redhat.com>, based on the original
-.\" version by Michael K. Johnson
-.TH pam_xauth 8 2003/7/24 "Red Hat Linux" "System Administrator's Manual"
-.SH NAME
-pam_xauth \- forward xauth keys between users
-.SH SYNOPSIS
-.B session optional /lib/security/pam_xauth.so \fIarguments\fP
-.SH DESCRIPTION
-pam_xauth.so is designed to forward xauth keys (sometimes referred
-to as "cookies") between users.
-
-Without pam_xauth, when xauth is enabled and a user uses the \fBsu\fP command
-to assume another user's priviledges, that user is no longer able to access
-the original user's X display because the new user does not have the key
-needed to access the display. pam_xauth solves the problem by forwarding the
-key from the user running su (the source user) to the user whose
-identity the source user is assuming (the target user) when the session
-is created, and destroying the key when the session is torn down.
-
-This means, for example, that when you run \fBsu\fP from an xterm sesssion,
-you will be able to run X programs without explicitly dealing with the
+.\" Title: pam_xauth
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/09/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_XAUTH" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_xauth \- PAM module to forward xauth keys between users
+.SH "SYNOPSIS"
+.HP 13
+\fBpam_xauth.so\fR [debug] [xauthpath=\fI/path/to/xauth\fR] [systemuser=\fIUID\fR] [targetuser=\fIUID\fR]
+.SH "DESCRIPTION"
+.PP
+The pam_xauth PAM module is designed to forward xauth keys (sometimes referred to as "cookies") between users.
+.PP
+Without pam_xauth, when xauth is enabled and a user uses the
+\fBsu\fR(1)
+command to assume another user's priviledges, that user is no longer able to access the original user's X display because the new user does not have the key needed to access the display. pam_xauth solves the problem by forwarding the key from the user running su (the source user) to the user whose identity the source user is assuming (the target user) when the session is created, and destroying the key when the session is torn down.
+.PP
+This means, for example, that when you run
+\fBsu\fR(1)
+from an xterm sesssion, you will be able to run X programs without explicitly dealing with the
+\fBxauth\fR(1)
xauth command or ~/.Xauthority files.
-
-pam_xauth will only forward keys if xauth can list a key connected
-to the $DISPLAY environment variable.
-
-Primitive access control is provided by \fB~/.xauth/export\fP in the invoking
-user's home directory and \fB~/.xauth/import\fP in the target user's home
-directory.
-
-If a user has a \fB~/.xauth/import\fP file, the user will only receive cookies
-from users listed in the file. If there is no \fB~/.xauth/import\fP file,
-the user will accept cookies from any other user.
-
-If a user has a \fB.xauth/export\fP file, the user will only forward cookies
-to users listed in the file. If there is no \fB~/.xauth/export\fP file, and
-the invoking user is not \fBroot\fP, the user will forward cookies to
-any other user. If there is no \fB~/.xauth/export\fP file, and the invoking
-user is \fBroot\fP, the user will \fInot\fP forward cookies to other users.
-
-Both the import and export files support wildcards (such as \fI*\fP). Both
-the import and export files can be empty, signifying that no users are allowed.
-
-.SH ARGUMENTS
-.IP debug
-Turns on debugging messages sent to syslog.
-.IP xauthpath=\fI/usr/X11R6/bin/xauth\fP
-Specify the path the xauth program (the default is /usr/X11R6/bin/xauth).
-.IP systemuser=\fInumber\fP
-Specify the highest UID which will be assumed to belong to a "system" user.
-pam_xauth will refuse to forward credentials to users with UID less than or
-equal to this number, except for root and the "targetuser", if specified.
-.IP targetuser=\fInumber\fP
+.PP
+pam_xauth will only forward keys if xauth can list a key connected to the $DISPLAY environment variable.
+.PP
+Primitive access control is provided by
+\fI~/.xauth/export\fR
+in the invoking user's home directory and
+\fI~/.xauth/import\fR
+in the target user's home directory.
+.PP
+If a user has a
+\fI~/.xauth/import\fR
+file, the user will only receive cookies from users listed in the file. If there is no
+\fI~/.xauth/import\fR
+file, the user will accept cookies from any other user.
+.PP
+If a user has a
+\fI.xauth/export\fR
+file, the user will only forward cookies to users listed in the file. If there is no
+\fI~/.xauth/export\fR
+file, and the invoking user is not
+\fBroot\fR, the user will forward cookies to any other user. If there is no
+\fI~/.xauth/export\fR
+file, and the invoking user is
+\fBroot\fR, the user will
+\fInot\fR
+forward cookies to other users.
+.PP
+Both the import and export files support wildcards (such as
+\fI*\fR). Both the import and export files can be empty, signifying that no users are allowed.
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBxauthpath=\fR\fB\fI/path/to/xauth\fR\fR
+Specify the path the xauth program (it is expected in
+\fI/usr/X11R6/bin/xauth\fR,
+\fI/usr/bin/xauth\fR, or
+\fI/usr/bin/X11/xauth\fR
+by default).
+.TP 3n
+\fBsystemuser=\fR\fB\fIUID\fR\fR
+Specify the highest UID which will be assumed to belong to a "system" user. pam_xauth will refuse to forward credentials to users with UID less than or equal to this number, except for root and the "targetuser", if specified.
+.TP 3n
+\fBtargetuser=\fR\fB\fIUID\fR\fR
Specify a single target UID which is exempt from the systemuser check.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBsession\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_BUF_ERR
+Memory buffer error.
+.TP 3n
+PAM_PERM_DENIED
+Permission denied by import/export file.
+.TP 3n
+PAM_SESSION_ERR
+Cannot determine user name, UID or access users home directory.
+.TP 3n
+PAM_SUCCESS
+Success.
+.TP 3n
+PAM_USER_UNKNOWN
+User not known.
+.SH "EXAMPLES"
+.PP
+Add the following line to
+\fI/etc/pam.d/su\fR
+to forward xauth keys between users when calling su:
+.sp
+.RS 3n
+.nf
+session optional pam_xauth.so
+
+.fi
+.RE
+.sp
.SH "IMPLEMENTATION DETAILS"
-pam_xauth will work \fIonly\fP if it is used from a setuid application
-in which the getuid() call returns the id of the user running the
-application, and for which PAM can supply the name of the account that
-the user is attempting to assume. The typical application of this
-type is \fBsu\fP. The application must call both pam_open_session() and
-pam_close_session() with the ruid set to the uid of the calling user
-and the euid set to root, and must have provided as the PAM_USER item
-the name of the target user.
-
-pam_xauth calls \fBxauth\fP as the source user to extract the key for
-$DISPLAY, then calls xauth as the target user to merge the key
-into the a temporary database and later remove the database.
-
-pam_xauth cannot be told not to remove the keys when the session
-is closed.
+.PP
+pam_xauth will work
+\fIonly\fR
+if it is used from a setuid application in which the
+\fBgetuid\fR() call returns the id of the user running the application, and for which PAM can supply the name of the account that the user is attempting to assume. The typical application of this type is
+\fBsu\fR(1). The application must call both
+\fBpam_open_session\fR() and
+\fBpam_close_session\fR() with the ruid set to the uid of the calling user and the euid set to root, and must have provided as the PAM_USER item the name of the target user.
+.PP
+pam_xauth calls
+\fBxauth\fR(1)
+the source user to extract the key for $DISPLAY, then calls xauth as the target user to merge the key into the a temporary database and later remove the database.
+.PP
+pam_xauth cannot be told to not remove the keys when the session is closed.
+.SH "FILES"
+.TP 3n
+\fI~/.xauth/import\fR
+XXX
+.TP 3n
+\fI~/.xauth/export\fR
+XXX
.SH "SEE ALSO"
-\fI/usr/share/doc/pam*/html/index.html\fP
-.SH FILES
-\fI~/.xauth/import\fP
-\fI~/.xauth/export\fP
-.SH BUGS
-Let's hope not, but if you find any, please report them via the "Bug Track"
-link at http://bugzilla.redhat.com/bugzilla/
-.SH AUTHOR
-Nalin Dahyabhai <nalin@redhat.com>, based on original version by
-Michael K. Johnson <johnsonm@redhat.com>
+.PP
+
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_xauth was written by Nalin Dahyabhai <nalin@redhat.com>, based on original version by Michael K. Johnson <johnsonm@redhat.com>.
diff --git a/Linux-PAM/modules/pam_xauth/pam_xauth.8.xml b/Linux-PAM/modules/pam_xauth/pam_xauth.8.xml
new file mode 100644
index 00000000..94453d00
--- /dev/null
+++ b/Linux-PAM/modules/pam_xauth/pam_xauth.8.xml
@@ -0,0 +1,293 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_xauth">
+
+ <refmeta>
+ <refentrytitle>pam_xauth</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_xauth-name">
+ <refname>pam_xauth</refname>
+ <refpurpose>PAM module to forward xauth keys between users</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_xauth-cmdsynopsis">
+ <command>pam_xauth.so</command>
+ <arg choice="opt">
+ debug
+ </arg>
+ <arg choice="opt">
+ xauthpath=<replaceable>/path/to/xauth</replaceable>
+ </arg>
+ <arg choice="opt">
+ systemuser=<replaceable>UID</replaceable>
+ </arg>
+ <arg choice="opt">
+ targetuser=<replaceable>UID</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_xauth-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The pam_xauth PAM module is designed to forward xauth keys
+ (sometimes referred to as "cookies") between users.
+ </para>
+ <para>
+ Without pam_xauth, when xauth is enabled and a user uses the
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> command to assume another user's priviledges,
+ that user is no longer able to access the original user's X display
+ because the new user does not have the key needed to access the
+ display. pam_xauth solves the problem by forwarding the key from
+ the user running su (the source user) to the user whose identity the
+ source user is assuming (the target user) when the session is created,
+ and destroying the key when the session is torn down.
+ </para>
+ <para>
+ This means, for example, that when you run
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> from an xterm sesssion, you will be able to run
+ X programs without explicitly dealing with the
+ <citerefentry>
+ <refentrytitle>xauth</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> xauth command or ~/.Xauthority files.
+ </para>
+ <para>
+ pam_xauth will only forward keys if xauth can list a key connected
+ to the $DISPLAY environment variable.
+ </para>
+ <para>
+ Primitive access control is provided by
+ <filename>~/.xauth/export</filename> in the invoking user's home
+ directory and <filename>~/.xauth/import</filename> in the target
+ user's home directory.
+ </para>
+ <para>
+ If a user has a <filename>~/.xauth/import</filename> file, the user
+ will only receive cookies from users listed in the file. If there is
+ no <filename>~/.xauth/import</filename> file, the user will accept
+ cookies from any other user.
+ </para>
+ <para>
+ If a user has a <filename>.xauth/export</filename> file, the user will
+ only forward cookies to users listed in the file. If there is no
+ <filename>~/.xauth/export</filename> file, and the invoking user is
+ not <emphasis remap='B'>root</emphasis>, the user will forward cookies
+ to any other user. If there is no <filename>~/.xauth/export</filename>
+ file, and the invoking user is <emphasis remap='B'>root</emphasis>,
+ the user will <emphasis remap='I'>not</emphasis> forward cookies to
+ other users.
+ </para>
+ <para>
+ Both the import and export files support wildcards (such as
+ <emphasis remap='I'>*</emphasis>). Both the import and export files
+ can be empty, signifying that no users are allowed.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_xauth-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>xauthpath=<replaceable>/path/to/xauth</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Specify the path the xauth program (it is expected in
+ <filename>/usr/X11R6/bin/xauth</filename>,
+ <filename>/usr/bin/xauth</filename>, or
+ <filename>/usr/bin/X11/xauth</filename> by default).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>systemuser=<replaceable>UID</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Specify the highest UID which will be assumed to belong to a
+ "system" user. pam_xauth will refuse to forward credentials to
+ users with UID less than or equal to this number, except for
+ root and the "targetuser", if specified.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>targetuser=<replaceable>UID</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Specify a single target UID which is exempt from the
+ systemuser check.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_xauth-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <emphasis remap='B'>session</emphasis> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_xauth-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_PERM_DENIED</term>
+ <listitem>
+ <para>
+ Permission denied by import/export file.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SESSION_ERR</term>
+ <listitem>
+ <para>
+ Cannot determine user name, UID or access users home directory.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Success.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User not known.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_xauth-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ Add the following line to <filename>/etc/pam.d/su</filename> to
+ forward xauth keys between users when calling su:
+ <programlisting>
+session optional pam_xauth.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_xauth-implementation">
+ <title>IMPLEMENTATION DETAILS</title>
+ <para>
+ pam_xauth will work <emphasis remap='I'>only</emphasis> if it is
+ used from a setuid application in which the
+ <function>getuid</function>() call returns the id of the user
+ running the application, and for which PAM can supply the name
+ of the account that the user is attempting to assume. The typical
+ application of this type is
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>.
+ The application must call both <function>pam_open_session</function>()
+ and <function>pam_close_session</function>() with the ruid set to the
+ uid of the calling user and the euid set to root, and must have
+ provided as the PAM_USER item the name of the target user.
+ </para>
+ <para>
+ pam_xauth calls
+ <citerefentry>
+ <refentrytitle>xauth</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> the source user to extract the key for $DISPLAY,
+ then calls xauth as the target user to merge the key into the a
+ temporary database and later remove the database.
+ </para>
+ <para>
+ pam_xauth cannot be told to not remove the keys when the session
+ is closed.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_lastlog-files">
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>~/.xauth/import</filename></term>
+ <listitem>
+ <para>XXX</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>~/.xauth/export</filename></term>
+ <listitem>
+ <para>XXX</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+
+ <refsect1 id='pam_xauth-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_xauth-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_xauth was written by Nalin Dahyabhai &lt;nalin@redhat.com&gt;,
+ based on original version by
+ Michael K. Johnson &lt;johnsonm@redhat.com&gt;.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/Linux-PAM/modules/pam_xauth/pam_xauth.c b/Linux-PAM/modules/pam_xauth/pam_xauth.c
index 2bf72eb6..3772bd06 100644
--- a/Linux-PAM/modules/pam_xauth/pam_xauth.c
+++ b/Linux-PAM/modules/pam_xauth/pam_xauth.c
@@ -33,9 +33,7 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* "$Id: pam_xauth.c,v 1.4 2005/03/14 09:42:28 kukuk Exp $" */
-
-#include "../../_pam_aconf.h"
+#include "config.h"
#include <sys/types.h>
#include <sys/fsuid.h>
#include <sys/wait.h>
@@ -52,17 +50,29 @@
#include <syslog.h>
#include <unistd.h>
+#define PAM_SM_SESSION
+
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
-#include <security/_pam_modutil.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
#define DATANAME "pam_xauth_cookie_file"
-#define XAUTHBIN "/usr/X11R6/bin/xauth"
#define XAUTHENV "XAUTHORITY"
#define HOMEENV "HOME"
#define XAUTHDEF ".Xauthority"
#define XAUTHTMP ".xauthXXXXXX"
+/* Possible paths to xauth executable */
+static const char * const xauthpaths[] = {
+#ifdef PAM_PATH_XAUTH
+ PAM_PATH_XAUTH,
+#endif
+ "/usr/X11R6/bin/xauth",
+ "/usr/bin/xauth",
+ "/usr/bin/X11/xauth"
+};
+
/* Run a given command (with a NULL-terminated argument list), feeding it the
* given input on stdin, and storing any output it generates. */
static int
@@ -100,6 +110,7 @@ run_coprocess(const char *input, char **output,
if (child == 0) {
/* We're the child. */
+ size_t j;
char *args[10];
const char *tmp;
/* Drop privileges. */
@@ -121,15 +132,15 @@ run_coprocess(const char *input, char **output,
/* Convert the varargs list into a regular array of strings. */
va_start(ap, command);
args[0] = strdup(command);
- for (i = 1; i < ((sizeof(args) / sizeof(args[0])) - 1); i++) {
+ for (j = 1; j < ((sizeof(args) / sizeof(args[0])) - 1); j++) {
tmp = va_arg(ap, const char*);
if (tmp == NULL) {
break;
}
- args[i] = strdup(tmp);
+ args[j] = strdup(tmp);
}
/* Run the command. */
- execvp(command, args);
+ execv(command, args);
/* Never reached. */
exit(1);
}
@@ -139,12 +150,12 @@ run_coprocess(const char *input, char **output,
close(opipe[1]);
/* Send input to the process (if we have any), then send an EOF. */
if (input) {
- (void)_pammodutil_write(ipipe[1], input, strlen(input));
+ (void)pam_modutil_write(ipipe[1], input, strlen(input));
}
close(ipipe[1]);
/* Read data output until we run out of stuff to read. */
- i = _pammodutil_read(opipe[0], buf, sizeof(buf));
+ i = pam_modutil_read(opipe[0], buf, sizeof(buf));
while ((i != 0) && (i != -1)) {
char *tmp;
/* Resize the buffer to hold the data. */
@@ -166,7 +177,7 @@ run_coprocess(const char *input, char **output,
buffer[buffer_size + i] = '\0';
buffer_size += i;
/* Try to read again. */
- i = _pammodutil_read(opipe[0], buf, sizeof(buf));
+ i = pam_modutil_read(opipe[0], buf, sizeof(buf));
}
/* No more data. Clean up and return data. */
close(opipe[0]);
@@ -177,9 +188,9 @@ run_coprocess(const char *input, char **output,
/* Free a data item. */
static void
-cleanup(pam_handle_t *pamh, void *data, int err)
+cleanup (pam_handle_t *pamh UNUSED, void *data, int err UNUSED)
{
- free(data);
+ free (data);
}
/* Check if we want to allow export to the other user, or import from the
@@ -195,17 +206,18 @@ check_acl(pam_handle_t *pamh,
int i;
uid_t euid;
/* Check this user's <sense> file. */
- pwd = _pammodutil_getpwnam(pamh, this_user);
+ pwd = pam_modutil_getpwnam(pamh, this_user);
if (pwd == NULL) {
- syslog(LOG_ERR, "pam_xauth: error determining "
- "home directory for '%s'", this_user);
+ pam_syslog(pamh, LOG_ERR,
+ "error determining home directory for '%s'",
+ this_user);
return PAM_SESSION_ERR;
}
/* Figure out what that file is really named. */
i = snprintf(path, sizeof(path), "%s/.xauth/%s", pwd->pw_dir, sense);
- if ((i >= sizeof(path)) || (i < 0)) {
- syslog(LOG_ERR, "pam_xauth: name of user's home directory "
- "is too long");
+ if ((i >= (int)sizeof(path)) || (i < 0)) {
+ pam_syslog(pamh, LOG_ERR,
+ "name of user's home directory is too long");
return PAM_SESSION_ERR;
}
euid = geteuid();
@@ -226,9 +238,9 @@ check_acl(pam_handle_t *pamh,
}
if (fnmatch(buf, other_user, 0) == 0) {
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: %s %s "
- "allowed by %s",
- other_user, sense, path);
+ pam_syslog(pamh, LOG_DEBUG,
+ "%s %s allowed by %s",
+ other_user, sense, path);
}
fclose(fp);
return PAM_SUCCESS;
@@ -236,8 +248,8 @@ check_acl(pam_handle_t *pamh,
}
/* If there's no match in the file, we fail. */
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: %s not listed in %s",
- other_user, path);
+ pam_syslog(pamh, LOG_DEBUG, "%s not listed in %s",
+ other_user, path);
}
fclose(fp);
return PAM_PERM_DENIED;
@@ -247,20 +259,22 @@ check_acl(pam_handle_t *pamh,
case ENOENT:
if (noent_code == PAM_SUCCESS) {
if (debug) {
- syslog(LOG_DEBUG, "%s does not exist, "
- "ignoring", path);
+ pam_syslog(pamh, LOG_DEBUG,
+ "%s does not exist, ignoring",
+ path);
}
} else {
if (debug) {
- syslog(LOG_DEBUG, "%s does not exist, "
- "failing", path);
+ pam_syslog(pamh, LOG_DEBUG,
+ "%s does not exist, failing",
+ path);
}
}
return noent_code;
default:
if (debug) {
- syslog(LOG_ERR, "%s opening %s",
- strerror(errno), path);
+ pam_syslog(pamh, LOG_ERR,
+ "error opening %s: %m", path);
}
return PAM_PERM_DENIED;
}
@@ -268,14 +282,15 @@ check_acl(pam_handle_t *pamh,
}
int
-pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
+pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
- char xauthpath[] = XAUTHBIN;
char *cookiefile = NULL, *xauthority = NULL,
*cookie = NULL, *display = NULL, *tmp = NULL;
- const char *user, *xauth = xauthpath;
+ const char *user, *xauth = NULL;
struct passwd *tpwd, *rpwd;
int fd, i, debug = 0;
+ int retval = PAM_SUCCESS;
uid_t systemuser = 499, targetuser = 0, euid;
/* Parse arguments. We don't understand many, so no sense in breaking
@@ -294,8 +309,9 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
if ((strlen(argv[i] + 11) > 0) && (*tmp == '\0')) {
targetuser = l;
} else {
- syslog(LOG_WARNING, "pam_xauth: invalid value "
- "for targetuser (`%s')", argv[i] + 11);
+ pam_syslog(pamh, LOG_WARNING,
+ "invalid value for targetuser (`%s')",
+ argv[i] + 11);
}
continue;
}
@@ -304,53 +320,71 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
if ((strlen(argv[i] + 11) > 0) && (*tmp == '\0')) {
systemuser = l;
} else {
- syslog(LOG_WARNING, "pam_xauth: invalid value "
- "for systemuser (`%s')", argv[i] + 11);
+ pam_syslog(pamh, LOG_WARNING,
+ "invalid value for systemuser (`%s')",
+ argv[i] + 11);
}
continue;
}
- syslog(LOG_WARNING, "pam_xauth: unrecognized option `%s'",
- argv[i]);
+ pam_syslog(pamh, LOG_WARNING, "unrecognized option `%s'",
+ argv[i]);
+ }
+
+ if (xauth == NULL) {
+ size_t j;
+ for (j = 0; j < sizeof(xauthpaths)/sizeof(xauthpaths[0]); j++) {
+ if (access(xauthpaths[j], X_OK) == 0) {
+ xauth = xauthpaths[j];
+ break;
+ }
+ }
+ if (xauth == NULL) {
+ /* xauth executable not found - nothing to do */
+ return PAM_SUCCESS;
+ }
}
/* If DISPLAY isn't set, we don't really care, now do we? */
if ((display = getenv("DISPLAY")) == NULL) {
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: user has no DISPLAY,"
- " doing nothing");
+ pam_syslog(pamh, LOG_DEBUG,
+ "user has no DISPLAY, doing nothing");
}
return PAM_SUCCESS;
}
/* Read the target user's name. */
if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS) {
- syslog(LOG_ERR, "pam_xauth: error determining target "
- "user's name");
- return PAM_SESSION_ERR;
+ pam_syslog(pamh, LOG_ERR,
+ "error determining target user's name");
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
- rpwd = _pammodutil_getpwuid(pamh, getuid());
+ rpwd = pam_modutil_getpwuid(pamh, getuid());
if (rpwd == NULL) {
- syslog(LOG_ERR, "pam_xauth: error determining invoking "
- "user's name");
- return PAM_SESSION_ERR;
+ pam_syslog(pamh, LOG_ERR,
+ "error determining invoking user's name");
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
/* Get the target user's UID and primary GID, which we'll need to set
* on the xauthority file we create later on. */
- tpwd = _pammodutil_getpwnam(pamh, user);
+ tpwd = pam_modutil_getpwnam(pamh, user);
if (tpwd == NULL) {
- syslog(LOG_ERR, "pam_xauth: error determining target "
- "user's UID");
- return PAM_SESSION_ERR;
+ pam_syslog(pamh, LOG_ERR,
+ "error determining target user's UID");
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: requesting user %lu/%lu, "
- "target user %lu/%lu",
- (unsigned long) rpwd->pw_uid,
- (unsigned long) rpwd->pw_gid,
- (unsigned long) tpwd->pw_uid,
- (unsigned long) tpwd->pw_gid);
+ pam_syslog(pamh, LOG_DEBUG,
+ "requesting user %lu/%lu, target user %lu/%lu",
+ (unsigned long) rpwd->pw_uid,
+ (unsigned long) rpwd->pw_gid,
+ (unsigned long) tpwd->pw_uid,
+ (unsigned long) tpwd->pw_gid);
}
/* If the UID is a system account (and not the superuser), forget
@@ -359,10 +393,12 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
(tpwd->pw_uid != targetuser) &&
(tpwd->pw_uid <= systemuser)) {
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: not forwarding cookies "
- "to user ID %ld", (long) tpwd->pw_uid);
+ pam_syslog(pamh, LOG_DEBUG,
+ "not forwarding cookies to user ID %lu",
+ (unsigned long) tpwd->pw_uid);
}
- return PAM_SESSION_ERR;
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
/* Check that both users are amenable to this. By default, this
@@ -372,15 +408,17 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
* if .xauth/export does not exist
* import(user=*): if <ruser> is listed in .xauth/import, or
* if .xauth/import does not exist */
- i = (getuid() != 0) ? PAM_SUCCESS : PAM_PERM_DENIED;
+ i = (getuid() != 0 || tpwd->pw_uid == 0) ? PAM_SUCCESS : PAM_PERM_DENIED;
i = check_acl(pamh, "export", rpwd->pw_name, user, i, debug);
if (i != PAM_SUCCESS) {
- return PAM_SESSION_ERR;
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
i = PAM_SUCCESS;
i = check_acl(pamh, "import", user, rpwd->pw_name, i, debug);
if (i != PAM_SUCCESS) {
- return PAM_SESSION_ERR;
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
/* Figure out where the source user's .Xauthority file is. */
@@ -390,30 +428,26 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
cookiefile = malloc(strlen(rpwd->pw_dir) + 1 +
strlen(XAUTHDEF) + 1);
if (cookiefile == NULL) {
- return PAM_SESSION_ERR;
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
strcpy(cookiefile, rpwd->pw_dir);
strcat(cookiefile, "/");
strcat(cookiefile, XAUTHDEF);
}
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: reading keys from `%s'",
- cookiefile);
+ pam_syslog(pamh, LOG_DEBUG, "reading keys from `%s'",
+ cookiefile);
}
/* Read the user's .Xauthority file. Because the current UID is
* the original user's UID, this will only fail if something has
* gone wrong, or we have no cookies. */
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: running \"%s %s %s %s %s\" as "
- "%lu/%lu",
- xauth,
- "-f",
- cookiefile,
- "nlist",
- display,
- (unsigned long) getuid(),
- (unsigned long) getgid());
+ pam_syslog(pamh, LOG_DEBUG,
+ "running \"%s %s %s %s %s\" as %lu/%lu",
+ xauth, "-f", cookiefile, "nlist", display,
+ (unsigned long) getuid(), (unsigned long) getgid());
}
if (run_coprocess(NULL, &cookie,
getuid(), getgid(),
@@ -450,14 +484,15 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
}
}
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: "
- "no key for `%s', trying"
- " `%s'", display, t);
+ pam_syslog(pamh, LOG_DEBUG,
+ "no key for `%s', "
+ "trying `%s'",
+ display, t);
}
/* Read the cookie for this display. */
if (debug) {
- syslog(LOG_DEBUG,
- "pam_xauth: running "
+ pam_syslog(pamh, LOG_DEBUG,
+ "running "
"\"%s %s %s %s %s\" as "
"%lu/%lu",
xauth,
@@ -481,29 +516,23 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
/* Check that we got a cookie, this time for real. */
if ((cookie == NULL) || (strlen(cookie) == 0)) {
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: no key");
+ pam_syslog(pamh, LOG_DEBUG, "no key");
}
- return PAM_SESSION_ERR;
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
/* Generate the environment variable
* "XAUTHORITY=<homedir>/filename". */
- xauthority = malloc(strlen(XAUTHENV) + 1 +
- strlen(tpwd->pw_dir) + 1 +
- strlen(XAUTHTMP) + 1);
- if (xauthority == NULL) {
+ if (asprintf(&xauthority, "%s=%s/%s",
+ XAUTHENV, tpwd->pw_dir, XAUTHTMP) < 0) {
+ xauthority = NULL;
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: no free memory");
+ pam_syslog(pamh, LOG_DEBUG, "out of memory");
}
- free(cookiefile);
- free(cookie);
- return PAM_SESSION_ERR;
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
- strcpy(xauthority, XAUTHENV);
- strcat(xauthority, "=");
- strcat(xauthority, tpwd->pw_dir);
- strcat(xauthority, "/");
- strcat(xauthority, XAUTHTMP);
/* Generate a new file to hold the data. */
euid = geteuid();
@@ -511,18 +540,16 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
fd = mkstemp(xauthority + strlen(XAUTHENV) + 1);
setfsuid(euid);
if (fd == -1) {
- syslog(LOG_ERR, "pam_xauth: error creating "
- "temporary file `%s': %s",
- xauthority + strlen(XAUTHENV) + 1,
- strerror(errno));
- free(cookiefile);
- free(cookie);
- free(xauthority);
- return PAM_SESSION_ERR;
+ pam_syslog(pamh, LOG_ERR,
+ "error creating temporary file `%s': %m",
+ xauthority + strlen(XAUTHENV) + 1);
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
/* Set permissions on the new file and dispose of the
* descriptor. */
- fchown(fd, tpwd->pw_uid, tpwd->pw_gid);
+ if (fchown(fd, tpwd->pw_uid, tpwd->pw_gid) < 0)
+ pam_syslog (pamh, LOG_ERR, "fchown: %m");
close(fd);
/* Get a copy of the filename to save as a data item for
@@ -532,74 +559,73 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
/* Save the filename. */
if (pam_set_data(pamh, DATANAME, cookiefile, cleanup) != PAM_SUCCESS) {
- syslog(LOG_ERR, "pam_xauth: error saving name of "
- "temporary file `%s'", cookiefile);
+ pam_syslog(pamh, LOG_ERR,
+ "error saving name of temporary file `%s'",
+ cookiefile);
unlink(cookiefile);
- free(xauthority);
- free(cookiefile);
- free(cookie);
- return PAM_SESSION_ERR;
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
- /* Unset any old XAUTHORITY variable in the environment. */
- if (getenv (XAUTHENV))
- unsetenv (XAUTHENV);
-
/* Set the new variable in the environment. */
if (pam_putenv (pamh, xauthority) != PAM_SUCCESS)
- syslog (LOG_DEBUG, "pam_xauth: can't set environment variable '%s'",
- xauthority);
+ pam_syslog(pamh, LOG_ERR,
+ "can't set environment variable '%s'",
+ xauthority);
putenv (xauthority); /* The environment owns this string now. */
/* set $DISPLAY in pam handle to make su - work */
{
- char *d = (char *) malloc (strlen ("DISPLAY=") +
- strlen (display) + 1);
- if (d == NULL)
+ char *d;
+
+ if (asprintf(&d, "DISPLAY=%s", display) < 0)
{
- syslog (LOG_DEBUG, "pam_xauth: memory exhausted\n");
- return PAM_SESSION_ERR;
+ pam_syslog(pamh, LOG_DEBUG, "out of memory");
+ cookiefile = NULL;
+ retval = PAM_SESSION_ERR;
+ goto cleanup;
}
- strcpy (d, "DISPLAY=");
- strcat (d, display);
if (pam_putenv (pamh, d) != PAM_SUCCESS)
- syslog (LOG_DEBUG,
- "pam_xauth: can't set environment variable '%s'",
- d);
+ pam_syslog (pamh, LOG_DEBUG,
+ "can't set environment variable '%s'", d);
free (d);
}
/* Merge the cookie we read before into the new file. */
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: writing key `%s' to "
- "temporary file `%s'", cookie, cookiefile);
+ pam_syslog(pamh, LOG_DEBUG,
+ "writing key `%s' to temporary file `%s'",
+ cookie, cookiefile);
}
if (debug) {
- syslog(LOG_DEBUG,
- "pam_xauth: running \"%s %s %s %s %s\" as "
- "%lu/%lu",
- xauth,
- "-f",
- cookiefile,
- "nmerge",
- "-",
- (unsigned long) tpwd->pw_uid,
- (unsigned long) tpwd->pw_gid);
+ pam_syslog(pamh, LOG_DEBUG,
+ "running \"%s %s %s %s %s\" as %lu/%lu",
+ xauth, "-f", cookiefile, "nmerge", "-",
+ (unsigned long) tpwd->pw_uid,
+ (unsigned long) tpwd->pw_gid);
}
run_coprocess(cookie, &tmp,
tpwd->pw_uid, tpwd->pw_gid,
xauth, "-f", cookiefile, "nmerge", "-", NULL);
/* We don't need to keep a copy of these around any more. */
- free(cookie);
- cookie = NULL;
+ cookiefile = NULL;
+ free(tmp);
}
- return PAM_SUCCESS;
+cleanup:
+ /* Unset any old XAUTHORITY variable in the environment. */
+ if (retval != PAM_SUCCESS && getenv (XAUTHENV))
+ unsetenv (XAUTHENV);
+ free(cookiefile);
+ free(cookie);
+ free(xauthority);
+ return retval;
}
int
-pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
+pam_sm_close_session (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
void *cookiefile;
int i, debug = 0;
@@ -620,7 +646,7 @@ pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
if (strncmp(argv[i], "targetuser=", 11) == 0) {
continue;
}
- syslog(LOG_WARNING, "pam_xauth: unrecognized option `%s'",
+ pam_syslog(pamh, LOG_WARNING, "unrecognized option `%s'",
argv[i]);
}
@@ -630,7 +656,7 @@ pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
/* We'll only try to remove the file once. */
if (strlen((char*)cookiefile) > 0) {
if (debug) {
- syslog(LOG_DEBUG, "pam_xauth: removing `%s'",
+ pam_syslog(pamh, LOG_DEBUG, "removing `%s'",
(char*)cookiefile);
}
unlink((char*)cookiefile);
@@ -639,3 +665,16 @@ pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
}
return PAM_SUCCESS;
}
+
+/* static module data */
+#ifdef PAM_STATIC
+struct pam_module _pam_xauth_modstruct = {
+ "pam_xauth",
+ NULL,
+ NULL,
+ NULL,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ NULL
+};
+#endif
diff --git a/Linux-PAM/modules/pam_xauth/tst-pam_xauth b/Linux-PAM/modules/pam_xauth/tst-pam_xauth
new file mode 100755
index 00000000..32948963
--- /dev/null
+++ b/Linux-PAM/modules/pam_xauth/tst-pam_xauth
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_xauth.so
diff --git a/Linux-PAM/modules/pammodutil/Makefile b/Linux-PAM/modules/pammodutil/Makefile
deleted file mode 100644
index bad1bf62..00000000
--- a/Linux-PAM/modules/pammodutil/Makefile
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# $Id: Makefile,v 1.4 2004/09/24 13:13:22 kukuk Exp $
-#
-#
-
-include ../../Make.Rules
-
-LIBNAME=libpammodutil
-
-# ---------------------------------------------
-
-dummy: all
-
-# ---------------------------------------------
-
-CFLAGS += $(PIC) $(STATIC) $(MOREFLAGS) \
- -DLIBPAM_VERSION_MAJOR=$(MAJOR_REL) \
- -DLIBPAM_VERSION_MINOR=$(MINOR_REL)
-
-# all the object files we care about
-LIBOBJECTS = modutil_cleanup.o modutil_getpwnam.o modutil_getpwuid.o \
- modutil_getspnam.o modutil_getgrnam.o modutil_getgrgid.o \
- modutil_ingroup.o modutil_getlogin.o modutil_ioloop.o
-
-# static library name
-LIBSTATIC = $(LIBNAME).a
-
-SLIBOBJECTS = $(addprefix static/,$(LIBOBJECTS) $(STATICOBJ))
-
-# ---------------------------------------------
-## rules
-
-all: dirs $(LIBSTATIC) ../../Make.Rules
-
-dirs:
- $(MKDIR) static
-
-static/%.o : %.c
- $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
-
-$(LIBSTATIC): $(SLIBOBJECTS)
- ar cr $@ $(SLIBOBJECTS)
- $(RANLIB) $@
-
-install:
- @echo "at this time, we're not installing $(LIBSTATIC)"
-
-remove:
- @echo "at this time, there is nothing to remove"
-
-clean:
- rm -f a.out core *~ static/*.o
- rm -f *.a *.o
- if [ -d dynamic ]; then rmdir dynamic ; fi
- if [ -d static ]; then rmdir static ; fi
diff --git a/Linux-PAM/modules/pammodutil/README b/Linux-PAM/modules/pammodutil/README
deleted file mode 100644
index ea44f310..00000000
--- a/Linux-PAM/modules/pammodutil/README
+++ /dev/null
@@ -1,15 +0,0 @@
-$Id: README,v 1.1 2001/12/09 22:15:12 agmorgan Exp $
-
-This is a libarary of routines for use by modules. The routines seem
-to have a common use for modules, but are not part of libpam and never
-will be. They are also a convenient layer of abstraction for providing
-thread-safe functions that may require use of pam_handle_t 'data'
-items to make their thread-safeness tied to the use of a single
-pam_handle_t per thread.
-
-Functions provided so far are all listed in
-
- include/security/_pam_modutil.h
-
-.
-
diff --git a/Linux-PAM/modules/pammodutil/include/security/_pam_modutil.h b/Linux-PAM/modules/pammodutil/include/security/_pam_modutil.h
deleted file mode 100644
index ec0c8964..00000000
--- a/Linux-PAM/modules/pammodutil/include/security/_pam_modutil.h
+++ /dev/null
@@ -1,66 +0,0 @@
-#ifndef _PAM_MODUTIL_H
-#define _PAM_MODUTIL_H
-
-/*
- * $Id: _pam_modutil.h,v 1.4 2004/09/24 13:13:22 kukuk Exp $
- *
- * This file is a list of handy libc wrappers that attempt to provide some
- * thread-safe and other convenient functionality to modules in a form that
- * is common, but not dynamically linked with yet another dynamic pam
- * library extension.
- *
- * A number of these functions reserve space in a pam_[sg]et_data item.
- * In all cases, the name of the item is prefixed with "_pammodutil_*".
- *
- * On systems that simply can't support thread safe programming, these
- * functions don't support it either - sorry.
- *
- * Copyright (c) 2001-2002 Andrew Morgan <morgan@kernel.org>
- */
-
-#include <pwd.h>
-#include <grp.h>
-#include <shadow.h>
-#include <sys/types.h>
-
-extern struct passwd *_pammodutil_getpwnam(pam_handle_t *pamh,
- const char *user);
-
-extern struct passwd *_pammodutil_getpwuid(pam_handle_t *pamh,
- uid_t uid);
-
-extern struct group *_pammodutil_getgrnam(pam_handle_t *pamh,
- const char *group);
-
-extern struct group *_pammodutil_getgrgid(pam_handle_t *pamh,
- gid_t gid);
-
-extern struct spwd *_pammodutil_getspnam(pam_handle_t *pamh,
- const char *user);
-
-extern int _pammodutil_user_in_group_nam_nam(pam_handle_t *pamh,
- const char *user,
- const char *group);
-
-extern int _pammodutil_user_in_group_nam_gid(pam_handle_t *pamh,
- const char *user,
- gid_t group);
-
-extern int _pammodutil_user_in_group_uid_nam(pam_handle_t *pamh,
- uid_t user,
- const char *group);
-
-extern int _pammodutil_user_in_group_uid_gid(pam_handle_t *pamh,
- uid_t user,
- gid_t group);
-
-extern void _pammodutil_cleanup(pam_handle_t *pamh, void *data,
- int error_status);
-
-extern const char *_pammodutil_getlogin(pam_handle_t *pamh);
-
-extern int _pammodutil_read(int fd, char *buffer, int count);
-
-extern int _pammodutil_write(int fd, const char *buffer, int count);
-
-#endif /* _PAM_MODUTIL_H */
diff --git a/Linux-PAM/modules/pammodutil/modutil_cleanup.c b/Linux-PAM/modules/pammodutil/modutil_cleanup.c
deleted file mode 100644
index 5477481f..00000000
--- a/Linux-PAM/modules/pammodutil/modutil_cleanup.c
+++ /dev/null
@@ -1,16 +0,0 @@
-/*
- * $Id: modutil_cleanup.c,v 1.1 2001/12/09 22:15:12 agmorgan Exp $
- *
- * This function provides a common pam_set_data() friendly version of free().
- */
-
-#include "pammodutil.h"
-
-void _pammodutil_cleanup(pam_handle_t *pamh, void *data, int error_status)
-{
- if (data) {
- /* junk it */
- (void) free(data);
- }
-}
-
diff --git a/Linux-PAM/modules/pammodutil/pammodutil.h b/Linux-PAM/modules/pammodutil/pammodutil.h
deleted file mode 100644
index 2b80c852..00000000
--- a/Linux-PAM/modules/pammodutil/pammodutil.h
+++ /dev/null
@@ -1,22 +0,0 @@
-#ifndef PAMMODUTIL_H
-#define PAMMODUTIL_H
-
-/*
- * $Id: pammodutil.h,v 1.2 2005/03/30 10:42:54 t8m Exp $
- *
- * Copyright (c) 2001 Andrew Morgan <morgan@kernel.org>
- */
-
-#include <security/_pam_aconf.h>
-#include <security/_pam_macros.h>
-#include <security/pam_modules.h>
-#include <security/_pam_modutil.h>
-
-#define PWD_INITIAL_LENGTH 0x100
-#define PWD_ABSURD_PWD_LENGTH 0x8000
-
-/* This is a simple cleanup, it just free()s the 'data' memory */
-extern void _pammodutil_cleanup(pam_handle_t *pamh, void *data,
- int error_status);
-
-#endif /* PAMMODUTIL_H */
diff --git a/Linux-PAM/modules/register_static b/Linux-PAM/modules/register_static
deleted file mode 100755
index f3aebb60..00000000
--- a/Linux-PAM/modules/register_static
+++ /dev/null
@@ -1,49 +0,0 @@
-#!/bin/sh
-
-if [ `basename $PWD` != "modules" ]; then
- echo "$0 must be run from the .../modules directory"
- exit 1
-fi
-
-merge_line ()
-{
- if [ $# != 3 ]; then
- echo "usage: merge_line token filename 'new line'"
- fi
- if [ -f $2 ]; then
-# remove any existing entry...
- grep -v "$1" $2 > tmp.$2
- rm -f $2
- mv {tmp.,}$2
- fi
- cat << EOT >> $2
-$3
-EOT
-
-}
-
-
-if [ $# -ne 2 ]; then
-
- cat << EOT 2>&1
-$0: this script takes TWO arguments:
- the 'alphanumeric label' of the module and the location of
- its object file from the .../modules/ directory
-EOT
- exit 1
-
-else
- echo "
- *> registering static module: $1 ($2) <*
-"
- merge_line "$1" _static_module_list "\
-extern struct pam_module _$1_modstruct;"
-
- merge_line "$1" _static_module_entry " &_$1_modstruct,"
- if [ -n "$2" ]; then
- merge_line "$2" _static_module_objects "../modules/$2"
- fi
-
-fi
-
-exit 0
diff --git a/Linux-PAM/po/LINGUAS b/Linux-PAM/po/LINGUAS
new file mode 100644
index 00000000..65a9c6e9
--- /dev/null
+++ b/Linux-PAM/po/LINGUAS
@@ -0,0 +1,19 @@
+cs
+de
+es
+fi
+fr
+hu
+it
+ja
+km
+nb
+nl
+pa
+pl
+pt_BR
+pt
+tr
+uk
+zh_CN
+zh_TW
diff --git a/Linux-PAM/po/Linux-PAM.pot b/Linux-PAM/po/Linux-PAM.pot
new file mode 100644
index 00000000..4348fd6a
--- /dev/null
+++ b/Linux-PAM/po/Linux-PAM.pot
@@ -0,0 +1,488 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr ""
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr ""
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr ""
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr ""
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr ""
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr ""
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr ""
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr ""
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr ""
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr ""
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr ""
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr ""
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr ""
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr ""
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr ""
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr ""
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr ""
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr ""
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr ""
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr ""
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr ""
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr ""
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr ""
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr ""
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr ""
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr ""
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr ""
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr ""
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr ""
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr ""
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr ""
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr ""
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr ""
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr ""
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr ""
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr ""
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr ""
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr ""
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr ""
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr ""
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr ""
+
+#: modules/pam_stress/pam_stress.c:476
+#, c-format
+msgid "Changing STRESS password for %s."
+msgstr ""
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr ""
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr ""
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr ""
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr ""
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr ""
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr ""
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr ""
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr ""
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr ""
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] ""
+msgstr[1] ""
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, c-format
+msgid "Changing password for %s."
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr ""
diff --git a/Linux-PAM/po/Makefile.in.in b/Linux-PAM/po/Makefile.in.in
new file mode 100644
index 00000000..2ed49e62
--- /dev/null
+++ b/Linux-PAM/po/Makefile.in.in
@@ -0,0 +1,393 @@
+# Makefile for PO directory in any package using GNU gettext.
+# Copyright (C) 1995-1997, 2000-2006 by Ulrich Drepper <drepper@gnu.ai.mit.edu>
+#
+# This file can be copied and used freely without restrictions. It can
+# be used in projects which are not available under the GNU General Public
+# License but which still want to provide support for the GNU gettext
+# functionality.
+# Please note that the actual code of GNU gettext is covered by the GNU
+# General Public License and is *not* in the public domain.
+#
+# Origin: gettext-0.15
+
+PACKAGE = @PACKAGE@
+VERSION = @VERSION@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+
+SHELL = /bin/sh
+@SET_MAKE@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+datarootdir = @datarootdir@
+datadir = @datadir@
+localedir = @localedir@
+gettextsrcdir = $(datadir)/gettext/po
+
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+mkinstalldirs = $(SHELL) @install_sh@ -d
+mkdir_p = @mkdir_p@
+
+GMSGFMT_ = @GMSGFMT@
+GMSGFMT_no = @GMSGFMT@
+GMSGFMT_yes = @GMSGFMT_015@
+GMSGFMT = $(GMSGFMT_$(USE_MSGCTXT))
+MSGFMT_ = @MSGFMT@
+MSGFMT_no = @MSGFMT@
+MSGFMT_yes = @MSGFMT_015@
+MSGFMT = $(MSGFMT_$(USE_MSGCTXT))
+XGETTEXT_ = @XGETTEXT@
+XGETTEXT_no = @XGETTEXT@
+XGETTEXT_yes = @XGETTEXT_015@
+XGETTEXT = $(XGETTEXT_$(USE_MSGCTXT))
+MSGMERGE = msgmerge
+MSGMERGE_UPDATE = @MSGMERGE@ --update
+MSGINIT = msginit
+MSGCONV = msgconv
+MSGFILTER = msgfilter
+
+POFILES = @POFILES@
+GMOFILES = @GMOFILES@
+UPDATEPOFILES = @UPDATEPOFILES@
+DUMMYPOFILES = @DUMMYPOFILES@
+DISTFILES.common = Makefile.in.in remove-potcdate.sin \
+$(DISTFILES.common.extra1) $(DISTFILES.common.extra2) $(DISTFILES.common.extra3)
+DISTFILES = $(DISTFILES.common) Makevars POTFILES.in \
+$(POFILES) $(GMOFILES) \
+$(DISTFILES.extra1) $(DISTFILES.extra2) $(DISTFILES.extra3)
+
+POTFILES = \
+
+CATALOGS = @CATALOGS@
+
+# Makevars gets inserted here. (Don't remove this line!)
+
+.SUFFIXES:
+.SUFFIXES: .po .gmo .mo .sed .sin .nop .po-create .po-update
+
+.po.mo:
+ @echo "$(MSGFMT) -c -o $@ $<"; \
+ $(MSGFMT) -c -o t-$@ $< && mv t-$@ $@
+
+.po.gmo:
+ @lang=`echo $* | sed -e 's,.*/,,'`; \
+ test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \
+ echo "$${cdcmd}rm -f $${lang}.gmo && $(GMSGFMT) -c --statistics -o $${lang}.gmo $${lang}.po"; \
+ cd $(srcdir) && rm -f $${lang}.gmo && $(GMSGFMT) -c --statistics -o t-$${lang}.gmo $${lang}.po && mv t-$${lang}.gmo $${lang}.gmo
+
+.sin.sed:
+ sed -e '/^#/d' $< > t-$@
+ mv t-$@ $@
+
+
+all: all-@USE_NLS@
+
+all-yes: stamp-po
+all-no:
+
+# $(srcdir)/$(DOMAIN).pot is only created when needed. When xgettext finds no
+# internationalized messages, no $(srcdir)/$(DOMAIN).pot is created (because
+# we don't want to bother translators with empty POT files). We assume that
+# LINGUAS is empty in this case, i.e. $(POFILES) and $(GMOFILES) are empty.
+# In this case, stamp-po is a nop (i.e. a phony target).
+
+# stamp-po is a timestamp denoting the last time at which the CATALOGS have
+# been loosely updated. Its purpose is that when a developer or translator
+# checks out the package via CVS, and the $(DOMAIN).pot file is not in CVS,
+# "make" will update the $(DOMAIN).pot and the $(CATALOGS), but subsequent
+# invocations of "make" will do nothing. This timestamp would not be necessary
+# if updating the $(CATALOGS) would always touch them; however, the rule for
+# $(POFILES) has been designed to not touch files that don't need to be
+# changed.
+stamp-po: $(srcdir)/$(DOMAIN).pot
+ test ! -f $(srcdir)/$(DOMAIN).pot || \
+ test -z "$(GMOFILES)" || $(MAKE) $(GMOFILES)
+ @test ! -f $(srcdir)/$(DOMAIN).pot || { \
+ echo "touch stamp-po" && \
+ echo timestamp > stamp-poT && \
+ mv stamp-poT stamp-po; \
+ }
+
+# Note: Target 'all' must not depend on target '$(DOMAIN).pot-update',
+# otherwise packages like GCC can not be built if only parts of the source
+# have been downloaded.
+
+# This target rebuilds $(DOMAIN).pot; it is an expensive operation.
+# Note that $(DOMAIN).pot is not touched if it doesn't need to be changed.
+$(DOMAIN).pot-update: $(POTFILES) $(srcdir)/POTFILES.in remove-potcdate.sed
+ if test -n '$(MSGID_BUGS_ADDRESS)' || test '$(PACKAGE_BUGREPORT)' = '@'PACKAGE_BUGREPORT'@'; then \
+ msgid_bugs_address='$(MSGID_BUGS_ADDRESS)'; \
+ else \
+ msgid_bugs_address='$(PACKAGE_BUGREPORT)'; \
+ fi; \
+ $(XGETTEXT) --default-domain=$(DOMAIN) --directory=$(top_srcdir) \
+ --add-comments=TRANSLATORS: $(XGETTEXT_OPTIONS) \
+ --files-from=$(srcdir)/POTFILES.in \
+ --copyright-holder='$(COPYRIGHT_HOLDER)' \
+ --msgid-bugs-address="$$msgid_bugs_address"
+ test ! -f $(DOMAIN).po || { \
+ if test -f $(srcdir)/$(DOMAIN).pot; then \
+ sed -f remove-potcdate.sed < $(srcdir)/$(DOMAIN).pot > $(DOMAIN).1po && \
+ sed -f remove-potcdate.sed < $(DOMAIN).po > $(DOMAIN).2po && \
+ if cmp $(DOMAIN).1po $(DOMAIN).2po >/dev/null 2>&1; then \
+ rm -f $(DOMAIN).1po $(DOMAIN).2po $(DOMAIN).po; \
+ else \
+ rm -f $(DOMAIN).1po $(DOMAIN).2po $(srcdir)/$(DOMAIN).pot && \
+ mv $(DOMAIN).po $(srcdir)/$(DOMAIN).pot; \
+ fi; \
+ else \
+ mv $(DOMAIN).po $(srcdir)/$(DOMAIN).pot; \
+ fi; \
+ }
+
+# This rule has no dependencies: we don't need to update $(DOMAIN).pot at
+# every "make" invocation, only create it when it is missing.
+# Only "make $(DOMAIN).pot-update" or "make dist" will force an update.
+$(srcdir)/$(DOMAIN).pot:
+ $(MAKE) $(DOMAIN).pot-update
+
+# This target rebuilds a PO file if $(DOMAIN).pot has changed.
+# Note that a PO file is not touched if it doesn't need to be changed.
+$(POFILES): $(srcdir)/$(DOMAIN).pot
+ @lang=`echo $@ | sed -e 's,.*/,,' -e 's/\.po$$//'`; \
+ if test -f "$(srcdir)/$${lang}.po"; then \
+ test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \
+ echo "$${cdcmd}$(MSGMERGE_UPDATE) $${lang}.po $(DOMAIN).pot"; \
+ cd $(srcdir) && $(MSGMERGE_UPDATE) $${lang}.po $(DOMAIN).pot; \
+ else \
+ $(MAKE) $${lang}.po-create; \
+ fi
+
+
+install: install-exec install-data
+install-exec:
+install-data: install-data-@USE_NLS@
+ if test "$(PACKAGE)" = "gettext-tools"; then \
+ $(mkdir_p) $(DESTDIR)$(gettextsrcdir); \
+ for file in $(DISTFILES.common) Makevars.template; do \
+ $(INSTALL_DATA) $(srcdir)/$$file \
+ $(DESTDIR)$(gettextsrcdir)/$$file; \
+ done; \
+ for file in Makevars; do \
+ rm -f $(DESTDIR)$(gettextsrcdir)/$$file; \
+ done; \
+ else \
+ : ; \
+ fi
+install-data-no: all
+install-data-yes: all
+ $(mkdir_p) $(DESTDIR)$(datadir)
+ @catalogs='$(CATALOGS)'; \
+ for cat in $$catalogs; do \
+ cat=`basename $$cat`; \
+ lang=`echo $$cat | sed -e 's/\.gmo$$//'`; \
+ dir=$(localedir)/$$lang/LC_MESSAGES; \
+ $(mkdir_p) $(DESTDIR)$$dir; \
+ if test -r $$cat; then realcat=$$cat; else realcat=$(srcdir)/$$cat; fi; \
+ $(INSTALL_DATA) $$realcat $(DESTDIR)$$dir/$(DOMAIN).mo; \
+ echo "installing $$realcat as $(DESTDIR)$$dir/$(DOMAIN).mo"; \
+ for lc in '' $(EXTRA_LOCALE_CATEGORIES); do \
+ if test -n "$$lc"; then \
+ if (cd $(DESTDIR)$(localedir)/$$lang && LC_ALL=C ls -l -d $$lc 2>/dev/null) | grep ' -> ' >/dev/null; then \
+ link=`cd $(DESTDIR)$(localedir)/$$lang && LC_ALL=C ls -l -d $$lc | sed -e 's/^.* -> //'`; \
+ mv $(DESTDIR)$(localedir)/$$lang/$$lc $(DESTDIR)$(localedir)/$$lang/$$lc.old; \
+ mkdir $(DESTDIR)$(localedir)/$$lang/$$lc; \
+ (cd $(DESTDIR)$(localedir)/$$lang/$$lc.old && \
+ for file in *; do \
+ if test -f $$file; then \
+ ln -s ../$$link/$$file $(DESTDIR)$(localedir)/$$lang/$$lc/$$file; \
+ fi; \
+ done); \
+ rm -f $(DESTDIR)$(localedir)/$$lang/$$lc.old; \
+ else \
+ if test -d $(DESTDIR)$(localedir)/$$lang/$$lc; then \
+ :; \
+ else \
+ rm -f $(DESTDIR)$(localedir)/$$lang/$$lc; \
+ mkdir $(DESTDIR)$(localedir)/$$lang/$$lc; \
+ fi; \
+ fi; \
+ rm -f $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo; \
+ ln -s ../LC_MESSAGES/$(DOMAIN).mo $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo 2>/dev/null || \
+ ln $(DESTDIR)$(localedir)/$$lang/LC_MESSAGES/$(DOMAIN).mo $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo 2>/dev/null || \
+ cp -p $(DESTDIR)$(localedir)/$$lang/LC_MESSAGES/$(DOMAIN).mo $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo; \
+ echo "installing $$realcat link as $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo"; \
+ fi; \
+ done; \
+ done
+
+install-strip: install
+
+installdirs: installdirs-exec installdirs-data
+installdirs-exec:
+installdirs-data: installdirs-data-@USE_NLS@
+ if test "$(PACKAGE)" = "gettext-tools"; then \
+ $(mkdir_p) $(DESTDIR)$(gettextsrcdir); \
+ else \
+ : ; \
+ fi
+installdirs-data-no:
+installdirs-data-yes:
+ $(mkdir_p) $(DESTDIR)$(datadir)
+ @catalogs='$(CATALOGS)'; \
+ for cat in $$catalogs; do \
+ cat=`basename $$cat`; \
+ lang=`echo $$cat | sed -e 's/\.gmo$$//'`; \
+ dir=$(localedir)/$$lang/LC_MESSAGES; \
+ $(mkdir_p) $(DESTDIR)$$dir; \
+ for lc in '' $(EXTRA_LOCALE_CATEGORIES); do \
+ if test -n "$$lc"; then \
+ if (cd $(DESTDIR)$(localedir)/$$lang && LC_ALL=C ls -l -d $$lc 2>/dev/null) | grep ' -> ' >/dev/null; then \
+ link=`cd $(DESTDIR)$(localedir)/$$lang && LC_ALL=C ls -l -d $$lc | sed -e 's/^.* -> //'`; \
+ mv $(DESTDIR)$(localedir)/$$lang/$$lc $(DESTDIR)$(localedir)/$$lang/$$lc.old; \
+ mkdir $(DESTDIR)$(localedir)/$$lang/$$lc; \
+ (cd $(DESTDIR)$(localedir)/$$lang/$$lc.old && \
+ for file in *; do \
+ if test -f $$file; then \
+ ln -s ../$$link/$$file $(DESTDIR)$(localedir)/$$lang/$$lc/$$file; \
+ fi; \
+ done); \
+ rm -f $(DESTDIR)$(localedir)/$$lang/$$lc.old; \
+ else \
+ if test -d $(DESTDIR)$(localedir)/$$lang/$$lc; then \
+ :; \
+ else \
+ rm -f $(DESTDIR)$(localedir)/$$lang/$$lc; \
+ mkdir $(DESTDIR)$(localedir)/$$lang/$$lc; \
+ fi; \
+ fi; \
+ fi; \
+ done; \
+ done
+
+# Define this as empty until I found a useful application.
+installcheck:
+
+uninstall: uninstall-exec uninstall-data
+uninstall-exec:
+uninstall-data: uninstall-data-@USE_NLS@
+ if test "$(PACKAGE)" = "gettext-tools"; then \
+ for file in $(DISTFILES.common) Makevars.template; do \
+ rm -f $(DESTDIR)$(gettextsrcdir)/$$file; \
+ done; \
+ else \
+ : ; \
+ fi
+uninstall-data-no:
+uninstall-data-yes:
+ catalogs='$(CATALOGS)'; \
+ for cat in $$catalogs; do \
+ cat=`basename $$cat`; \
+ lang=`echo $$cat | sed -e 's/\.gmo$$//'`; \
+ for lc in LC_MESSAGES $(EXTRA_LOCALE_CATEGORIES); do \
+ rm -f $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo; \
+ done; \
+ done
+
+check: all
+
+info dvi ps pdf html tags TAGS ctags CTAGS ID:
+
+mostlyclean:
+ rm -f remove-potcdate.sed
+ rm -f stamp-poT
+ rm -f core core.* $(DOMAIN).po $(DOMAIN).1po $(DOMAIN).2po *.new.po
+ rm -fr *.o
+
+clean: mostlyclean
+
+distclean: clean
+ rm -f Makefile Makefile.in POTFILES *.mo
+
+maintainer-clean: distclean
+ @echo "This command is intended for maintainers to use;"
+ @echo "it deletes files that may require special tools to rebuild."
+ rm -f stamp-po $(GMOFILES)
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+dist distdir:
+ $(MAKE) update-po
+ @$(MAKE) dist2
+# This is a separate target because 'update-po' must be executed before.
+dist2: stamp-po $(DISTFILES)
+ dists="$(DISTFILES)"; \
+ if test "$(PACKAGE)" = "gettext-tools"; then \
+ dists="$$dists Makevars.template"; \
+ fi; \
+ if test -f $(srcdir)/$(DOMAIN).pot; then \
+ dists="$$dists $(DOMAIN).pot stamp-po"; \
+ fi; \
+ if test -f $(srcdir)/ChangeLog; then \
+ dists="$$dists ChangeLog"; \
+ fi; \
+ for i in 0 1 2 3 4 5 6 7 8 9; do \
+ if test -f $(srcdir)/ChangeLog.$$i; then \
+ dists="$$dists ChangeLog.$$i"; \
+ fi; \
+ done; \
+ if test -f $(srcdir)/LINGUAS; then dists="$$dists LINGUAS"; fi; \
+ for file in $$dists; do \
+ if test -f $$file; then \
+ cp -p $$file $(distdir) || exit 1; \
+ else \
+ cp -p $(srcdir)/$$file $(distdir) || exit 1; \
+ fi; \
+ done
+
+update-po: Makefile
+ $(MAKE) $(DOMAIN).pot-update
+ test -z "$(UPDATEPOFILES)" || $(MAKE) $(UPDATEPOFILES)
+ $(MAKE) update-gmo
+
+# General rule for creating PO files.
+
+.nop.po-create:
+ @lang=`echo $@ | sed -e 's/\.po-create$$//'`; \
+ echo "File $$lang.po does not exist. If you are a translator, you can create it through 'msginit'." 1>&2; \
+ exit 1
+
+# General rule for updating PO files.
+
+.nop.po-update:
+ @lang=`echo $@ | sed -e 's/\.po-update$$//'`; \
+ if test "$(PACKAGE)" = "gettext-tools"; then PATH=`pwd`/../src:$$PATH; fi; \
+ tmpdir=`pwd`; \
+ echo "$$lang:"; \
+ test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \
+ echo "$${cdcmd}$(MSGMERGE) $$lang.po $(DOMAIN).pot -o $$lang.new.po"; \
+ cd $(srcdir); \
+ if $(MSGMERGE) $$lang.po $(DOMAIN).pot -o $$tmpdir/$$lang.new.po; then \
+ if cmp $$lang.po $$tmpdir/$$lang.new.po >/dev/null 2>&1; then \
+ rm -f $$tmpdir/$$lang.new.po; \
+ else \
+ if mv -f $$tmpdir/$$lang.new.po $$lang.po; then \
+ :; \
+ else \
+ echo "msgmerge for $$lang.po failed: cannot move $$tmpdir/$$lang.new.po to $$lang.po" 1>&2; \
+ exit 1; \
+ fi; \
+ fi; \
+ else \
+ echo "msgmerge for $$lang.po failed!" 1>&2; \
+ rm -f $$tmpdir/$$lang.new.po; \
+ fi
+
+$(DUMMYPOFILES):
+
+update-gmo: Makefile $(GMOFILES)
+ @:
+
+Makefile: Makefile.in.in Makevars $(top_builddir)/config.status @POMAKEFILEDEPS@
+ cd $(top_builddir) \
+ && $(SHELL) ./config.status $(subdir)/$@.in po-directories
+
+force:
+
+# Tell versions [3.59,3.63) of GNU make not to export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/po/Makevars b/Linux-PAM/po/Makevars
new file mode 100644
index 00000000..c152efd6
--- /dev/null
+++ b/Linux-PAM/po/Makevars
@@ -0,0 +1,41 @@
+# Makefile variables for PO directory in any package using GNU gettext.
+
+# Usually the message domain is the same as the package name.
+DOMAIN = $(PACKAGE)
+
+# These two variables depend on the location of this directory.
+subdir = po
+top_builddir = ..
+
+# These options get passed to xgettext.
+XGETTEXT_OPTIONS = -E --keyword=_ --keyword=N_
+
+# This is the copyright holder that gets inserted into the header of the
+# $(DOMAIN).pot file. Set this to the copyright holder of the surrounding
+# package. (Note that the msgstr strings, extracted from the package's
+# sources, belong to the copyright holder of the package.) Translators are
+# expected to transfer the copyright for their translations to this person
+# or entity, or to disclaim their copyright. The empty string stands for
+# the public domain; in this case the translators are expected to disclaim
+# their copyright.
+COPYRIGHT_HOLDER = Linux-PAM Project
+
+# This is the email address or URL to which the translators shall report
+# bugs in the untranslated strings:
+# - Strings which are not entire sentences, see the maintainer guidelines
+# in the GNU gettext documentation, section 'Preparing Strings'.
+# - Strings which use unclear terms or require additional context to be
+# understood.
+# - Strings which make invalid assumptions about notation of date, time or
+# money.
+# - Pluralisation problems.
+# - Incorrect English spelling.
+# - Incorrect formatting.
+# It can be your email address, or a mailing list address where translators
+# can write to without being subscribed, or the URL of a web page through
+# which the translators can contact you.
+MSGID_BUGS_ADDRESS = http://sourceforge.net/projects/pam
+
+# This is the list of locale categories, beyond LC_MESSAGES, for which the
+# message catalogs shall be used. It is usually empty.
+EXTRA_LOCALE_CATEGORIES =
diff --git a/Linux-PAM/po/POTFILES.in b/Linux-PAM/po/POTFILES.in
new file mode 100644
index 00000000..590e601d
--- /dev/null
+++ b/Linux-PAM/po/POTFILES.in
@@ -0,0 +1,92 @@
+./libpamc/pamc_client.c
+./libpamc/pamc_converse.c
+./libpamc/pamc_load.c
+./libpamc/test/modules/pam_secret.c
+./libpamc/test/regress/test.libpamc.c
+./libpam_misc/help_env.c
+./libpam_misc/misc_conv.c
+./libpam/pam_account.c
+./libpam/pam_audit.c
+./libpam/pam_auth.c
+./libpam/pam_data.c
+./libpam/pam_delay.c
+./libpam/pam_dispatch.c
+./libpam/pam_dynamic.c
+./libpam/pam_end.c
+./libpam/pam_env.c
+./libpam/pam_handlers.c
+./libpam/pam_item.c
+./libpam/pam_misc.c
+./libpam/pam_modutil_cleanup.c
+./libpam/pam_modutil_getgrgid.c
+./libpam/pam_modutil_getgrnam.c
+./libpam/pam_modutil_getlogin.c
+./libpam/pam_modutil_getpwnam.c
+./libpam/pam_modutil_getpwuid.c
+./libpam/pam_modutil_getspnam.c
+./libpam/pam_modutil_ingroup.c
+./libpam/pam_modutil_ioloop.c
+./libpam/pam_password.c
+./libpam/pam_prelude.c
+./libpam/pam_session.c
+./libpam/pam_start.c
+./libpam/pam_static.c
+./libpam/pam_strerror.c
+./libpam/pam_syslog.c
+./libpam/pam_vprompt.c
+./modules/pam_access/pam_access.c
+./modules/pam_cracklib/pam_cracklib.c
+./modules/pam_debug/pam_debug.c
+./modules/pam_deny/pam_deny.c
+./modules/pam_echo/pam_echo.c
+./modules/pam_env/pam_env.c
+./modules/pam_exec/pam_exec.c
+./modules/pam_faildelay/pam_faildelay.c
+./modules/pam_filter/pam_filter.c
+./modules/pam_filter/upperLOWER/upperLOWER.c
+./modules/pam_ftp/pam_ftp.c
+./modules/pam_group/pam_group.c
+./modules/pam_issue/pam_issue.c
+./modules/pam_keyinit/pam_keyinit.c
+./modules/pam_lastlog/pam_lastlog.c
+./modules/pam_limits/pam_limits.c
+./modules/pam_listfile/pam_listfile.c
+./modules/pam_localuser/pam_localuser.c
+./modules/pam_loginuid/pam_loginuid.c
+./modules/pam_mail/pam_mail.c
+./modules/pam_mkhomedir/pam_mkhomedir.c
+./modules/pam_motd/pam_motd.c
+./modules/pam_namespace/md5.c
+./modules/pam_namespace/pam_namespace.c
+./modules/pam_nologin/pam_nologin.c
+./modules/pam_permit/pam_permit.c
+./modules/pam_rhosts/pam_rhosts_auth.c
+./modules/pam_rhosts/pam_rhosts.c
+./modules/pam_rootok/pam_rootok.c
+./modules/pam_securetty/pam_securetty.c
+./modules/pam_selinux/pam_selinux.c
+./modules/pam_selinux/pam_selinux_check.c
+./modules/pam_shells/pam_shells.c
+./modules/pam_stress/pam_stress.c
+./modules/pam_succeed_if/pam_succeed_if.c
+./modules/pam_tally/pam_tally_app.c
+./modules/pam_tally/pam_tally.c
+./modules/pam_time/pam_time.c
+./modules/pam_umask/pam_umask.c
+./modules/pam_unix/bigcrypt.c
+./modules/pam_unix/bigcrypt_main.c
+./modules/pam_unix/md5_broken.c
+./modules/pam_unix/md5.c
+./modules/pam_unix/md5_crypt.c
+./modules/pam_unix/md5_good.c
+./modules/pam_unix/pam_unix_acct.c
+./modules/pam_unix/pam_unix_auth.c
+./modules/pam_unix/pam_unix_passwd.c
+./modules/pam_unix/pam_unix_sess.c
+./modules/pam_unix/support.c
+./modules/pam_unix/unix_chkpwd.c
+./modules/pam_unix/yppasswd_xdr.c
+./modules/pam_userdb/pam_userdb.c
+./modules/pam_warn/pam_warn.c
+./modules/pam_wheel/pam_wheel.c
+./modules/pam_xauth/pam_xauth.c
diff --git a/Linux-PAM/po/Rules-quot b/Linux-PAM/po/Rules-quot
new file mode 100644
index 00000000..9c2a995e
--- /dev/null
+++ b/Linux-PAM/po/Rules-quot
@@ -0,0 +1,47 @@
+# Special Makefile rules for English message catalogs with quotation marks.
+
+DISTFILES.common.extra1 = quot.sed boldquot.sed en@quot.header en@boldquot.header insert-header.sin Rules-quot
+
+.SUFFIXES: .insert-header .po-update-en
+
+en@quot.po-create:
+ $(MAKE) en@quot.po-update
+en@boldquot.po-create:
+ $(MAKE) en@boldquot.po-update
+
+en@quot.po-update: en@quot.po-update-en
+en@boldquot.po-update: en@boldquot.po-update-en
+
+.insert-header.po-update-en:
+ @lang=`echo $@ | sed -e 's/\.po-update-en$$//'`; \
+ if test "$(PACKAGE)" = "gettext"; then PATH=`pwd`/../src:$$PATH; GETTEXTLIBDIR=`cd $(top_srcdir)/src && pwd`; export GETTEXTLIBDIR; fi; \
+ tmpdir=`pwd`; \
+ echo "$$lang:"; \
+ ll=`echo $$lang | sed -e 's/@.*//'`; \
+ LC_ALL=C; export LC_ALL; \
+ cd $(srcdir); \
+ if $(MSGINIT) -i $(DOMAIN).pot --no-translator -l $$ll -o - 2>/dev/null | sed -f $$tmpdir/$$lang.insert-header | $(MSGCONV) -t UTF-8 | $(MSGFILTER) sed -f `echo $$lang | sed -e 's/.*@//'`.sed 2>/dev/null > $$tmpdir/$$lang.new.po; then \
+ if cmp $$lang.po $$tmpdir/$$lang.new.po >/dev/null 2>&1; then \
+ rm -f $$tmpdir/$$lang.new.po; \
+ else \
+ if mv -f $$tmpdir/$$lang.new.po $$lang.po; then \
+ :; \
+ else \
+ echo "creation of $$lang.po failed: cannot move $$tmpdir/$$lang.new.po to $$lang.po" 1>&2; \
+ exit 1; \
+ fi; \
+ fi; \
+ else \
+ echo "creation of $$lang.po failed!" 1>&2; \
+ rm -f $$tmpdir/$$lang.new.po; \
+ fi
+
+en@quot.insert-header: insert-header.sin
+ sed -e '/^#/d' -e 's/HEADER/en@quot.header/g' $(srcdir)/insert-header.sin > en@quot.insert-header
+
+en@boldquot.insert-header: insert-header.sin
+ sed -e '/^#/d' -e 's/HEADER/en@boldquot.header/g' $(srcdir)/insert-header.sin > en@boldquot.insert-header
+
+mostlyclean: mostlyclean-quot
+mostlyclean-quot:
+ rm -f *.insert-header
diff --git a/Linux-PAM/po/boldquot.sed b/Linux-PAM/po/boldquot.sed
new file mode 100644
index 00000000..4b937aa5
--- /dev/null
+++ b/Linux-PAM/po/boldquot.sed
@@ -0,0 +1,10 @@
+s/"\([^"]*\)"/“\1â€/g
+s/`\([^`']*\)'/‘\1’/g
+s/ '\([^`']*\)' / ‘\1’ /g
+s/ '\([^`']*\)'$/ ‘\1’/g
+s/^'\([^`']*\)' /‘\1’ /g
+s/“â€/""/g
+s/“/“/g
+s/â€/â€/g
+s/‘/‘/g
+s/’/’/g
diff --git a/Linux-PAM/po/cs.gmo b/Linux-PAM/po/cs.gmo
new file mode 100644
index 00000000..feb8f6ad
--- /dev/null
+++ b/Linux-PAM/po/cs.gmo
Binary files differ
diff --git a/Linux-PAM/po/cs.po b/Linux-PAM/po/cs.po
new file mode 100644
index 00000000..53427890
--- /dev/null
+++ b/Linux-PAM/po/cs.po
@@ -0,0 +1,491 @@
+# translation of Linux-PAM.po to cs_CZ
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR Linux-PAM Project.
+# Klara Cihlarova <koty@seznam.cz>, 2005, 2006.
+# fixes by Tomas Mraz <t8m@centrum.cz>, 2005.
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2007-01-17 11:54+0100\n"
+"Last-Translator: Tomas Mraz <t8m@centrum.cz>\n"
+"Language-Team: cs_CZ <cs@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n"
+"X-Generator: KBabel 1.10.2\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "..OdpoÄet byl spuÅ¡tÄ›n...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Čas vypršel!\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "nesprávná konverzace (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "login:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Úspěch"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Kritická chyba - okamžité ukonÄení"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr "Nepodařilo se nahrát modul"
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Symbol nenalezen"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Chyba v modulu služby"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Chyba systému"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Chyba alokace paměti"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Přístup zamítnut"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Selhání autentizace"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "NedostateÄná oprávnÄ›ní pro přístup k autentizaÄním datům"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "AutentizaÄní služba nemůže získat informace pro autentizaci"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Uživatel není znám použitému autentizaÄnímu modulu"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "VyÄerpán maximální poÄet pokusů pro službu"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "AutentizaÄní token již není platný; vyžadován nový"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "Uživatelský úÄet vyprÅ¡el"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Pro zadané sezení nelze vytvořit/odstranit záznam"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "AutentizaÄní služba nemůže získat údaje o oprávnÄ›ních uživatele"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Údaje o oprávněních uživatele vypršely"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Chyba při nastavení údajů o oprávněních uživatele"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Nelze najít data potřebná pro modul"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Funkci pam_*_item() byla předána špatná položka"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Chyba konverzace"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Chyba manipulace s autentizaÄním tokenem"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "AutentizaÄní informace nelze získat"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "AutentizaÄní token je uzamÄen"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Stárnutí autentizaÄního tokenu zakázáno"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Selhání předběžné kontroly ve službě hesla"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "Návratová hodnota by měla být ignorována rozhodovacím mechanismem PAM"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Neznámý modul"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "AutentizaÄní token vyprÅ¡el"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Konverzace Äeká na událost"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "Aplikace musí znovu zavolat libpam"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Neznámá chyba PAM"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Nové %s%sheslo: "
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Opakujte nové %s%sheslo: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Hesla se neshodují."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "je stejné jako předcházející"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "je palindrom"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "pouze mění velikost"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "je příliš podobné předcházejícímu"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "je příliš jednoduché"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "je posunuté"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "již bylo použito"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Nezadáno heslo"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Heslo nebylo změněno"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "ŠPATNÉ HESLO: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr "%s selhal: návratový kód %d"
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr "%s selhal: dostal signál %d%s"
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr "%s selhal: neznámý kód stavu 0x%x"
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr " %a %d.%m.%Y %H:%M:%S %Z"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " z %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " na %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Poslední přihlášení:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Vítejte na vaÅ¡em novém úÄtu!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Příliš mnoho přihlášení pro '%s'."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Žádná pošta."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Máte novou poštu."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Máte starou poštu."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Máte poštu."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "Nemáte žádnou poštu ve složce %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "Máte novou poštu ve složce %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "Máte starou poštu ve složce %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "Máte poštu ve složce %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr "Vytváření adresáře '%s'."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr "Nezdařilo se vytvořit adresář %s: %m"
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Váš výchozí kontext je %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Chcete zvolit jiný? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Zadejte Äíslo volby: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Chcete zadat bezpeÄnostní kontext? [y]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "role: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "typ: "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "úroveň: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Neplatný bezpeÄnostní kontext"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "BezpeÄnostní kontext %s pÅ™idÄ›len"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "chyba při inicializaci PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "chyba pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "login: chyba forku: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, c-format
+msgid "Changing STRESS password for %s."
+msgstr "Změna STRESS hesla pro %s."
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Zadejte nové STRESS heslo: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Opakujte nové STRESS heslo: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Chybné potvrzení. Heslo nezměněno"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Chyba autentizace"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Chyba služby"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Neznámý uživatel"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Neznámá chyba"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Zadána špatná hodnota --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Neznámá volba %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file jmeno_souboru] [--user uzivatelske_jmeno] [--reset[=n]] [--"
+"quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: Nelze resetovat všechny uživatele nenulově\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "Váš úÄet vyprÅ¡el; kontaktujte prosím svého správce systému"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "Musíte okamžitě změnit své heslo (vynuceno rootem)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "Musíte okamžitě změnit své heslo (heslo vypršelo)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Varování: Vaše heslo vyprší za %d den"
+msgstr[1] "Varování: Vaše heslo vyprší za %d dny"
+msgstr[2] "Varování: Vaše heslo vyprší za %d dní"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Varování: PoÄet dní do vyprÅ¡ení hesla: %d"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Heslo: "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "NIS heslo se nepodařilo změnit."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Musíte zvolit delší heslo"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "Heslo již bylo použito. Zvolte jiné."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, c-format
+msgid "Changing password for %s."
+msgstr "Změna hesla pro %s."
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(souÄasné) UNIX heslo: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Na zmÄ›nu svého hesla musíte poÄkat déle"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Zadejte nové UNIX heslo: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Opakujte nové UNIX heslo: "
diff --git a/Linux-PAM/po/de.gmo b/Linux-PAM/po/de.gmo
new file mode 100644
index 00000000..c4a9478f
--- /dev/null
+++ b/Linux-PAM/po/de.gmo
Binary files differ
diff --git a/Linux-PAM/po/de.po b/Linux-PAM/po/de.po
new file mode 100644
index 00000000..5878ba1e
--- /dev/null
+++ b/Linux-PAM/po/de.po
@@ -0,0 +1,493 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-12-18 15:50+01:00\n"
+"Last-Translator: Novell Language <language@novell.com>\n"
+"Language-Team: Novell Language <language@novell.com>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n == 1 ? 0 : 1;\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...Time läuft ab...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Ihre Zeit ist abgelaufen.\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "fehlerhafte Kommunikation (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "login:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Erfolg"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Kritischer Fehler - sofortiger Abbruch"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr "Fehler beim Laden des Moduls"
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Symbol nicht gefunden"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Fehler im Service Modul"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Systemfehler"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Fehler beim Allozieren von Speicher"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Berechtigung verweigert"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Fehler bei Authentifizierung"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr ""
+"Berechtigungsnachweis für Zugriff auf Authentifizierungsdaten nicht "
+"ausreichend"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr ""
+"Authentifizierungsdienst kann Authentifizierungsinformationen nicht abrufen"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Benutzer bei zu Grunde liegendem Authentifizierungsmodul nicht bekannt"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Maximale Anzahl an Versuchen für den Dienst erreicht"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "Authentifizierungs-Token ist nicht mehr gültig; neues erforderlich"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "Benutzerkonto ist abgelaufen"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr ""
+"Erstellen/Entfernen eines Eintrags für die angegebene Sitzung nicht möglich"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "Authentifizierungsdienst kann keine Benutzerberechtigung abrufen"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Benutzerberechtigung abgelaufen"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Fehler beim Festlegen der Benutzerberechtigung"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Keine modulspezifischen Daten vorhanden"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Ungültiges Element an pam_*_item() übergeben"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Kommunikationsfehler"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Fehler beim Ändern des Authentifizierungs-Token"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "Authentifizierungsinformationen können nicht wiederhergestellt werden"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "Sperre für Authentifizierungs-Token belegt"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Zeitablauf für Authentifizierungs-Token deaktiviert"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Vorabtest durch Passwortdienst gescheitert"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "Der Rückgabewert sollte von PAM-Dispatch ignoriert werden"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Modul ist nicht bekannt"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "Authentifizierungs-Token abgelaufen"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Kommunikation wartet auf Ereignis"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "Anwendung muss libpam wieder aufrufen"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Unbekannter PAM-Fehler"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Geben sie ein neues %s%sPasswort ein: "
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Geben sie das neue %s%sPasswort erneut ein: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Die Passwörter stimmen nicht überein."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "ist das gleiche wie das Alte"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "ist ein Palindrome"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "nur Änderungen bei der Groß-/Kleinschreibung"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "ist dem alten zu ähnlich"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "ist zu einfach"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "wurde gedreht"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "es wurde bereits verwendet"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Kein Passwort angegeben"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Passwort nicht geändert"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "Schlechtes Passwort: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr "%s schlug fehl: Fehlercode %d"
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr "%s schlug fehl: Signal %d%s erhalten"
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr "%s schlug fehl: Unbekannter Status 0x%x"
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr " %A, den %d. %B %Y, %H:%M:%S %Z"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " von %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " auf %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Letzte Anmeldung:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Willkommen in Ihrem neuen Account!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Zu viele Anmeldungen für '%s'."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Keine Nachrichten."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Sie haben neue Nachrichten."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Sie haben alte Nachrichten."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Sie haben Nachrichten."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "Sie haben keine Nachrichten in %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "Sie haben neue Nachrichten in %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "Sie haben alte Nachrichten in %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "Sie haben Nachrichten in %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr "Erstelle Verzeichnis '%s'."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr "Verzeichnis %s kann nicht erstellt werden: %m"
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Ihr Standardkontext lautet %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Möchten Sie einen anderen auswählen? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Geben Sie die gewünschte Nummer ein: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Möchten Sie einen Sicherheitskontext eingeben? [j] "
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "Funktion: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "Typ: "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "Stufe: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Kein gültiger Sicherheitskontext"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Sicherheitskontext %s zugewiesen"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "Fehler beim Initialisieren von PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "Fehler bei pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "Anmeldung: Fehler bei Abspaltung: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, c-format
+msgid "Changing STRESS password for %s."
+msgstr "Ändern des STRESS-Passworts für %s."
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Geben Sie ein neues STRESS-Passwort ein: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Geben Sie das neue STRESS-Passwort erneut ein: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Bestätigungspasswort falsch eingegeben; Passwort nicht geändert"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Authentifizierungsfehler"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Dienstfehler"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Unbekannter Benutzer"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Unbekannter Fehler"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Ungültige Nummer für --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Nicht erkannte Option: %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr ""
+"%s: Es können nicht alle Benutzer auf Nicht-null zurückgesetzt werden\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "Ihr Konto ist abgelaufen. Wenden Sie sich an den Systemadministrator"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "Sie müssen Ihr Passwort sofort ändern (von Root erzwungen)."
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "Sie müssen Ihr Passwort sofort ändern (Passwortablauf)."
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Warnung: Ihr Passwort läuft in %d Tag ab."
+msgstr[1] "Warnung: Ihr Passwort läuft in %d Tagen ab."
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Warnung: Ihr Passwort läuft in %d Tagen ab."
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Passwort: "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "Änderung des NIS-Passworts nicht möglich."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Sie müssen ein längeres Passwort auswählen."
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "Passwort wurde bereits verwendet. Wählen Sie ein anderes aus."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, c-format
+msgid "Changing password for %s."
+msgstr "Ändern des Passworts für %s."
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(aktuelles) UNIX Passwort: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Sie können Ihr Passwort noch nicht ändern"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Geben Sie ein neues UNIX Passwort ein: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Geben Sie das neue UNIX Passwort erneut ein: "
diff --git a/Linux-PAM/po/en@boldquot.header b/Linux-PAM/po/en@boldquot.header
new file mode 100644
index 00000000..fedb6a06
--- /dev/null
+++ b/Linux-PAM/po/en@boldquot.header
@@ -0,0 +1,25 @@
+# All this catalog "translates" are quotation characters.
+# The msgids must be ASCII and therefore cannot contain real quotation
+# characters, only substitutes like grave accent (0x60), apostrophe (0x27)
+# and double quote (0x22). These substitutes look strange; see
+# http://www.cl.cam.ac.uk/~mgk25/ucs/quotes.html
+#
+# This catalog translates grave accent (0x60) and apostrophe (0x27) to
+# left single quotation mark (U+2018) and right single quotation mark (U+2019).
+# It also translates pairs of apostrophe (0x27) to
+# left single quotation mark (U+2018) and right single quotation mark (U+2019)
+# and pairs of quotation mark (0x22) to
+# left double quotation mark (U+201C) and right double quotation mark (U+201D).
+#
+# When output to an UTF-8 terminal, the quotation characters appear perfectly.
+# When output to an ISO-8859-1 terminal, the single quotation marks are
+# transliterated to apostrophes (by iconv in glibc 2.2 or newer) or to
+# grave/acute accent (by libiconv), and the double quotation marks are
+# transliterated to 0x22.
+# When output to an ASCII terminal, the single quotation marks are
+# transliterated to apostrophes, and the double quotation marks are
+# transliterated to 0x22.
+#
+# This catalog furthermore displays the text between the quotation marks in
+# bold face, assuming the VT100/XTerm escape sequences.
+#
diff --git a/Linux-PAM/po/en@quot.header b/Linux-PAM/po/en@quot.header
new file mode 100644
index 00000000..a9647fc3
--- /dev/null
+++ b/Linux-PAM/po/en@quot.header
@@ -0,0 +1,22 @@
+# All this catalog "translates" are quotation characters.
+# The msgids must be ASCII and therefore cannot contain real quotation
+# characters, only substitutes like grave accent (0x60), apostrophe (0x27)
+# and double quote (0x22). These substitutes look strange; see
+# http://www.cl.cam.ac.uk/~mgk25/ucs/quotes.html
+#
+# This catalog translates grave accent (0x60) and apostrophe (0x27) to
+# left single quotation mark (U+2018) and right single quotation mark (U+2019).
+# It also translates pairs of apostrophe (0x27) to
+# left single quotation mark (U+2018) and right single quotation mark (U+2019)
+# and pairs of quotation mark (0x22) to
+# left double quotation mark (U+201C) and right double quotation mark (U+201D).
+#
+# When output to an UTF-8 terminal, the quotation characters appear perfectly.
+# When output to an ISO-8859-1 terminal, the single quotation marks are
+# transliterated to apostrophes (by iconv in glibc 2.2 or newer) or to
+# grave/acute accent (by libiconv), and the double quotation marks are
+# transliterated to 0x22.
+# When output to an ASCII terminal, the single quotation marks are
+# transliterated to apostrophes, and the double quotation marks are
+# transliterated to 0x22.
+#
diff --git a/Linux-PAM/po/es.gmo b/Linux-PAM/po/es.gmo
new file mode 100644
index 00000000..9d96a63f
--- /dev/null
+++ b/Linux-PAM/po/es.gmo
Binary files differ
diff --git a/Linux-PAM/po/es.po b/Linux-PAM/po/es.po
new file mode 100644
index 00000000..312d8dcd
--- /dev/null
+++ b/Linux-PAM/po/es.po
@@ -0,0 +1,505 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-04 08:32+0200\n"
+"Last-Translator: Novell Language <language@novell.com>\n"
+"Language-Team: Novell Language <language@novell.com>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...El tiempo se está agotando...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Lo sentimos, el tiempo se ha agotado.\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "conversación incorrecta (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "inicio de sesión:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Éxito"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Error crítico: cancelación inmediata"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Símbolo no encontrado"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Error en el módulo de servicios"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Error del sistema"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Error de buffer de memoria"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Permiso denegado"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Fallo de autenticación"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "Credenciales insuficientes para acceder a los datos de autenticación"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr ""
+"El servicio de autenticación no puede recuperar la información de "
+"autenticación"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Usuario desconocido para el módulo de autenticación subyacente"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Se ha agotado el número máximo de reintentos para el servicio"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "El testigo de autenticación ya no es válido; necesitará uno nuevo"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "La cuenta del usuario ha caducado"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "No es posible crear o eliminar una entrada de la sesión especificada"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr ""
+"El servicio de autenticación no puede recuperar las credenciales del usuario"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Las credenciales del usuario han caducado"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Error al definir las credenciales del usuario"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "No hay datos específicos del módulo presentes"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Elemento incorrecto enviado a pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Error de conversación"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Error de manipulación del testigo de autenticación"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "No es posible recuperar la información de autenticación"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "El testigo de autenticación parece ocupado"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Antigüedad del testigo de autenticación inhabilitada"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Error de comprobación preliminar del servicio de contraseña"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "El valor devuelto debe ser omitido por el expedidor PAM"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Módulo desconocido"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "Testigo de autenticación caducado"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "La conversación está esperando el evento"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "La aplicación debe llamar a libpam de nuevo"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Error desconocido de PAM"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Nueva %s%scontraseña:"
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Vuelva a escribir la nueva %s%scontraseña:"
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Las contraseñas no coinciden."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "es igual que la antigua"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "es un palíndromo"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "sólo hay cambios de minúsculas y mayúsculas"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "es demasiado similar a la antigua"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "es demasiado sencilla"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "es igual pero al revés"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "ya se ha utilizado"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "No se ha proporcionado ninguna contraseña"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "La contraseña no ha cambiado"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "CONTRASEÑA INCORRECTA: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr "%a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr "de %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr "en %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Último inicio de sesión:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "¡Bienvenido a su nueva cuenta!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Hay demasiados inicios de sesión para \"%s\"."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "No hay correo."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Tiene correo nuevo."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Tiene correo antiguo."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Tiene correo."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "No tiene correo en la carpeta %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "Tiene correo nuevo en la carpeta %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "Tiene correo antiguo en la carpeta %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "Tiene correo en la carpeta %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "El contexto predeterminado es %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "¿Desea seleccionar uno distinto? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Introduzca el número de su elección:"
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "¿Desea introducir un contexto de seguridad? [s]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "función:"
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "tipo:"
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "nivel:"
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "No es un contexto de seguridad válido"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Contexto de seguridad %s asignado"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "error al iniciar PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "error en pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "inicio de sesión: error en horquilla: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "Cambiando la contraseña STRESS para"
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Introduzca la nueva contraseña STRESS:"
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Vuelva a escribir la nueva contraseña STRESS:"
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Error al escribir la verificación; la contraseña no ha cambiado"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Error de autenticación"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Error de servicio"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Usuario desconocido"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Error desconocido"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Número incorrecto proporcionado a --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Opción no reconocida %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file nombre de archivo-raíz] [--user nombre de usuario] [--reset[=n]] "
+"[--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr ""
+"%s: No es posible restaurar a todos los usuarios a un número distinto de "
+"cero\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr ""
+"La cuenta ha caducado, póngase en contacto con el administrador del sistema"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr ""
+"Debe cambiar la contraseña inmediatamente (aplicado por el usuario root)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "Debe cambiar la contraseña inmediatamente (la contraseña ha caducado)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Advertencia: la contraseña caducará dentro de %d día%.2s"
+msgstr[1] "Advertencia: la contraseña caducará dentro de %d día%.2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Advertencia: la contraseña caducará dentro de %d día%.2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Contraseña:"
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "No es posible cambiar la contraseña NIS."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Debe elegir una contraseña más larga"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "La contraseña ya se ha utilizado. Seleccione otra."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "Cambiando la contraseña STRESS para"
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(actual) contraseña de UNIX:"
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Debe esperar más tiempo para cambiar la contraseña"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Introduzca la nueva contraseña de UNIX:"
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Vuelva a escribir la nueva contraseña de UNIX:"
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "Advertencia: la contraseña caducará dentro de %d día%.2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "error de dlopen()"
+
+#~ msgid "%s: set %s security context to %s"
+#~ msgstr "No es un contexto de seguridad válido"
diff --git a/Linux-PAM/po/fi.gmo b/Linux-PAM/po/fi.gmo
new file mode 100644
index 00000000..06278471
--- /dev/null
+++ b/Linux-PAM/po/fi.gmo
Binary files differ
diff --git a/Linux-PAM/po/fi.po b/Linux-PAM/po/fi.po
new file mode 100644
index 00000000..a0a154e2
--- /dev/null
+++ b/Linux-PAM/po/fi.po
@@ -0,0 +1,499 @@
+# translation of Linux-PAM.po to
+# translation of uusi_Linux-PAM.po to
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR Linux-PAM Project.
+#
+# Ilkka Pirskanen <ilkka.pirskanen@kolumbus.fi>, 2005.
+# Janne Ahlskog <j.ahlskog@multi.fi>, 2006.
+# Jyri Palokangas <jmp@netti.fi>, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-04 08:30+0200\n"
+"Last-Translator: Jyri Palokangas <jmp@netti.fi>\n"
+"Language-Team: <yast-trans-fi@kotoistaminen.novell.fi>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.2\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...Aika on loppumassa...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Aikasi on loppunut!\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "virheellinen keskustelu (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "kirjautuminen:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Onnistui"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Kriittinen virhe - välitön keskeytys"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Symbolia ei löydetty"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Virhe palvelumoduulissa"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Järjestelmävirhe"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Muistipuskurivirhe"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Ei käyttöoikeutta"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Tunnistautumisvirhe"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "Riittämätön valtuustieto tunnistautumistietojen saamiseksi"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "Tunnistautumispalvelu ei pääse tunnistautumistietoihin"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Käyttäjä tuntematon taustajärjestelmän tunnistautumismoduulille"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Kaikki palvelun uudelleenyritykset käytetty"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "Tunnistautumislipuke ei ole enää kelvollinen, tarvitaan uusi"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "Käyttäjätili on vanhentunut"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Valitun istunnon merkintää ei voida tehdä/poistaa"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "Tunnistautumispalvelu ei pääse käyttäjän valtuustietoihin"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Käyttäjän valtuustiedot vanhentunut"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Käyttäjän valtuustiedon antaminen ei onnistunut"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Moduuli riippuvaista tietoa ei ole läsnä"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Väärä tieto välitettiin pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Keskusteluvirhe"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Tunnistautumislipukkeen käsittelyvirhe"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "Tunnistautumistietoja ei voida palauttaa"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "Tunnistautumislipukkeen lukko varattu"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Tunnistautumislipukkeen vanhentuminen otettu pois käytöstä"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Salasanapalvelun alustava tarkistus ei onnistunut"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "PAM-välittäjän tulisi hylätä paluuarvo"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Tuntematon moduuli"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "Tunnistautumislipuke vanhentunut"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Keskustelussa odotetaan tapahtumaa"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "Sovelluksen tarvitsee kutsua uudelleen libpam:ia"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Tuntematon PAM-virhe"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Uusi %s%ssalasana: "
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Anna uudelleen uusi %s%ssalasana: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Salasanat eivät täsmää."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "on sama kuin vanha"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "on palindromi"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "vain kirjainkoko muutos"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "on liian samankaltainen vanhan kanssa"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "on liian yksinkertainen"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "on kierrätetty"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "on jo käytetty"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Et antanut salasanaa"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Salasanaa ei vaihdettu"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "HUONO SALASANA: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr " %a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " koneelta %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " päätteellä %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Viimeinen kirjautuminen:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Tervetuloa uudella käyttäjätilillä!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Liian monta kirjautumista '%s'."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Ei postia."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Sinulle on uutta postia."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Sinulla on vanha posti."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Sinulle on postia."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "Sinulla ei ole postia kansiossa %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "Sinulla on postia kansiossa %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "Sinulla on vanhaa postia kansiossa %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "Sinulla on postia kansiossa %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Oletusympäristösi on %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Haluatko valita toisen? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Anna valinnan numero: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Haluatko valita tietoturvaympäristön? [y] "
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "rooli: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "tyyppi: "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "taso: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Ei kelvollinen tietoturvaympäristö"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Tietoturvaympäristö %s asetettiin"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "PAM:in valmistelu epäonnistui\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "pam_set_item() kutsu epäonnistui\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "sisäänkirjautuminen: virhe haarautumisessa: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "Vaihdetaan STRESS-salasana "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Anna uusi STRESS-salasana: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Anna uusi STRESS-salasana uudelleen: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Salasanat eivät ole samat; salasanaa ei vaihdettu"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Tunnistautumisvirhe"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Palveluvirhe"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Tuntematon käyttäjä"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Tuntematon virhe"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Väärä numero annettu valinnalle --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Tunnistamaton valinta %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file juurrutettu-tiedostonimi] [--user käyttäjätunnus] [--reset[=n]] "
+"[--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: Ei voida palauttaa kaikkia käyttäjiä ei-nolliksi\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "Käyttäjätilisi on vanhentunut; ota yhteyttä järjestelmän ylläpitäjään"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "Salasanasi täytyy vaihtaa heti (pääkäyttäjän vaatimus)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "Salasanasi täytyy vaihtaa heti (salasana vanhentunut)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Varoitus: salasanasi vanhenee %d päivässä%.2s"
+msgstr[1] "Varoitus: salasanasi vanhenee %d päivässä%.2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Varoitus: salasanasi vanhenee %d päivässä%.2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Salasana: "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "NIS-salasanaa ei voitu vaihtaa."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Salasanan tulee olla pidempi"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "Salasana on jo käytetty. Valitse toinen."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "Vaihdetaan STRESS-salasana "
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(nykyinen) UNIX salasana: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Sinun täytyy odottaa kauemmin vaihtaaksesi salasanan"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Anna uusi UNIX-salasana: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Anna uusi UNIX-salasana uudelleen: "
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "Varoitus: salasanasi vanhenee %d päivässä%.2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "dlopen() virhe"
diff --git a/Linux-PAM/po/fr.gmo b/Linux-PAM/po/fr.gmo
new file mode 100644
index 00000000..0d2c11cc
--- /dev/null
+++ b/Linux-PAM/po/fr.gmo
Binary files differ
diff --git a/Linux-PAM/po/fr.po b/Linux-PAM/po/fr.po
new file mode 100644
index 00000000..7eda0589
--- /dev/null
+++ b/Linux-PAM/po/fr.po
@@ -0,0 +1,506 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-04 08:29+0200\n"
+"Last-Translator: Novell Language <language@novell.com>\n"
+"Language-Team: Novell Language <language@novell.com>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...Temps bientôt écoulé...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Votre temps est épuisé !\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "erreurs de conversation (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "login : "
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Succès"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Erreur critique - abandon immédiat"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Symbole non trouvé"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Erreur dans le module de service"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Erreur système"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Erreur tampon mémoire"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Autorisation refusée"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Échec d'authentification"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr ""
+"Infos d'identification insuffisantes pour accéder aux données "
+"d'authentification"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr ""
+"Le service d'authentification n'a pas pu récupérer les infos "
+"d'authentification"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Utilisateur inconnu par le module d'authentification sous-jacent"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Nombre maximum de tentatives épuisées pour le service"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr ""
+"Le jeton d'authentification n'est plus valide ; un nouveau jeton est requis"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "Le compte de l'utilisateur a expiré"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Impossible de créer/supprimer une entrée pour la session spécifiée"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr ""
+"Le service d'authentification n'a pas pu récupérer les infos "
+"d'identification de l'utilisateur"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Infos d'identification de l'utilisateur expirées"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr ""
+"Échec lors de la définition des infos d'identification de l'utilisateur"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Aucune donnée spécifique au module présente"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Élément incorrect transmis à pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Erreur de conversation"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Erreur de manipulation du jeton d'authentification"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "Impossible de récupérer les informations d'authentification"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "Jeton d'authentification occupé"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Péremption du jeton d'authentification désactivée"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Échec du contrôle préliminaire par le service de mot de passe"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "La valeur retournée devrait être ignorée par la répartition PAM"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Module inconnu"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "Le jeton d'authentification a expiré"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Conversation en attente d'événement"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "L'application doit appeler à nouveau libpam"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Erreur PAM inconnue"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Nouveau %s%smot de passe : "
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Retapez le nouveau %s%smot de passe : "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Les mots de passe ne correspondent pas."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "est identique à l'ancien"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "est un palindrome"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "changement de casse uniquement"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "ressemble trop à l'ancien"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "est trop simple"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "est inversé"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "a déjà été utilisé"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Aucun mot de passe fourni"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Mot de passe inchangé"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "MOT DE PASSE INCORRECT : %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr " %A %e %B %Y à %H:%M:%S %Z"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " de %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " sur %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Dernière connexion :%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Bienvenue sur votre nouveau compte !"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Trop de connexions pour '%s'."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Aucun message."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Vous avez un nouveau message."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Vous avez un ancien message."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Vous avez des messages."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "Vous n'avez aucun message dans le dossier %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "Vous avez un nouveau message dans le dossier %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "Vous avez un ancien message dans le dossier %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "Vous avez des messages dans le dossier %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Votre contexte par défaut est %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Voulez-vous en choisir un autre ? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Entrer le numéro du choix :"
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Voulez-vous entrer un contexte de sécurité ? [o]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "rôle :"
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "type :"
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "niveau :"
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Contexte de sécurité non valide"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Contexte de sécurité %s attribué"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "échec d'initialisation PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "échec de pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "login : échec d'autoclonage : %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "Changement du mot de passe STRESS pour "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Entrer le nouveau mot de passe STRESS : "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Retaper le nouveau mot de passe STRESS : "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Verification erronée : mot de passe inchangé"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Erreur d'authentification"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Erreur de service"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Utilisateur inconnu"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Erreur inconnue"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Numéro incorrect attribué à --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s : Option non reconnue %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: Impossible de réinitialiser tous les utilisateurs à non-zéro\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "Votre compte a expiré. Contactez votre administrateur système"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "Vous devez changer votre mot de passe immédiatement (imposé par root)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr ""
+"Vous devez changer votre mot de passe immédiatement (mot de passe périmé)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Avertissement : votre mot de passe expire dans %d jour%.2s"
+msgstr[1] "Avertissement : votre mot de passe expire dans %d jour%.2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Avertissement : votre mot de passe expire dans %d jour%.2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Mot de passe : "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "Le mot de passe NIS n'a pas pu être changé."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Vous devez choisir un mot de passe plus long"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "Mot de passe déjà utilisé. Choisissez-en un autre."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "Changement du mot de passe STRESS pour "
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "Mot de passe UNIX (actuel) : "
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Vous devez encore attendre avant de changer votre mot de passe"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Entrez le nouveau mot de passe UNIX : "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Retapez le nouveau mot de passe UNIX : "
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "Avertissement : votre mot de passe expire dans %d jour%.2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "échec de dlopen()"
+
+#~ msgid "%s: set %s security context to %s"
+#~ msgstr "Contexte de sécurité non valide"
diff --git a/Linux-PAM/po/hu.gmo b/Linux-PAM/po/hu.gmo
new file mode 100644
index 00000000..050b422b
--- /dev/null
+++ b/Linux-PAM/po/hu.gmo
Binary files differ
diff --git a/Linux-PAM/po/hu.po b/Linux-PAM/po/hu.po
new file mode 100644
index 00000000..0ec72ab7
--- /dev/null
+++ b/Linux-PAM/po/hu.po
@@ -0,0 +1,494 @@
+# translation of Linux-pam.po to
+# translation of hu.po to
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR Linux-PAM Project.
+# Papp Zsolt <zpapp@novell.com>, 2006.
+# Keresztes Ãkos <xsak@c2.hu>, 2006.
+# Kalman Kemenczy <kkemenczy@novell.com>, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-pam\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-10-06 13:54+0200\n"
+"Last-Translator: \n"
+"Language-Team: <hu@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.4\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...Kifut az időből...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Elnézést, de az idő lejárt!\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "hibás beszélgetés (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "belépés:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Sikerült"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Kritikus hiba - azonnali leállás"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr "A modul betöltése sikertelen"
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "A szimbólum nem található"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Hiba a szervizmodulban"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Rendszerhiba"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Memóriapuffer-hiba"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Engedély megtagadva"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Hitelesítési hiba"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "Nem elegendő azonosítási adat a hitelesítési adatok eléréséhez"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "A hitelesítési szolgáltatás nem tudja lekérni a hitelesítési adatokat"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Az alsóbb szintű hitelesítési modul nem ismeri a felhasználót"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr ""
+"Elérte a szolgáltatás által engedélyezett újrapróbálkozások maximális számát"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "A hitelesítési token már nem érvényes; újra van szükség"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "A felhasználói fiók lejárt"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Nem készíthető/törölhető bejegyzés az adott munkamenethez"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr ""
+"A hitelesítési szolgáltatás nem tudja lekérni a felhasználó hitelesítési "
+"adatait"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "A felhasználó hitelesítési adatai lejártak"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Hiba a felhasználó hitelesítési adatainak beállítása közben"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Nem található modulspecifikus adat"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Rossz elem lett átadva a pam_*_item() számára"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Beszélgetési hiba"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Hitelesítésitoken-kezelési hiba"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "A hitelesítési adatok nem állíthatók helyre"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "Hitelesítési token zár foglalt"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Hitelesítési token lejárat kikapcsolva"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "A jelszószolgáltatás előzetes ellenőrzésén megbukott"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "A PAM elosztónak a visszatérési értéket figyelmen kívül kell hagynia"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "A modul ismeretlen"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "A hitelesítési token lejárt"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "A beszélgetés egy eseményre várakozik"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "Az alkalmazásnak újra meg kell hívnia a libpam modult"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Ismeretlen PAM-hiba"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Az új %s%sjelszó: "
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Ãrja be újra az új %s%sjelszót: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Sajnálom, de a jelszavak nem egyeznek."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "ugyanaz, mint a régi"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "A jelszó egy palindrom"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "A jelszó csak a kis/nagybetűkben változott"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "A jelszó túl hasonló a régihez"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "A jelszó túl egyszerű"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "A jelszó át lett forgatva"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "A jelszót már használta. Válasszon egy másikat."
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Nem lett megadva jelszó"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "A jelszó nem változott"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "ROSSZ JELSZÓ: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr "%s hiba: kimeneti érték %d"
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr "%s hiba: kimeneti signal %d%s"
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr "%s hiba: ismeretlen állapot 0x%x"
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr "%Y. %b %e, %a %H:%M:%S %Z "
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " innen: %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr ", %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Utolsó belépés:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Üdvözöljük az új fiókjában!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Túl sok belépés '%s' részéről."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Nincs levél."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Új levele érkezett."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Régebbi levelei vannak."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Önnek levele van."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "%s könyvtárban nincs levél."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "%s könyvtárban új levél van."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "%s könyvtárban régi levél van."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "%s könyvtárban levelek vannak."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Az Ön alapértelmezett kontextusa: %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Kíván másikat választani? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Adja meg a kívánt lehetőség számát: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Kíván megadni egy biztonsági kontextust? [y] "
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "szerep: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "típus: "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "szint: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Nem érvényes biztonsági kontextus"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "%s biztonsági kontextus hozzárendelve"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "PAM inicializálása sikertelen\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "pam_set_item() meghiúsult\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "bejelentkezés: hiba az elágazás közben: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "STRESS jelszó megváltoztatása - "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Új STRESS jelszó: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Ãrja be mégegyszer az új STRESS jelszót: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Az ellenőrző jelszó nem egyezik; a jelszó nem került módosításra"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Hitelesítési hiba"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Szolgáltatási hiba"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Ismeretlen felhasználó"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Ismeretlen hiba"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Rossz szám lett megadva: --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Fel nem ismert paraméter (%s)\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-fájlnév] [--user felhasználónév] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: Nem állítható vissza minden felhasználó nem nullára\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "A fiók érvényessége lejárt; keresse meg a rendszergazdát"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "Azonnal meg kell változtatnia a jelszavát (a root írta elő)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "Azonnal meg kell változtatnia a jelszavát (a jelszó elévült)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Figyelmeztetés: a jelszava lejár %d nap múlva"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Figyelmeztetés: a jelszava lejár %d nap múlva"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Jelszó: "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "A NIS-jelszó nem módosítható."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Hosszabb jelszót kell választania"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "A jelszót már használta. Válasszon egy másikat."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "STRESS jelszó megváltoztatása - "
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "A (jelenlegi) UNIX jelszó: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Tovább kell várnia a jelszó módosítására"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Adja meg az új UNIX jelszót: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Ãrja be újra a UNIX jelszót: "
diff --git a/Linux-PAM/po/insert-header.sin b/Linux-PAM/po/insert-header.sin
new file mode 100644
index 00000000..b26de01f
--- /dev/null
+++ b/Linux-PAM/po/insert-header.sin
@@ -0,0 +1,23 @@
+# Sed script that inserts the file called HEADER before the header entry.
+#
+# At each occurrence of a line starting with "msgid ", we execute the following
+# commands. At the first occurrence, insert the file. At the following
+# occurrences, do nothing. The distinction between the first and the following
+# occurrences is achieved by looking at the hold space.
+/^msgid /{
+x
+# Test if the hold space is empty.
+s/m/m/
+ta
+# Yes it was empty. First occurrence. Read the file.
+r HEADER
+# Output the file's contents by reading the next line. But don't lose the
+# current line while doing this.
+g
+N
+bb
+:a
+# The hold space was nonempty. Following occurrences. Do nothing.
+x
+:b
+}
diff --git a/Linux-PAM/po/it.gmo b/Linux-PAM/po/it.gmo
new file mode 100644
index 00000000..7386ef45
--- /dev/null
+++ b/Linux-PAM/po/it.gmo
Binary files differ
diff --git a/Linux-PAM/po/it.po b/Linux-PAM/po/it.po
new file mode 100644
index 00000000..84fb8e63
--- /dev/null
+++ b/Linux-PAM/po/it.po
@@ -0,0 +1,506 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 22:05+0200\n"
+"Last-Translator: Novell Language <language@novell.com>\n"
+"Language-Team: Novell Language <language@novell.com>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...Il tempo sta per scadere...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Tempo scaduto!\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "conversazione errata (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "login:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Successo"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Errore critico - interruzione immediata"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Simbolo non trovato"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Errore in modulo di servizio"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Errore di sistema"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Errore buffer memoria"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Permesso negato"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Errore di autenticazione"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "Credenziali insufficienti per accedere ai dati di autenticazione"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr ""
+"Il servizio di autenticazione non è in grado di recuperare le informazioni "
+"di autenticazione"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Utente sconosciuto nel modulo di autenticazione sottostante"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Numero massimo di tentativi per il servizio superato"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "Token di autenticazione non più valido; richiesto uno nuovo"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "Account utente scaduto"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr ""
+"Impossibile creare/rimuovere una registrazione per la sessione specificata"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr ""
+"Il servizio di autenticazione non è in grado di recuperare le credenziali "
+"utente"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Credenziali utente scadute"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Errore impostazione credenziali utente"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Dati specifici del modulo non presenti"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Elemento errato passato a pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Errore conversazione"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Errore manipolazione token autenticazione"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "Impossibile ripristinare informazioni autenticazione"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "Blocco token autenticazione occupato"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Aging token autenticazione disabilitato"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Errore controllo preliminare per servizio parola d'ordine"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "Il valore restituito deve essere ignorato da dispatch PAM"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Modulo sconosciuto"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "Token autenticazione scaduto"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Conversazione in attesa di evento"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "L'applicazione richiede chiamata a libpam"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Errore PAM sconosciuto"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Nuova parola d'ordine%s%s:"
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Reimmettere la nuova parola d'ordine%s%s:"
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Le parole d'ordine non corrispondono."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "è la stessa di quella precedente"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "è un palindromo"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "cambiano solo le maiuscole/minuscole"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "è troppo simile alla precedente"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "è troppo semplice"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "è alternata"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "è già stata utilizzata"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Nessuna parola d'ordine fornita"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Parola d'ordine non modificata"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "PAROLA D'ORDINE ERRTATA: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr "%a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr "da %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr "in %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Ultimo login:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Nuovo conto."
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Ci sono troppi login per '%s'."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Nessuna e-mail."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Nuova e-mail."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "E-mail vecchie."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "E-mail esistenti."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "La cartella %s non contiene alcuna e-mail."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "La cartella %s non contiene alcuna e-mail nuova."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "La cartella %s non contiene alcuna e-mail vecchia."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "La cartella %s contiene e-mail."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Il contesto di default è %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Sceglierne un altro? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Immettere il numero di scelta:"
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Immettere un contesto di sicurezza? [s]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "ruolo:"
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "tipo:"
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "livello:"
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Non è un contesto di sicurezza valido"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Contesto di sicurezza %s assegnato"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "impossibile inizializzare PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "impossibile pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "login: errore forking: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "Cambio parola d'ordine STRESS per"
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Immettere nuova parola d'ordine STRESS:"
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Ridigitare nuova parola d'ordine STRESS:"
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Errore digitazione verifica; parola d'ordine non cambiata"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Errore di autenticazione"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Errore servizio"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Utente sconosciuto"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Errore sconosciuto"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Numero errato fornito a --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Opzione non riconosciuta %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr ""
+"%s: Impossibile ripristinare tutti gli utenti a valori diversi da zero\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "Account scaduto; contattare l'amministratore di sistema"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr ""
+"È richiesta la modifica immediata della parola d'ordine (applicato da root)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr ""
+"È richiesta la modifica immediata della parola d'ordine (parola d'ordine "
+"obsoleta)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Avviso: la parola d'ordine scadrà tra %d giorni%.2s"
+msgstr[1] "Avviso: la parola d'ordine scadrà tra %d giorni%.2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Avviso: la parola d'ordine scadrà tra %d giorni%.2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Parola d'ordine:"
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "[f1]Impossibile modificare parola d'ordine NIS."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Scegliere una parola d'ordine più lunga"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "Parola d'ordine già utilizzata. Sceglierne un'altra."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "Cambio parola d'ordine STRESS per"
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "Parola d'ordine UNIX (corrente):"
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Attendere ancora per cambiare la parola d'ordine "
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Immettere nuova parola d'ordine UNIX:"
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Reimmettere la nuova parola d'ordine UNIX:"
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "Avviso: la parola d'ordine scadrà tra %d giorni%.2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "errore dlopen()"
+
+#~ msgid "%s: set %s security context to %s"
+#~ msgstr "Non è un contesto di sicurezza valido"
diff --git a/Linux-PAM/po/ja.gmo b/Linux-PAM/po/ja.gmo
new file mode 100644
index 00000000..16b16f5e
--- /dev/null
+++ b/Linux-PAM/po/ja.gmo
Binary files differ
diff --git a/Linux-PAM/po/ja.po b/Linux-PAM/po/ja.po
new file mode 100644
index 00000000..53f48966
--- /dev/null
+++ b/Linux-PAM/po/ja.po
@@ -0,0 +1,499 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 22:00+0200\n"
+"Last-Translator: Novell Language <language@novell.com>\n"
+"Language-Team: Novell Language <language@novell.com>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...時間ãŒåˆ‡ã‚Œã‹ã‹ã£ã¦ã„ã¾ã™...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...時間切れã§ã™ã€‚\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "誤ã£ãŸä¼šè©±(%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "ログイン::"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "æˆåŠŸ"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "致命的エラー - ç›´ã¡ã«ä¸­æ­¢ã—ã¦ãã ã•ã„"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "記å·ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "サービスモジュールã®ã‚¨ãƒ©ãƒ¼"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "システムエラー"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "メモリãƒãƒƒãƒ•ã‚¡ã‚¨ãƒ©ãƒ¼"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "æ‹’å¦ã•ã‚ŒãŸãƒ‘ーミッション"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "èªè¨¼å¤±æ•—"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "èªè¨¼ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹è³‡æ ¼èªå®šãŒã‚ã‚Šã¾ã›ã‚“"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "èªè¨¼ã‚µãƒ¼ãƒ“スãŒèªè¨¼æƒ…報を検索ã§ãã¾ã›ã‚“"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "基礎ã¨ãªã‚‹èªè¨¼ãƒ¢ã‚¸ãƒ¥ãƒ¼ãƒ«ã‚’知らãªã„ユーザ"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "サービスã®æœ€å¤§è©¦è¡Œå›žæ•°ã«é”ã—ã¾ã—ãŸ"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "èªè¨¼ãƒˆãƒ¼ã‚¯ãƒ³ã¯ã‚‚ã¯ã‚„有効ã§ã¯ã‚ã‚Šã¾ã›ã‚“。新ã—ã„èªè¨¼ãƒˆãƒ¼ã‚¯ãƒ³ãŒå¿…è¦ã§ã™"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "ユーザアカウントã®æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¾ã—ãŸ"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "指定ã—ãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã«å¯¾ã™ã‚‹ã‚¨ãƒ³ãƒˆãƒªã‚’作æˆ/削除ã§ãã¾ã›ã‚“"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "èªè¨¼ã‚µãƒ¼ãƒ“スãŒãƒ¦ãƒ¼ã‚¶è³‡æ ¼èªå®šã‚’検索ã§ãã¾ã›ã‚“"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "ユーザ資格èªå®šã®æœ‰åŠ¹æœŸé™åˆ‡ã‚Œ"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "ユーザ資格èªå®šã®è¨­å®šã«å¤±æ•—ã—ã¾ã—ãŸ"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "モジュール固有データãŒã‚ã‚Šã¾ã›ã‚“"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "pam_*_item()ã«æ¸¡ã•ã‚ŒãŸä¸æ­£é …ç›®"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "会話エラー"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "èªè¨¼ãƒˆãƒ¼ã‚¯ãƒ³æ“作エラー"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "èªè¨¼æƒ…報を回復ã§ãã¾ã›ã‚“"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "èªè¨¼ãƒˆãƒ¼ã‚¯ãƒ³ã‚’ロック中ã§ã™"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "èªè¨¼ãƒˆãƒ¼ã‚¯ãƒ³ã‚¨ãƒ¼ã‚¸ãƒ³ã‚°ãŒç„¡åŠ¹ã§ã™"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "パスワードサービスã«ã‚ˆã‚‹äºˆå‚™ãƒã‚§ãƒƒã‚¯ã«å¤±æ•—ã—ã¾ã—ãŸ"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "戻り値ã¯PAMタスク指åã«ã‚ˆã‚Šç„¡è¦–ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "モジュールãŒä¸æ˜Žã§ã™"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "èªè¨¼ãƒˆãƒ¼ã‚¯ãƒ³ã®æœ‰åŠ¹æœŸé™åˆ‡ã‚Œã§ã™"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "会話ã¯ã‚¤ãƒ™ãƒ³ãƒˆã‚’å¾…ã£ã¦ã„ã¾ã™"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "アプリケーションã¯libpamã‚’å†ã³å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "ä¸æ˜ŽãªPAMエラー"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "æ–°ã—ã„%s%sパスワード:"
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "æ–°ã—ã„%s%sパスワードをå†å…¥åŠ›ã—ã¦ãã ã•ã„:"
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "パスワードãŒä¸€è‡´ã—ã¾ã›ã‚“。"
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "パスワードãŒå¤ã„ã‚‚ã®ã¨åŒã˜ã§ã™ã€‚"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "å‰å¾Œã©ã¡ã‚‰ã‹ã‚‰èª­ã‚“ã§ã‚‚åŒã˜ãƒ‘スワードã§ã™ã€‚"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "大文字å°æ–‡å­—を変ãˆãŸã ã‘ã®ãƒ‘スワード"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "å¤ã„ã‚‚ã®ã¨ä¼¼ã¦ã„ã¾ã™"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "ç°¡å˜ã™ãŽã¾ã™"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "回転ã—ã¦ã„ã¾ã™"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "パスワードã¯ã™ã§ã«ä½¿ç”¨ã•ã‚Œã¦ã„ã¾ã™ã€‚"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "パスワードãŒä¸Žãˆã‚‰ã‚Œã¦ã„ã¾ã›ã‚“"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "パスワードãŒå¤‰æ›´ã•ã‚Œã¦ã„ã¾ã›ã‚“"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "よããªã„パスワード: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr "%a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " %.*sã‹ã‚‰é–‹å§‹"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr "日時 %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "最終ログイン:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "æ–°ã—ã„アカウントã¸ã‚ˆã†ã“ã。"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "'%s'ã®ãƒ­ã‚°ã‚¤ãƒ³æ•°ãŒå¤šã™ãŽã¾ã™ã€‚"
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "メールãŒã‚ã‚Šã¾ã›ã‚“。"
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "æ–°ã—ã„メールãŒã‚ã‚Šã¾ã™ã€‚"
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "å¤ã„メールãŒã‚ã‚Šã¾ã™ã€‚"
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "メールãŒã‚ã‚Šã¾ã™ã€‚"
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "フォルダ%sã«ãƒ¡ãƒ¼ãƒ«ãŒã‚ã‚Šã¾ã›ã‚“。"
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "フォルダ%sã«æ–°ã—ã„メールãŒã‚ã‚Šã¾ã™ã€‚"
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "フォルダ%sã«å¤ã„メールãŒã‚ã‚Šã¾ã™ã€‚"
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "フォルダ%sã«ãƒ¡ãƒ¼ãƒ«ãŒã‚ã‚Šã¾ã™ã€‚"
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "デフォルトã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¯%sã§ã™ã€‚ \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "ç•°ãªã‚‹ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’é¸æŠžã—ã¾ã™ã‹? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "é¸æŠžã®ç•ªå·ã‚’入力ã—ã¦ãã ã•ã„:"
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "セキュリティコンテキストを入力ã—ã¾ã™ã‹? [y]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "役割:"
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "タイプ:"
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "レベル:"
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "有効ãªã‚»ã‚­ãƒ¥ãƒªãƒ†ã‚£ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã§ã‚ã‚Šã¾ã›ã‚“"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "割り当ã¦ã‚‰ã‚ŒãŸã‚»ã‚­ãƒ¥ãƒªãƒ†ã‚£ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆ%s"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "PAMã®åˆæœŸåŒ–ã«å¤±æ•—ã—ã¾ã—ãŸ\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "pam_set_item()ã«å¤±æ•—ã—ã¾ã—ãŸ\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "ログイン: ã„ã¾ã„ã¾ã—ã„失敗: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "STRESSパスワードã®å¤‰æ›´å…ƒ"
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "æ–°ã—ã„STRESSパスワードを入力ã—ã¦ãã ã•ã„:"
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "æ–°ã—ã„STRESSパスワードをå†å…¥åŠ›ã—ã¦ãã ã•ã„:"
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "ミスタイプã®ç¢ºèªã€ãƒ‘スワードãŒå¤‰æ›´ã•ã‚Œã¦ã„ã¾ã›ã‚“"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "èªè¨¼ã‚¨ãƒ©ãƒ¼"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "サービスエラー"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "ä¸æ˜Žãªãƒ¦ãƒ¼ã‚¶"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "ä¸æ˜Žãªã‚¨ãƒ©ãƒ¼"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: ä¸æ­£ç•ªå·ãŒ--reset=ã«ä¸Žãˆã‚‰ã‚Œã¾ã—ãŸ\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: 未èªè­˜ã‚ªãƒ—ション%s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ã‚’éžã‚¼ãƒ­ã«ãƒªã‚»ãƒƒãƒˆã§ãã¾ã›ã‚“\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr ""
+"アカウントã®æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¾ã—ãŸã€‚システム管ç†è€…ã«ãŠå•ã„åˆã‚ã›ãã ã•ã„。"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "パスワードを直ã¡ã«å¤‰æ›´ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™(強制ã•ã‚ŒãŸãƒ«ãƒ¼ãƒˆ)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "パスワードを直ã¡ã«å¤‰æ›´ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™(å¤ã„パスワード)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "警告: パスワードã¯%dæ—¥ã§æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¾ã™ã€‚%.2s"
+msgstr[1] "警告: パスワードã¯%dæ—¥ã§æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¾ã™ã€‚%.2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "警告: パスワードã¯%dæ—¥ã§æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¾ã™ã€‚%.2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "パスワード:"
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "NISパスワードを変更ã§ãã¾ã›ã‚“ã§ã—ãŸã€‚"
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "é•·ã„パスワードをé¸æŠžã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr ""
+"パスワードã¯ã™ã§ã«ä½¿ç”¨ã•ã‚Œã¦ã„ã¾ã™ã€‚ 別ã®ãƒ‘スワードをé¸æŠžã—ã¦ãã ã•ã„。"
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "STRESSパスワードã®å¤‰æ›´å…ƒ"
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "ç¾åœ¨ã®UNIXパスワード:"
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "パスワードを変更ã™ã‚‹ã«ã¯é•·ãå¾…ã¤å¿…è¦ãŒã‚ã‚Šã¾ã™"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "æ–°ã—ã„UNIXパスワードを入力ã—ã¦ãã ã•ã„:"
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "æ–°ã—ã„UNIX パスワードをå†å…¥åŠ›ã—ã¦ãã ã•ã„:"
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "警告: パスワードã¯%dæ—¥ã§æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¾ã™ã€‚%.2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "dlopen()失敗"
+
+#~ msgid "%s: set %s security context to %s"
+#~ msgstr "有効ãªã‚»ã‚­ãƒ¥ãƒªãƒ†ã‚£ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã§ã‚ã‚Šã¾ã›ã‚“"
diff --git a/Linux-PAM/po/km.gmo b/Linux-PAM/po/km.gmo
new file mode 100644
index 00000000..44269815
--- /dev/null
+++ b/Linux-PAM/po/km.gmo
Binary files differ
diff --git a/Linux-PAM/po/km.po b/Linux-PAM/po/km.po
new file mode 100644
index 00000000..af03b8ea
--- /dev/null
+++ b/Linux-PAM/po/km.po
@@ -0,0 +1,499 @@
+# translation of Linux-PAM.po to Khmer
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Leang Chumsoben <soben@khmeros.info>, 2006.
+# Khoem Sokhem <khoemsokhem@khmeros.info>, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-03-17 10:32+0700\n"
+"Last-Translator: Khoem Sokhem <khoemsokhem@khmeros.info>\n"
+"Language-Team: Khmer <support@khmeros.info>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...អស់​ពáŸáž›...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...សូម​ទោស អ្នក​អស់​ពáŸáž›â€‹áž áž¾áž™Â !\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "សន្ទនាច្រឡំ (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "ចូល ៖"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "ជោគជáŸáž™"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "កំហុស​ធ្ងន់ធ្ងរ - បោះបង់ភ្លាមៗ"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "រក​មិន​ឃើញ​និមិážáŸ’ážâ€‹ážŸáž‰áŸ’ញា"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "កំហុស​នៅ​ក្នុង​ម៉ូឌុល​សáŸážœáž¶"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "កំហុស​ប្រពáŸáž“្ធ"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "កំហុស​សážáž·â€‹áž”ណ្ដោះ​អាសន្ន"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "សិទ្ធិ​ážáŸ’រូវ​បាន​បដិសáŸáž’"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "បរាជáŸáž™â€‹áž€áŸ’នុង​ការ​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "លិážáž·ážâ€‹ážŸáž˜áŸ’គាល់​មិន​គ្រប់គ្រាន់ដើម្បី​ចូល​ដំណើរ​ការ​ទិន្ននáŸáž™â€‹ážŠáŸ‚ល​មាន​ការ​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ"
+
+#: libpam/pam_strerror.c:60
+#, fuzzy
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "សáŸážœáž¶â€‹áž•áŸ’ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ​មិន​អាច​ទៅ​យក​ពáŸážáŸŒáž˜áž¶áž“​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ ។"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "អ្នក​ប្រើ មិន​ស្គាល់​ម៉ូឌុលផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាពážáŸ’រឹមážáŸ’រូវមូលដ្ឋាន"
+
+#: libpam/pam_strerror.c:64
+#, fuzzy
+msgid "Have exhausted maximum number of retries for service"
+msgstr "បាន​ប្រើ​អស់​ចំនួន​ព្យាយាម​អážáž·áž”រមា​សម្រាប់សáŸážœáž¶Â áŸ”"
+
+#: libpam/pam_strerror.c:66
+#, fuzzy
+msgid "Authentication token is no longer valid; new one required"
+msgstr "ážáž¼ážáž¹áž“ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ​លែង​ážáŸ’រឹមážáŸ’រូវ​ទៀážâ€‹áž áž¾áž™ ážáŸ’រូវ​ការ​ážáž¼ážáž¹áž“ážáŸ’មី​មួយ ។"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "គណនី​អ្នក​ប្រើ​បាន​ផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹áž áž¾áž™"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "មិន​អាច​បង្កើហឬ យក​ធាážáž»â€‹áž˜áž½áž™â€‹áž…áŸáž‰ សម្រាប់សមáŸáž™â€‹ážŠáŸ‚ល​បាន​បញ្ជាក់"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "សáŸážœáž¶â€‹áž•áŸ’ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ មិន​អាច​ទៅ​យក​លិážáž·ážâ€‹ážŸáž˜áŸ’គាល់របស់អ្នក​ប្រើ"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "លិážáž·ážâ€‹ážŸáž˜áŸ’គាល់របស់​អ្នក​ប្រើ​បាន​ផុážâ€‹áž€áŸ†ážŽážáŸ‹"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "បរាជáŸáž™â€‹áž€áŸ’នុង​ការ​កំណážáŸ‹â€‹áž›áž·ážáž·ážâ€‹ážŸáž˜áŸ’គាល់របស់អ្នក​ប្រើ"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "គ្មាន​ម៉ូឌុល​ទិន្ននáŸáž™áž‡áž¶áž€áŸ‹áž›áž¶áž€áŸ‹â€‹ážáŸ’រូវបង្ហាញ"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "បាន​ហុច​ធាážáž»áž˜áž·áž“​ល្អ​ទៅ​ឲ្យ to pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "កំហុស​សន្ទនា"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "កំហុស​រៀបចំ​ážáž¼ážáž¹áž“​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "áž–áŸážáŸŒáž˜áž¶áž“​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ​មិន​អាច​ážáŸ’រូវ​យកបាន​វិញ"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "ការ​ចាក់សោ​ážáž¼ážáž¹áž“​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវកំពុង​ជាប់​រវល់"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "ភាព​ចាស់​របស់​ážáž¼ážáž¹áž“​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ មិនបាន​អនុញ្ញាáž"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "ការពិនិážáŸ’យ​មើលដំបូង​ដោយ​សáŸážœáž¶â€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹áž”ាន​បរាជáŸáž™"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "ážáž˜áŸ’លៃ​ážáŸ’រឡប់​គួរážáŸ’រូវ​បាន​មិនអើពើ​ដោយ​ការ​បញ្ជូន PAM"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "មិន​ស្គាល់​ម៉ូឌុល"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "ážáž¼ážáž¹áž“ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ​បាន​ផុážâ€‹áž€áŸ†ážŽážáŸ‹"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "ការ​សន្ទនា​កំពុង​រង់ចាំ​ព្រឹážáŸ’ážáž·áž€áž¶ážšážŽáŸ"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "កម្មវិធី​ážáŸ’រូវ​ážáŸ‚​ហៅ libpam ម្ដង​ទៀáž"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "មិន​ស្គាល់​កំហុស PAM"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "ពាក្យ​សម្ងាážáŸ‹ %s%s ážáŸ’មី ៖"
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "វាយ​ពាក្យ​សម្ងាážáŸ‹ %s%s ážáŸ’មី​ឡើង​វិញ ៖"
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "សូម​ទោស ពាក្យ​សម្ងាážáŸ‹â€‹áž˜áž·áž“​ដូច​គ្នា​ឡើយ ។"
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "ដូច​គ្នា​នឹង​ពាក្យ​សម្ងាážáŸ‹â€‹áž…ាស់"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "ážáŸ’រឡប់​ចុះ​ឡើង"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "គ្រាន់​ážáŸ‚​ផ្លាស់ប្ដូរ​លក្ážážŽáŸˆâ€‹áž¢áž€áŸ’សរ​ប៉ុណ្ណោះ​"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "ស្រដៀង​គ្នា​ណាស់​នឹង​ពាក្យ​សម្ងាážáŸ‹â€‹áž…ាស់"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "សាមញ្ញ​ពáŸáž€"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "បាន​បង្វិល"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "បាន​ប្រើ​រួច​ហើយ"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "មិន​បាន​ផ្ដល់​ពាក្យសម្ងាážáŸ‹"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "ពាក្យសម្ងាážáŸ‹â€‹áž˜áž·áž“​បាន​ផ្លាស់ប្ដូរ​ឡើយ"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹áž˜áž·áž“​ល្អ ៖ %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr " %a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " ពី %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " លើ %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "ចូល​ចុងក្រោយ ៖%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "សូម​ស្វាគមនáŸâ€‹áž˜áž€â€‹áž€áž¶áž“់​គណនី​ážáŸ’មី​របស់​អ្នក !"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "មាន​ការ​ចូល​ច្រើន​ពáŸáž€â€‹ážŸáž˜áŸ’រាប់ '%s' ។"
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "គ្មាន​សំបុážáŸ’រ ។"
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "អ្នក​មាន​សំបុážáŸ’រ​ážáŸ’មី ។"
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "អ្នក​មាន​សំបុážáŸ’រ​ចាស់ ។"
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "អ្នក​មាន​សំបុážáŸ’រ ។"
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "អ្នក​គ្មានសំបុážáŸ’រនៅ​ក្នុង​ážáž %s ។"
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "អ្នក​មាន​សំបុážáŸ’រ​ážáŸ’មី​នៅ​ក្នុង​ážáž %s ។"
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "អ្នក​មាន​សំបុážáŸ’រ​ចាស់​នៅ​ក្នុង​ážáž %s ។"
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "អ្នក​មាន​សំបុážáŸ’រ​នៅ​ក្នុង​ážáž %s ។"
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "បរិបទ​លំនាំដើម​របស់​អ្នក​គឺ %s ។ \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "ážáž¾â€‹áž¢áŸ’នក​ចង់​ជ្រើស​មួយ​ទៀážâ€‹áž‘áŸÂ ? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "បញ្ចូល​លáŸážâ€‹áž‡áž˜áŸ’រើស ៖ "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "ážáž¾â€‹áž¢áŸ’នក​ចង់​បញ្ចូល​បរិបទ​សុវážáŸ’ážáž·áž—ាព​មួយ​ឬ​ទáŸÂ ? [y] "
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "ážáž½áž“ាទី ៖ "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "ប្រភáŸáž‘ ៖ "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "កម្រិážÂ áŸ– "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "មិន​មែន​ជា​បរិបទ​សុវážáŸ’ážáž·áž—ាព​ážáŸ’រឹមážáŸ’រូវ​មួយឡើយ"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "បរិបទ​សុវážáŸ’ážáž·áž—ាព %s បាន​ផ្ដល់​ážáž˜áŸ’លៃ​"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "បាន​បរាជáŸáž™â€‹áž€áŸ’នុង​ការ​ចាប់ផ្ដើម PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "បាន​បរាជáŸáž™ pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "ចូល ៖ ចម្លង​ážáŸ’លួន​ឯង​មិន​បាន​ជោគជáŸáž™Â áŸ– %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "ការ​ផ្លាស់ប្ដូរ​ពាក្យ​សម្ងាážáŸ‹ STRESS សម្រាប់ "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "បញ្ចូល​ពាក្យ​សម្ងាážáŸ‹ STRESS ážáŸ’មី ៖ "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "វាយ​ពាក្យ​សម្ងាážáŸ‹ STRESS ážáŸ’មី​ម្ដង​ទៀážÂ áŸ– "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "ផ្ទៀងផ្ទាážáŸ‹â€‹áž¢áž€áŸ’ážážšáž¶ážœáž·ážšáž»áž‘្ធ​ដែល​បាន​វាយážáž»ážŸ ពាក្យ​សម្ងាážáŸ‹â€‹áž˜áž·áž“​បានផ្លាស់ប្ដូរ​"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "កំហុស​ក្នុង​ការ​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវ"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "កំហុស​សáŸážœáž¶"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "មិន​ស្គាល់​អ្នក​ប្រើ"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "មិន​ស្គាល់​កំហុស"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s ៖ áž›áŸážâ€‹áž˜áž·áž“​ល្អ​បាន​ផ្ដល់​ទៅ --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s ៖ ជម្រើស​ដែល​មិន​ស្គាល់ %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s ៖ [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s ៖ មិន​អាច​កំណážáŸ‹â€‹áž¢áŸ’នក​ប្រើ​ទាំងអស់​ទៅ​មិនមែន​សូន្យ​ឡើងវិញ​បានទáŸ\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "គណនី​របស់​អ្នក​បាន​ផុážáž€áŸ†ážŽážáŸ‹â€‹áž áž¾áž™ សូម​ទាក់ទង​អ្នក​គ្រប់គ្រង​ប្រពáŸáž“្ធ​របស់​អ្នក"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "អ្នក​ážáŸ’រូវ​ážáŸ‚​ផ្លាស់ប្ដូរ​ពាក្យសម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក​ឥឡូវ​នáŸáŸ‡ (root បាន​ចáŸáž‰â€‹áž”ញ្ជា)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "អ្នក​ážáŸ’រូវ​ážáŸ‚​ផ្លាស់ប្ដូរ​ពាក្យសម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក​ឥឡូវ​នáŸáŸ‡ (ពាក្យសម្ងាážáŸ‹â€‹áž…ាស់​ហើយ)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "ការ​ព្រមាន ៖ ពាក្យសម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក​នឹង​ផុážáž€áŸ†ážŽážáŸ‹â€‹áž€áŸ’នុង​រយៈពáŸáž› %d ážáŸ’ងៃ %.2s ។"
+msgstr[1] "ការ​ព្រមាន ៖ ពាក្យសម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក​នឹង​ផុážáž€áŸ†ážŽážáŸ‹â€‹áž€áŸ’នុង​រយៈពáŸáž› %d ážáŸ’ងៃ %.2s ។"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "ការ​ព្រមាន ៖ ពាក្យសម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក​នឹង​ផុážáž€áŸ†ážŽážáŸ‹â€‹áž€áŸ’នុង​រយៈពáŸáž› %d ážáŸ’ងៃ %.2s ។"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "ពាក្យសម្ងាážáŸ‹Â áŸ– "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "មិន​អាច​ផ្លាស់ប្ដូរ​ពាក្យសម្ងាážáŸ‹ NIS បាន​ឡើយ ។"
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "អ្នក​ážáŸ’រូវ​ážáŸ‚​ជ្រើស​ពាក្យសម្ងាážáŸ‹â€‹ážœáŸ‚ង​ជាង​នáŸáŸ‡"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "ពាក្យសម្ងាážáŸ‹â€‹ážáŸ’រូវ​បាន​ប្រើ​រួច​ហើយ ។ សូម​ជ្រើស​មួយ​ទៀážÂ áŸ”"
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "ការ​ផ្លាស់ប្ដូរ​ពាក្យ​សម្ងាážáŸ‹ STRESS សម្រាប់ "
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(បច្ចុប្បន្ន) ពាក្យ​សម្ងាážáŸ‹ UNIX ៖"
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "អ្នក​ážáŸ’រូវ​ážáŸ‚​រង់ចាំ​បន្ážáž·áž… ដើម្បី​ផ្លាស់ប្ដូរ​ពាក្យសម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "បញ្ចូល​ពាក្យ​សម្ងាážáŸ‹ UNIX ážáŸ’មី ៖ "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "វាយ​ពាក្យ​សម្ងាážáŸ‹ UNIX ážáŸ’មី​ម្ដង​ទៀážÂ áŸ– "
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "ការ​ព្រមាន ៖ ពាក្យសម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក​នឹង​ផុážáž€áŸ†ážŽážáŸ‹â€‹áž€áŸ’នុង​រយៈពáŸáž› %d ážáŸ’ងៃ %.2s ។"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "បរាជáŸáž™ dlopen()"
diff --git a/Linux-PAM/po/nb.gmo b/Linux-PAM/po/nb.gmo
new file mode 100644
index 00000000..01e80915
--- /dev/null
+++ b/Linux-PAM/po/nb.gmo
Binary files differ
diff --git a/Linux-PAM/po/nb.po b/Linux-PAM/po/nb.po
new file mode 100644
index 00000000..f260c5b4
--- /dev/null
+++ b/Linux-PAM/po/nb.po
@@ -0,0 +1,494 @@
+# translation of Linux-PAM.po to
+# Olav Pettershagen <olav.pet@online.no>, 2005, 2006.
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR Linux-PAM Project.
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 22:04+0200\n"
+"Last-Translator: Olav Pettershagen <olav.pet@online.no>\n"
+"Language-Team: <nb@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.2\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...Tiden er i ferd med utløpe..\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Beklager, tiden er utløpt!\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "mislykket dialog (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "logg inn:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Utført"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Kritisk feil - avbryter straks"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Symbol ikke funnet"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Feil i tjenestemodul"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Systemfeil"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Minnebufferfeil"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Tillatelse avvist"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Autentiseringsfeil"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "Utilstrekkelige rettigheter for tilgang til autentiseringsinformasjon"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "Autentiseringstjenesten kan ikke hente autentiseringsinformasjon"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Bruker ukjent for autentiseringsmodul"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Maksimalt antall forsøk er overskredet for tjenesten"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "Autentiseringsjide ikke lenger gyldig; ny kode kreves"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "Brukerkonto er utløpt"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Kan ikke opprette/fjerne en oppføring for den valgte økten"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "Autentiseringstjenesten kan ikke hente brukerrettigheter"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Brukerrettigheter utløpt"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Feil under definisjon av brukerrettigheter"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Nei modulspesifikk informasjon finnes"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Ugyldig oppføring angitt for pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Dialogfeil"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Manipulasjonsfeil for autentiseringskode"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "Autentiseringsinformasjon kan ikke gjenopprettes"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "LÃ¥sing av autentiseringskode opptatt"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Tidsbegrensning av autentiseringskode deaktivert"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Passordtjenestens innledende kontroll mislyktes"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "Resultatverdien bør ignoreres av PAM"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Modulen er ukjent"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "Autentiseringskode utløpt"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Dialogen venter på hendelse"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "Programmet må spørre libpam på nytt"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Ukjent PAM-feil"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Nytt %s%spassord: "
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Bekreft nytt %s%s-passord: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Beklager, ikke samsvar mellom passord."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "er det samme som det gamle"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "er et palindrom"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "kun endring av små/store bokstaver"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "er for likt det gamle"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "er for enkelt"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "er rotert"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "er allerede benyttet"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Passord ikke angitt"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Passord uendret"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "SVAKT PASSORD: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr " %a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " fra %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " på %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Siste innlogging:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Velkommen til din nye konto!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "For mange innlogginger for '%s'."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Ingen e-post."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Du har fått ny e-post."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Du har ulest e-post."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Du har fått e-post."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "Du har ingen e-post i mappen %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "Du har ny e-post i mappen %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "Du har ulest e-post i mappen %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "Du har e-post i mappen %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Din standardkontekst er %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Vil du velge en annen? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Angi et tall: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Vil du angi en sikkerhetskontekst? [y] "
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "rolle: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "type: "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "nivå: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Ikke en gyldig sikkerhetskontekst"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Sikkerhetskontekst %s tilordnet"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "kunne ikke initialisere PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "kunne ikke pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "login: feil under forgrening: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "Endrer STRESS-passord for "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Angi nytt STRESS-passord: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Bekreft nytt STRESS-passord: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Bekreftelse feil skrevet; passord uendret"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Autentiseringsfeil"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Tjenestefeil"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Ukjent bruker"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Ukjent feil"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Ugyldig tall angitt for --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Ukjent valg %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-filnavn] [--user brukernavn] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: Kan ikke tilbakestille alle brukere til non-zero\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "Din konto er utløpt; kontakt systemadministratoren"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "Du må straks endre passordet ditt (ordre fra rot)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "Du må straks endre passordet ditt (passord for gammelt)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Advarsel: passordet ditt vil utløpe om %d dager%.2s"
+msgstr[1] "Advarsel: passordet ditt vil utløpe om %d dager%.2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Advarsel: passordet ditt vil utløpe om %d dager%.2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Passord: "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "NIS-passord kunne ikke endres."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Du må velge et lengre passord"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "Passordet er allerede benyttet. Velg et annet."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "Endrer STRESS-passord for "
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(gjeldende) UNIX-passord: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Du må vente lenger før du kan endre passordet"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Angi nytt UNIX-passord: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Bekreft nytt UNIX-passord: "
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "Advarsel: passordet ditt vil utløpe om %d dager%.2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "dlopen()-feil"
diff --git a/Linux-PAM/po/nl.gmo b/Linux-PAM/po/nl.gmo
new file mode 100644
index 00000000..76c40d46
--- /dev/null
+++ b/Linux-PAM/po/nl.gmo
Binary files differ
diff --git a/Linux-PAM/po/nl.po b/Linux-PAM/po/nl.po
new file mode 100644
index 00000000..5f11c4ee
--- /dev/null
+++ b/Linux-PAM/po/nl.po
@@ -0,0 +1,496 @@
+# translation of Linux-PAM.nl.po to Dutch
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR Linux-PAM Project.
+#
+# Rinse de Vries <rinsedevries@kde.nl>, 2005, 2006.
+# R.F. Pels <ruurd@tiscali.nl>, 2005.
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM.nl\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 22:02+0200\n"
+"Last-Translator: Rinse de Vries <rinsedevries@kde.nl>\n"
+"Language-Team: Dutch <kde-i18n-nl@kde.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.1\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...De tijd is aan het verlopen...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Helaas, uw tijd is verlopen!\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "foute conversatie (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "gebruikersnaam:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Succes"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Kritieke fout - onmiddellijk gestopt"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Symbool niet gevonden"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Fout in servicemodule"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Systeemfout"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Fout in geheugenbuffer"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Toegang geweigerd"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Verificatiefout"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "Onvoldoende credenties om verificatiegegevens te benaderen"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "Verificatieservice kan geen verificatie-informatie ophalen"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Gebruiker onbekend bij de onderliggende verificatiemodule"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Maximum aantal herhalingen overschreden voor de dienst"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "Authentication token is niet langer geldig. Nieuwe is vereist"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "Gebruikersaccount is verlopen"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Kan een item niet aanmaken/verwijderen voor de opgegeven sessie"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "Verificatieservice kan gebruikerscredenties niet ophalen"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Gebruikerscredenties verlopen"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Fout tijdens het instellen van gebruikerscredenties"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Geen modulespecifieke gegevens aanwezig"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Onjuist item doorgegeven aan pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Conversatiefout"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Fout bij manipulatie van verificatietoken"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "Verificatie-informatie kan niet worden hersteld"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "Vergrendeling van verificatietoken is bezet"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Verouderen van verificatietoken is uitgeschakeld"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Voorlopige controle door de wachtwoorddienst mislukt"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "De terugvoerwaarde moet worden genegeerd door PAM verdeler"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Module is onbekend"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "Verificatietoken is verlopen"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Conversatie wacht op een gebeurtenis"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "Toepassing dient libpam nogmaals aan te roepen"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Onbekende PAM-fout"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Nieuw %s%s-wachtwoord: "
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Nieuw %s%s-wachtwoord herhalen: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Helaas, wachtwoorden komen niet overeen."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "is hetzelfde als het oude wachtwoord."
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "is een palindrome"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "alleen gebruik hoofd/kleine letters gewijzigd"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "lijkt teveel op oud wachtwoord"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "is te eenvoudig"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "is omgedraaid"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "is al gebruikt"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Geen wachtwoord opgegeven"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Wachtwoord is niet gewijzigd"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "SLECHT WACHTWOORD: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr ""
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " van %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " op %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Laatste keer aangemeld: %s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Welkom bij uw nieuwe account!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Te vaak aangemeld met '%s'."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Geen e-mail."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "U hebt nieuwe e-mail."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "U hebt oude e-mail."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "U hebt e-mail."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "U hebt geen e-mail in map %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "U hebt nieuwe e-mail in map %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "U hebt oude e-mail in map %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "U hebt e-mail in map %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Uw standaardcontext is %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Wilt u een andere kiezen? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Voer het gekozen getal in: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Wilt u een beveiligingscontext invoeren? [y] "
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "rol: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "type: "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "niveau: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Geen geldige beveiligingscontext"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Beveilgingscontext %s toegewezen"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "Het initialiseren van PAM is mislukt\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "pam_set_item() is mislukt\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "login: failure forking: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "STRESS-wachtwoord wijzigen voor "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Nieuw STRESS-wachtwoord invoeren: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Nieuw STRESS-wachtwoord herhalen: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Verificatie onjuist getypt. Wachtwoord blijft ongewijzigd."
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Verificatiefout"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Servicefout"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Onbekende gebruiker"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Onbekende fout"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: onjuist getal gegeven aan --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: niet-herkende optie %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s [--file rooted-bestandsnaam] [ --user gebruikersnaam] [--reset[=n]] [--"
+"quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: kan niet alle gebruikers terugzetten naar non-zero\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "Uw account is verlopen. Een contact op met uw systeembeheerder"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr ""
+"U dient onmiddellijk uw wachtwoord te wijzigen (op last van systeembeheerder)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr ""
+"U dient onmiddellijk uw wachtwoord te wijzigen (wachtwoord is verouderd)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Waarschuwing: uw wachtwoord zal over %d day%.2s verlopen"
+msgstr[1] "Waarschuwing: uw wachtwoord zal over %d day%.2s verlopen"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Waarschuwing: uw wachtwoord zal over %d day%.2s verlopen"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Wachtwoord: "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "NIS-wachtwoord kon niet worden gewijzigd."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Kies een langer wachtwoord"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "Dit wachtwoord is al gebruikt. Kies een ander wachtwoord."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "STRESS-wachtwoord wijzigen voor "
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(huidig) UNIX-wachtwoord: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "U moet langer wachten om uw wachtwoord te wijzigen"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Nieuw UNIX-wachtwoord invoeren: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Nieuw UNIX-wachtwoord herhalen: "
+
+#~ msgid "dlopen() failure"
+#~ msgstr "dlopen() failure"
diff --git a/Linux-PAM/po/pa.gmo b/Linux-PAM/po/pa.gmo
new file mode 100644
index 00000000..61840b9d
--- /dev/null
+++ b/Linux-PAM/po/pa.gmo
Binary files differ
diff --git a/Linux-PAM/po/pa.po b/Linux-PAM/po/pa.po
new file mode 100644
index 00000000..fc8b5c0b
--- /dev/null
+++ b/Linux-PAM/po/pa.po
@@ -0,0 +1,507 @@
+# translation of Linux-PAM.pa.po to Panjabi
+# translation of Linux-PAM.po to Panjabi
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR Linux-PAM Project.
+# Amanpreet Singh Alam[ਆਲਮ] <amanpreetalam@yahoo.com>, 2005.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM.pa\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2005-08-06 08:34+0530\n"
+"Last-Translator: Amanpreet Singh Alam[ਆਲਮ] <amanpreetalam@yahoo.com>\n"
+"Language-Team: Panjabi <pa@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.9.1\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...ਸਮਾਂ ਸਮਾਪਤ ਹੋ ਰਿਹਾ ਹੈ...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...ਅਫ਼ਸੋਸ, ਤà©à¨¹à¨¾à¨¡à¨¾ ਸਮਾਂ ਸਮਾਪਤ ਹੋ ਗਿਆ ਹੈ!\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr ""
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr ""
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "ਸਫ਼ਲ"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "ਨਾਜ਼à©à¨• ਗਲਤੀ - ਤਰà©à©°à¨¤ ਅਧੂਰਾ ਛੱਡਿਆ"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "ਨਿਸ਼ਾਨ ਨਹੀਂ ਮਿਲਿਆ"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "ਸੇਵਾ ਮੈਡੀਊਲ ਵਿੱਚ ਗਲਤੀ"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "ਸਿਸਟਮ ਗਲਤੀ"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "ਮੈਮੋਰੀ ਬਫ਼ਰ ਗਲਤੀ"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "ਅਧਿਕਾਰ ਪਾਬੰਦੀ"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "ਪਰਮਾਣਕਿਤਾ ਫੇਲ"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr ""
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr ""
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr ""
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr ""
+
+#: libpam/pam_strerror.c:66
+#, fuzzy
+msgid "Authentication token is no longer valid; new one required"
+msgstr "ਪਰਮਾਣਕਿਤਾ ਟੋਕਨ ਦੀ ਮਿਆਦ ਪà©à©±à¨— ਚà©à©±à¨•à©€ ਹੈ"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "ਉਪਭੋਗੀ ਖਾਤੇ ਦੀ ਮਿਆਦ ਪà©à©±à¨— ਚà©à©±à¨•à©€ ਹੈ"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr ""
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr ""
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr ""
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr ""
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr ""
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr ""
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "ਤਬਦੀਲੀ ਗਲਤੀ"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr ""
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr ""
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr ""
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr ""
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr ""
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr ""
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "ਮੈਡੀਊਲ ਅਣਜਾਣ ਹੈ"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "ਪਰਮਾਣਕਿਤਾ ਟੋਕਨ ਦੀ ਮਿਆਦ ਪà©à©±à¨— ਚà©à©±à¨•à©€ ਹੈ"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr ""
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr ""
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "ਅਣਜਾਣ PAM ਗਲਤੀ"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, fuzzy, c-format
+msgid "New %s%spassword: "
+msgstr "ਗà©à¨ªà¨¤-ਕੋਡ ਨਾ-ਤਬਦੀਲ ਹੈ"
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, fuzzy, c-format
+msgid "Retype new %s%spassword: "
+msgstr "ਨਵਾਂ STRESS ਗà©à¨ªà¨¤-ਕੋਡ ਮà©à©œ-ਲਿਖੋ: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+#, fuzzy
+msgid "Sorry, passwords do not match."
+msgstr "NIS ਗà©à¨ªà¨¤-ਕੋਡ ਤਬਦੀਲ ਨਹੀਂ ਕੀਤਾ ਜਾ ਸਕਿਆ ਹੈ।"
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr ""
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+#, fuzzy
+msgid "has been already used"
+msgstr "ਗà©à¨ªà¨¤-ਕੋਡ ਪਹਿਲਾਂ ਵੀ ਵਰਤਿਆ ਗਿਆ ਹੈ। ਵੱਖਰਾ ਚà©à¨£à©‹à¥¤"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "ਕੋਈ ਗà©à¨ªà¨¤-ਕੋਡ ਨਹੀਂ ਦਿੱਤਾ ਗਿਆ"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "ਗà©à¨ªà¨¤-ਕੋਡ ਨਾ-ਤਬਦੀਲ ਹੈ"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr ""
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr ""
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr ""
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr ""
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr ""
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr ""
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "ਤà©à¨¹à¨¾à¨¡à¨¾ ਮà©à©±à¨² ਪਰਸੰਗ %s ਹੈ \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "ਕੀ ਤà©à¨¸à©€à¨‚ ਵੱਖਰੇ ਦੀ ਚੋਣ ਕਰਨੀ ਚਾਹà©à©°à¨¦à©‡ ਹੋ? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "ਚੋਣ ਦਾ ਨੰਬਰ ਦਿਓ: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "ਕੀ ਤà©à¨¸à©€à¨‚ ਇੱਕ ਸà©à¨°à©±à¨–ਿਆ ਪਰਸੰਗ ਦੇਣਾ ਚਾਹà©à©°à¨¦à©‡ ਹੋ? [y] "
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "ਰੋਲ: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "ਕਿਸਮ: "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "ਪੱਧਰ: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "ਇੱਕ ਠੀਕ ਸà©à¨°à©±à¨–ਿਆ ਪਰਸੰਗ ਨਹੀਂ"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "PAM ਸ਼à©à¨°à©‚ ਕਰਨ ਲਈ ਫੇਲ\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "pam_set_item() ਲਈ ਫੇਲ\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr ""
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "ਨਵਾਂ STRESS ਗà©à¨ªà¨¤-ਕੋਡ ਦਿਓ: "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "ਨਵਾਂ STRESS ਗà©à¨ªà¨¤-ਕੋਡ ਦਿਓ: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "ਨਵਾਂ STRESS ਗà©à¨ªà¨¤-ਕੋਡ ਮà©à©œ-ਲਿਖੋ: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr ""
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "ਪਰਮਾਣਕਿਤਾ ਗਲਤੀ"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "ਸੇਵਾ ਗਲਤੀ"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "ਅਣਜਾਣ ਉਪਭੋਗੀ"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "ਅਣਜਾਣੀ ਗਲਤੀ"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: --reset= ਲਈ ਗਲਤ ਨੰਬਰ ਦਿੱਤਾ ਗਿਆ\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: ਬੇਪਛਾਣ ਚੋਣ %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "ਸਾਵਧਾਨ: ਤà©à¨¹à¨¾à¨¡à¨¾ ਗà©à¨ªà¨¤-ਕੋਡ ਦੀ ਮਿਆਦ %d ਦਿਨ%.2s 'ਚ ਪà©à©±à¨— ਜਾਵੇਗੀ।"
+msgstr[1] "ਸਾਵਧਾਨ: ਤà©à¨¹à¨¾à¨¡à¨¾ ਗà©à¨ªà¨¤-ਕੋਡ ਦੀ ਮਿਆਦ %d ਦਿਨ%.2s 'ਚ ਪà©à©±à¨— ਜਾਵੇਗੀ।"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "ਸਾਵਧਾਨ: ਤà©à¨¹à¨¾à¨¡à¨¾ ਗà©à¨ªà¨¤-ਕੋਡ ਦੀ ਮਿਆਦ %d ਦਿਨ%.2s 'ਚ ਪà©à©±à¨— ਜਾਵੇਗੀ।"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+#, fuzzy
+msgid "Password: "
+msgstr "ਗà©à¨ªà¨¤-ਕੋਡ ਨਾ-ਤਬਦੀਲ ਹੈ"
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "NIS ਗà©à¨ªà¨¤-ਕੋਡ ਤਬਦੀਲ ਨਹੀਂ ਕੀਤਾ ਜਾ ਸਕਿਆ ਹੈ।"
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "ਤà©à¨¹à¨¾à¨¨à©‚à©° ਲੰਮੇ ਗà©à¨ªà¨¤-ਕੋਡ ਦੀ ਚੋਣ ਕਰਨੀ ਚਾਹੀਦੀ ਹੈ"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "ਗà©à¨ªà¨¤-ਕੋਡ ਪਹਿਲਾਂ ਵੀ ਵਰਤਿਆ ਗਿਆ ਹੈ। ਵੱਖਰਾ ਚà©à¨£à©‹à¥¤"
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, c-format
+msgid "Changing password for %s."
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+#, fuzzy
+msgid "Enter new UNIX password: "
+msgstr "ਨਵਾਂ STRESS ਗà©à¨ªà¨¤-ਕੋਡ ਦਿਓ: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+#, fuzzy
+msgid "Retype new UNIX password: "
+msgstr "ਨਵਾਂ STRESS ਗà©à¨ªà¨¤-ਕੋਡ ਮà©à©œ-ਲਿਖੋ: "
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "ਸਾਵਧਾਨ: ਤà©à¨¹à¨¾à¨¡à¨¾ ਗà©à¨ªà¨¤-ਕੋਡ ਦੀ ਮਿਆਦ %d ਦਿਨ%.2s 'ਚ ਪà©à©±à¨— ਜਾਵੇਗੀ।"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "dlopen() ਫੇਲ"
+
+#, fuzzy
+#~ msgid "%s: set %s security context to %s"
+#~ msgstr "ਇੱਕ ਠੀਕ ਸà©à¨°à©±à¨–ਿਆ ਪਰਸੰਗ ਨਹੀਂ"
diff --git a/Linux-PAM/po/pl.gmo b/Linux-PAM/po/pl.gmo
new file mode 100644
index 00000000..0be86c2a
--- /dev/null
+++ b/Linux-PAM/po/pl.gmo
Binary files differ
diff --git a/Linux-PAM/po/pl.po b/Linux-PAM/po/pl.po
new file mode 100644
index 00000000..45f867e7
--- /dev/null
+++ b/Linux-PAM/po/pl.po
@@ -0,0 +1,500 @@
+# translation of Linux-PAM.po to
+# translation of Linux-PAM.po to polski
+# Polish message file for YaST2 (@memory@).
+# Copyright (C) 2003, 2006 SuSE Linux AG.
+# Stanisław Małolepszy <smalolepszy@aviary.pl>, 2006.
+# Wojciech Kapusta <wojciech@aviary.pl>, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 21:58+0200\n"
+"Last-Translator: Wojciech Kapusta <wojciech@aviary.pl>\n"
+"Language-Team: <pl@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 "
+"|| n%100>=20) ? 1 : 2;\n"
+"X-Generator: KBabel 1.9.1\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...czas mija...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "... czas minÄ…Å‚.\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "błędna konwersacja (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "login:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Powiodło się"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "BÅ‚Ä…d krytyczny - natychmiastowe przerwanie"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Symbol nie znaleziony"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Błąd w module usługi"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "BÅ‚Ä…d systemowy"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Błąd buforowania pamięci"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Brak dostępu"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Nieudana autoryzacja"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "Niedostateczne uwierzytelnienie do dostępu do danych autoryzacyjnych"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "Usługa uwierzytelniania nie może uzyskać danych uwierzytelniających"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Użytkownik nieznany w module uwierzytelniania niższego poziomu"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Wykorzystana maksymalna liczba prób dla usługi"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "Bilet uwierzytelniania jest już nieważny; konieczny nowy"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "Konto użytkownika wygasło"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Nie można utworzyć/usunąć pozycji dla podanej sesji"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "Usługa uwierzytelniania nie może uzyskać uwierzytelnienia użytkownika"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Uwierzytelnienie użytkownika przeterminowało się"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Niemożna uwierzytelnić użytkownika"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Brak danych specyficznych dla modułu"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "ZÅ‚y element przekazany do pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "BÅ‚Ä…d konwersjacji"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Błąd obsługi biletu uwierzytelniania"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "Nie można odzyskać informacji uwierzytelniających"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "Zajęta blokada biletu uwierzytelniania"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Przeterminowanie biletu uwierzytelniania wyłączone"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Nieudane początkowe sprawdzenie hasła przez usługę"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "Zwrócona wartość powinna być zignorowana przez PAM"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Moduł jest nieznany"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "Bilet uwierzytelniania przeterminował się"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Oczekiwanie na zdarzenie konwersjacji"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "Aplikacja musi jeszcze raz wywołać libpam"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Nieznany błąd PAM"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Nowe hasło %s%s: "
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Powtórzenie nowego hasła %s%s: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Podane hasła nie są zgodne."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "jest identyczne ze starym"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "jest palindromem"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "ma zmienioną tylko wielkość znaków"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "jest zbyt podobne do poprzedniego"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "jest zbyt proste"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "jest obrócone"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "było już używane"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Nie podano hasła"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Hasło nie zmienione"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "ZÅE HASÅO: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr " %a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " od %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " na %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Ostatnie logowanie:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Witaj na swoim nowym koncie!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Zbyt wiele prób zalogowania na '%s'."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Brak wiadomości."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Odebrano nowe wiadomości."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Skrzynka zawiera stare wiadomości."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Odebrano wiadomości."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "Brak wiadomości w katalogu %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "Nowe wiadomości w katalogu %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "Stare wiadomości katalogu %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "Wiadomości w katalogu %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Domyślny kontekst: %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Czy powtórzyć wybieranie? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Wybrana liczba: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Czy wejść w kontekst bezpieczeństwa? [y]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "rola: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "typ:"
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "poziom: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Nieważny kontekst bezpieczeństwa"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Kontekst bezpieczeństwa %s przypisany"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "Nie można zainicjować PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "nieudane pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "login: nieudany fork: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "Zmiana hasła STRESS dla "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Nowe hasło STRESS: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Powtórzenie hasła STRESS: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Błędna weryfikacja; hasło niezmienione"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "BÅ‚Ä…d uwierzytelniania"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Błąd usługi"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Nieznany użytkownik"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Nieznany błąd"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Błędny numer podany w opcji --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Nierozpoznana opcja %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: Nie można przywrócić wszystkich użytkowników\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "Konto użytkownika wygasło ; proszę skontaktować się z administratorem"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "Należy natychmiast zmienić hasło (wymuszone przez administratora)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "Należy natychmiast zmienić hasło (hasło wygasło)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Ostrzeżenie: hasło wygaśnie za %d dni%.2s"
+msgstr[1] "Ostrzeżenie: hasło wygaśnie za %d dni%.2s"
+msgstr[2] "Ostrzeżenie: hasło wygaśnie za %d dni%.2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Ostrzeżenie: hasło wygaśnie za %d dni%.2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Hasło: "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "Nie można zmienić hasła NIS."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Proszę podać dłuższe hasło"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "Hasło było już używane. Proszę wybrać inne."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "Zmiana hasła STRESS dla "
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "Bieżące hasło UNIX:"
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Proszę poczekać dłużej aby zmienić hasło"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Nowe hasło UNIX: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Powtórzenie hasła UNIX: "
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "Ostrzeżenie: hasło wygaśnie za %d dni%.2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "nieudane dlopen()"
diff --git a/Linux-PAM/po/pt.gmo b/Linux-PAM/po/pt.gmo
new file mode 100644
index 00000000..b824af0c
--- /dev/null
+++ b/Linux-PAM/po/pt.gmo
Binary files differ
diff --git a/Linux-PAM/po/pt.po b/Linux-PAM/po/pt.po
new file mode 100644
index 00000000..5b4e9ecc
--- /dev/null
+++ b/Linux-PAM/po/pt.po
@@ -0,0 +1,500 @@
+# translation of Linux-PAM-pt.po to portuguese
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR Linux-PAM Project.
+# Antonio Cardoso Martins <digiplan@netvisao.pt>, 2005, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM.pt\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 21:54+0200\n"
+"Last-Translator: Antonio Cardoso Martins <digiplan@netvisao.pt>\n"
+"Language-Team: portuguese\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.10.2\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...O tempo está a esgotar-se...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Lamento, o seu tempo esgotou-se!\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "conversação errónea (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "login:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Sucesso"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Erro crítico - interrupção imediata"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Símbolo não encontrado"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Erro no módulo do serviço"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Erro de sistema"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Erro de buffer de memória"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Permissão negada"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Falha de autenticação"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "Credenciais insuficientes para aceder aos dados de autenticação"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "O serviço de autenticação não pode obter informação de autenticação"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Utilizador desconhecido para o módulo de autenticação subjacente"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Esgotou o número máximo de tentativas para o serviço"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "O testemunho de autenticação já não é válido; é necessário um novo"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "A conta de utilizador expirou"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Não é possível criar/remover uma entrada para a sessão especificada"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr ""
+"O serviço de autenticação não consegue obter as credenciais do utilizador"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "As credenciais do utilizador expiraram"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Falha na definição das credenciais do utilizador"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Não está presente os dados específicos do módulo"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Item incorrecto passado para pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Erro de conversação"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Erro de manipulação do testemunho de autenticação"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "A informação de autenticação não pode ser recuperada"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "A fechadura to testemunho de autenticação encontra-se ocupado"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "O envelhecimento do testemunho de autenticação encontra-se desactivado"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Falha na validação preliminar pelo serviço de palavra passe"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "O valor de retorno deve ser ignorado pelo expedidor de PAM"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "O módulo é desconhecido"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "O testemunho de autenticação expirou"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "A conversação está a aguardar um evento"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "A aplicação necessita de invocar o libpam novamente"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Erro PAM desconhecido"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Nova %s%spalavra passe: "
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Digite novamente a nova %s%spalavra passe: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Lamento, as palavras passe não coincidem."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "é igual à anterior"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "é um palíndrome"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "apenas muda a capitulação"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "é demasiado similar à anterior"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "é demasiado simples"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "é rodada"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "já foi utilizada"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Não foi fornecida uma palavra passe"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Palavra passe inalterada"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "MÃ PALAVRA PASSE: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr " %a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " a partir de %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " em %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Último início de sessão: %s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Bemvindo à sua nova conta!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Demasiados inícios de sessão para '%s'."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Não tem correio."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Tem novo correio electrónico."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Tem correio electrónico antigo."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Tem correio electrónico."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "Não tem correio electrónico na pasta %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "Tem novo correio electrónico na pasta %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "Tem correio electrónico antigo na pasta %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "Tem correio electrónico na pasta %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "O seu contexto pré-definido é %s: \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Pretende escolher um diferente? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Digite o número da escolha: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Pretende introduzir um contexto de segurança? [y]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "papel: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "tipo: "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "nível: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Não é um contexto de segurança válido"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Contexto de Segurança %s Atribuído"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "falha ao inicializar o PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "falha em pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "sessão: falha ao executar o forking: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "A alterar a palavra passe de STRESS para "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Digite a nova palavra passe de STRESS: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Digite novamente a nova palavra passe de STRESS: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "A verificação não coincide; palavra passe inalterada"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Erro de autenticação"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Erro de serviço"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Utilizador desconhecido"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Erro desconhecido"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Número errado fornecido a --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Opção não reconhecida %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file ficheiro-raiz] [--user nome-utilizador] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: Não foi possível reiniciar todos os utilizadores para não zero\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr ""
+"A sua conta de utilizador expirou; por favor contacte o seu administrador de "
+"sistema"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr ""
+"É obrigatório que altere de imediato a sua palavra passe (forçado pelo root)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr ""
+"É obrigatório que altere de imediato a sua palavra passe (forçado pela idade)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Aviso: a sua palavra passe expira em %d dia%.2s"
+msgstr[1] "Aviso: a sua palavra passe expira em %d dia%.2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Aviso: a sua palavra passe expira em %d dia%.2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Palavra passe: "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "A palavra passe de NIS não pode ser alterada."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Deve escolher uma palavra passe mais longa"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "A palavra passe já foi anteriormente utilizada. Escolha outra."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "A alterar a palavra passe de STRESS para "
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "palavra passe UNIX (actual): "
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Tem de esperar mais antes de poder alterar a sua palavra passe"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Digite a nova palavra passe UNIX: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Digite novamente a nova palavra passe UNIX: "
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "Aviso: a sua palavra passe expira em %d dia%.2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "falha em dlopen()"
diff --git a/Linux-PAM/po/pt_BR.gmo b/Linux-PAM/po/pt_BR.gmo
new file mode 100644
index 00000000..91a0de30
--- /dev/null
+++ b/Linux-PAM/po/pt_BR.gmo
Binary files differ
diff --git a/Linux-PAM/po/pt_BR.po b/Linux-PAM/po/pt_BR.po
new file mode 100644
index 00000000..a7f97884
--- /dev/null
+++ b/Linux-PAM/po/pt_BR.po
@@ -0,0 +1,497 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 21:55+0200\n"
+"Last-Translator: Novell Language <language@novell.com>\n"
+"Language-Team: Novell Language <language@novell.com>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...Tempo acabando...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Tempo contando.\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "conversação errônea (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "login:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Sucesso"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Erro crítico - abortar imediatamente"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Símbolo não encontrado"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Erro no módulo de serviço"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Erro do sistema"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Erro do buffer de memória"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Permissão negada"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Falha de autenticação"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "Credenciais insuficientes para acessar dados de autenticação"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "O serviço de autenticação não recuperou informações de autenticação"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Usuário desconhecido para o módulo de autenticação subjacente"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Esgotado o número máximo de tentativas para serviço"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "O token de autenticação não é mais válido; token novo necessário"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "A conta do usuário expirou"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Impossível fazer/remover entrada para a sessão específica"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "O serviço de autenticação não recuperou credenciais do usuário"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Credenciais do usuário expiradas"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Falha ao definir credenciais do usuário"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Não há nenhum dado específico para o módulo "
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Item incorreto passado para pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Erro de conversação"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Erro de manipulação de token de autenticação"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "Impossível recuperar informações de autenticação"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "Bloqueio de token de autenticação ocupado"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Validade do token de autenticação desabilitado"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Falha na verificação preliminar por serviço de senha"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "O valor de retorno deve ser ignorado pelo despacho PAM"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Módulo desconhecido"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "Token de autenticação expirado"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Conversação aguardando por evento"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "O aplicativo precisa chamar libpam novamente"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Erro desconhecido no PAM"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Nova %s%ssenha:"
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Redigite a nova %s%ssenha:"
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "As senhas não são iguais."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "é igual à antiga senha"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "é um palíndromo"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "mudou apenas maiúsculas/minúsculas"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "é muito semelhante à antiga"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "é simples demais"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "foi invertida"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "já foi usada"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Nenhuma senha informada"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Senha inalterada"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "SENHA INCORRETA: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr "%a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr "de %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr "em %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Último login:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Bem-vindo à sua nova conta!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Há logins demais para '%s'."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Não há mensagens."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Há novas mensagens."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Há mensagens antigas."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Há mensagens."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "Não há mensagens na pasta %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "Há novas mensagens na pasta %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "Há mensagens antigas na pasta %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "Há mensagens na pasta %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Seu contexto padrão é %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Deseja escolher um diferente? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Digite o número escolhido:"
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Deseja digitar um contexto de segurança? [s]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "função:"
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "digite:"
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "nível:"
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Não é um contexto de segurança válido"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Contexto de Segurança %s Atribuído"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "falha ao inicializar PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "falha em pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "login: falha na bifurcação: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "Mudando senha STRESS para"
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Digite a nova senha STRESS:"
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Digite novamente a nova senha STRESS:"
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Verificação digitada incorretamente; senha inalterada"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Erro de autenticação"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Erro de serviço"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Usuário desconhecido"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Erro desconhecido"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Número insuficiente fornecido a --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Opção não reconhecida %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: Impossível redefinir todos os usuários para não-zero\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "Sua conta expirou; entre em contato com o administrador do sistema"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "Mude sua senha imediatamente (aplicado pela raiz)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "Mude sua senha imediatamente (senha expirada)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Aviso: sua senha expirará em %d dia%.2s"
+msgstr[1] "Aviso: sua senha expirará em %d dia%.2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Aviso: sua senha expirará em %d dia%.2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Senha:"
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "A senha NIS não pôde ser mudada."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Escolha uma senha mais longa"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "A senha já foi usada. Escolha outra."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "Mudando senha STRESS para"
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "Senha UNIX (atual):"
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Aguarde mais tempo para mudar a senha"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Digite a nova senha UNIX:"
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Redigite a nova senha UNIX:"
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "Aviso: sua senha expirará em %d dia%.2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "falha de dlopen ()"
+
+#~ msgid "%s: set %s security context to %s"
+#~ msgstr "Não é um contexto de segurança válido"
diff --git a/Linux-PAM/po/quot.sed b/Linux-PAM/po/quot.sed
new file mode 100644
index 00000000..0122c463
--- /dev/null
+++ b/Linux-PAM/po/quot.sed
@@ -0,0 +1,6 @@
+s/"\([^"]*\)"/“\1â€/g
+s/`\([^`']*\)'/‘\1’/g
+s/ '\([^`']*\)' / ‘\1’ /g
+s/ '\([^`']*\)'$/ ‘\1’/g
+s/^'\([^`']*\)' /‘\1’ /g
+s/“â€/""/g
diff --git a/Linux-PAM/po/remove-potcdate.sin b/Linux-PAM/po/remove-potcdate.sin
new file mode 100644
index 00000000..2436c49e
--- /dev/null
+++ b/Linux-PAM/po/remove-potcdate.sin
@@ -0,0 +1,19 @@
+# Sed script that remove the POT-Creation-Date line in the header entry
+# from a POT file.
+#
+# The distinction between the first and the following occurrences of the
+# pattern is achieved by looking at the hold space.
+/^"POT-Creation-Date: .*"$/{
+x
+# Test if the hold space is empty.
+s/P/P/
+ta
+# Yes it was empty. First occurrence. Remove the line.
+g
+d
+bb
+:a
+# The hold space was nonempty. Following occurrences. Do nothing.
+x
+:b
+}
diff --git a/Linux-PAM/po/stamp-po b/Linux-PAM/po/stamp-po
new file mode 100644
index 00000000..9788f702
--- /dev/null
+++ b/Linux-PAM/po/stamp-po
@@ -0,0 +1 @@
+timestamp
diff --git a/Linux-PAM/po/tr.gmo b/Linux-PAM/po/tr.gmo
new file mode 100644
index 00000000..8c902bf8
--- /dev/null
+++ b/Linux-PAM/po/tr.gmo
Binary files differ
diff --git a/Linux-PAM/po/tr.po b/Linux-PAM/po/tr.po
new file mode 100644
index 00000000..5635cbb6
--- /dev/null
+++ b/Linux-PAM/po/tr.po
@@ -0,0 +1,495 @@
+# translation of Linux-PAM.po to Türkçe
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Koray Löker <loker@pardus.org.tr>, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 19:00+0200\n"
+"Last-Translator: Koray Löker <loker@pardus.org.tr>\n"
+"Language-Team: Türkçe <tr@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.1\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...Zaman geçiyor...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Üzgünüm, süreniz doldu!\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "hatalı etkileşim (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "giriÅŸ:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "Başarılı"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Kritik hata - şimdi çıkılıyor"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Sembol bulunamadı"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Servis modülünde hata"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "Sistem hatası"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Bellek tampo hatası"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "Ä°zin verilmedi"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Yetkilendirme hatası"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "Kimlik bilgisine ulaşmak için yetersiz yetki"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "Yetkilendirme servisi yetki bilgisini getiremedi"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Kullanıcı yetki modülü altyapısında tanımlı değil"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Servis için geçerli deneme sayısı aşıldı"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "Yetki alıntı kütüğü geçersiz; yenisi gerekiyor"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "Kullanıcı hesabının süresi doldu"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Belirlenen oturumda girdi yapılamıyor/silinemiyor"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "Yetkilendirme servisi kullanıcı kimliğini getiremiyor"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Kullanıcı kimliğinin süresi doldu"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Kullanıcı kimliği oluşturma başarılamadı"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Modüle özgü veri yok"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr ""
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Etkileşim hatası"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Yetki alıntı kütüğü çalıştırma hatası"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "Yetki bilgisi kurtarılamadı"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "Yetki alıntı kütüğü kilitli"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "Yetki alıntı kütüğü vadesi etkinsizleştirildi"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Parola servisi hazırlık sağlaması başarısız oldu"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr ""
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Modül bilinmiyor"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "Yetki alıntı kütüğünün süresi doldu"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Etkileşim için olay bekleniyor"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "Uygulamanın libpam kütüphanesini yeniden çağırması gerekiyor"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Bilinmeyen PAM hatası"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Yeni %s%sparolası: "
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Yeni %s%sparolasını tekrar girin: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Üzgünüm, parolalar birbirine uymuyor."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "eskisi ile aynı"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "bir palindrom (iki yönden aynı şekilde okunuyor)"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "sadece büyük-küçük harf değişimi"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "eskisi ile çok benziyor"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "çok basit"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "çevrilmiş"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "daha önce kullanıldı"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Parola girilmedi"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Parola deÄŸiÅŸtirilmedi"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "YANLIÅž PAROLA: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr ""
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " %.*s'dan"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " %.*s üzerinde"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "Son giriÅŸ: %s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "Yeni hesabınıza hoşgeldiniz"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "%s için fazla giriş "
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Ä°leti yok"
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Yeni iletiniz var"
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "OkunmuÅŸ iletiniz var"
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Ä°letiniz var"
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "%s dizininde iletiniz yok"
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "%s dizininde yeni iletiniz var"
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "%s dizininde okunmuÅŸ iletiniz var"
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "%s dizininde iletiniz var"
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Öntanımlı bağlamınız %s \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Başka bir seçim yapmak ister misiniz? [h]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Seçenek sayısını girin: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Güvenlik bağlamı girmek ister misiniz? [e]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "rol: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "tip: "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "seviye: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Geçerli bir güvenlik bağlamı değil"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Güvenlik Bağlamı %s Atandı"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "PAM başlatılamadı\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "pam_set_item() çalıştırılamadı\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "giriş: çatallama yapılamadı: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "STRESS parolası değiştiriliyor "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Yeni STRESS parolası girin: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Yeni STRESS parolasını tekrar girin: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Doğrulama hatalı: parola değiştirilmedi"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Yetkilendirme hatası"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Servis hatası"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Bilinmeyen kullanıcı"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Bilinmeyen hata"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Sıfırlamak için geçersiz sayı=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Tanımlanamayan seçenek %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file DosyanınTamYolu] [--user KullanıcıAdı] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "Hesabınızın süresi doldu; lütfen sistem yöneticinizle bağlantıya geçin"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "Parolanızı en kısa sürede değiştirmeniz gerekiyor (yönetici bildirimi)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "Parolanızı en kısa sürede değiştirmeniz gerekiyor (parola eski)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "Dikkat: Parolanızın geçerlilik süresi %d gün%.2s sonra doluyor"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "Dikkat: Parolanızın geçerlilik süresi %d gün%.2s sonra doluyor"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Parola: "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "NIS parolası değiştirilemiyor"
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Daha uzun bir parola girmelisiniz"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "Parola kullanımda. Lütfen başka bir parola seçin."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "STRESS parolası değiştiriliyor "
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(geçerli) parola: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Parolanızı değiştirmek için daha sonra denemelisiniz"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Yeni parolayı girin: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Yeni parolayı tekrar girin: "
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "Dikkat: Parolanızın geçerlilik süresi %d gün%.2s sonra doluyor"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "dlopen() hatası"
diff --git a/Linux-PAM/po/uk.gmo b/Linux-PAM/po/uk.gmo
new file mode 100644
index 00000000..f5e4fcc3
--- /dev/null
+++ b/Linux-PAM/po/uk.gmo
Binary files differ
diff --git a/Linux-PAM/po/uk.po b/Linux-PAM/po/uk.po
new file mode 100644
index 00000000..f7577c04
--- /dev/null
+++ b/Linux-PAM/po/uk.po
@@ -0,0 +1,501 @@
+# translation of Linux-PAM.uk.po to Ukrainian
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Ivan Petrouchtchak <ivanpetrouchtchak@yahoo.com>, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux-PAM.uk\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 18:59+0200\n"
+"Last-Translator: Ivan Petrouchtchak <ivanpetrouchtchak@yahoo.com>\n"
+"Language-Team: Ukrainian <translation@linux.org.ua>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.2\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%"
+"10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...Ð§Ð°Ñ Ð·Ð°ÐºÑ–Ð½Ñ‡ÑƒÑ”Ñ‚ÑŒÑÑ...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...Вибачте, ваш Ñ‡Ð°Ñ Ð·Ð°ÐºÑ–Ð½Ñ‡Ð¸Ð²ÑÑ!\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "помилкова розмова (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "кориÑтувач:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "УÑпіх"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "Критична помилка - негайна зупинка"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "Символ не знайдено"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "Помилка в модулі Ñлужби"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "СиÑтемна помилка"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "Помилка буферу пам'ÑÑ‚Ñ–"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "ДоÑтуп заборонено"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "Помилка автентифікації"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "ÐедоÑтатньо прав Ð´Ð»Ñ Ð´Ð¾Ñтупу до даних автентифікації"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "Служба автентифікації не може отримати інформацію автентифікації"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "Ðевідомий кориÑтувач Ð´Ð»Ñ Ð¼Ð¾Ð´ÑƒÐ»Ñ Ð°Ð²Ñ‚ÐµÐ½Ñ‚Ð¸Ñ„Ñ–ÐºÐ°Ñ†Ñ–Ñ—"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "Витрачено макÑимальну кількіÑÑ‚ÑŒ дозволених Ñпроб Ð´Ð»Ñ Ñлужби"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "ЛекÑема автентифікації вже не чинна; потрібна нова"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "Рахунок кориÑтувача вже заÑтарів"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "Ðе вдаєтьÑÑ Ñтворити / вилучити Ð·Ð°Ð¿Ð¸Ñ Ð´Ð»Ñ Ð²ÐºÐ°Ð·Ð°Ð½Ð¾Ð³Ð¾ ÑеанÑу"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "Служба автентифікації не може отримати права кориÑтувача"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "Права кориÑтувача заÑтаріли"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "Помилка вÑÑ‚Ð°Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ Ð¿Ñ€Ð°Ð² кориÑтувача"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "Ðема даних Ð´Ð»Ñ Ð¿ÐµÐ²Ð½Ð¸Ñ… модулів"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "Ðеправильний елемент передано до pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "Помилка розмови"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "Помилка маніпулÑції лекÑеми автентифікації"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "Ðе вдаєтьÑÑ Ð²Ñ–Ð´Ð½Ð¾Ð²Ð¸Ñ‚Ð¸ інформацію автентифікації"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "ЛекÑему автентифікації заблоковано зайнÑтою"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "ЗаÑÑ‚Ð°Ñ€Ñ–Ð½Ð½Ñ Ð»ÐµÐºÑеми автентифікації вимкнено"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "Ðевдача попередньої перевірки Ñлужбою паролÑ"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "Ð—Ð½Ð°Ñ‡ÐµÐ½Ð½Ñ Ð¿Ð¾Ð²ÐµÑ€Ð½ÐµÐ½Ð½Ñ Ð¿Ð¾Ð²Ð¸Ð½Ð½Ð¾ ігноруватиÑÑŒ донеÑеннÑм PAM"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "Ðевідомий модуль"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "ЗаÑтаріла лекÑема автентифікації"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "Розмова чекає на подію"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "Програмі потрібно знов викликати libpam"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "Ðевідома помилка PAM"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "Ðовий пароль %s%s:"
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "Повторіть новий пароль %s%s: "
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "Ваші нові паролі не Ñпівпадають."
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "такий Ñамий Ñк Ñ– Ñтарий"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "- це паліндром"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "тільки зміни в регіÑтрі"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "занадто подібний до Ñтарого"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "занадто проÑтий"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "чергуєтьÑÑ"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "вже вживавÑÑ"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "Ðе вÑтановлений пароль"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "Пароль не змінено"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "ПОГÐÐИЙ ПÐРОЛЬ: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr " %a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr " з %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr " на %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "ОÑтанній вхід: %s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "ЛаÑкаво проÑимо до вашого нового рахунку!"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "Забагато входів в Ð´Ð»Ñ \"%s\"."
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "Ðема пошти."
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "Ви маєте нову пошту."
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "Ви маєте Ñтару пошту."
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "Ви маєте пошту."
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "Ви не маєте пошти у теці %s."
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "Ви маєте нову пошту в теці %s."
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "Ви маєте Ñтару пошту в теці %s."
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "Ви маєте пошту в теці %s."
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "Ваш типовий контекÑÑ‚ - %s. \n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "Хочете вибрати ÑкийÑÑŒ інший? [n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "Вкажіть номер вибору: "
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "Хочете ввеÑти контекÑÑ‚ безпеки? [y] "
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "роль: "
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "тип: "
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "рівень: "
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "Ðепридатний контекÑÑ‚ безпеки"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "Призначено контекÑÑ‚ безпеки %s"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "не вдалоÑÑ Ð·Ð°Ð¿Ð¾Ñ‡Ð°Ñ‚ÐºÑƒÐ²Ð°Ñ‚Ð¸ PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "помилка pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "вхід: помилка розгалуженнÑ: %m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "Зміна Ð¿Ð°Ñ€Ð¾Ð»Ñ STRESS Ð´Ð»Ñ "
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "Введіть новий пароль STRESS: "
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "Повторіть новий пароль STRESS: "
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "Перевірку не пройдено; пароль не змінено"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "Помилка автентифікації"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "Помилка Ñлужби"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "Ðевідомий кориÑтувач"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "Ðевідома помилка"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: Погане чиÑло дано Ð´Ð»Ñ --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: Ðерозпізнано параметр %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-filename] [--user ім'Ñ ÐºÐ¾Ñ€Ð¸Ñтувача] [--reset[=n]] [--"
+"quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: Ðе вдаєтьÑÑ Ñкинути вÑÑ–Ñ… кориÑтувачів до не-нуль\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr ""
+"Ваш рахунок заÑтарів, будь лаÑка, звернітьÑÑ Ð´Ð¾ вашого ÑиÑтемного "
+"адмініÑтратора"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "Вам необхідно негайно змінити пароль (вимога адмініÑтратора)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "Вам необхідно негайно змінити пароль (поточний пароль заÑтарів)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "ПопередженнÑ: ваш пароль заÑтаріє через %d дні(в) %.2s"
+msgstr[1] "ПопередженнÑ: ваш пароль заÑтаріє через %d дні(в) %.2s"
+msgstr[2] "ПопередженнÑ: ваш пароль заÑтаріє через %d дні(в) %.2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "ПопередженнÑ: ваш пароль заÑтаріє через %d дні(в) %.2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "Пароль: "
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "Ðе вдалоÑÑ Ð·Ð¼Ñ–Ð½Ð¸Ñ‚Ð¸ пароль NIS."
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "Ðеобхідно вибрати довший пароль"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "Пароль вже вживаєтьÑÑ. Виберіть інший."
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "Зміна Ð¿Ð°Ñ€Ð¾Ð»Ñ STRESS Ð´Ð»Ñ "
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(поточний) пароль UNIX: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "Ви повинні зачекати довше, щоб змінити ваш пароль"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "Введіть новий пароль UNIX: "
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "Повторіть новий пароль UNIX: "
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "ПопередженнÑ: ваш пароль заÑтаріє через %d дні(в) %.2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "Помилка dlopen()"
diff --git a/Linux-PAM/po/zh_CN.gmo b/Linux-PAM/po/zh_CN.gmo
new file mode 100644
index 00000000..fc5e0d79
--- /dev/null
+++ b/Linux-PAM/po/zh_CN.gmo
Binary files differ
diff --git a/Linux-PAM/po/zh_CN.po b/Linux-PAM/po/zh_CN.po
new file mode 100644
index 00000000..89c96fba
--- /dev/null
+++ b/Linux-PAM/po/zh_CN.po
@@ -0,0 +1,492 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux_PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 18:59+0200\n"
+"Last-Translator: Novell Language <language@novell.com>\n"
+"Language-Team: Novell Language <language@novell.com>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...时间å³å°†è€—å°½...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...对ä¸èµ·ï¼Œæ‚¨çš„时间已ç»è€—å°½ï¼\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "æœ‰é”™è¯¯çš„è½¬æ¢ (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "登录:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "æˆåŠŸ"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "严é‡é”™è¯¯ - ç«‹å³ä¸­æ­¢"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "找ä¸åˆ°ç¬¦å·"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "æœåŠ¡æ¨¡å—存在错误"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "系统错误"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "内存缓冲区错误"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "æ‹’ç»æƒé™"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "鉴定故障"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "没有足够的身份凭è¯ä»¥è®¿é—®é‰´å®šæ•°æ®"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "鉴定æœåŠ¡æ— æ³•æ£€ç´¢åˆ°é‰´å®šä¿¡æ¯"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "底层的鉴定模å—无法识别用户"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "å·²ç»è¶…出æœåŠ¡é‡è¯•çš„最多次数"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "鉴定令牌ä¸å†æœ‰æ•ˆï¼›éœ€è¦æ–°çš„鉴定令牌"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "用户å¸æˆ·å·²å¤±æ•ˆ"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "无法为指定的会è¯åˆ›å»ºï¼åŽ»é™¤é¡¹ã€‚"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "鉴定æœåŠ¡æ— æ³•æ£€ç´¢åˆ°ç”¨æˆ·èº«ä»½å‡­è¯"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "用户身份凭è¯å¤±æ•ˆ"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "设置用户身份凭è¯æ—¶å‡ºçŽ°æ•…éšœ"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "ä¸å­˜åœ¨ç‰¹å®šäºŽæ¨¡å—çš„æ•°æ®"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "传递至 pam_*_item() 的项目无效"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "转æ¢é”™è¯¯"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "鉴定令牌æ“作错误"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "无法æ¢å¤é‰´å®šä¿¡æ¯"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "鉴定令牌é”忙碌"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "å·²ç¦ç”¨é‰´å®šä»¤ç‰Œè¿‡æœŸå¤„ç†"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "å£ä»¤æœåŠ¡åˆæ­¥æ£€æŸ¥å¤±è´¥"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "返回值应该被 PAM dispatch 忽略"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "模å—未知"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "鉴定令牌失效"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "转æ¢æ­£åœ¨ç­‰å¾…事件"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "应用程åºéœ€è¦å†æ¬¡è°ƒç”¨ libpam"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "未知的 PAM 错误"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "æ–°çš„ %s%så£ä»¤ï¼š"
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "é‡æ–°è¾“入新的 %s%så£ä»¤ï¼š"
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "抱歉,å£ä»¤ä¸åŒ¹é…。"
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "与旧å£ä»¤ç›¸åŒ"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "是回文"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "仅更改了大å°å†™"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "与旧å£ä»¤è¿‡äºŽç›¸ä¼¼"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "过于简å•"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "是旧å£ä»¤çš„循环"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "已使用"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "å£ä»¤æœªæä¾›"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "å£ä»¤æœªæ›´æ”¹"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "无效的å£ä»¤ï¼š %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr "%a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr "从 %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr "%.*s 上"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "上一次登录:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "欢迎使用新å¸æˆ·ï¼"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "'%s'登录过多。"
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "无邮件。"
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "您有新邮件。"
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "您有旧邮件。"
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "您有邮件。"
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "您在文件夹 %s 中无邮件。"
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "您在文件夹 %s 中有新邮件。"
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "您在文件夹 %s 中有旧邮件。"
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "您在文件夹 %s 中有邮件。"
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "您的默认环境为 %s。\n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "是å¦æƒ³è¦é€‰æ‹©å¦ä¸€ä¸ªï¼Ÿ[n]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "输入选项的数字:"
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "是å¦æ„¿æ„输入安全性环境?[y]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "èŒèƒ½ï¼š"
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "类型:"
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "级别:"
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "ä¸æ˜¯æœ‰æ•ˆçš„安全性环境"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "已指派安全性环境 %s"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "未能åˆå§‹åŒ– PAM\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "未能 pam_set_item()\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "登录:故障派生:%m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "更改 STRESS å£ä»¤ä»¥"
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "输入新的 STRESS å£ä»¤ï¼š"
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "é‡æ–°è¾“入新的 STRESS å£ä»¤ï¼š"
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "校验类型错误;å£ä»¤æœªæ›´æ”¹"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "鉴定错误"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "æœåŠ¡é”™è¯¯"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "未知的用户"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "未知的错误"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: 给定的数字无效 --é‡è®¾ç½®=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: 未识别的选项 %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr "%s: [--文件 根文件å] [--用户 用户å] [--é‡è®¾ç½®[=n]] [--安é™]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: 无法将所有用户é‡è®¾ç½®ä¸ºéžé›¶\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "您的å¸æˆ·å·²å¤±æ•ˆï¼›è¯·ä¸Žç³»ç»Ÿç®¡ç†å‘˜å–å¾—è”ç³»"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "您需è¦ç«‹å³æ›´æ”¹å£ä»¤ï¼ˆroot 强制)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "您需è¦ç«‹å³æ›´æ”¹å£ä»¤ï¼ˆå£ä»¤è¿‡æœŸï¼‰"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] ""
+msgstr[1] ""
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr ""
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "å£ä»¤ï¼š"
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "无法更改 NIS å£ä»¤ã€‚"
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "必须选择更长的å£ä»¤"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "å£ä»¤å·²ä½¿ç”¨ã€‚请选择其他å£ä»¤ã€‚"
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "更改 STRESS å£ä»¤ä»¥"
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(当å‰ï¼‰UNIX å£ä»¤ï¼š"
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "您必须等待更长时间以更改å£ä»¤"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "输入新的 UNIX å£ä»¤ï¼š"
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "é‡æ–°è¾“入新的 UNIX å£ä»¤ï¼š"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "dlopen() 故障"
+
+#~ msgid "%s: set %s security context to %s"
+#~ msgstr "ä¸æ˜¯æœ‰æ•ˆçš„安全性环境"
diff --git a/Linux-PAM/po/zh_TW.gmo b/Linux-PAM/po/zh_TW.gmo
new file mode 100644
index 00000000..69b442b1
--- /dev/null
+++ b/Linux-PAM/po/zh_TW.gmo
Binary files differ
diff --git a/Linux-PAM/po/zh_TW.po b/Linux-PAM/po/zh_TW.po
new file mode 100644
index 00000000..12317b04
--- /dev/null
+++ b/Linux-PAM/po/zh_TW.po
@@ -0,0 +1,497 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Linux-PAM Project
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Linux_PAM\n"
+"Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n"
+"POT-Creation-Date: 2007-01-17 11:53+0100\n"
+"PO-Revision-Date: 2006-05-03 18:55+0200\n"
+"Last-Translator: Novell Language <language@novell.com>\n"
+"Language-Team: Novell Language <language@novell.com>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: libpam_misc/misc_conv.c:33
+msgid "...Time is running out...\n"
+msgstr "...時間已經超éŽ...\n"
+
+#: libpam_misc/misc_conv.c:34
+msgid "...Sorry, your time is up!\n"
+msgstr "...抱歉,您的時間已到ï¼\n"
+
+#: libpam_misc/misc_conv.c:343
+#, c-format
+msgid "erroneous conversation (%d)\n"
+msgstr "錯誤的交談 (%d)\n"
+
+#: libpam/pam_item.c:271
+msgid "login:"
+msgstr "登入:"
+
+#: libpam/pam_strerror.c:40
+msgid "Success"
+msgstr "æˆåŠŸ"
+
+#: libpam/pam_strerror.c:42
+msgid "Critical error - immediate abort"
+msgstr "åš´é‡éŒ¯èª¤ - ç«‹å³ä¸­æ­¢"
+
+#: libpam/pam_strerror.c:44
+msgid "Failed to load module"
+msgstr ""
+
+#: libpam/pam_strerror.c:46
+msgid "Symbol not found"
+msgstr "找ä¸åˆ°ç¬¦è™Ÿ"
+
+#: libpam/pam_strerror.c:48
+msgid "Error in service module"
+msgstr "æœå‹™æ¨¡çµ„發生錯誤"
+
+#: libpam/pam_strerror.c:50
+msgid "System error"
+msgstr "系統錯誤"
+
+#: libpam/pam_strerror.c:52
+msgid "Memory buffer error"
+msgstr "記憶體暫存å€éŒ¯èª¤"
+
+#: libpam/pam_strerror.c:54
+msgid "Permission denied"
+msgstr "許å¯æ¬Šè¢«æ‹’絕"
+
+#: libpam/pam_strerror.c:56
+msgid "Authentication failure"
+msgstr "驗證失敗"
+
+#: libpam/pam_strerror.c:58
+msgid "Insufficient credentials to access authentication data"
+msgstr "憑證ä¸è¶³ï¼Œç„¡æ³•å­˜å–驗證資料"
+
+#: libpam/pam_strerror.c:60
+msgid "Authentication service cannot retrieve authentication info"
+msgstr "é©—è­‰æœå‹™ç„¡æ³•å–出驗證資訊"
+
+#: libpam/pam_strerror.c:62
+msgid "User not known to the underlying authentication module"
+msgstr "底層的驗證模組無法識別使用者"
+
+#: libpam/pam_strerror.c:64
+msgid "Have exhausted maximum number of retries for service"
+msgstr "æœå‹™çš„é‡è©¦æ¬¡æ•¸å·²è¶…éŽæœ€å¤§æ•¸é‡"
+
+#: libpam/pam_strerror.c:66
+msgid "Authentication token is no longer valid; new one required"
+msgstr "驗證記號已經失效;需è¦æ–°çš„驗證記號"
+
+#: libpam/pam_strerror.c:68
+msgid "User account has expired"
+msgstr "使用者帳戶已逾期"
+
+#: libpam/pam_strerror.c:70
+msgid "Cannot make/remove an entry for the specified session"
+msgstr "無法為指定的工作階段製作/移除項目"
+
+#: libpam/pam_strerror.c:72
+msgid "Authentication service cannot retrieve user credentials"
+msgstr "é©—è­‰æœå‹™ç„¡æ³•å–出使用者憑證"
+
+#: libpam/pam_strerror.c:74
+msgid "User credentials expired"
+msgstr "使用者憑證已逾期"
+
+#: libpam/pam_strerror.c:76
+msgid "Failure setting user credentials"
+msgstr "無法設定使用者憑證"
+
+#: libpam/pam_strerror.c:78
+msgid "No module specific data is present"
+msgstr "沒有模組的詳細資料"
+
+#: libpam/pam_strerror.c:80
+msgid "Bad item passed to pam_*_item()"
+msgstr "ä¸è‰¯çš„項目傳é€è‡³ pam_*_item()"
+
+#: libpam/pam_strerror.c:82
+msgid "Conversation error"
+msgstr "交談錯誤"
+
+#: libpam/pam_strerror.c:84
+msgid "Authentication token manipulation error"
+msgstr "驗證記號處ç†éŒ¯èª¤"
+
+#: libpam/pam_strerror.c:86
+msgid "Authentication information cannot be recovered"
+msgstr "無法æ¢å¾©é©—證資訊"
+
+#: libpam/pam_strerror.c:88
+msgid "Authentication token lock busy"
+msgstr "驗證記號鎖定忙碌"
+
+#: libpam/pam_strerror.c:90
+msgid "Authentication token aging disabled"
+msgstr "驗證記號計時已åœç”¨"
+
+#: libpam/pam_strerror.c:92
+msgid "Failed preliminary check by password service"
+msgstr "密碼æœå‹™çš„åˆæ­¥æª¢æŸ¥å¤±æ•—"
+
+#: libpam/pam_strerror.c:94
+msgid "The return value should be ignored by PAM dispatch"
+msgstr "PAM 發é€æ‡‰å¿½ç•¥å‚³å›žå€¼"
+
+#: libpam/pam_strerror.c:96
+msgid "Module is unknown"
+msgstr "未知的模組"
+
+#: libpam/pam_strerror.c:98
+msgid "Authentication token expired"
+msgstr "驗證記號已逾期"
+
+#: libpam/pam_strerror.c:100
+msgid "Conversation is waiting for event"
+msgstr "交談正在等候事件"
+
+#: libpam/pam_strerror.c:102
+msgid "Application needs to call libpam again"
+msgstr "應用程å¼éœ€è¦å†æ¬¡å‘¼å« libpam"
+
+#: libpam/pam_strerror.c:105
+msgid "Unknown PAM error"
+msgstr "未知的 PAM 錯誤"
+
+#: modules/pam_cracklib/pam_cracklib.c:60
+#, c-format
+msgid "New %s%spassword: "
+msgstr "新 %s%s密碼:"
+
+#: modules/pam_cracklib/pam_cracklib.c:62
+#, c-format
+msgid "Retype new %s%spassword: "
+msgstr "å†æ¬¡è¼¸å…¥æ–°çš„ %s%s密碼:"
+
+#: modules/pam_cracklib/pam_cracklib.c:63
+msgid "Sorry, passwords do not match."
+msgstr "抱歉,密碼ä¸ç¬¦åˆã€‚"
+
+#: modules/pam_cracklib/pam_cracklib.c:378
+msgid "is the same as the old one"
+msgstr "與舊的密碼相åŒ"
+
+#: modules/pam_cracklib/pam_cracklib.c:389
+msgid "is a palindrome"
+msgstr "是一個回文"
+
+#: modules/pam_cracklib/pam_cracklib.c:392
+msgid "case changes only"
+msgstr "僅變更大å°å¯«"
+
+#: modules/pam_cracklib/pam_cracklib.c:395
+msgid "is too similar to the old one"
+msgstr "與舊的密碼太相似"
+
+#: modules/pam_cracklib/pam_cracklib.c:398
+msgid "is too simple"
+msgstr "太簡單"
+
+#: modules/pam_cracklib/pam_cracklib.c:401
+msgid "is rotated"
+msgstr "已旋轉"
+
+#: modules/pam_cracklib/pam_cracklib.c:436
+msgid "has been already used"
+msgstr "已經由其他使用者使用"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "No password supplied"
+msgstr "未æ供密碼"
+
+#: modules/pam_cracklib/pam_cracklib.c:464
+#: modules/pam_unix/pam_unix_passwd.c:975
+msgid "Password unchanged"
+msgstr "密碼未變更"
+
+#: modules/pam_cracklib/pam_cracklib.c:487
+#: modules/pam_cracklib/pam_cracklib.c:615
+#, c-format
+msgid "BAD PASSWORD: %s"
+msgstr "ä¸è‰¯çš„密碼: %s"
+
+#: modules/pam_exec/pam_exec.c:118
+#, c-format
+msgid "%s failed: exit code %d"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:126
+#, c-format
+msgid "%s failed: caught signal %d%s"
+msgstr ""
+
+#: modules/pam_exec/pam_exec.c:134
+#, c-format
+msgid "%s failed: unknown status 0x%x"
+msgstr ""
+
+#. TRANSLATORS: "strftime options for date of last login"
+#: modules/pam_lastlog/pam_lastlog.c:190
+msgid " %a %b %e %H:%M:%S %Z %Y"
+msgstr "%a %b %e %H:%M:%S %Z %Y"
+
+#. TRANSLATORS: " from <host>"
+#: modules/pam_lastlog/pam_lastlog.c:199
+#, c-format
+msgid " from %.*s"
+msgstr "從 %.*s"
+
+#. TRANSLATORS: " on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:211
+#, c-format
+msgid " on %.*s"
+msgstr "在 %.*s"
+
+#. TRANSLATORS: "Last login: <date> from <host> on <terminal>"
+#: modules/pam_lastlog/pam_lastlog.c:220
+#, c-format
+msgid "Last login:%s%s%s"
+msgstr "上一次登入:%s%s%s"
+
+#: modules/pam_lastlog/pam_lastlog.c:226
+msgid "Welcome to your new account!"
+msgstr "歡迎使用您的新帳號ï¼"
+
+#: modules/pam_limits/pam_limits.c:647
+#, c-format
+msgid "Too many logins for '%s'."
+msgstr "å° '%s' 進行太多次登入。"
+
+#: modules/pam_mail/pam_mail.c:313
+msgid "No mail."
+msgstr "沒有郵件。"
+
+#: modules/pam_mail/pam_mail.c:316
+msgid "You have new mail."
+msgstr "您有新的郵件。"
+
+#: modules/pam_mail/pam_mail.c:319
+msgid "You have old mail."
+msgstr "您有舊的郵件。"
+
+#: modules/pam_mail/pam_mail.c:323
+msgid "You have mail."
+msgstr "您有郵件。"
+
+#: modules/pam_mail/pam_mail.c:330
+#, c-format
+msgid "You have no mail in folder %s."
+msgstr "資料夾 %s 中沒有您的郵件。"
+
+#: modules/pam_mail/pam_mail.c:334
+#, c-format
+msgid "You have new mail in folder %s."
+msgstr "資料夾 %s 中有您的新郵件。"
+
+#: modules/pam_mail/pam_mail.c:338
+#, c-format
+msgid "You have old mail in folder %s."
+msgstr "資料夾 %s 中有您的舊郵件。"
+
+#: modules/pam_mail/pam_mail.c:343
+#, c-format
+msgid "You have mail in folder %s."
+msgstr "資料夾 %s 中有您的郵件。"
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:140
+#, c-format
+msgid "Creating directory '%s'."
+msgstr ""
+
+#: modules/pam_mkhomedir/pam_mkhomedir.c:145
+#, c-format
+msgid "Unable to create directory %s: %m"
+msgstr ""
+
+#: modules/pam_selinux/pam_selinux.c:102
+#, c-format
+msgid "Your default context is %s. \n"
+msgstr "您的é è¨­ç¶²è·¯ä½ç½®ç‚º %s。\n"
+
+#: modules/pam_selinux/pam_selinux.c:105
+msgid "Do you want to choose a different one? [n]"
+msgstr "您è¦é¸æ“‡ä¸åŒçš„網路ä½ç½®å—Žï¼Ÿ [å¦]"
+
+#: modules/pam_selinux/pam_selinux.c:112
+msgid "Enter number of choice: "
+msgstr "輸入é¸æ“‡çš„密碼:"
+
+#: modules/pam_selinux/pam_selinux.c:152
+msgid "Would you like to enter a security context? [y] "
+msgstr "您是å¦è¦è¼¸å…¥å®‰å…¨ç¶²è·¯ä½ç½®ï¼Ÿ [是]"
+
+#: modules/pam_selinux/pam_selinux.c:169
+msgid "role: "
+msgstr "è·èƒ½ï¼š"
+
+#: modules/pam_selinux/pam_selinux.c:177
+msgid "type: "
+msgstr "類型:"
+
+#: modules/pam_selinux/pam_selinux.c:187
+msgid "level: "
+msgstr "層級:"
+
+#: modules/pam_selinux/pam_selinux.c:203
+msgid "Not a valid security context"
+msgstr "ä¸æ˜¯æœ‰æ•ˆçš„安全網路ä½ç½®"
+
+#: modules/pam_selinux/pam_selinux.c:417
+#, c-format
+msgid "Security Context %s Assigned"
+msgstr "已指定安全網路ä½ç½® %s"
+
+#: modules/pam_selinux/pam_selinux_check.c:99
+#, c-format
+msgid "failed to initialize PAM\n"
+msgstr "起始 PAM 失敗\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:105
+#, c-format
+msgid "failed to pam_set_item()\n"
+msgstr "pam_set_item() 失敗\n"
+
+#: modules/pam_selinux/pam_selinux_check.c:133
+#, c-format
+msgid "login: failure forking: %m"
+msgstr "登入:失敗的分å‰ï¼š%m"
+
+#: modules/pam_stress/pam_stress.c:476
+#, fuzzy, c-format
+msgid "Changing STRESS password for %s."
+msgstr "正在變更 STRESS 密碼"
+
+#: modules/pam_stress/pam_stress.c:490
+msgid "Enter new STRESS password: "
+msgstr "輸入新的 STRESS 密碼:"
+
+#: modules/pam_stress/pam_stress.c:493
+msgid "Retype new STRESS password: "
+msgstr "å†æ¬¡è¼¸å…¥æ–°çš„ STRESS 密碼:"
+
+#: modules/pam_stress/pam_stress.c:522
+msgid "Verification mis-typed; password unchanged"
+msgstr "確èªéŒ¯èª¤è¼¸å…¥ï¼›å¯†ç¢¼æœªè®Šæ›´"
+
+#: modules/pam_tally/pam_tally.c:741
+msgid "Authentication error"
+msgstr "驗證錯誤"
+
+#: modules/pam_tally/pam_tally.c:742
+msgid "Service error"
+msgstr "æœå‹™éŒ¯èª¤"
+
+#: modules/pam_tally/pam_tally.c:743
+msgid "Unknown user"
+msgstr "未知的使用者"
+
+#: modules/pam_tally/pam_tally.c:744
+msgid "Unknown error"
+msgstr "未知的錯誤"
+
+#: modules/pam_tally/pam_tally.c:760
+#, c-format
+msgid "%s: Bad number given to --reset=\n"
+msgstr "%s: ä¸è‰¯çš„號碼æ供至 --reset=\n"
+
+#: modules/pam_tally/pam_tally.c:764
+#, c-format
+msgid "%s: Unrecognised option %s\n"
+msgstr "%s: 未識別的é¸é … %s\n"
+
+#: modules/pam_tally/pam_tally.c:776
+#, c-format
+msgid ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+msgstr ""
+"%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n"
+
+#: modules/pam_tally/pam_tally.c:850
+#, c-format
+msgid "%s: Can't reset all users to non-zero\n"
+msgstr "%s: 無法將所有使用者é‡æ–°è¨­å®šç‚ºéžé›¶\n"
+
+#: modules/pam_unix/pam_unix_acct.c:274 modules/pam_unix/pam_unix_acct.c:301
+msgid "Your account has expired; please contact your system administrator"
+msgstr "您的帳戶已經逾期,請洽詢您的系統管ç†å“¡"
+
+#: modules/pam_unix/pam_unix_acct.c:283
+msgid "You are required to change your password immediately (root enforced)"
+msgstr "您必須立刻變更您的密碼 (root 強制執行)"
+
+#: modules/pam_unix/pam_unix_acct.c:310
+msgid "You are required to change your password immediately (password aged)"
+msgstr "您必須立刻變更您的密碼 (密碼使用éŽä¹…)"
+
+#: modules/pam_unix/pam_unix_acct.c:323 modules/pam_unix/pam_unix_acct.c:330
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d day"
+msgid_plural "Warning: your password will expire in %d days"
+msgstr[0] "警告:您的密碼將在 %d 天之後逾期。%2s"
+msgstr[1] "警告:您的密碼將在 %d 天之後逾期。%2s"
+
+#. TRANSLATORS: only used if dngettext is not support
+#. ed
+#: modules/pam_unix/pam_unix_acct.c:336
+#, fuzzy, c-format
+msgid "Warning: your password will expire in %d days"
+msgstr "警告:您的密碼將在 %d 天之後逾期。%2s"
+
+#: modules/pam_unix/pam_unix_auth.c:159 modules/pam_userdb/pam_userdb.c:61
+msgid "Password: "
+msgstr "密碼:"
+
+#: modules/pam_unix/pam_unix_passwd.c:819
+msgid "NIS password could not be changed."
+msgstr "無法變更 NIS 密碼。"
+
+#: modules/pam_unix/pam_unix_passwd.c:996
+msgid "You must choose a longer password"
+msgstr "您必須é¸æ“‡æ›´é•·çš„密碼"
+
+#: modules/pam_unix/pam_unix_passwd.c:1001
+msgid "Password has been already used. Choose another."
+msgstr "密碼已經由其他使用者使用。請é¸æ“‡å…¶ä»–密碼。"
+
+#: modules/pam_unix/pam_unix_passwd.c:1108
+#, fuzzy, c-format
+msgid "Changing password for %s."
+msgstr "正在變更 STRESS 密碼"
+
+#: modules/pam_unix/pam_unix_passwd.c:1119
+msgid "(current) UNIX password: "
+msgstr "(ç›®å‰) UNIX 密碼:"
+
+#: modules/pam_unix/pam_unix_passwd.c:1154
+msgid "You must wait longer to change your password"
+msgstr "您必須久候,以變更您的密碼。"
+
+#: modules/pam_unix/pam_unix_passwd.c:1214
+msgid "Enter new UNIX password: "
+msgstr "輸入新的 UNIX 密碼:"
+
+#: modules/pam_unix/pam_unix_passwd.c:1215
+msgid "Retype new UNIX password: "
+msgstr "å†æ¬¡è¼¸å…¥æ–°çš„ UNIX 密碼:"
+
+#, fuzzy
+#~ msgid "Warning: your password will expire in one day"
+#~ msgstr "警告:您的密碼將在 %d 天之後逾期。%2s"
+
+#~ msgid "dlopen() failure"
+#~ msgstr "dlopen() 失敗"
+
+#~ msgid "%s: set %s security context to %s"
+#~ msgstr "ä¸æ˜¯æœ‰æ•ˆçš„安全網路ä½ç½®"
diff --git a/Linux-PAM/tests/Makefile.am b/Linux-PAM/tests/Makefile.am
new file mode 100644
index 00000000..a5b8d08b
--- /dev/null
+++ b/Linux-PAM/tests/Makefile.am
@@ -0,0 +1,19 @@
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+AM_CFLAGS = -DLIBPAM_COMPILE -I$(top_srcdir)/libpam/include \
+ -I$(top_srcdir)/libpam
+AM_LDFLAGS = -L$(top_builddir)/libpam -lpam
+
+CLEANFILES = *~
+
+TESTS = tst-pam_start tst-pam_end tst-pam_fail_delay tst-pam_open_session \
+ tst-pam_close_session tst-pam_acct_mgmt tst-pam_authenticate \
+ tst-pam_chauthtok tst-pam_setcred tst-pam_get_item tst-pam_set_item \
+ tst-pam_getenvlist tst-pam_get_user tst-pam_set_data
+
+check_PROGRAMS = ${TESTS} tst-dlopen
+
+tst_dlopen_LDADD = -L$(top_builddir)/libpam -lpam -ldl
+
diff --git a/Linux-PAM/tests/Makefile.in b/Linux-PAM/tests/Makefile.in
new file mode 100644
index 00000000..e7e0d193
--- /dev/null
+++ b/Linux-PAM/tests/Makefile.in
@@ -0,0 +1,692 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+TESTS = tst-pam_start$(EXEEXT) tst-pam_end$(EXEEXT) \
+ tst-pam_fail_delay$(EXEEXT) tst-pam_open_session$(EXEEXT) \
+ tst-pam_close_session$(EXEEXT) tst-pam_acct_mgmt$(EXEEXT) \
+ tst-pam_authenticate$(EXEEXT) tst-pam_chauthtok$(EXEEXT) \
+ tst-pam_setcred$(EXEEXT) tst-pam_get_item$(EXEEXT) \
+ tst-pam_set_item$(EXEEXT) tst-pam_getenvlist$(EXEEXT) \
+ tst-pam_get_user$(EXEEXT) tst-pam_set_data$(EXEEXT)
+check_PROGRAMS = $(am__EXEEXT_1) tst-dlopen$(EXEEXT)
+subdir = tests
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__EXEEXT_1 = tst-pam_start$(EXEEXT) tst-pam_end$(EXEEXT) \
+ tst-pam_fail_delay$(EXEEXT) tst-pam_open_session$(EXEEXT) \
+ tst-pam_close_session$(EXEEXT) tst-pam_acct_mgmt$(EXEEXT) \
+ tst-pam_authenticate$(EXEEXT) tst-pam_chauthtok$(EXEEXT) \
+ tst-pam_setcred$(EXEEXT) tst-pam_get_item$(EXEEXT) \
+ tst-pam_set_item$(EXEEXT) tst-pam_getenvlist$(EXEEXT) \
+ tst-pam_get_user$(EXEEXT) tst-pam_set_data$(EXEEXT)
+tst_dlopen_SOURCES = tst-dlopen.c
+tst_dlopen_OBJECTS = tst-dlopen.$(OBJEXT)
+tst_dlopen_DEPENDENCIES =
+tst_pam_acct_mgmt_SOURCES = tst-pam_acct_mgmt.c
+tst_pam_acct_mgmt_OBJECTS = tst-pam_acct_mgmt.$(OBJEXT)
+tst_pam_acct_mgmt_LDADD = $(LDADD)
+tst_pam_authenticate_SOURCES = tst-pam_authenticate.c
+tst_pam_authenticate_OBJECTS = tst-pam_authenticate.$(OBJEXT)
+tst_pam_authenticate_LDADD = $(LDADD)
+tst_pam_chauthtok_SOURCES = tst-pam_chauthtok.c
+tst_pam_chauthtok_OBJECTS = tst-pam_chauthtok.$(OBJEXT)
+tst_pam_chauthtok_LDADD = $(LDADD)
+tst_pam_close_session_SOURCES = tst-pam_close_session.c
+tst_pam_close_session_OBJECTS = tst-pam_close_session.$(OBJEXT)
+tst_pam_close_session_LDADD = $(LDADD)
+tst_pam_end_SOURCES = tst-pam_end.c
+tst_pam_end_OBJECTS = tst-pam_end.$(OBJEXT)
+tst_pam_end_LDADD = $(LDADD)
+tst_pam_fail_delay_SOURCES = tst-pam_fail_delay.c
+tst_pam_fail_delay_OBJECTS = tst-pam_fail_delay.$(OBJEXT)
+tst_pam_fail_delay_LDADD = $(LDADD)
+tst_pam_get_item_SOURCES = tst-pam_get_item.c
+tst_pam_get_item_OBJECTS = tst-pam_get_item.$(OBJEXT)
+tst_pam_get_item_LDADD = $(LDADD)
+tst_pam_get_user_SOURCES = tst-pam_get_user.c
+tst_pam_get_user_OBJECTS = tst-pam_get_user.$(OBJEXT)
+tst_pam_get_user_LDADD = $(LDADD)
+tst_pam_getenvlist_SOURCES = tst-pam_getenvlist.c
+tst_pam_getenvlist_OBJECTS = tst-pam_getenvlist.$(OBJEXT)
+tst_pam_getenvlist_LDADD = $(LDADD)
+tst_pam_open_session_SOURCES = tst-pam_open_session.c
+tst_pam_open_session_OBJECTS = tst-pam_open_session.$(OBJEXT)
+tst_pam_open_session_LDADD = $(LDADD)
+tst_pam_set_data_SOURCES = tst-pam_set_data.c
+tst_pam_set_data_OBJECTS = tst-pam_set_data.$(OBJEXT)
+tst_pam_set_data_LDADD = $(LDADD)
+tst_pam_set_item_SOURCES = tst-pam_set_item.c
+tst_pam_set_item_OBJECTS = tst-pam_set_item.$(OBJEXT)
+tst_pam_set_item_LDADD = $(LDADD)
+tst_pam_setcred_SOURCES = tst-pam_setcred.c
+tst_pam_setcred_OBJECTS = tst-pam_setcred.$(OBJEXT)
+tst_pam_setcred_LDADD = $(LDADD)
+tst_pam_start_SOURCES = tst-pam_start.c
+tst_pam_start_OBJECTS = tst-pam_start.$(OBJEXT)
+tst_pam_start_LDADD = $(LDADD)
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = tst-dlopen.c tst-pam_acct_mgmt.c tst-pam_authenticate.c \
+ tst-pam_chauthtok.c tst-pam_close_session.c tst-pam_end.c \
+ tst-pam_fail_delay.c tst-pam_get_item.c tst-pam_get_user.c \
+ tst-pam_getenvlist.c tst-pam_open_session.c tst-pam_set_data.c \
+ tst-pam_set_item.c tst-pam_setcred.c tst-pam_start.c
+DIST_SOURCES = tst-dlopen.c tst-pam_acct_mgmt.c tst-pam_authenticate.c \
+ tst-pam_chauthtok.c tst-pam_close_session.c tst-pam_end.c \
+ tst-pam_fail_delay.c tst-pam_get_item.c tst-pam_get_user.c \
+ tst-pam_getenvlist.c tst-pam_open_session.c tst-pam_set_data.c \
+ tst-pam_set_item.c tst-pam_setcred.c tst-pam_start.c
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+AM_CFLAGS = -DLIBPAM_COMPILE -I$(top_srcdir)/libpam/include \
+ -I$(top_srcdir)/libpam
+
+AM_LDFLAGS = -L$(top_builddir)/libpam -lpam
+CLEANFILES = *~
+tst_dlopen_LDADD = -L$(top_builddir)/libpam -lpam -ldl
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu tests/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu tests/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+clean-checkPROGRAMS:
+ @list='$(check_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+tst-dlopen$(EXEEXT): $(tst_dlopen_OBJECTS) $(tst_dlopen_DEPENDENCIES)
+ @rm -f tst-dlopen$(EXEEXT)
+ $(LINK) $(tst_dlopen_OBJECTS) $(tst_dlopen_LDADD) $(LIBS)
+tst-pam_acct_mgmt$(EXEEXT): $(tst_pam_acct_mgmt_OBJECTS) $(tst_pam_acct_mgmt_DEPENDENCIES)
+ @rm -f tst-pam_acct_mgmt$(EXEEXT)
+ $(LINK) $(tst_pam_acct_mgmt_OBJECTS) $(tst_pam_acct_mgmt_LDADD) $(LIBS)
+tst-pam_authenticate$(EXEEXT): $(tst_pam_authenticate_OBJECTS) $(tst_pam_authenticate_DEPENDENCIES)
+ @rm -f tst-pam_authenticate$(EXEEXT)
+ $(LINK) $(tst_pam_authenticate_OBJECTS) $(tst_pam_authenticate_LDADD) $(LIBS)
+tst-pam_chauthtok$(EXEEXT): $(tst_pam_chauthtok_OBJECTS) $(tst_pam_chauthtok_DEPENDENCIES)
+ @rm -f tst-pam_chauthtok$(EXEEXT)
+ $(LINK) $(tst_pam_chauthtok_OBJECTS) $(tst_pam_chauthtok_LDADD) $(LIBS)
+tst-pam_close_session$(EXEEXT): $(tst_pam_close_session_OBJECTS) $(tst_pam_close_session_DEPENDENCIES)
+ @rm -f tst-pam_close_session$(EXEEXT)
+ $(LINK) $(tst_pam_close_session_OBJECTS) $(tst_pam_close_session_LDADD) $(LIBS)
+tst-pam_end$(EXEEXT): $(tst_pam_end_OBJECTS) $(tst_pam_end_DEPENDENCIES)
+ @rm -f tst-pam_end$(EXEEXT)
+ $(LINK) $(tst_pam_end_OBJECTS) $(tst_pam_end_LDADD) $(LIBS)
+tst-pam_fail_delay$(EXEEXT): $(tst_pam_fail_delay_OBJECTS) $(tst_pam_fail_delay_DEPENDENCIES)
+ @rm -f tst-pam_fail_delay$(EXEEXT)
+ $(LINK) $(tst_pam_fail_delay_OBJECTS) $(tst_pam_fail_delay_LDADD) $(LIBS)
+tst-pam_get_item$(EXEEXT): $(tst_pam_get_item_OBJECTS) $(tst_pam_get_item_DEPENDENCIES)
+ @rm -f tst-pam_get_item$(EXEEXT)
+ $(LINK) $(tst_pam_get_item_OBJECTS) $(tst_pam_get_item_LDADD) $(LIBS)
+tst-pam_get_user$(EXEEXT): $(tst_pam_get_user_OBJECTS) $(tst_pam_get_user_DEPENDENCIES)
+ @rm -f tst-pam_get_user$(EXEEXT)
+ $(LINK) $(tst_pam_get_user_OBJECTS) $(tst_pam_get_user_LDADD) $(LIBS)
+tst-pam_getenvlist$(EXEEXT): $(tst_pam_getenvlist_OBJECTS) $(tst_pam_getenvlist_DEPENDENCIES)
+ @rm -f tst-pam_getenvlist$(EXEEXT)
+ $(LINK) $(tst_pam_getenvlist_OBJECTS) $(tst_pam_getenvlist_LDADD) $(LIBS)
+tst-pam_open_session$(EXEEXT): $(tst_pam_open_session_OBJECTS) $(tst_pam_open_session_DEPENDENCIES)
+ @rm -f tst-pam_open_session$(EXEEXT)
+ $(LINK) $(tst_pam_open_session_OBJECTS) $(tst_pam_open_session_LDADD) $(LIBS)
+tst-pam_set_data$(EXEEXT): $(tst_pam_set_data_OBJECTS) $(tst_pam_set_data_DEPENDENCIES)
+ @rm -f tst-pam_set_data$(EXEEXT)
+ $(LINK) $(tst_pam_set_data_OBJECTS) $(tst_pam_set_data_LDADD) $(LIBS)
+tst-pam_set_item$(EXEEXT): $(tst_pam_set_item_OBJECTS) $(tst_pam_set_item_DEPENDENCIES)
+ @rm -f tst-pam_set_item$(EXEEXT)
+ $(LINK) $(tst_pam_set_item_OBJECTS) $(tst_pam_set_item_LDADD) $(LIBS)
+tst-pam_setcred$(EXEEXT): $(tst_pam_setcred_OBJECTS) $(tst_pam_setcred_DEPENDENCIES)
+ @rm -f tst-pam_setcred$(EXEEXT)
+ $(LINK) $(tst_pam_setcred_OBJECTS) $(tst_pam_setcred_LDADD) $(LIBS)
+tst-pam_start$(EXEEXT): $(tst_pam_start_OBJECTS) $(tst_pam_start_DEPENDENCIES)
+ @rm -f tst-pam_start$(EXEEXT)
+ $(LINK) $(tst_pam_start_OBJECTS) $(tst_pam_start_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-dlopen.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_acct_mgmt.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_authenticate.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_chauthtok.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_close_session.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_end.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_fail_delay.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_get_item.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_get_user.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_getenvlist.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_open_session.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_set_data.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_set_item.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_setcred.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_start.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *$$ws$$tst$$ws*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ echo "SKIP: $$tst"; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ skipped="($$skip tests were not run)"; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-checkPROGRAMS clean-generic clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
+ clean-checkPROGRAMS clean-generic clean-libtool ctags \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-ps install-ps-am install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/tests/tst-dlopen.c b/Linux-PAM/tests/tst-dlopen.c
new file mode 100644
index 00000000..272d58bc
--- /dev/null
+++ b/Linux-PAM/tests/tst-dlopen.c
@@ -0,0 +1,44 @@
+/*
+ Copyright (C) Nalin Dahyabhai <nalin@redhat.com> 2003
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+*/
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <dlfcn.h>
+#include <stdio.h>
+#include <limits.h>
+#include <sys/stat.h>
+
+/* Simple program to see if dlopen() would succeed. */
+int main(int argc, char **argv)
+{
+ int i;
+ struct stat st;
+ char buf[PATH_MAX];
+
+ for (i = 1; i < argc; i++) {
+ if (dlopen(argv[i], RTLD_NOW)) {
+ fprintf(stdout, "dlopen() of \"%s\" succeeded.\n",
+ argv[i]);
+ } else {
+ snprintf(buf, sizeof(buf), "./%s", argv[i]);
+ if ((stat(buf, &st) == 0) && dlopen(buf, RTLD_NOW)) {
+ fprintf(stdout, "dlopen() of \"./%s\" "
+ "succeeded.\n", argv[i]);
+ } else {
+ fprintf(stdout, "dlopen() of \"%s\" failed: "
+ "%s\n", argv[i], dlerror());
+ return 1;
+ }
+ }
+ }
+ return 0;
+}
+
diff --git a/Linux-PAM/tests/tst-pam_acct_mgmt.c b/Linux-PAM/tests/tst-pam_acct_mgmt.c
new file mode 100644
index 00000000..1e8c4b4d
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_acct_mgmt.c
@@ -0,0 +1,58 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include <security/pam_appl.h>
+
+
+int
+main (void)
+{
+ int retval;
+
+ /* 1: Call with NULL as pam handle */
+ retval = pam_acct_mgmt (NULL, 0);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_acct_mgmt (NULL, 0) returned PAM_SUCCESS\n");
+ return 1;
+ }
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_authenticate.c b/Linux-PAM/tests/tst-pam_authenticate.c
new file mode 100644
index 00000000..1d43ec3a
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_authenticate.c
@@ -0,0 +1,58 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include <security/pam_appl.h>
+
+
+int
+main (void)
+{
+ int retval;
+
+ /* 1: Call with NULL as pam handle */
+ retval = pam_authenticate (NULL, 0);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "tst-pam_authenticate (NULL, 0) returned PAM_SUCCESS\n");
+ return 1;
+ }
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_chauthtok.c b/Linux-PAM/tests/tst-pam_chauthtok.c
new file mode 100644
index 00000000..37ed83d3
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_chauthtok.c
@@ -0,0 +1,58 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include <security/pam_appl.h>
+
+
+int
+main (void)
+{
+ int retval;
+
+ /* 1: Call with NULL as pam handle */
+ retval = pam_chauthtok (NULL, 0);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "tst-pam_chauthtok (NULL, 0) returned PAM_SUCCESS\n");
+ return 1;
+ }
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_close_session.c b/Linux-PAM/tests/tst-pam_close_session.c
new file mode 100644
index 00000000..86187bb9
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_close_session.c
@@ -0,0 +1,58 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include <security/pam_appl.h>
+
+
+int
+main (void)
+{
+ int retval;
+
+ /* 1: Call with NULL as pam handle */
+ retval = pam_close_session (NULL, 0);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_close_session (NULL, 0) returned PAM_SUCCESS\n");
+ return 1;
+ }
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_end.c b/Linux-PAM/tests/tst-pam_end.c
new file mode 100644
index 00000000..93c2fc32
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_end.c
@@ -0,0 +1,79 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include <security/pam_appl.h>
+
+
+int
+main (void)
+{
+ const char *service = "dummy";
+ const char *user = "root";
+ struct pam_conv conv;
+ pam_handle_t *pamh;
+ int retval;
+
+ /* 1: close valid pam handle */
+ /* create valid pam handle */
+ retval = pam_start (service, user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ retval = pam_end (pamh, 0);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_end (pamh, 0) returned %d\n", retval);
+ return 1;
+ }
+
+ /* 2: close NULL pam handle */
+ retval = pam_end (NULL, 0);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_end (NULL, 0) returned %d\n", retval);
+ return 1;
+ }
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_fail_delay.c b/Linux-PAM/tests/tst-pam_fail_delay.c
new file mode 100644
index 00000000..c4323178
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_fail_delay.c
@@ -0,0 +1,79 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include <security/pam_appl.h>
+
+
+int
+main (void)
+{
+ const char *service = "dummy";
+ const char *user = "root";
+ struct pam_conv conv;
+ pam_handle_t *pamh;
+ int retval;
+
+ /* 1: set valid delay */
+ /* create valid pam handle */
+ retval = pam_start (service, user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ retval = pam_fail_delay (pamh, 60);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_fail_delay (pamh, 60) returned %d\n", retval);
+ return 1;
+ }
+
+ /* 2: use NULL pam handle */
+ retval = pam_fail_delay (NULL, 60);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_fail_delay (NULL, 60) returned %d\n", retval);
+ return 1;
+ }
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_get_item.c b/Linux-PAM/tests/tst-pam_get_item.c
new file mode 100644
index 00000000..d88b8b29
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_get_item.c
@@ -0,0 +1,133 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include <security/pam_appl.h>
+
+struct mapping {
+ int type;
+ const char *string;
+ int expected;
+};
+
+struct mapping items[] = {
+ {PAM_SERVICE, "PAM_SERVICE", PAM_SUCCESS},
+ {PAM_USER, "PAM_USER", 0},
+ {PAM_TTY, "PAM_TTY", 0},
+ {PAM_RHOST, "PAM_RHOST", 0},
+ {PAM_CONV, "PAM_CONV", 0},
+ {PAM_AUTHTOK, "PAM_AUTHTOK", PAM_BAD_ITEM},
+ {PAM_OLDAUTHTOK, "PAM_OLDAUTHTOK", PAM_BAD_ITEM},
+ {PAM_RUSER, "PAM_RUSER", 0},
+ {PAM_USER_PROMPT, "PAM_USER_PROMPT", 0},
+ {PAM_FAIL_DELAY, "PAM_FAIL_DELAY", 0}
+};
+
+int
+main (void)
+{
+ const char *service = "dummy";
+ const char *user = "root";
+ struct pam_conv conv;
+ pam_handle_t *pamh;
+ int retval, num, i;
+ const void *value;
+
+ /* 1: Call with NULL as pam handle */
+ retval = pam_get_item (NULL, PAM_SERVICE, &value);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_get_item (NULL, 0) returned PAM_SUCCESS\n");
+ return 1;
+ }
+
+ /* setup pam handle */
+ retval = pam_start (service, user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ /* 2: check for valid item types. Expected return value is
+ PAM_SUCCESS, except it has to fail. */
+ num = sizeof(items) / sizeof(struct mapping);
+
+ for (i = 0; i < num; i++)
+ {
+ retval = pam_get_item (pamh, items[i].type, &value);
+
+ if (retval != items[i].expected)
+ {
+ fprintf (stderr,
+ "pam_get_item failed to get value for %s. Returned %d\n",
+ items[i].string, retval);
+ return 1;
+ }
+ }
+
+ /* 3: check for bad item */
+ retval = pam_get_item (pamh, -1, &value);
+ if (retval != PAM_BAD_ITEM)
+ {
+ fprintf (stderr,
+ "pam_get_item returned %d when expecting PAM_BAD_ITEM\n",
+ retval);
+ return 1;
+ }
+
+ /* 4: check for valid item types, but NULL as value address. */
+ for (i = 0; i < num; i++)
+ {
+ retval = pam_get_item (pamh, items[i].type, NULL);
+
+ if (retval != PAM_PERM_DENIED)
+ {
+ fprintf (stderr,
+ "pam_get_item returned %d to get value for %s\n",
+ retval, items[i].string);
+ return 1;
+ }
+ }
+
+ pam_end (pamh, 0);
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_get_user.c b/Linux-PAM/tests/tst-pam_get_user.c
new file mode 100644
index 00000000..16f31236
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_get_user.c
@@ -0,0 +1,176 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <config.h>
+
+#include <stdio.h>
+#include <unistd.h>
+#include <string.h>
+#include <stdlib.h>
+#include <security/pam_appl.h>
+#include <security/pam_modules.h>
+
+static const char *prompt = "myprompt:";
+static const char *user = "itsme";
+
+static int
+login_conv (int num_msg, const struct pam_message **mesg,
+ struct pam_response **resp, void *appdata_ptr UNUSED)
+{
+ struct pam_response *reply;
+ int count;
+
+ reply = calloc(num_msg, sizeof (struct pam_response));
+
+ if (reply == NULL)
+ return PAM_BUF_ERR;
+
+ for (count = 0; count < num_msg; count++)
+ {
+ reply[count].resp_retcode = 0;
+ reply[count].resp = NULL;
+
+ switch (mesg[count]->msg_style)
+ {
+ case PAM_PROMPT_ECHO_ON:
+ if (strcmp (mesg[count]->msg, prompt) != 0)
+ {
+ fprintf (stderr, "conv function called with wrong prompt: %s\n",
+ mesg[count]->msg);
+ exit (1);
+ }
+ reply[count].resp = strdup (user);
+ break;
+
+ default:
+ fprintf (stderr,
+ "pam_get_user calls conv function with unexpected msg style");
+ exit (1);
+ }
+ }
+
+ *resp = reply;
+ return PAM_SUCCESS;
+}
+
+int
+main (void)
+{
+ const char *service = "dummy";
+ const char *value;
+ struct pam_conv conv = { &login_conv, NULL};
+ pam_handle_t *pamh;
+ int retval;
+
+ /* 1: Call with NULL for every argument */
+ retval = pam_get_user (NULL, NULL, NULL);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "tst-pam_get_user (NULL, NULL, NULL) returned PAM_SUCCESS\n");
+ return 1;
+ }
+
+ /* setup pam handle */
+ retval = pam_start (service, user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ /* 2: Call with valid pamh handle but NULL for user */
+ retval = pam_get_user (pamh, NULL, NULL);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "tst-pam_get_user (pamh, NULL, NULL) returned PAM_SUCCESS\n");
+ return 1;
+ }
+
+ /* 3: Call with valid pamh handle and valid user ptr */
+ retval = pam_get_user (pamh, &value, NULL);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "tst-pam_get_user (pamh, &value, NULL) returned %d\n",
+ retval);
+ return 1;
+ }
+ if (strcmp (user, value) != 0)
+ {
+ fprintf (stderr,
+ "tst-pam_get_user (pamh, &value, NULL) mismatch:\n"
+ "expected: %s\n"
+ "got: %s\n", user, value);
+ return 1;
+ }
+
+ pam_end (pamh, 0);
+
+ /* setup pam handle without user */
+ retval = pam_start (service, NULL, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ /* 4: Call with valid pamh handle and valid user ptr */
+ retval = pam_get_user (pamh, &value, prompt);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "tst-pam_get_user (pamh, &value, prompt) returned %d\n",
+ retval);
+ return 1;
+ }
+ if (strcmp (user, value) != 0)
+ {
+ fprintf (stderr,
+ "tst-pam_get_user (pamh, &value, prompt) mismatch:\n"
+ "expected: %s\n"
+ "got: %s\n", user, value);
+ return 1;
+ }
+
+ pam_end (pamh, 0);
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_getenvlist.c b/Linux-PAM/tests/tst-pam_getenvlist.c
new file mode 100644
index 00000000..d24a9bf9
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_getenvlist.c
@@ -0,0 +1,134 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <security/pam_appl.h>
+
+const char *envvals[] = {"VAL1=1", "VAL2=2", "VAL3=3"};
+
+int
+main (void)
+{
+ const char *service = "dummy";
+ const char *user = "root";
+ struct pam_conv conv;
+ pam_handle_t *pamh;
+ int retval;
+ char **ptr;
+ char *temp;
+ int var, i;
+
+ /* 1: Call with NULL as pam handle */
+ ptr = pam_getenvlist (NULL);
+ if (ptr != NULL)
+ {
+ fprintf (stderr, "pam_getenvlist (NULL) does not return NULL\n");
+ return 1;
+ }
+
+ /* setup pam handle */
+ retval = pam_start (service, user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ /* 2: Call with pam handle, but no environment set */
+ ptr = pam_getenvlist (pamh);
+ if (ptr == NULL || *ptr != NULL)
+ {
+ fprintf (stderr,
+ "pam_getenvlist (pamh) does not return pointer to NULL\n");
+ temp = *ptr;
+ var = 0;
+ while (temp)
+ {
+ printf ("%s\n", temp);
+ var++;
+ temp = *(ptr + var);
+ }
+ return 1;
+ }
+ free (ptr);
+
+ /* set environment variable */
+ for (i = 0; i < 3; i++)
+ {
+ retval = pam_putenv (pamh, envvals[i]);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_putenv (pamh, \"%s\") returned %d\n",
+ envvals[i], retval);
+ return 1;
+ }
+ }
+
+ /* 3: Call with pam handle and environment set */
+ ptr = pam_getenvlist (pamh);
+ if (ptr == NULL)
+ {
+ fprintf (stderr, "pam_getenvlist (pamh) returned NULL\n");
+ return 1;
+ }
+ else
+ {
+ temp = *ptr;
+ var = 0;
+ while (temp)
+ {
+ if (strcmp (temp, envvals[var]) != 0)
+ {
+ fprintf (stderr,
+ "pam_getenvlist returns wrong value:\n"
+ "expected: %s\n"
+ "got: %s\n", envvals[var], temp);
+ return 1;
+ }
+ free (temp);
+ var++;
+ temp = *(ptr + var);
+ }
+ free (ptr);
+ }
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_open_session.c b/Linux-PAM/tests/tst-pam_open_session.c
new file mode 100644
index 00000000..771ca35c
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_open_session.c
@@ -0,0 +1,58 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include <security/pam_appl.h>
+
+
+int
+main (void)
+{
+ int retval;
+
+ /* 1: Call with NULL as pam handle */
+ retval = pam_open_session (NULL, 0);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_open_session (NULL, 0) returned PAM_SUCCESS\n");
+ return 1;
+ }
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_set_data.c b/Linux-PAM/tests/tst-pam_set_data.c
new file mode 100644
index 00000000..3b30dcc1
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_set_data.c
@@ -0,0 +1,488 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+#include <string.h>
+
+#include <security/pam_appl.h>
+#include <security/pam_modules.h>
+#include <pam_private.h>
+
+static int cleanup_was_called = 0;
+static int cleanup3_was_called = 0;
+static int cleanup3_retval = 0;
+static int cleanup6_was_called = 0;
+static int cleanup6_retval = 0;
+static int cleanup7_was_called = 0;
+static int cleanup7_retval = 0;
+static int cleanup7b_was_called = 0;
+static int cleanup7b_retval = 0;
+static int cleanup8_was_called = 0;
+static int cleanup8_retval = 0;
+
+static void
+tst_cleanup (pam_handle_t *pamh UNUSED, void *data, int error_status)
+{
+ cleanup_was_called = 1;
+ fprintf (stderr, "tst_cleanup was called: data=\"%s\", error_status=%d\n",
+ (char *)data, error_status);
+}
+
+static void
+tst_cleanup_3 (pam_handle_t *pamh UNUSED, void *data, int error_status)
+{
+ cleanup3_was_called = 1;
+
+ if (strcmp (data, "test3") != 0)
+ {
+ fprintf (stderr, "tst_cleanup_3 called with wrong data, got \"%s\"\n",
+ (char *)data);
+ cleanup3_retval = 1;
+ return;
+ }
+
+ free (data);
+
+ if (error_status & PAM_DATA_REPLACE)
+ {
+ fprintf (stderr, "tst_cleanup_3 called with PAM_DATA_REPLACE set\n");
+ cleanup3_retval = 1;
+ return;
+ }
+
+ if (error_status & PAM_DATA_SILENT)
+ {
+ fprintf (stderr, "tst_cleanup_3 called with PAM_DATA_SILENT set\n");
+ cleanup3_retval = 1;
+ return;
+ }
+
+ if (error_status != 0)
+ {
+ fprintf (stderr, "tst_cleanup_3 called with error_status set: %d\n",
+ error_status);
+ cleanup3_retval = 1;
+ return;
+ }
+}
+
+static void
+tst_cleanup_6 (pam_handle_t *pamh UNUSED, void *data, int error_status)
+{
+ cleanup6_was_called = 1;
+
+ if (error_status & PAM_DATA_SILENT)
+ {
+ fprintf (stderr, "tst_cleanup_6 called with PAM_DATA_SILENT set\n");
+ cleanup6_retval = 1;
+ return;
+ }
+
+ if (error_status & PAM_DATA_REPLACE)
+ {
+ if (strcmp (data, "test6a") != 0)
+ {
+ fprintf (stderr, "tst_cleanup_6 called with wrong data, got \"%s\"\n",
+ (char *)data);
+ cleanup6_retval = 1;
+ return;
+ }
+
+ if (error_status != PAM_DATA_REPLACE)
+ {
+ fprintf (stderr, "tst_cleanup_6 called with error_status set: %d\n",
+ error_status);
+ cleanup6_retval = 1;
+ return;
+ }
+ }
+ else
+ {
+ if (strcmp (data, "test6b") != 0)
+ {
+ fprintf (stderr, "tst_cleanup_6 called with wrong data, got \"%s\"\n",
+ (char *)data);
+ cleanup6_retval = 1;
+ return;
+ }
+
+ if (error_status != 0)
+ {
+ fprintf (stderr, "tst_cleanup_6 called with error_status set: %d\n",
+ error_status);
+ cleanup6_retval = 1;
+ return;
+ }
+ }
+
+ free (data);
+}
+
+static void
+tst_cleanup_7 (pam_handle_t *pamh UNUSED, void *data, int error_status)
+{
+ cleanup7_was_called = 1;
+
+ if (error_status & PAM_DATA_SILENT)
+ {
+ fprintf (stderr, "tst_cleanup_7 called with PAM_DATA_SILENT set\n");
+ cleanup7_retval = 1;
+ return;
+ }
+
+ if (error_status & PAM_DATA_REPLACE)
+ {
+ if (strcmp (data, "test7a") != 0)
+ {
+ fprintf (stderr, "tst_cleanup_7 called with wrong data, got \"%s\"\n",
+ (char *)data);
+ cleanup7_retval = 1;
+ return;
+ }
+
+ if (error_status != PAM_DATA_REPLACE)
+ {
+ fprintf (stderr, "tst_cleanup_7 called with error_status set: %d\n",
+ error_status);
+ cleanup7_retval = 1;
+ return;
+ }
+ }
+ else
+ {
+ fprintf (stderr, "tst_cleanup_7 called without PAM_DATA_REPLACE set: %d\n",
+ error_status);
+ cleanup7_retval = 1;
+ return;
+ }
+
+ free (data);
+}
+
+static void
+tst_cleanup_7b (pam_handle_t *pamh UNUSED, void *data, int error_status)
+{
+ cleanup7b_was_called = 1;
+
+ if (strcmp (data, "test7b") != 0)
+ {
+ fprintf (stderr, "tst_cleanup_7b called with wrong data, got \"%s\"\n",
+ (char *)data);
+ cleanup7b_retval = 1;
+ return;
+ }
+
+ free (data);
+
+ if (error_status & PAM_DATA_REPLACE)
+ {
+ fprintf (stderr, "tst_cleanup_7b called with PAM_DATA_REPLACE set\n");
+ cleanup7b_retval = 1;
+ return;
+ }
+
+ if (error_status & PAM_DATA_SILENT)
+ {
+ fprintf (stderr, "tst_cleanup_7b called with PAM_DATA_SILENT set\n");
+ cleanup7b_retval = 1;
+ return;
+ }
+
+ if (error_status != 0)
+ {
+ fprintf (stderr, "tst_cleanup_7b called with error_status set: %d\n",
+ error_status);
+ cleanup7b_retval = 1;
+ return;
+ }
+}
+
+static void
+tst_cleanup_8 (pam_handle_t *pamh UNUSED, void *data, int error_status)
+{
+ cleanup8_was_called = 1;
+
+ if (strcmp (data, "test8") != 0)
+ {
+ fprintf (stderr, "tst_cleanup_8 called with wrong data, got \"%s\"\n",
+ (char *)data);
+ cleanup8_retval = 1;
+ return;
+ }
+
+ free (data);
+
+ if (error_status & PAM_DATA_REPLACE)
+ {
+ fprintf (stderr, "tst_cleanup_8 called with PAM_DATA_REPLACE set\n");
+ cleanup8_retval = 1;
+ return;
+ }
+
+ if (error_status & PAM_DATA_SILENT)
+ {
+ fprintf (stderr, "tst_cleanup_8 called with PAM_DATA_SILENT set\n");
+ cleanup8_retval = 1;
+ return;
+ }
+
+ if (error_status != 987)
+ {
+ fprintf (stderr, "tst_cleanup_8 called with wrong error_status set: %d\n",
+ error_status);
+ cleanup8_retval = 1;
+ return;
+ }
+}
+
+int
+main (void)
+{
+ const char *service = "dummy";
+ const char *user = "root";
+ struct pam_conv conv;
+ pam_handle_t *pamh;
+ void *dataptr;
+ int retval;
+
+ /* 1: Call with NULL as pam handle */
+ dataptr = strdup ("test1");
+ retval = pam_set_data (NULL, "tst-pam_set_data-1", dataptr, tst_cleanup);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_set_data (NULL, ...) returned PAM_SUCCESS\n");
+ return 1;
+ }
+ free (dataptr);
+
+ /* setup pam handle */
+ retval = pam_start (service, user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ /* 2: check for call from application */
+ dataptr = strdup ("test2");
+ retval = pam_set_data (pamh, "tst-pam_set_data-2", dataptr, tst_cleanup);
+ if (retval != PAM_SYSTEM_ERR)
+ {
+ fprintf (stderr,
+ "pam_set_data returned %d when expecting PAM_SYSTEM_ERR\n",
+ retval);
+ return 1;
+ }
+ free (dataptr);
+
+
+ /* 3: check for call from module */
+ __PAM_TO_MODULE(pamh);
+ dataptr = strdup ("test3");
+ retval = pam_set_data (pamh, "tst-pam_set_data-3", dataptr,
+ tst_cleanup_3);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "pam_set_data failed: %d\n",
+ retval);
+ return 1;
+ }
+
+ /* 4: check for call with NULL as module_data_name */
+ dataptr = strdup ("test4");
+ retval = pam_set_data (pamh, NULL, dataptr, tst_cleanup);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "pam_set_data with NULL as module_data_name succeded!\n");
+ return 1;
+ }
+ free (dataptr);
+
+ /* 5: check for call with NULL as cleanup function */
+ dataptr = strdup ("test5");
+ retval = pam_set_data (pamh, "tst-pam_set_data-5", dataptr, NULL);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "pam_set_data with NULL as cleanup function failed: %d\n",
+ retval);
+ return 1;
+ }
+ free (dataptr);
+
+ /* 6: Overwrite data and check cleanup flags */
+ dataptr = strdup ("test6a");
+ retval = pam_set_data (pamh, "tst-pam_set_data-6", dataptr,
+ tst_cleanup_6);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "test6: first pam_set_data failed: %d\n",
+ retval);
+ return 1;
+ }
+
+ dataptr = strdup ("test6b");
+ retval = pam_set_data (pamh, "tst-pam_set_data-6", dataptr,
+ tst_cleanup_6);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "test6: second pam_set_data failed: %d\n",
+ retval);
+ return 1;
+ }
+
+ /* 7: Overwrite data and cleanup function, check cleanup flags */
+ dataptr = strdup ("test7a");
+ retval = pam_set_data (pamh, "tst-pam_set_data-7", dataptr,
+ tst_cleanup_7);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "test7: first pam_set_data failed: %d\n",
+ retval);
+ return 1;
+ }
+
+ dataptr = strdup ("test7b");
+ retval = pam_set_data (pamh, "tst-pam_set_data-7", dataptr,
+ tst_cleanup_7b);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "test7: second pam_set_data failed: %d\n",
+ retval);
+ return 1;
+ }
+
+ __PAM_TO_APP(pamh);
+
+ /* Close PAM handle and check return codes of cleanup functions */
+ retval = pam_end (pamh, 0);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "pam_end reported an error: %d\n",
+ retval);
+ return 1;
+ }
+
+ if (cleanup_was_called == 1)
+ return 1;
+
+ if (cleanup3_was_called == 0)
+ {
+ fprintf (stderr, "tst_cleanup_3 was never called!\n");
+ return 1;
+ }
+ if (cleanup3_retval != 0)
+ return 1;
+
+ if (cleanup6_was_called == 0)
+ {
+ fprintf (stderr, "tst_cleanup_6 was never called!\n");
+ return 1;
+ }
+ if (cleanup6_retval != 0)
+ return 1;
+
+ if (cleanup7_was_called == 0)
+ {
+ fprintf (stderr, "tst_cleanup_7 was never called!\n");
+ return 1;
+ }
+ if (cleanup7_retval != 0)
+ return 1;
+
+ if (cleanup7b_was_called == 0)
+ {
+ fprintf (stderr, "tst_cleanup_7b was never called!\n");
+ return 1;
+ }
+ if (cleanup7b_retval != 0)
+ return 1;
+
+ /* test if error code is delivered to cleanup function */
+ /* setup pam handle */
+ retval = pam_start (service, user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ /* 8: check if cleanup function is called with correct error code */
+ __PAM_TO_MODULE(pamh);
+ dataptr = strdup ("test8");
+ retval = pam_set_data (pamh, "tst-pam_set_data-8", dataptr,
+ tst_cleanup_8);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "test8: pam_set_data failed: %d\n",
+ retval);
+ return 1;
+ }
+
+ __PAM_TO_APP(pamh);
+
+ retval = pam_end (pamh, 987);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "pam_end reported an error: %d\n",
+ retval);
+ return 1;
+ }
+
+ if (cleanup8_was_called == 0)
+ {
+ fprintf (stderr, "tst_cleanup_3 was never called!\n");
+ return 1;
+ }
+
+ if (cleanup8_retval != 0)
+ return 1;
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_set_item.c b/Linux-PAM/tests/tst-pam_set_item.c
new file mode 100644
index 00000000..069d7aff
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_set_item.c
@@ -0,0 +1,149 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+#include <string.h>
+
+#include <security/pam_appl.h>
+
+struct mapping {
+ int type;
+ const char *string;
+ int expected;
+ const char *new_value;
+};
+
+struct mapping items[] = {
+ {PAM_SERVICE, "PAM_SERVICE", PAM_SUCCESS, "logout"},
+ {PAM_USER, "PAM_USER", PAM_SUCCESS, "noroot"},
+ {PAM_TTY, "PAM_TTY", PAM_SUCCESS, "TTyX"},
+ {PAM_RHOST, "PAM_RHOST", PAM_SUCCESS, "remote"},
+ {PAM_AUTHTOK, "PAM_AUTHTOK", PAM_BAD_ITEM, "none"},
+ {PAM_OLDAUTHTOK, "PAM_OLDAUTHTOK", PAM_BAD_ITEM, "none"},
+ {PAM_RUSER, "PAM_RUSER", PAM_SUCCESS, "noroot"},
+ {PAM_USER_PROMPT, "PAM_USER_PROMPT", PAM_SUCCESS, "your name: "},
+ {PAM_FAIL_DELAY, "PAM_FAIL_DELAY", PAM_SUCCESS, "4000"}
+};
+
+int
+main (void)
+{
+ const char *service = "dummy";
+ const char *user = "root";
+ struct pam_conv conv;
+ pam_handle_t *pamh;
+ int retval, num, i;
+
+ /* 1: Call with NULL as pam handle */
+ retval = pam_set_item (NULL, PAM_SERVICE, "dummy");
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_set_item (NULL, ...) returned PAM_SUCCESS\n");
+ return 1;
+ }
+
+ /* setup pam handle */
+ retval = pam_start (service, user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ /* 2: check for bad item */
+ retval = pam_set_item (pamh, -1, "dummy");
+ if (retval != PAM_BAD_ITEM)
+ {
+ fprintf (stderr,
+ "pam_set_item returned %d when expecting PAM_BAD_ITEM\n",
+ retval);
+ return 1;
+ }
+
+ /* 3: try to set PAM_CONV to NULL */
+ retval = pam_set_item (pamh, PAM_CONV, NULL);
+ if (retval != PAM_PERM_DENIED)
+ {
+ fprintf (stderr,
+ "pam_set_item (pamh, PAM_CONV, NULL) returned %d\n",
+ retval);
+ return 1;
+ }
+
+ /* 4: try to replace all items */
+ num = sizeof(items) / sizeof(struct mapping);
+
+ for (i = 0; i < num; i++)
+ {
+ retval = pam_set_item (pamh, items[i].type, items[i].new_value);
+
+ if (retval != items[i].expected)
+ {
+ fprintf (stderr,
+ "pam_set_item failed to set value for %s. Returned %d\n",
+ items[i].string, retval);
+ return 1;
+ }
+ else if (items[i].expected == PAM_SUCCESS)
+ {
+ const void *value;
+
+ retval = pam_get_item (pamh, items[i].type, &value);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr,
+ "pam_get_item was not able to fetch changed value: %d\n",
+ retval);
+ return 1;
+ }
+ if (strcmp (items[i].new_value, value) != 0)
+ {
+ fprintf (stderr,
+ "pam_get_item got wrong value:\n"
+ "expected: %s\n"
+ "got: %s\n", items[i].new_value, (const char *)value);
+ return 1;
+ }
+ }
+ }
+
+ pam_end (pamh, 0);
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_setcred.c b/Linux-PAM/tests/tst-pam_setcred.c
new file mode 100644
index 00000000..917d4d05
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_setcred.c
@@ -0,0 +1,58 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include <security/pam_appl.h>
+
+
+int
+main (void)
+{
+ int retval;
+
+ /* 1: Call with NULL as pam handle */
+ retval = pam_setcred (NULL, 0);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_setcred (NULL, 0) returned PAM_SUCCESS\n");
+ return 1;
+ }
+
+ return 0;
+}
diff --git a/Linux-PAM/tests/tst-pam_start.c b/Linux-PAM/tests/tst-pam_start.c
new file mode 100644
index 00000000..ce013633
--- /dev/null
+++ b/Linux-PAM/tests/tst-pam_start.c
@@ -0,0 +1,107 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include <security/pam_appl.h>
+
+
+int
+main (void)
+{
+ const char *service = "dummy";
+ const char *user = "root";
+ struct pam_conv conv;
+ pam_handle_t *pamh;
+ int retval;
+
+ /* 1: check with valid arguments */
+ retval = pam_start (service, user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+ else if (pamh == NULL)
+ {
+ fprintf (stderr,
+ "pam_start (%s, %s, &conv, &pamh) returned NULL for pamh\n",
+ service, user);
+ return 1;
+ }
+
+ /* 2: check with NULL for service */
+ retval = pam_start (NULL, user, &conv, &pamh);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (NULL, %s, &conv, &pamh) returned %d\n",
+ user, retval);
+ return 1;
+ }
+
+ /* 3: check with NULL for user */
+ retval = pam_start (service, NULL, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, NULL, &conv, &pamh) returned %d\n",
+ service, retval);
+ return 1;
+ }
+
+
+ /* 4: check with NULL for conv */
+ retval = pam_start (service, user, NULL, &pamh);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, NULL, &pamh) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ /* 5: check with NULL for pamh */
+ retval = pam_start (service, user, &conv, NULL);
+ if (retval == PAM_SUCCESS)
+ {
+ fprintf (stderr, "pam_start (%s, %s, &conv, NULL) returned %d\n",
+ service, user, retval);
+ return 1;
+ }
+
+ return 0;
+}
diff --git a/Linux-PAM/xtests/Makefile.am b/Linux-PAM/xtests/Makefile.am
new file mode 100644
index 00000000..ac6e2954
--- /dev/null
+++ b/Linux-PAM/xtests/Makefile.am
@@ -0,0 +1,22 @@
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+AM_CFLAGS = -DLIBPAM_COMPILE -I$(top_srcdir)/libpam/include \
+ -I$(top_srcdir)/libpamc/include -I$(top_srcdir)/libpam_misc/include
+AM_LDFLAGS = -L$(top_builddir)/libpam -lpam \
+ -L$(top_builddir)/libpam_misc -lpam_misc
+
+CLEANFILES = *~
+
+EXTRA_DIST = run-xtests.sh tst-pam_dispatch1.pamd tst-pam_dispatch2.pamd \
+ tst-pam_dispatch3.pamd tst-pam_dispatch4.pamd \
+ tst-pam_cracklib1.pamd
+
+XTESTS = tst-pam_dispatch1 tst-pam_dispatch2 tst-pam_dispatch3 \
+ tst-pam_dispatch4 tst-pam_cracklib1
+
+noinst_PROGRAMS = $(XTESTS)
+
+xtests: $(XTESTS) run-xtests.sh
+ $(srcdir)/run-xtests.sh
diff --git a/Linux-PAM/xtests/Makefile.in b/Linux-PAM/xtests/Makefile.in
new file mode 100644
index 00000000..46bea8e5
--- /dev/null
+++ b/Linux-PAM/xtests/Makefile.in
@@ -0,0 +1,542 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Copyright (c) 2006 Thorsten Kukuk <kukuk@suse.de>
+#
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+noinst_PROGRAMS = $(am__EXEEXT_1)
+subdir = xtests
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+ $(top_srcdir)/m4/iconv.m4 \
+ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \
+ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \
+ $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__EXEEXT_1 = tst-pam_dispatch1$(EXEEXT) tst-pam_dispatch2$(EXEEXT) \
+ tst-pam_dispatch3$(EXEEXT) tst-pam_dispatch4$(EXEEXT) \
+ tst-pam_cracklib1$(EXEEXT)
+PROGRAMS = $(noinst_PROGRAMS)
+tst_pam_cracklib1_SOURCES = tst-pam_cracklib1.c
+tst_pam_cracklib1_OBJECTS = tst-pam_cracklib1.$(OBJEXT)
+tst_pam_cracklib1_LDADD = $(LDADD)
+tst_pam_dispatch1_SOURCES = tst-pam_dispatch1.c
+tst_pam_dispatch1_OBJECTS = tst-pam_dispatch1.$(OBJEXT)
+tst_pam_dispatch1_LDADD = $(LDADD)
+tst_pam_dispatch2_SOURCES = tst-pam_dispatch2.c
+tst_pam_dispatch2_OBJECTS = tst-pam_dispatch2.$(OBJEXT)
+tst_pam_dispatch2_LDADD = $(LDADD)
+tst_pam_dispatch3_SOURCES = tst-pam_dispatch3.c
+tst_pam_dispatch3_OBJECTS = tst-pam_dispatch3.$(OBJEXT)
+tst_pam_dispatch3_LDADD = $(LDADD)
+tst_pam_dispatch4_SOURCES = tst-pam_dispatch4.c
+tst_pam_dispatch4_OBJECTS = tst-pam_dispatch4.$(OBJEXT)
+tst_pam_dispatch4_LDADD = $(LDADD)
+DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = tst-pam_cracklib1.c tst-pam_dispatch1.c tst-pam_dispatch2.c \
+ tst-pam_dispatch3.c tst-pam_dispatch4.c
+DIST_SOURCES = tst-pam_cracklib1.c tst-pam_dispatch1.c \
+ tst-pam_dispatch2.c tst-pam_dispatch3.c tst-pam_dispatch4.c
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BROWSER = @BROWSER@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+FO2PDF = @FO2PDF@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GREP = @GREP@
+HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBAUDIT = @LIBAUDIT@
+LIBCRACK = @LIBCRACK@
+LIBCRYPT = @LIBCRYPT@
+LIBDB = @LIBDB@
+LIBDL = @LIBDL@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNSL = @LIBNSL@
+LIBOBJS = @LIBOBJS@
+LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@
+LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@
+LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@
+LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
+LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
+LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
+LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
+LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGFMT_015 = @MSGFMT_015@
+MSGMERGE = @MSGMERGE@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+POSUB = @POSUB@
+RANLIB = @RANLIB@
+SCONFIGDIR = @SCONFIGDIR@
+SECUREDIR = @SECUREDIR@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_NLS = @USE_NLS@
+VERSION = @VERSION@
+WITH_DEBUG = @WITH_DEBUG@
+WITH_PAMLOCKING = @WITH_PAMLOCKING@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XMLCATALOG = @XMLCATALOG@
+XMLLINT = @XMLLINT@
+XML_CATALOG_FILE = @XML_CATALOG_FILE@
+XSLTPROC = @XSLTPROC@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libc_cv_fpie = @libc_cv_fpie@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pam_cv_ld_as_needed = @pam_cv_ld_as_needed@
+pam_xauth_path = @pam_xauth_path@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+AM_CFLAGS = -DLIBPAM_COMPILE -I$(top_srcdir)/libpam/include \
+ -I$(top_srcdir)/libpamc/include -I$(top_srcdir)/libpam_misc/include
+
+AM_LDFLAGS = -L$(top_builddir)/libpam -lpam \
+ -L$(top_builddir)/libpam_misc -lpam_misc
+
+CLEANFILES = *~
+EXTRA_DIST = run-xtests.sh tst-pam_dispatch1.pamd tst-pam_dispatch2.pamd \
+ tst-pam_dispatch3.pamd tst-pam_dispatch4.pamd \
+ tst-pam_cracklib1.pamd
+
+XTESTS = tst-pam_dispatch1 tst-pam_dispatch2 tst-pam_dispatch3 \
+ tst-pam_dispatch4 tst-pam_cracklib1
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu xtests/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu xtests/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+clean-noinstPROGRAMS:
+ @list='$(noinst_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+tst-pam_cracklib1$(EXEEXT): $(tst_pam_cracklib1_OBJECTS) $(tst_pam_cracklib1_DEPENDENCIES)
+ @rm -f tst-pam_cracklib1$(EXEEXT)
+ $(LINK) $(tst_pam_cracklib1_OBJECTS) $(tst_pam_cracklib1_LDADD) $(LIBS)
+tst-pam_dispatch1$(EXEEXT): $(tst_pam_dispatch1_OBJECTS) $(tst_pam_dispatch1_DEPENDENCIES)
+ @rm -f tst-pam_dispatch1$(EXEEXT)
+ $(LINK) $(tst_pam_dispatch1_OBJECTS) $(tst_pam_dispatch1_LDADD) $(LIBS)
+tst-pam_dispatch2$(EXEEXT): $(tst_pam_dispatch2_OBJECTS) $(tst_pam_dispatch2_DEPENDENCIES)
+ @rm -f tst-pam_dispatch2$(EXEEXT)
+ $(LINK) $(tst_pam_dispatch2_OBJECTS) $(tst_pam_dispatch2_LDADD) $(LIBS)
+tst-pam_dispatch3$(EXEEXT): $(tst_pam_dispatch3_OBJECTS) $(tst_pam_dispatch3_DEPENDENCIES)
+ @rm -f tst-pam_dispatch3$(EXEEXT)
+ $(LINK) $(tst_pam_dispatch3_OBJECTS) $(tst_pam_dispatch3_LDADD) $(LIBS)
+tst-pam_dispatch4$(EXEEXT): $(tst_pam_dispatch4_OBJECTS) $(tst_pam_dispatch4_DEPENDENCIES)
+ @rm -f tst-pam_dispatch4$(EXEEXT)
+ $(LINK) $(tst_pam_dispatch4_OBJECTS) $(tst_pam_dispatch4_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_cracklib1.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_dispatch1.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_dispatch2.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_dispatch3.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_dispatch4.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(PROGRAMS)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libtool clean-noinstPROGRAMS ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am
+
+
+xtests: $(XTESTS) run-xtests.sh
+ $(srcdir)/run-xtests.sh
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/Linux-PAM/xtests/run-xtests.sh b/Linux-PAM/xtests/run-xtests.sh
new file mode 100755
index 00000000..9c8c3571
--- /dev/null
+++ b/Linux-PAM/xtests/run-xtests.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+if test `id -u` -ne 0 ; then
+ echo "You need to be root to run the tests"
+ exit 1
+fi
+
+XTESTS="tst-pam_dispatch1 tst-pam_dispatch2 tst-pam_dispatch3 \
+ tst-pam_dispatch4 tst-pam_cracklib1"
+
+failed=0
+pass=0
+all=0
+
+for testname in $XTESTS ; do
+ install -m 644 $testname.pamd /etc/pam.d/$testname
+ ./$testname > /dev/null
+ if test $? -ne 0 ; then
+ echo "FAIL: $testname"
+ failed=`expr $failed + 1`
+ else
+ echo "PASS: $testname"
+ pass=`expr $pass + 1`
+ fi
+ all=`expr $all + 1`
+ rm -f /etc/pam.d/$testname
+ done
+ if test "$failed" -ne 0; then
+ echo "==================="
+ echo "$failed of $all tests failed"
+ echo "==================="
+ exit 1
+ else
+ echo "=================="
+ echo "All $all tests passed"
+ echo "=================="
+ fi
+exit 0
diff --git a/Linux-PAM/xtests/tst-pam_cracklib1.c b/Linux-PAM/xtests/tst-pam_cracklib1.c
new file mode 100644
index 00000000..6c0ec321
--- /dev/null
+++ b/Linux-PAM/xtests/tst-pam_cracklib1.c
@@ -0,0 +1,135 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <security/pam_appl.h>
+
+/* A conversation function which uses an internally-stored value for
+ the responses. */
+static int
+fake_conv (int num_msg, const struct pam_message **msgm UNUSED,
+ struct pam_response **response, void *appdata_ptr UNUSED)
+{
+ static int calls = 0;
+ struct pam_response *reply;
+ int count;
+
+ /* Sanity test. */
+ if (num_msg <= 0)
+ return PAM_CONV_ERR;
+
+ /* Allocate memory for the responses. */
+ reply = calloc (num_msg, sizeof (struct pam_response));
+ if (reply == NULL)
+ return PAM_CONV_ERR;
+
+ /* Each prompt elicits the same response. */
+ for (count = 0; count < num_msg; ++count)
+ {
+ reply[count].resp_retcode = 0;
+ /* first call get a password, second one NULL */
+ if (calls)
+ reply[count].resp = NULL;
+ else
+ {
+ ++calls;
+ reply[count].resp = strdup ("Kindergarten");
+ }
+ }
+
+ /* Set the pointers in the response structure and return. */
+ *response = reply;
+ return PAM_SUCCESS;
+}
+
+static struct pam_conv conv = {
+ fake_conv,
+ NULL
+};
+
+
+/* Check that errors of optional modules are ignored and that
+ required modules after a sufficient one are not executed. */
+
+int
+main(int argc, char *argv[])
+{
+ pam_handle_t *pamh=NULL;
+ const char *user="root";
+ int retval;
+ int debug = 0;
+
+ if (argc > 1 && strcmp (argv[1], "-d") == 0)
+ debug = 1;
+
+ retval = pam_start("tst-pam_cracklib1", user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "cracklib1: pam_start returned %d\n", retval);
+ return 1;
+ }
+
+ /* Try one, first input is correct, second is NULL */
+ retval = pam_chauthtok (pamh, 0);
+ if (retval != PAM_AUTHTOK_RECOVERY_ERR)
+ {
+ if (debug)
+ fprintf (stderr, "cracklib1-1: pam_chauthtok returned %d\n", retval);
+ return 1;
+ }
+
+ /* Try two, first input is NULL */
+ retval = pam_chauthtok (pamh, 0);
+ if (retval != PAM_AUTHTOK_RECOVERY_ERR)
+ {
+ if (debug)
+ fprintf (stderr, "cracklib1-2: pam_chauthtok returned %d\n", retval);
+ return 1;
+ }
+
+
+ retval = pam_end (pamh,retval);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "cracklib1: pam_end returned %d\n", retval);
+ return 1;
+ }
+ return 0;
+}
diff --git a/Linux-PAM/xtests/tst-pam_cracklib1.pamd b/Linux-PAM/xtests/tst-pam_cracklib1.pamd
new file mode 100644
index 00000000..41a9188d
--- /dev/null
+++ b/Linux-PAM/xtests/tst-pam_cracklib1.pamd
@@ -0,0 +1,2 @@
+#%PAM-1.0
+password required pam_cracklib.so
diff --git a/Linux-PAM/xtests/tst-pam_dispatch1.c b/Linux-PAM/xtests/tst-pam_dispatch1.c
new file mode 100644
index 00000000..404c0119
--- /dev/null
+++ b/Linux-PAM/xtests/tst-pam_dispatch1.c
@@ -0,0 +1,99 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+
+static struct pam_conv conv = {
+ misc_conv,
+ NULL
+};
+
+static int debug = 0;
+
+/*
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196859
+
+ This stack should not return PAM_IGNORE to the application:
+ auth [default=bad] pam_debug.so auth=ignore
+*/
+static int
+test1 (void)
+{
+ pam_handle_t *pamh=NULL;
+ const char *user="nobody";
+ int retval;
+
+ retval = pam_start("tst-pam_dispatch1", user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test1: pam_start returned %d\n", retval);
+ return 1;
+ }
+
+ retval = pam_authenticate(pamh, 0);
+ if (retval != PAM_PERM_DENIED)
+ {
+ if (debug)
+ fprintf (stderr, "test1: pam_authenticate returned %d\n", retval);
+ return 1;
+ }
+
+ retval = pam_end(pamh,retval);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test1: pam_end returned %d\n", retval);
+ return 1;
+ }
+ return 0;
+}
+
+
+int main(int argc, char *argv[])
+{
+ if (argc > 1 && strcmp (argv[1], "-d") == 0)
+ debug = 1;
+
+ if (test1 ())
+ return 1;
+
+ return 0;
+}
diff --git a/Linux-PAM/xtests/tst-pam_dispatch1.pamd b/Linux-PAM/xtests/tst-pam_dispatch1.pamd
new file mode 100644
index 00000000..9bfc87c5
--- /dev/null
+++ b/Linux-PAM/xtests/tst-pam_dispatch1.pamd
@@ -0,0 +1,3 @@
+# https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196859
+# This stack should not return PAM_IGNORE to the application:
+auth [default=bad] pam_debug.so auth=ignore
diff --git a/Linux-PAM/xtests/tst-pam_dispatch2.c b/Linux-PAM/xtests/tst-pam_dispatch2.c
new file mode 100644
index 00000000..5c63f5b3
--- /dev/null
+++ b/Linux-PAM/xtests/tst-pam_dispatch2.c
@@ -0,0 +1,98 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <strings.h>
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+
+static struct pam_conv conv = {
+ misc_conv,
+ NULL
+};
+
+static int debug = 0;
+
+/*
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196859
+
+ This stack should not return PAM_IGNORE to the application:
+ auth [default=die] pam_debug.so auth=ignore
+*/
+static int
+test2 (void)
+{
+ pam_handle_t *pamh=NULL;
+ const char *user="nobody";
+ int retval;
+
+ retval = pam_start("tst-pam_dispatch2", user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test2: pam_start returned %d\n", retval);
+ return 1;
+ }
+
+ retval = pam_authenticate(pamh, 0);
+ if (retval != PAM_PERM_DENIED)
+ {
+ if (debug)
+ fprintf (stderr, "test2: pam_authenticate returned %d\n", retval);
+ return 1;
+ }
+
+ retval = pam_end(pamh,retval);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test2: pam_end returned %d\n", retval);
+ return 1;
+ }
+ return 0;
+}
+
+int main(int argc, char *argv[])
+{
+ if (argc > 1 && strcmp (argv[1], "-d") == 0)
+ debug = 1;
+
+ if (test2 ())
+ return 1;
+
+ return 0;
+}
diff --git a/Linux-PAM/xtests/tst-pam_dispatch2.pamd b/Linux-PAM/xtests/tst-pam_dispatch2.pamd
new file mode 100644
index 00000000..79f52609
--- /dev/null
+++ b/Linux-PAM/xtests/tst-pam_dispatch2.pamd
@@ -0,0 +1,3 @@
+# https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196859
+# This stack should not return PAM_IGNORE to the application:
+auth [default=die] pam_debug.so auth=ignore
diff --git a/Linux-PAM/xtests/tst-pam_dispatch3.c b/Linux-PAM/xtests/tst-pam_dispatch3.c
new file mode 100644
index 00000000..d44e4880
--- /dev/null
+++ b/Linux-PAM/xtests/tst-pam_dispatch3.c
@@ -0,0 +1,87 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+
+static struct pam_conv conv = {
+ misc_conv,
+ NULL
+};
+
+
+/* Check that errors of optional modules are ignored and that
+ required modules after a sufficient one are not executed. */
+
+int
+main(int argc, char *argv[])
+{
+ pam_handle_t *pamh=NULL;
+ const char *user="nobody";
+ int retval;
+ int debug = 0;
+
+ if (argc > 1 && strcmp (argv[1], "-d") == 0)
+ debug = 1;
+
+ retval = pam_start("tst-pam_dispatch3", user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test3: pam_start returned %d\n", retval);
+ return 1;
+ }
+
+ retval = pam_authenticate(pamh, 0);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test3: pam_authenticate returned %d\n", retval);
+ return 1;
+ }
+
+ retval = pam_end(pamh,retval);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test3: pam_end returned %d\n", retval);
+ return 1;
+ }
+ return 0;
+}
diff --git a/Linux-PAM/xtests/tst-pam_dispatch3.pamd b/Linux-PAM/xtests/tst-pam_dispatch3.pamd
new file mode 100644
index 00000000..8172c5f2
--- /dev/null
+++ b/Linux-PAM/xtests/tst-pam_dispatch3.pamd
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth optional pam_debug.so auth=auth_err
+auth sufficient pam_debug.so auth=success
+auth required pam_debug.so auth=perm_denied
+account required pam_debug.so acct=acct_expired
+
diff --git a/Linux-PAM/xtests/tst-pam_dispatch4.c b/Linux-PAM/xtests/tst-pam_dispatch4.c
new file mode 100644
index 00000000..12bc362a
--- /dev/null
+++ b/Linux-PAM/xtests/tst-pam_dispatch4.c
@@ -0,0 +1,95 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+
+static struct pam_conv conv = {
+ misc_conv,
+ NULL
+};
+
+
+/* Check that errors of optional modules are ignored and that
+ required modules after a sufficient one are not executed. */
+
+int
+main(int argc, char *argv[])
+{
+ pam_handle_t *pamh=NULL;
+ const char *user="nobody";
+ int retval;
+ int debug = 0;
+
+ if (argc > 1 && strcmp (argv[1], "-d") == 0)
+ debug = 1;
+
+ retval = pam_start("tst-pam_dispatch4", user, &conv, &pamh);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test4: pam_start returned %d\n", retval);
+ return 1;
+ }
+
+ retval = pam_authenticate (pamh, 0);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test4: pam_authenticate returned %d\n", retval);
+ return 1;
+ }
+
+ retval = pam_acct_mgmt (pamh, 0);
+ if (retval == PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test4: pam_authenticate returned %d\n", retval);
+ return 1;
+ }
+
+ retval = pam_end (pamh,retval);
+ if (retval != PAM_SUCCESS)
+ {
+ if (debug)
+ fprintf (stderr, "test4: pam_end returned %d\n", retval);
+ return 1;
+ }
+ return 0;
+}
diff --git a/Linux-PAM/xtests/tst-pam_dispatch4.pamd b/Linux-PAM/xtests/tst-pam_dispatch4.pamd
new file mode 100644
index 00000000..7c08372b
--- /dev/null
+++ b/Linux-PAM/xtests/tst-pam_dispatch4.pamd
@@ -0,0 +1,8 @@
+#%PAM-1.0
+# We jump to pam_permit.so, should pass
+auth [success=1 default=ignore] pam_debug.so auth=success
+auth required pam_deny.so
+auth required pam_permit.so
+# We jump to a non-existing slot, fail, but don't seg.fault
+account [success=1 default=ignore] pam_debug.so account=success
+account required pam_deny.so
diff --git a/Linux-PAM/ylwrap b/Linux-PAM/ylwrap
new file mode 100755
index 00000000..102bd893
--- /dev/null
+++ b/Linux-PAM/ylwrap
@@ -0,0 +1,223 @@
+#! /bin/sh
+# ylwrap - wrapper for lex/yacc invocations.
+
+scriptversion=2005-05-14.22
+
+# Copyright (C) 1996, 1997, 1998, 1999, 2001, 2002, 2003, 2004, 2005
+# Free Software Foundation, Inc.
+#
+# Written by Tom Tromey <tromey@cygnus.com>.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# This file is maintained in Automake, please report
+# bugs to <bug-automake@gnu.org> or send patches to
+# <automake-patches@gnu.org>.
+
+case "$1" in
+ '')
+ echo "$0: No files given. Try \`$0 --help' for more information." 1>&2
+ exit 1
+ ;;
+ --basedir)
+ basedir=$2
+ shift 2
+ ;;
+ -h|--h*)
+ cat <<\EOF
+Usage: ylwrap [--help|--version] INPUT [OUTPUT DESIRED]... -- PROGRAM [ARGS]...
+
+Wrapper for lex/yacc invocations, renaming files as desired.
+
+ INPUT is the input file
+ OUTPUT is one file PROG generates
+ DESIRED is the file we actually want instead of OUTPUT
+ PROGRAM is program to run
+ ARGS are passed to PROG
+
+Any number of OUTPUT,DESIRED pairs may be used.
+
+Report bugs to <bug-automake@gnu.org>.
+EOF
+ exit $?
+ ;;
+ -v|--v*)
+ echo "ylwrap $scriptversion"
+ exit $?
+ ;;
+esac
+
+
+# The input.
+input="$1"
+shift
+case "$input" in
+ [\\/]* | ?:[\\/]*)
+ # Absolute path; do nothing.
+ ;;
+ *)
+ # Relative path. Make it absolute.
+ input="`pwd`/$input"
+ ;;
+esac
+
+pairlist=
+while test "$#" -ne 0; do
+ if test "$1" = "--"; then
+ shift
+ break
+ fi
+ pairlist="$pairlist $1"
+ shift
+done
+
+# The program to run.
+prog="$1"
+shift
+# Make any relative path in $prog absolute.
+case "$prog" in
+ [\\/]* | ?:[\\/]*) ;;
+ *[\\/]*) prog="`pwd`/$prog" ;;
+esac
+
+# FIXME: add hostname here for parallel makes that run commands on
+# other machines. But that might take us over the 14-char limit.
+dirname=ylwrap$$
+trap "cd `pwd`; rm -rf $dirname > /dev/null 2>&1" 1 2 3 15
+mkdir $dirname || exit 1
+
+cd $dirname
+
+case $# in
+ 0) $prog "$input" ;;
+ *) $prog "$@" "$input" ;;
+esac
+ret=$?
+
+if test $ret -eq 0; then
+ set X $pairlist
+ shift
+ first=yes
+ # Since DOS filename conventions don't allow two dots,
+ # the DOS version of Bison writes out y_tab.c instead of y.tab.c
+ # and y_tab.h instead of y.tab.h. Test to see if this is the case.
+ y_tab_nodot="no"
+ if test -f y_tab.c || test -f y_tab.h; then
+ y_tab_nodot="yes"
+ fi
+
+ # The directory holding the input.
+ input_dir=`echo "$input" | sed -e 's,\([\\/]\)[^\\/]*$,\1,'`
+ # Quote $INPUT_DIR so we can use it in a regexp.
+ # FIXME: really we should care about more than `.' and `\'.
+ input_rx=`echo "$input_dir" | sed 's,\\\\,\\\\\\\\,g;s,\\.,\\\\.,g'`
+
+ while test "$#" -ne 0; do
+ from="$1"
+ # Handle y_tab.c and y_tab.h output by DOS
+ if test $y_tab_nodot = "yes"; then
+ if test $from = "y.tab.c"; then
+ from="y_tab.c"
+ else
+ if test $from = "y.tab.h"; then
+ from="y_tab.h"
+ fi
+ fi
+ fi
+ if test -f "$from"; then
+ # If $2 is an absolute path name, then just use that,
+ # otherwise prepend `../'.
+ case "$2" in
+ [\\/]* | ?:[\\/]*) target="$2";;
+ *) target="../$2";;
+ esac
+
+ # We do not want to overwrite a header file if it hasn't
+ # changed. This avoid useless recompilations. However the
+ # parser itself (the first file) should always be updated,
+ # because it is the destination of the .y.c rule in the
+ # Makefile. Divert the output of all other files to a temporary
+ # file so we can compare them to existing versions.
+ if test $first = no; then
+ realtarget="$target"
+ target="tmp-`echo $target | sed s/.*[\\/]//g`"
+ fi
+ # Edit out `#line' or `#' directives.
+ #
+ # We don't want the resulting debug information to point at
+ # an absolute srcdir; it is better for it to just mention the
+ # .y file with no path.
+ #
+ # We want to use the real output file name, not yy.lex.c for
+ # instance.
+ #
+ # We want the include guards to be adjusted too.
+ FROM=`echo "$from" | sed \
+ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'\
+ -e 's/[^ABCDEFGHIJKLMNOPQRSTUVWXYZ]/_/g'`
+ TARGET=`echo "$2" | sed \
+ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'\
+ -e 's/[^ABCDEFGHIJKLMNOPQRSTUVWXYZ]/_/g'`
+
+ sed -e "/^#/!b" -e "s,$input_rx,," -e "s,$from,$2," \
+ -e "s,$FROM,$TARGET," "$from" >"$target" || ret=$?
+
+ # Check whether header files must be updated.
+ if test $first = no; then
+ if test -f "$realtarget" && cmp -s "$realtarget" "$target"; then
+ echo "$2" is unchanged
+ rm -f "$target"
+ else
+ echo updating "$2"
+ mv -f "$target" "$realtarget"
+ fi
+ fi
+ else
+ # A missing file is only an error for the first file. This
+ # is a blatant hack to let us support using "yacc -d". If -d
+ # is not specified, we don't want an error when the header
+ # file is "missing".
+ if test $first = yes; then
+ ret=1
+ fi
+ fi
+ shift
+ shift
+ first=no
+ done
+else
+ ret=$?
+fi
+
+# Remove the directory.
+cd ..
+rm -rf $dirname
+
+exit $ret
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-end: "$"
+# End:
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 13:42:59 +0000